OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Administrator.johnnynorris-PC\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.08 Gb Available Physical Memory | 77.10% Memory free
8.00 Gb Paging File | 6.96 Gb Available in Paging File | 87.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 198.52 Gb Total Space | 136.32 Gb Free Space | 68.67% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 8.26 Gb Free Space | 56.41% Space Free | Partition Type: NTFS
Computer Name: JOHNNYNORRIS-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B850994-E6CF-42F4-8D0D-ADC35F5BC404}" = lport=139 | protocol=6 | dir=in | app=system |
"{22FD1914-67B4-42A8-8E00-FB1FDC5DE90E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2EE21BA5-886A-4143-B1C3-CABCF1CDB7AF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{38413F72-6424-4430-8624-16E0476F6BB4}" = rport=139 | protocol=6 | dir=out | app=system |
"{3B9319E1-B6D7-4514-AE21-F83ADB1C195C}" = rport=137 | protocol=17 | dir=out | app=system |
"{4A26B53B-3340-4076-8E79-71EAA167171B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52A5DF71-8F81-4CB7-9B88-AA560EF65439}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{548AC074-DBA7-4FC9-88D8-80D06327F979}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{561085FF-B061-492D-A131-2B5EDF50C7B5}" = lport=137 | protocol=17 | dir=in | app=system |
"{61FCDDD2-320A-40D0-9EFC-C547BCF80002}" = lport=2869 | protocol=6 | dir=in | app=system |
"{65CE773C-C3C7-4624-9067-0324750F83EE}" = lport=138 | protocol=17 | dir=in | app=system |
"{6AE8EAA9-B583-43B5-B877-11E29EC87A6B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9CD0C0D1-0096-43E7-90DB-51B30E04035F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9DECFA74-04D4-42B6-B694-806E94733480}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A35F8E08-7C20-46D6-BF15-7575AB7991E2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B11CF4F4-89C5-495B-82EB-5A185AF56E78}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B2CF2262-70EB-47B5-8CC6-580137EF8EAD}" = rport=138 | protocol=17 | dir=out | app=system |
"{B5A97E4B-A16B-4435-A80F-812291336CBB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3487857-34CE-492A-9555-B8CA3C868477}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8A9411E-083A-4E19-9282-7F0F797E749B}" = rport=445 | protocol=6 | dir=out | app=system |
"{E9DAD5A7-4FFA-4A70-9EF2-3ED739FD287D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{EB2C9FE2-5783-48FE-9450-378AED4C02EA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FD328328-D9F3-4E30-A419-204862F8D1DE}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B4FECF-3EE1-4C48-A5D6-355390ED5FEC}" = protocol=58 | dir=in | [email protected],-28545 |
"{21B13855-6464-4115-ACB4-70FBA0F531DA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{27BE4222-A1B3-43E7-A2FC-12A84B44CB04}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3146303A-04D1-4EB7-8940-55652E77967C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3FBFAA2C-A0A1-49AD-8EC8-791237DA0670}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3FEBFB08-A1F6-4675-9DDF-34C2712C3689}" = protocol=58 | dir=out | [email protected],-28546 |
"{427332DC-1578-4BE4-AEE8-0E2754E47423}" = protocol=1 | dir=in | [email protected],-28543 |
"{500721E7-2955-43D5-9350-85C10E9A5819}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{51C3AF27-FA59-45CD-9226-155EE6F8442F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5BB998AC-3DC3-464A-9D5E-A806F5290C45}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{5D9A65A2-5813-4316-94ED-D20BA0268220}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{61AF0A4A-8E33-4E40-9547-5C3461E03E72}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{654910EB-A05E-4BCE-9395-F549969BCDF4}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{65BE4483-B334-472B-AD27-806D2A1191C5}" = protocol=1 | dir=out | [email protected],-28544 |
"{799FDAE4-3A15-4770-AFCD-4C6E9C071DFF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7A1DB979-5C4C-444C-AD8B-F9A13DDC1E72}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{B13BB935-675A-4F14-B387-E57E35530E26}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BAFA3F06-A3EA-495C-B1C7-AAB667AD05BE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCE4B384-6AFF-4E09-BFCE-21F04E9FAE5D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CE9A485F-D631-4FA0-846E-0856B87037F8}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{DE9EAE27-045B-461D-93AB-4AFED9E8DD21}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E070A5B5-DE37-4C75-85C2-6B60EDB9D9F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F6D31012-9FE6-48A7-B392-E72CF844B910}" = protocol=6 | dir=out | app=system |
"{FA1857F0-C1F4-498D-9F06-90407B8A0E1E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF812AA1-0720-4EB5-B1D1-E9E6426D9269}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java 7 Update 4 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CANONIJINBOXADDON200" = Canon Inkjet Printer Driver Add-On Module V2.00
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Speccy" = Speccy
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AI RoboForm" = RoboForm 7-7-7-1 (All Users)
"Dell Webcam Central" = Dell Webcam Central
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Revo Uninstaller" = Revo Uninstaller 1.94
"TeamViewer 7" = TeamViewer 7
"Unlocker" = Unlocker 1.9.1
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
OTL logfile created on: 5/24/2012 7:27:52 PM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Administrator.johnnynorris-PC\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.08 Gb Available Physical Memory | 77.10% Memory free
8.00 Gb Paging File | 6.96 Gb Available in Paging File | 87.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 198.52 Gb Total Space | 136.32 Gb Free Space | 68.67% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 8.26 Gb Free Space | 56.41% Space Free | Partition Type: NTFS
Computer Name: JOHNNYNORRIS-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/05/24 19:25:43 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator.johnnynorris-PC\Desktop\OTL.exe
PRC - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/19 04:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/08/18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/05 17:33:03 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/19 04:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/07 23:13:34 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/01 01:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2009/08/18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/08 00:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010/07/04 12:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4079213164-581088795-4211586276-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-4079213164-581088795-4211586276-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4079213164-581088795-4211586276-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-4079213164-581088795-4211586276-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1D 59 16 CE FC 39 CD 01 [binary data]
