OTL logfile created on: 12/14/2009 8:06:23 PM - Run 1
OTL by OldTimer - Version 3.1.17.0     Folder = C:\Users\drmunoz\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.71 Gb Available Physical Memory | 85.68% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.53 Gb Total Space | 147.95 Gb Free Space | 66.48% Space Free | Partition Type: NTFS
Drive D: | 10.35 Gb Total Space | 1.39 Gb Free Space | 13.46% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DRMUNOZ-PC
Current User Name: drmunoz
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2009/12/14 19:56:35 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\drmunoz\Desktop\OTL.exe
PRC - [2009/12/14 17:39:13 | 00,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/11/23 15:53:58 | 04,781,352 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009/11/23 15:53:58 | 00,113,448 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009/11/23 15:53:56 | 04,497,704 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2009/11/23 15:53:56 | 01,823,528 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\WTablet\Pen_TabletUser.exe
PRC - [2009/11/13 16:37:33 | 00,285,296 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009/11/02 17:24:49 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/11/02 17:24:47 | 00,122,880 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/09/15 02:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/09/15 02:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/09/15 02:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/09/15 02:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/09/15 02:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/26 21:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/07/17 19:12:12 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
PRC - [2009/04/10 22:28:15 | 00,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
PRC - [2009/04/10 22:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/06 08:54:52 | 00,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2008/09/23 16:21:52 | 00,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
PRC - [2008/09/15 06:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe
PRC - [2008/08/01 15:14:02 | 00,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2008/07/10 14:27:58 | 00,150,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/07/10 14:27:54 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/07/10 14:27:52 | 00,145,944 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008/07/10 14:27:40 | 00,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/06/09 09:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/06/09 09:16:32 | 02,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2008/05/01 15:25:56 | 00,165,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2008/04/17 10:05:20 | 00,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2008/04/17 10:05:10 | 01,049,896 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008/04/15 13:51:00 | 00,488,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2008/04/11 08:04:54 | 00,685,360 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2008/04/03 10:33:26 | 00,193,840 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
PRC - [2008/01/20 18:33:00 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/10/17 15:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2007/09/26 06:34:40 | 00,316,720 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
PRC - [2007/05/08 15:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/05/04 10:39:28 | 00,910,896 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/05/04 10:39:24 | 00,267,824 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007/05/04 10:39:12 | 00,149,040 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/11/02 20:40:12 | 00,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2009/12/14 19:56:35 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\drmunoz\Desktop\OTL.exe
MOD - [2009/04/10 22:21:38 | 01,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll
MOD - [2009/04/10 22:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2006/11/02 04:34:04 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] --  -- (Norton Internet Security)
SRV - [2009/11/23 15:53:58 | 00,113,448 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009/11/23 15:53:56 | 04,497,704 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/11/02 17:24:45 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/09/24 17:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/15 02:56:43 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/09/15 02:56:28 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/09/15 02:54:13 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/09/15 02:49:40 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/09 06:56:48 | 00,094,208 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008/10/06 08:54:52 | 00,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/09/15 06:13:38 | 00,241,734 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2008/06/09 09:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/05/05 14:25:46 | 00,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/05/01 15:25:56 | 00,165,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2008/04/03 10:33:26 | 00,193,840 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx)
SRV - [2008/01/20 18:33:00 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/17 15:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2007/05/04 10:39:24 | 00,267,824 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/11/02 20:40:12 | 00,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\drmunoz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
 
[2009/12/14 19:56:34 | 00,538,112 | ---- | C] (OldTimer Tools) -- C:\Users\drmunoz\Desktop\OTL.exe
[2009/12/14 17:46:50 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2009/12/07 19:57:18 | 00,000,000 | ---D | C] -- C:\ProgramData\Real
