Log in

joh turner · 1 help on Wed May 19, 2010 10:07 am

joh turner

Member
Member

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:01:14, on 18/05/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\AVG\AVG8\aAvgApi.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=1208&m=e520
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=1208&m=e520
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=1208&m=e520
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [BrowserBallot] browserchoice.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrowserQuest Service - Unknown owner - C:\ProgramData\BrowserQuest\browserquest129.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 12200 bytes

DragonMaster Jay · 2 Re: help on Wed May 19, 2010 7:11 pm

DragonMaster Jay

Site Owner

Hello, and welcome to The Ultimate Geek TaskForce!

Please note the following information about the malware forum:

Only Moderators and Administrators are allowed to give advice on removing malware from your computer.
From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
If you have already asked for help somewhere, please post the link to the topic you were helped.
We try our best to reply quickly, but for any reason we do not reply in two days, do this:

Reply to this topic with the word BUMP.
Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Please download ComboFix

from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com (Click the green button on the page to download it).

Rename ComboFix.exe to combo-fix.exe before you save it to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\combo-fix.exe" /stepdel
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

joh turner · 3 Re: help on Thu May 20, 2010 6:44 am

joh turner

Member
Member

BUMP

i ran the scan and got the log but cannot send the log as i cannot get on the internet on the lpatop i ran the scan on t come up with the message

"C:\Program Files\Internet Explorer\iexplorer.exe

Illegal operation attempted on a registry Key that has been marked for deletion"

DragonMaster Jay · 4 Re: help on Thu May 20, 2010 11:26 am

DragonMaster Jay

Site Owner

Please download Malwarebytes Anti-Malware from Malwarebytes.org.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
Copy and paste the entire report in your next reply.

joh turner · 5 Re: help on Thu May 20, 2010 11:36 am

joh turner

Member
Member

just turned the laptop on and i no longer get te message so it is letting me on the internet now so this i the log file from combo fix do u still want me to run a scan on malwarebytes. thank you .

ComboFix 10-05-19.02 - Josh 19/05/2010 11:44:42.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.953.268 [GMT -7:00]
Running from: c:\users\Josh\Desktop\combo-fix.exe
Command switches used :: /stepdel
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-04-19 to 2010-05-19 )))))))))))))))))))))))))))))))
.