IE - HKU\S-1-5-21-4079213164-581088795-4211586276-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4079213164-581088795-4211586276-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3:64bit: - HKU\S-1-5-21-4079213164-581088795-4211586276-500\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-4079213164-581088795-4211586276-500\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4079213164-581088795-4211586276-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.27.35.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{020162AF-7FBF-47A7-98B3-ABA487723683}: DhcpNameServer = 172.27.35.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/04 20:34:12 | 000,000,011 | -HS- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/05/24 19:25:28 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator.johnnynorris-PC\Desktop\OTL.exe
[2012/05/24 19:21:53 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Administrator.johnnynorris-PC\Desktop\aswMBR.exe
[2012/05/24 17:07:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2.old
[2012/05/24 16:40:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2012/05/24 16:00:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/05/24 15:30:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Macromedia
[2012/05/24 15:30:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Adobe
[2012/05/24 14:10:45 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/24 14:10:45 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/05/24 14:10:44 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Searches
[2012/05/24 14:10:44 | 000,000,000 | -H-D | C] -- C:\Users\Administrator.johnnynorris-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/05/24 14:10:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Identities
[2012/05/24 14:10:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Contacts
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Local\Temporary Internet Files
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\Templates
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\Start Menu
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\SendTo
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\Recent
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\PrintHood
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\NetHood
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\Documents\My Videos
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\Documents\My Pictures
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\Documents\My Music
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\My Documents
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\Local Settings
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Local\History
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\Cookies
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\Application Data
[2012/05/24 14:10:14 | 000,000,000 | -HSD | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Local\Application Data
[2012/05/24 14:10:13 | 000,000,000 | --SD | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Microsoft
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Videos
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Saved Games
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Pictures
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Music
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Links
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Favorites
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Downloads
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Documents
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\Desktop
[2012/05/24 14:10:13 | 000,000,000 | R--D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/05/24 14:10:13 | 000,000,000 | -H-D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData
[2012/05/24 14:10:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Local\Temp
[2012/05/24 14:10:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Panda Security
[2012/05/24 14:10:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Local\Microsoft
[2012/05/24 14:10:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Media Center Programs
[2012/05/24 11:41:33 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2012/05/20 13:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/05/20 08:35:45 | 000,000,000 | ---D | C] -- C:\b03ba7707ed0b841a1
[2012/05/19 14:30:02 | 000,000,000 | ---D | C] -- C:\1edd458d2337a4b206fe2448e5e745
[2012/05/19 13:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Reallusion
[2012/05/19 13:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
[2012/05/19 13:49:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2012/05/19 13:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Webcam
[2012/05/19 13:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative Live! Cam
[2012/05/19 13:26:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2012/05/18 12:54:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unlocker
[2012/05/18 12:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/18 12:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/05/18 12:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/05/18 11:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/05/17 18:45:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2012/05/17 18:45:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2012/05/17 18:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/05/17 18:22:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/05/17 18:21:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/05/17 18:20:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/05/17 17:57:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/05/17 17:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/05/17 11:54:40 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/05/14 17:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2012/05/14 17:31:27 | 000,000,000 | ---D | C] -- C:\temp
[2012/05/11 13:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/05/11 13:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon
[2012/05/07 10:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark
[2012/05/05 20:00:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/05/05 19:51:04 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/05/05 19:03:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/05/05 19:03:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/05/05 18:35:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/05/05 18:34:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/05/05 17:09:39 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012/05/05 17:08:52 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012/05/05 17:00:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/05/05 16:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.5
[2012/05/05 16:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LibreOffice 3.5