[2009/12/06 15:51:20 | 00,000,000 | ---D | C] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/12/05 19:00:54 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2009/12/03 16:59:09 | 00,049,152 | ---- | C] (TechSmith Corporation) -- C:\Windows\System32\TSCCVID.DLL
[2009/12/02 20:02:56 | 00,245,032 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Touch_Tablet.dll
[2009/12/02 20:02:09 | 00,013,480 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\WacomVTHid.sys
[2009/12/02 20:02:01 | 06,393,640 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\PenTablet.cpl
[2009/12/02 20:01:14 | 00,011,312 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacommousefilter.sys
[2009/12/02 20:00:05 | 00,013,736 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacomvhid.sys
[2009/12/02 19:58:39 | 00,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\System32\drivers\wacmoumonitor.sys
[2009/12/02 19:58:38 | 00,000,000 | ---D | C] -- C:\Windows\System32\WTablet
[2009/12/02 19:58:36 | 04,497,704 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
[2009/12/02 19:58:36 | 00,416,040 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.dll
[2009/12/02 19:58:36 | 00,284,160 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\System32\Wintab32.dll
[2009/10/30 14:00:07 | 00,047,360 | ---- | C] (VSO Software) -- C:\Users\drmunoz\AppData\Roaming\pcouffin.sys
 
[color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
 
[2009/12/14 20:06:11 | 01,835,008 | -HS- | M] () -- C:\Users\drmunoz\ntuser.dat
[2009/12/14 19:56:35 | 00,538,112 | ---- | M] (OldTimer Tools) -- C:\Users\drmunoz\Desktop\OTL.exe
[2009/12/14 19:54:50 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/14 19:54:50 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/14 19:54:50 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/14 19:50:40 | 00,000,000 | ---- | M] () -- C:\Users\drmunoz\Desktop\settings.dat
[2009/12/14 19:49:09 | 00,000,284 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2009/12/14 19:48:29 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/14 19:48:27 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/14 19:48:27 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/14 19:48:14 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/14 19:48:10 | 31,197,14304 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/14 19:15:52 | 00,001,044 | ---- | M] () -- C:\Users\drmunoz\AppData\Roaming\vso_ts_preview.xml
[2009/12/14 19:13:49 | 00,016,896 | ---- | M] () -- C:\Users\drmunoz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/14 19:03:20 | 18,030,130 | ---- | M] () -- C:\ProgramData\vlc-1.0.3-win32.exe
[2009/12/14 17:49:11 | 00,524,288 | -HS- | M] () -- C:\Users\drmunoz\ntuser.dat{cf2c7bc4-e917-11de-967d-001f16e8bce8}.TMContainer00000000000000000002.regtrans-ms
[2009/12/14 17:49:11 | 00,524,288 | -HS- | M] () -- C:\Users\drmunoz\ntuser.dat{cf2c7bc4-e917-11de-967d-001f16e8bce8}.TMContainer00000000000000000001.regtrans-ms
[2009/12/14 17:49:11 | 00,065,536 | -HS- | M] () -- C:\Users\drmunoz\ntuser.dat{cf2c7bc4-e917-11de-967d-001f16e8bce8}.TM.blf
[2009/12/14 17:49:10 | 06,291,456 | -H-- | M] () -- C:\Users\drmunoz\AppData\Local\IconCache.db
[2009/12/14 17:39:13 | 00,000,752 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2009/12/14 17:25:52 | 00,524,288 | -HS- | M] () -- C:\Users\drmunoz\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2009/12/14 17:25:52 | 00,065,536 | -HS- | M] () -- C:\Users\drmunoz\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2009/12/11 23:35:11 | 73,229,2902 | ---- | M] () -- C:\Users\drmunoz\Documents\devise-p51.avi
[2009/12/10 10:24:30 | 73,457,0628 | ---- | M] () -- C:\Users\drmunoz\Documents\Armored.2009.Cam.Xvid.V2.TA.avi
[2009/12/07 19:03:52 | 00,010,201 | ---- | M] () -- C:\Users\drmunoz\Documents\painter.docx
[2009/12/03 16:59:10 | 00,001,842 | ---- | M] () -- C:\Users\Public\Desktop\TestOut Navigator (Stand-Alone Version).lnk
[2009/12/02 20:16:47 | 00,000,952 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2009/12/02 19:52:23 | 01,661,067 | ---- | M] () -- C:\Users\drmunoz\Documents\bamboo_en.pdf
[2009/12/02 13:37:19 | 14,623,04614 | ---- | M] () -- C:\Users\drmunoz\Documents\devise-lacr5.avi
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2009/12/14 19:50:40 | 00,000,000 | ---- | C] () -- C:\Users\drmunoz\Desktop\settings.dat
[2009/12/14 19:12:14 | 73,457,0628 | ---- | C] () -- C:\Users\drmunoz\Documents\Armored.2009.Cam.Xvid.V2.TA.avi
[2009/12/14 18:57:52 | 73,229,2902 | ---- | C] () -- C:\Users\drmunoz\Documents\devise-p51.avi
[2009/12/14 17:37:01 | 00,000,752 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2009/12/14 17:35:13 | 00,524,288 | -HS- | C] () -- C:\Users\drmunoz\ntuser.dat{cf2c7bc4-e917-11de-967d-001f16e8bce8}.TMContainer00000000000000000002.regtrans-ms
[2009/12/14 17:35:13 | 00,524,288 | -HS- | C] () -- C:\Users\drmunoz\ntuser.dat{cf2c7bc4-e917-11de-967d-001f16e8bce8}.TMContainer00000000000000000001.regtrans-ms
[2009/12/14 17:35:13 | 00,065,536 | -HS- | C] () -- C:\Users\drmunoz\ntuser.dat{cf2c7bc4-e917-11de-967d-001f16e8bce8}.TM.blf
[2009/12/03 16:59:10 | 00,001,842 | ---- | C] () -- C:\Users\Public\Desktop\TestOut Navigator (Stand-Alone Version).lnk
[2009/12/03 16:31:51 | 00,000,714 | ---- | C] () -- C:\Users\drmunoz\Documents\ERUNT.lnk
[2009/12/02 20:02:02 | 01,595,175 | ---- | C] () -- C:\Windows\System32\PenTablet.znc
[2009/12/02 19:52:19 | 01,661,067 | ---- | C] () -- C:\Users\drmunoz\Documents\bamboo_en.pdf
[2009/12/02 17:01:46 | 14,623,04614 | ---- | C] () -- C:\Users\drmunoz\Documents\devise-lacr5.avi
[2009/12/01 18:58:18 | 36,649,3696 | ---- | C] () -- C:\Users\drmunoz\Documents\scrd-place007-xvid.avi
[2009/11/30 19:48:39 | 00,000,952 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009/11/30 19:48:39 | 00,000,008 | RHS- | C] () -- C:\Windows\System32\EF8B819897.sys
[2009/11/23 17:11:13 | 18,030,130 | ---- | C] () -- C:\ProgramData\vlc-1.0.3-win32.exe
[2009/10/31 11:56:02 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/30 15:36:50 | 00,016,896 | ---- | C] () -- C:\Users\drmunoz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/30 14:00:42 | 00,001,044 | ---- | C] () -- C:\Users\drmunoz\AppData\Roaming\vso_ts_preview.xml