2010-05-19 18:58 . 2010-05-19 18:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-19 18:58 . 2010-05-19 18:58 -------- d-----w- c:\users\admin\AppData\Local\temp
2010-05-19 18:18 . 2010-05-19 18:18 -------- d-----w- c:\programdata\AVG Security Toolbar
2010-05-18 22:59 . 2010-05-18 22:59 -------- d-----w- c:\program files\Trend Micro
2010-05-18 22:18 . 2010-05-18 22:58 -------- d-----w- C:\$AVG8.VAULT$
2010-05-18 21:08 . 2010-05-19 18:12 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2010-05-18 21:08 . 2010-05-19 18:12 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-05-18 21:08 . 2010-05-19 18:12 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-05-18 21:08 . 2010-05-19 18:12 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-05-18 21:08 . 2010-05-19 18:19 -------- d-----w- c:\windows\system32\drivers\Avg
2010-05-18 21:07 . 2010-05-18 21:07 -------- d-----w- c:\program files\AVG
2010-05-18 21:07 . 2010-05-18 21:07 -------- d-----w- c:\programdata\avg8
2010-05-18 19:40 . 2010-05-07 23:40 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-05-18 19:40 . 2010-05-07 23:34 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-05-18 19:40 . 2010-05-07 23:34 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-05-18 19:39 . 2010-05-18 19:39 -------- d-----w- c:\users\Josh\AppData\Roaming\TuneUp Software
2010-05-18 19:38 . 2010-05-18 19:40 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-05-18 19:35 . 2010-05-18 19:38 -------- d-----w- c:\programdata\TuneUp Software
2010-05-18 19:35 . 2010-05-18 19:35 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-05-17 23:42 . 2010-05-17 23:42 -------- d-----w- c:\users\Josh\AppData\Roaming\Malwarebytes
2010-05-17 23:42 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-17 23:42 . 2010-05-17 23:42 -------- d-----w- c:\programdata\Malwarebytes
2010-05-17 23:42 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-17 23:42 . 2010-05-17 23:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-13 02:27 . 2010-05-13 23:14 -------- d-----w- c:\program files\uTorrent
2010-05-11 23:46 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-07 02:50 . 2010-05-18 07:23 -------- d-----w- c:\users\Josh\AppData\Roaming\vlc
2010-05-07 02:45 . 2010-05-07 02:45 -------- d-----w- c:\users\Josh\AppData\Local\Graboid_Inc
2010-05-07 02:45 . 2010-05-07 02:45 -------- d-----w- c:\users\Josh\AppData\Local\Graboid
2010-05-07 02:45 . 2010-05-07 02:45 -------- d-----w- c:\users\Josh\AppData\Roaming\MozillaControl
2010-05-07 02:44 . 2010-05-07 02:44 -------- d-----w- c:\program files\Mozilla ActiveX Control v1.7.12
2010-05-07 02:42 . 2010-05-07 02:42 -------- d-----w- c:\program files\VideoLAN
2010-05-07 02:41 . 2010-05-07 02:45 -------- d-----w- c:\program files\Graboid
2010-04-21 22:54 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-19 18:15 . 2010-01-24 04:22 -------- d-----w- c:\users\Josh\AppData\Roaming\LimeWire
2010-05-19 18:15 . 2010-04-15 00:00 -------- d-----w- c:\users\Josh\AppData\Roaming\uTorrent
2010-05-19 18:04 . 2008-08-28 19:18 -------- d-----w- c:\program files\Google
2010-05-18 22:45 . 2010-03-08 05:16 -------- d-sh--w- c:\programdata\SysWoW32
2010-05-12 03:27 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-05-12 03:26 . 2008-08-28 19:29 -------- d-----w- c:\programdata\Microsoft Help
2010-04-29 06:21 . 2010-02-02 01:01 -------- d-----w- c:\programdata\McAfee Security Scan
2010-04-14 23:38 . 2010-02-19 00:49 -------- d-----w- c:\program files\BrowserQuest
2010-04-14 23:25 . 2010-04-14 23:20 -------- d-----w- c:\programdata\DivX
2010-04-14 23:25 . 2010-02-17 11:14 -------- d-----w- c:\program files\DivX
2010-04-14 23:22 . 2010-02-17 11:14 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-04-14 23:18 . 2010-02-19 00:49 -------- d-----w- c:\programdata\BrowserQuest
2010-04-11 05:46 . 2010-04-11 05:46 -------- d-----w- c:\program files\Bonjour
2010-04-09 18:14 . 2010-04-09 18:14 -------- d-----w- c:\program files\Common Files\Java
2010-04-09 18:13 . 2009-12-25 10:05 -------- d-----w- c:\program files\Java
2010-03-23 05:22 . 2010-03-22 01:38 -------- d-----w- c:\programdata\Babylon
2010-03-22 02:12 . 2010-03-22 01:38 -------- d-----w- c:\users\Josh\AppData\Roaming\Babylon
2010-03-22 01:41 . 2010-03-22 01:40 -------- d-----w- c:\program files\BitZipper
2010-03-22 01:40 . 2010-03-22 01:40 -------- d-----w- c:\users\Josh\AppData\Roaming\BitZipper
2010-03-22 01:39 . 2010-03-22 01:38 -------- d-----w- c:\program files\Winferno
2010-03-22 01:39 . 2010-03-22 01:38 -------- d-----w- c:\program files\myBabylon_English4
2010-03-22 01:38 . 2010-03-22 01:38 -------- d-----w- c:\program files\Babylon
2010-03-22 01:37 . 2010-03-22 01:37 -------- d-----w- c:\program files\PriceGong
2010-03-22 01:33 . 2010-03-22 01:33 -------- d-----w- c:\users\Josh\AppData\Roaming\Uniblue
2010-03-22 01:32 . 2010-03-22 01:32 -------- d-----w- c:\program files\Uniblue
2010-03-09 11:28 . 2009-12-25 10:05 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-05 23:44 . 2010-01-16 08:59 72752 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-03-05 14:01 . 2010-04-14 02:45 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-23 11:10 . 2010-04-14 02:45 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-23 11:10 . 2010-04-14 02:45 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-02-23 11:10 . 2010-04-14 02:45 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-23 06:39 . 2010-03-30 04:56 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-03-30 04:56 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-03-30 04:56 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-03-30 04:56 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-19 00:52 . 2010-02-19 00:52 0 ----a-w- c:\windows\nsreg.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-05 1197448]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-05 00:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-05 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-05 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-25 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-27 3883856]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-05-13 321328]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-16 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-16 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-16 145944]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-25 988512]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-07 34040]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 768520]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-27 6244896]
"WarReg_PopUp"="c:\program files\eMachines\WR_PopUp\WarReg_PopUp.exe" [2008-05-10 49152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"Skytel"="Skytel.exe" [2008-06-27 1826816]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-05-18 1932568]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-27 3883856]