[2012/05/05 15:42:26 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2012/05/05 15:42:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2012/05/05 15:42:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2012/05/05 15:28:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/05/05 15:28:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/05/05 15:27:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/05/05 15:21:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012/05/05 15:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/05 15:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/05 15:10:15 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/05/05 15:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/05 14:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/05/05 14:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012/05/05 14:59:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda USB Vaccine
[2012/05/05 14:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2012/05/05 13:45:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/05/05 11:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/05/05 11:29:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/05/05 10:01:46 | 000,035,840 | R--- | C] (Avanquest Software) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS
[2012/05/05 10:01:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/05/05 10:00:43 | 000,000,000 | ---D | C] -- C:\Netgear
========== Files - Modified Within 30 Days ==========
[2012/05/24 19:25:43 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator.johnnynorris-PC\Desktop\OTL.exe
[2012/05/24 19:24:58 | 000,000,512 | ---- | M] () -- C:\Users\Administrator.johnnynorris-PC\Desktop\MBR.dat
[2012/05/24 19:22:18 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/24 19:22:18 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/24 19:22:14 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Administrator.johnnynorris-PC\Desktop\aswMBR.exe
[2012/05/24 19:14:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/24 19:14:41 | 3219,955,712 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/24 17:32:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/24 15:30:10 | 000,001,439 | ---- | M] () -- C:\Users\Administrator.johnnynorris-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/24 14:13:24 | 000,001,411 | ---- | M] () -- C:\Users\Administrator.johnnynorris-PC\Desktop\Internet Explorer (64-bit).lnk
[2012/05/23 14:35:46 | 000,782,206 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/23 14:35:46 | 000,662,418 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/23 14:35:46 | 000,122,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/18 12:49:19 | 000,776,422 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/08 12:07:54 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2012/05/05 19:31:36 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/05 18:57:32 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/05/05 18:57:27 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/05/05 14:33:22 | 000,001,164 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/05/05 13:43:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/05/05 11:30:56 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
========== Files Created - No Company Name ==========
[2012/05/24 19:24:58 | 000,000,512 | ---- | C] () -- C:\Users\Administrator.johnnynorris-PC\Desktop\MBR.dat
[2012/05/24 15:30:10 | 000,001,439 | ---- | C] () -- C:\Users\Administrator.johnnynorris-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/24 14:13:24 | 000,001,411 | ---- | C] () -- C:\Users\Administrator.johnnynorris-PC\Desktop\Internet Explorer (64-bit).lnk
[2012/05/24 14:11:38 | 000,001,411 | ---- | C] () -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/05/24 14:10:50 | 000,001,445 | ---- | C] () -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/24 14:10:13 | 000,000,290 | ---- | C] () -- C:\Users\Administrator.johnnynorris-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/05/24 14:10:13 | 000,000,272 | ---- | C] () -- C:\Users\Administrator.johnnynorris-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/05/19 13:49:41 | 000,024,995 | ---- | C] () -- C:\Windows\SysNative\drivers\FilterPC.jpg
[2012/05/19 13:49:40 | 000,057,656 | ---- | C] () -- C:\Windows\SysNative\drivers\FilterPC.bmp
[2012/05/08 12:07:54 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012/05/05 18:57:32 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/05/05 18:57:27 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/05/05 17:11:18 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012/05/05 17:07:52 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012/05/05 17:07:23 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012/05/05 17:07:23 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012/05/05 17:06:48 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012/05/05 17:00:44 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/05 15:29:07 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/05/05 14:33:22 | 000,001,176 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012/05/05 14:33:22 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/05/05 13:43:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/05/05 11:30:56 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/05/05 11:30:38 | 000,001,917 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/05/05 11:30:31 | 000,776,422 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/27 14:10:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== LOP Check ==========
[2012/05/14 17:33:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator.johnnynorris-PC\AppData\Roaming\Panda Security
[2012/05/14 17:33:34 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Panda Security
[2012/05/14 17:33:34 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Panda Security
[2012/05/17 18:45:47 | 000,000,000 | ---D | M] -- C:\Users\johnnynorris\AppData\Roaming\Auslogics
[2012/05/14 17:41:10 | 000,000,000 | ---D | M] -- C:\Users\johnnynorris\AppData\Roaming\Panda Security
[2009/07/13 22:08:49 | 000,025,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/25 22:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/02/25 22:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows.old.000\Windows\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/25 23:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2011/02/25 23:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/02 23:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2010/01/16 14:25:39 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/08/02 23:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old.000\Windows\SysWOW64\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Documents and Settings\All Users\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\ProgramData\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\ProgramData\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\ProgramData\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Users\All Users\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2011/08/10 15:54:34 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows.old.000\Users\All Users\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2009/10/30 23:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/10/30 23:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/02 22:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/01/16 14:25:39 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/08/02 22:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 06:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/11/20 06:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Documents and Settings\All Users\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\ProgramData\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\ProgramData\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\ProgramData\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Users\All Users\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:34 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows.old.000\Users\All Users\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Documents and Settings\All Users\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\ProgramData\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\ProgramData\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Users\All Users\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2011/08/10 15:54:32 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows.old.000\Users\All Users\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2009/10/30 23:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/10/30 23:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/02 22:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2010/01/16 14:25:39 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows.old\Windows\SysWOW64\explorer.exe
[2010/01/16 14:25:39 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/08/02 22:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/30 23:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows.old.000\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/10/30 23:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Documents and Settings\All Users\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\ProgramData\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\ProgramData\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\ProgramData\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Users\All Users\Application Data\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Users\All Users\Application Data\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/08/10 15:54:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows.old.000\Users\All Users\TuneUp Software\TuneUp Utilities 2012\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2011/02/25 23:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2011/02/25 23:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/02 23:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/01/16 14:25:39 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows.old\Windows\explorer.exe
[2010/01/16 14:25:39 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2009/08/02 23:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old.000\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old.000\Windows\System32\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old\Windows\System32\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old.000\Windows\SysWOW64\userinit.exe
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows.old\Windows\SysWOW64\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows.old\Windows\System32\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows.old.000\Windows\System32\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows.old.000\Windows\System32\winlogon.exe
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows.old\Windows\System32\winlogon.exe
[2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 00:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 00:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows.old.000\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = @%SystemRoot%\system32\drivers\netbt.sys,-2
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{020162AF-7FBF-47A7-98B3-ABA487723683}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{F8FA1941-2768-4D31-B4CC-AE67CE0B13BA}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 00 01 01 01 04 01 06 01 03 01 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 6
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/05/05 18:57:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/05/05 18:57:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/05/05 18:57:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/05/05 18:57:34 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/05/05 18:57:34 | 000,748,336 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/05/05 18:57:27 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/05/05 18:57:27 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/05/05 18:57:27 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/05/05 18:57:34 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/05/05 18:57:34 | 000,748,336 | ---- | M] (Microsoft Corporation)
< C:\Windows\assembly\tmp\U\*.* /s >
< C:\Program Files\Common Files\ComObjects\*.* /s >
< C:\windows\*. /RP /s >
< %Temp%\smtmp\1\*.* >
< %Temp%\smtmp\2\*.* >
< %Temp%\smtmp\3\*.* >
< %Temp%\smtmp\4\*.* >
< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: JOHNNYNORRIS-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D DVD-ROM 0 B No Media
Volume 1 E RECOVERY NTFS Partition 14 GB Healthy System
Volume 2 C OS NTFS Partition 198 GB Healthy Boot
< End of report >
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-24 19:22:14
-----------------------------
19:22:14.646 OS Version: Windows x64 6.1.7601 Service Pack 1
19:22:14.646 Number of processors: 2 586 0x301
19:22:14.646 ComputerName: JOHNNYNORRIS-PC UserName: Administrator
19:22:17.969 Initialize success
19:22:54.714 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:22:54.714 Disk 0 Vendor: ST9250315AS 0003DEM1 Size: 238475MB BusType: 3
19:22:54.729 Disk 0 MBR read successfully
19:22:54.745 Disk 0 MBR scan
19:22:54.745 Disk 0 Windows 7 default MBR code
19:22:54.761 Disk 0 Partition 1 00 DE Dell Utility MSDOS5.0 39 MB offset 63
19:22:54.776 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
19:22:54.792 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 203280 MB offset 30801920
19:22:54.792 Disk 0 Partition - 00 05 Extended 20154 MB offset 447121406
19:22:54.823 Disk 0 Partition 4 00 83 Linux 16060 MB offset 447121408
19:22:54.823 Disk 0 Partition - 00 05 Extended 4094 MB offset 480012288
19:22:54.901 Disk 0 scanning C:\Windows\system32\drivers
19:23:05.010 Service scanning
19:23:30.032 Modules scanning
19:23:30.563 Disk 0 trace - called modules:
19:23:30.594 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
19:23:30.609 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004862060]
19:23:30.625 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa80043a3810]
19:23:30.641 5 ACPI.sys[fffff88000e727a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80043ac060]
19:23:30.656 Scan finished successfully
19:24:58.609 Disk 0 MBR has been saved successfully to "C:\Users\Administrator.johnnynorris-PC\Desktop\MBR.dat"
19:24:58.625 The log file has been saved successfully to "C:\Users\Administrator.johnnynorris-PC\Desktop\aswMBR log.txt"