[2009/10/30 14:00:29 | 00,000,034 | ---- | C] () -- C:\Users\drmunoz\AppData\Roaming\pcouffin.log
[2009/10/30 14:00:07 | 00,087,608 | ---- | C] () -- C:\Users\drmunoz\AppData\Roaming\inst.exe
[2009/10/30 14:00:07 | 00,007,887 | ---- | C] () -- C:\Users\drmunoz\AppData\Roaming\pcouffin.cat
[2009/10/30 14:00:07 | 00,001,144 | ---- | C] () -- C:\Users\drmunoz\AppData\Roaming\pcouffin.inf
[2009/10/30 13:40:16 | 00,076,407 | ---- | C] () -- C:\Users\drmunoz\AppData\Roaming\Smiley.ico
[2009/10/30 12:56:58 | 00,000,000 | ---- | C] () -- C:\Users\drmunoz\AppData\Local\QSwitch.txt
[2009/10/30 12:56:58 | 00,000,000 | ---- | C] () -- C:\Users\drmunoz\AppData\Local\DSwitch.txt
[2009/10/30 12:56:58 | 00,000,000 | ---- | C] () -- C:\Users\drmunoz\AppData\Local\AtStart.txt
[2009/09/08 09:41:47 | 00,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2009/09/08 09:41:38 | 00,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2009/09/08 09:41:16 | 00,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2009/09/08 09:40:43 | 00,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2009/09/08 09:38:52 | 00,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009/09/08 09:38:24 | 00,000,284 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009/04/20 03:37:39 | 00,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/04/20 03:32:37 | 00,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/04/20 03:30:58 | 00,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/04/20 03:29:48 | 00,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008/07/06 12:29:46 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1518.dll
[2008/06/29 06:52:14 | 00,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2006/11/01 23:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 01:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/12/14 17:49:13 | 00,030,230 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/20 18:32:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 18:32:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 18:32:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 18:32:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 18:32:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2009/07/13 18:38:05 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\$WINDOWS.~BT\Windows\System32\drivers\AGP440.sys
[2009/07/13 18:38:05 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/13 18:38:05 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\$WINDOWS.~BT\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2006/11/02 01:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/12/14 18:44:13 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/10 22:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 22:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 18:32:21 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 18:32:21 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2009/07/13 18:38:05 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\$WINDOWS.~BT\Windows\System32\drivers\atapi.sys
[2009/07/13 18:38:05 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/13 18:38:05 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\$WINDOWS.~BT\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2006/11/02 01:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/04/20 02:46:14 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2009/04/20 02:46:14 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2009/04/20 02:46:14 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2009/04/20 02:46:14 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2009/07/13 17:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\$WINDOWS.~BT\Windows\System32\cngaudit.dll
[2009/07/13 17:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2006/11/02 01:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 01:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2007/05/17 20:34:04 | 00,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/20 18:32:49 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 18:32:49 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 18:32:49 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2009/07/13 18:38:05 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\$WINDOWS.~BT\Windows\System32\drivers\iaStorV.sys
[2009/07/13 18:38:05 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 18:38:05 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2006/11/02 01:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2009/04/10 22:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 22:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 18:33:41 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2009/07/13 17:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\$WINDOWS.~BT\Windows\System32\netlogon.dll
[2009/07/13 17:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 01:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 18:32:47 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 18:32:47 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 18:32:47 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
[2009/07/13 18:38:05 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\$WINDOWS.~BT\Windows\System32\drivers\nvstor.sys
[2009/07/13 18:38:05 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\$WINDOWS.~BT\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 18:38:05 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\$WINDOWS.~BT\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2009/07/13 17:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\$WINDOWS.~BT\Windows\System32\scecli.dll
[2009/07/13 17:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\$WINDOWS.~BT\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2008/01/20 18:34:39 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/10 22:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/10 22:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
< End of report >