c:\users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-9-30 503808]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"eRecoveryService"=
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):7b,d6,b4,b7,92,b7,ca,01

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 135664]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2008-07-31 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-12-14 102448]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-05-19 335240]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-05-19 108552]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20100210.001\IDSvix86.sys [2009-11-21 286768]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2010-05-18 908056]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2010-05-18 298264]
S2 BrowserQuest Service;BrowserQuest Service;c:\programdata\BrowserQuest\browserquest129.exe [2010-04-14 61712]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 ETService;Empowering Technology Service;c:\program files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [2008-06-11 24576]
S2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-07 50424]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 00:59]

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 00:59]

2010-05-19 c:\windows\Tasks\Norton Security Scan for Josh.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-03-16 19:50]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=1208&m=e520
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
.
- - - - ORPHANS REMOVED - - - -

BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1668)
c:\program files\BrowserQuest\browserquest.dll
c:\program files\Common Files\Symantec Shared\AppCore\AppMgr32.dll
.
Completion time: 2010-05-19 12:11:21
ComboFix-quarantined-files.txt 2010-05-19 19:11

Pre-Run: 90,077,036,544 bytes free
Post-Run: 89,651,494,912 bytes free

- - End Of File - - E0D1FFE85F8C8B7EAD8698C3351096A7

DragonMaster Jay · 6 Re: help on Thu May 20, 2010 11:54 am

DragonMaster Jay

Site Owner

Ok. Go ahead with Malwarebytes scan.

joh turner · 7 Re: help on Thu May 20, 2010 2:14 pm

joh turner

Member
Member

this is the scan report for malwarebytes scan however altho it came up that it didnt find anything im sue there is something still on the computer as it is really slow on everything and was just wondering if there wer any other scans that u wudadvise me to do thank you.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4120

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

19/05/2010 19:42:35
mbam-log-2010-05-19 (19-42-35).txt

Scan type: Full scan (C:\|)
Objects scanned: 249653
Time elapsed: 1 hour(s), 50 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

DragonMaster Jay · 8 Re: help on Thu May 20, 2010 6:44 pm

DragonMaster Jay

Site Owner

Please download OTS by OldTimer and save it to your Desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.

Close ALL OTHER PROGRAMS.
Double-click on OTS to start the program (if you are running on Vista then right-click the program and
choose Run as Administrator).
At the top, tick on Scan All Users section and Include MD5.
At File Age set it to 90 Days
In the Processes, Modules, Services, Drivers, and Registry
section, please set on Safe List.
In the Files Created Within and Files Modified Within section, set it to File Age
At the bottom, tick on all Safe List and Use Company Name WhiteList option
Under Additional Scans, tick on the "Extras" button and then click the checkboxes in front of the following items to select them:
Do NOT change any other settings.
Then, in the Custom Scans box, place this in:

%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\System32\*.sys
%systemroot%\System32\drivers\*.dll
%systemroot%\System32\drivers\*.ini
%systemroot%\System32\drivers\*.exe
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.
%appdata%\*.*
Now click the Run Scan button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

joh turner · 9 Re: help on Fri May 21, 2010 5:13 am

joh turner

Member
Member

[code]
OTS logfile created on: 20/05/2010 08:49:35 - Run 1
OTS by OldTimer - Version 3.1.31.0 Folder = C:\Users\Josh\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

953.00 Mb Total Physical Memory | 229.00 Mb Available Physical Memory | 24.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 47.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.04 Gb Total Space | 83.17 Gb Free Space | 59.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOSH-PC
Current User Name: Josh
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 90 Days

[Processes - Safe List]
ots.exe -> C:\Users\Josh\Desktop\OTS.exe -> [2010/05/20 08:34:36 | 000,640,000 | ---- | M | MD5 = C7A61D4B69CF0E784AAB1E2105529300] (OldTimer Tools)
avgcsrvx.exe -> C:\Program Files\AVG\AVG8\avgcsrvx.exe -> [2010/05/19 11:12:25 | 000,693,016 | ---- | M | MD5 = 98D6BB2D06986E9E1051F2CBE3CF6E7A] (AVG Technologies CZ, s.r.o.)
avgrsx.exe -> C:\Program Files\AVG\AVG8\avgrsx.exe -> [2010/05/19 11:12:25 | 000,486,680 | ---- | M | MD5 = 65EA6EB029BB031773473AD9A78A666D] (AVG Technologies CZ, s.r.o.)
avgtray.exe -> C:\Program Files\AVG\AVG8\avgtray.exe -> [2010/05/19 11:12:09 | 002,046,816 | ---- | M | MD5 = CB7874592B0FA7E05EE577F40EB3B545] (AVG Technologies CZ, s.r.o.)
avgnsx.exe -> C:\Program Files\AVG\AVG8\avgnsx.exe -> [2010/05/19 11:12:02 | 000,595,736 | ---- | M | MD5 = A6CF4FF9BE1202800C22EC5A6A7CF4A6] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> C:\Program Files\AVG\AVG8\avgwdsvc.exe -> [2010/05/19 11:11:56 | 000,297,752 | ---- | M | MD5 = DB338A6BD3976904EB0F8343F51E64EB] (AVG Technologies CZ, s.r.o.)
avgemc.exe -> C:\Program Files\AVG\AVG8\avgemc.exe -> [2010/05/19 11:11:49 | 000,908,056 | ---- | M | MD5 = B9AE3C63A53396CD669EF8AE9C9CBD85] (AVG Technologies CZ, s.r.o.)
tuneuputilitiesapp32.exe -> C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe -> [2010/05/07 16:40:06 | 000,719,688 | ---- | M | MD5 = 45A9CA6D801D4F5E02347312BE5D7F19] (TuneUp Software)
tuneuputilitiesservice32.exe -> C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -> [2010/05/07 16:38:14 | 001,051,976 | ---- | M | MD5 = 80596539DD62F9773271050B19298CE0] (TuneUp Software)
browserquest129.exe -> C:\ProgramData\BrowserQuest\browserquest129.exe -> [2010/04/14 11:55:28 | 000,061,712 | ---- | M | MD5 = DF8BC60360C7103B65C5E4D04AEFC999] ()
browserquest.exe -> C:\Program Files\BrowserQuest\browserquest.exe -> [2010/04/14 11:55:28 | 000,061,712 | ---- | M | MD5 = DF8BC60360C7103B65C5E4D04AEFC999] ()
divxupdate.exe -> C:\Program Files\DivX\DivX Update\DivXUpdate.exe -> [2010/04/12 15:46:36 | 001,135,912 | ---- | M | MD5 = D41DAA100382264DCA6AAF9D19805A2A] ()
applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/03/19 10:49:20 | 000,144,672 | ---- | M | MD5 = ACB095E7E1663F1B83A41C22C5D75F90] (Apple Inc.)
googletoolbaruser_32.exe -> C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe -> [2010/02/04 17:14:24 | 000,298,608 | ---- | M | MD5 = DEA8E97225B79A52094459422FA9BE66] (Google Inc.)
ssscheduler.exe -> C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe -> [2010/01/15 05:49:20 | 000,255,536 | ---- | M | MD5 = 89F7C30A91E5581BDF14C62AB46A2B2D] (McAfee, Inc.)
googletoolbarnotifier.exe -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2009/12/25 09:44:26 | 000,068,856 | ---- | M | MD5 = E616A6A6E91B0A86F2F6217CDE835FFE] (Google Inc.)
flashutil10d.exe -> C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe -> [2009/11/02 17:24:58 | 000,257,440 | R--- | M | Unable to obtain MD5] (Adobe Systems, Inc.)
seaport.exe -> C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/05/19 12:36:18 | 000,240,512 | ---- | M | MD5 = 271077B91D7AD1B616F8AFDFE8E3F981] (Microsoft Corporation)
explorer.exe -> C:\Windows\explorer.exe -> [2009/04/10 23:27:36 | 002,926,592 | ---- | M | MD5 = D07D4C3038F3578FFCE1C0237F2A1253] (Microsoft Corporation)
ccsvchst.exe -> c:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE -> [2008/10/17 16:52:10 | 000,149,352 | ---- | M | MD5 = 2F237AAB91497AAA03AF48EAE68758FC] (Symantec Corporation)
symlcsvc.exe -> C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -> [2008/08/28 12:20:24 | 001,245,064 | ---- | M | MD5 = 438FAFE708C93B2236FC26B6F2BD5FD0] ()
lmanager.exe -> C:\Program Files\Launch Manager\LManager.exe -> [2008/07/24 21:18:26 | 000,768,520 | ---- | M | MD5 = 00DAA6154E1A232751D03D7A2D7760BF] (Dritek System Inc.)
igfxext.exe -> C:\Windows\System32\igfxext.exe -> [2008/07/16 00:31:32 | 000,174,616 | ---- | M | MD5 = ACE58599BDD6051CBE3D78353E7D21F0] (Intel Corporation)
rthdvcpl.exe -> C:\Windows\RtHDVCpl.exe -> [2008/06/27 03:33:18 | 006,244,896 | ---- | M | MD5 = 5E6DCE5FFCE1F21EF5BD690CB8CFD57B] (Realtek Semiconductor)
etservice.exe -> C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -> [2008/06/11 12:18:30 | 000,024,576 | ---- | M | MD5 = 4D06D9A26227AC485305133916888DF1] ()
bkuptray.exe -> C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe -> [2008/04/06 22:42:36 | 000,034,040 | ---- | M | MD5 = 6882D187F65ECA79110848A68FDEB2BF] ()
backupsvc.exe -> C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -> [2008/04/06 22:42:24 | 000,050,424 | ---- | M | MD5 = CB76F68BA0D57C5D25B538981B1C611C] (NewTech InfoSystems, Inc.)
schedulersvc.exe -> C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -> [2008/04/04 03:03:14 | 000,131,072 | ---- | M | MD5 = DF1C10A75DF7E50195FC417F88A33227] ()
agentsvc.exe -> C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -> [2008/03/03 13:11:14 | 000,016,384 | ---- | M | MD5 = 09E6AFFAE6C0E9158BF05C7D08D0107A] (NewTech Infosystems, Inc.)
iviregmgr.exe -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 20:48:50 | 000,112,152 | ---- | M | MD5 = 213822072085B5BBAD9AF30AB577D817] (InterVideo)

[Modules - Safe List]
ots.exe -> C:\Users\Josh\Desktop\OTS.exe -> [2010/05/20 08:34:36 | 000,640,000 | ---- | M | MD5 = C7A61D4B69CF0E784AAB1E2105529300] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll -> [2009/04/10 23:21:38 | 001,686,016 | ---- | M | Unable to obtain MD5] (Microsoft Corporation)
msscript.ocx -> C:\Windows\System32\msscript.ocx -> [2008/01/20 19:34:21 | 000,110,592 | ---- | M | MD5 = F67F3A6B7953F426C0943F278A9EA1AD] (Microsoft Corporation)

[Win32 Services - Safe List]
(avg8wd) AVG Free8 WatchDog [Auto | Running] -> C:\Program Files\AVG\AVG8\avgwdsvc.exe -> [2010/05/19 11:11:56 | 000,297,752 | ---- | M | MD5 = DB338A6BD3976904EB0F8343F51E64EB] (AVG Technologies CZ, s.r.o.)
(avg8emc) AVG Free8 E-mail Scanner [Auto | Running] -> C:\Program Files\AVG\AVG8\avgemc.exe -> [2010/05/19 11:11:49 | 000,908,056 | ---- | M | MD5 = B9AE3C63A53396CD669EF8AE9C9CBD85] (AVG Technologies CZ, s.r.o.)
(TuneUp.Defrag) TuneUp Drive Defrag Service [On_Demand | Stopped] -> C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -> [2010/05/18 12:40:04 | 000,435,016 | ---- | M | MD5 = 6D34D310F43E872E13D2FBC1FB3F5708] (TuneUp Software)
(TuneUp.UtilitiesSvc) TuneUp Utilities Service [Auto | Running] -> C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -> [2010/05/07 16:38:14 | 001,051,976 | ---- | M | MD5 = 80596539DD62F9773271050B19298CE0] (TuneUp Software)
(UxTuneUp) TuneUp Theme Extension [Auto | Running] -> C:\Windows\System32\uxtuneup.dll -> [2010/05/07 16:34:32 | 000,030,024 | ---- | M | MD5 = 07524A835ACF04FB47E9DAEF2859294D] (TuneUp Software)
(BrowserQuest Service) BrowserQuest Service [Auto | Running] -> C:\ProgramData\BrowserQuest\browserquest129.exe -> [2010/04/14 11:55:28 | 000,061,712 | ---- | M | MD5 = DF8BC60360C7103B65C5E4D04AEFC999] ()
(Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/03/19 10:49:20 | 000,144,672 | ---- | M | MD5 = ACB095E7E1663F1B83A41C22C5D75F90] (Apple Inc.)
(McComponentHostService) McAfee Security Scan Component Host Service [On_Demand | Stopped] -> C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -> [2010/01/15 05:49:20 | 000,227,232 | ---- | M | MD5 = F453D1E6D881E8F8717E20CCD4199E85] (McAfee, Inc.)
(FontCache) Windows Font Cache Service [On_Demand | Stopped] -> C:\Windows\System32\FntCache.dll -> [2009/09/24 18:27:04 | 000,793,088 | ---- | M | MD5 = D49705F25390265CAD9B620F55EA968C] (Microsoft Corporation)
(fsssvc) Windows Live Family Safety Service [On_Demand | Stopped] -> C:\Program Files\Windows Live\Family Safety\fsssvc.exe -> [2009/08/05 23:48:42 | 000,704,864 | ---- | M | MD5 = 206AD9A89BF05DFA1621F1FC7B82592D] (Microsoft Corporation)
(SeaPort) SeaPort [Auto | Running] -> C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/05/19 12:36:18 | 000,240,512 | ---- | M | MD5 = 271077B91D7AD1B616F8AFDFE8E3F981] (Microsoft Corporation)
(LiveUpdate Notice) LiveUpdate Notice [Auto | Running] -> c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -> [2008/10/17 16:52:10 | 000,149,352 | ---- | M | MD5 = 2F237AAB91497AAA03AF48EAE68758FC] (Symantec Corporation)
(CLTNetCnService) Symantec Lic NetConnect service [Auto | Running] -> c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -> [2008/10/17 16:52:10 | 000,149,352 | ---- | M | MD5 = 2F237AAB91497AAA03AF48EAE68758FC] (Symantec Corporation)
(ccSetMgr) Symantec Settings Manager [Auto | Running] -> c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -> [2008/10/17 16:52:10 | 000,149,352 | ---- | M | MD5 = 2F237AAB91497AAA03AF48EAE68758FC] (Symantec Corporation)
(ccEvtMgr) Symantec Event Manager [Auto | Running] -> c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -> [2008/10/17 16:52:10 | 000,149,352 | ---- | M | MD5 = 2F237AAB91497AAA03AF48EAE68758FC] (Symantec Corporation)
(LiveUpdate) LiveUpdate [On_Demand | Stopped] -> c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -> [2008/09/05 12:52:32 | 003,220,856 | ---- | M | MD5 = 36375738DC0B3CD1F764268008E74FDF] (Symantec Corporation)
(Symantec Core LC) Symantec Core LC [On_Demand | Running] -> C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -> [2008/08/28 12:20:24 | 001,245,064 | ---- | M | MD5 = 438FAFE708C93B2236FC26B6F2BD5FD0] ()
(ETService) Empowering Technology Service [Auto | Running] -> C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -> [2008/06/11 12:18:30 | 000,024,576 | ---- | M | MD5 = 4D06D9A26227AC485305133916888DF1] ()
(NTIBackupSvc) NTI Backup Now 5 Backup Service [Auto | Running] -> C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -> [2008/04/06 22:42:24 | 000,050,424 | ---- | M | MD5 = CB76F68BA0D57C5D25B538981B1C611C] (NewTech InfoSystems, Inc.)
(NTISchedulerSvc) NTI Backup Now 5 Scheduler Service [Auto | Running] -> C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -> [2008/04/04 03:03:14 | 000,131,072 | ---- | M | MD5 = DF1C10A75DF7E50195FC417F88A33227] ()
(BUNAgentSvc) NTI Backup Now 5 Agent Service [Auto | Running] -> C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -> [2008/03/03 13:11:14 | 000,016,384 | ---- | M | MD5 = 09E6AFFAE6C0E9158BF05C7D08D0107A] (NewTech Infosystems, Inc.)
(WinDefend) Windows Defender [Auto | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 19:33:00 | 000,272,952 | ---- | M | MD5 = 4575AA12561C5648483403541D0D7F2B] (Microsoft Corporation)
(comHost) COM Host [On_Demand | Stopped] -> c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -> [2007/08/21 03:21:02 | 000,055,640 | ---- | M | MD5 = 75A69CA9998577F8B2BE8695040E5DF4] (Symantec Corporation)
(IviRegMgr) IviRegMgr [Auto | Running] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 20:48:50 | 000,112,152 | ---- | M | MD5 = 213822072085B5BBAD9AF30AB577D817] (InterVideo)

[Driver Services - Safe List]
(AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> C:\Windows\System32\Drivers\avgldx86.sys -> [2010/05/19 11:12:25 | 000,335,240 | ---- | M | MD5 = BC12F2404BB6F2B6B2FF3C4C246CB752] (AVG Technologies CZ, s.r.o.)
(AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> C:\Windows\System32\Drivers\avgmfx86.sys -> [2010/05/19 11:12:25 | 000,027,784 | ---- | M | MD5 = 5903D729D4F0C5BCA74123C96A1B29E0] (AVG Technologies CZ, s.r.o.)
(AvgTdiX) AVG Free8 Network Redirector [Kernel | System | Running] -> C:\Windows\System32\Drivers\avgtdix.sys -> [2010/05/19 11:12:07 | 000,108,552 | ---- | M | MD5 = 92D8E1E8502E649B60E70074EB29C380] (AVG Technologies CZ, s.r.o.)
(TuneUpUtilitiesDrv) TuneUpUtilitiesDrv [Kernel | On_Demand | Running] -> C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -> [2010/02/24 14:41:50 | 000,010,064 | ---- | M | MD5 = F2107C9D85EC0DF116939CCCE06AE697] (TuneUp Software)
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SYMEVENT.SYS -> [2009/12/26 14:22:01 | 000,124,464 | ---- | M | MD5 = 06B95820DF51502099A8A15C93E87986] (Symantec Corporation)
(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -> [2009/12/14 09:59:20 | 000,371,248 | ---- | M | MD5 = 96BCD90ED9235A21629EFFDE5E941FB1] (Symantec Corporation)
(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Stopped] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2009/12/14 09:59:20 | 000,102,448 | ---- | M | MD5 = 392C86F6B45C0BC696C32C27F51E749F] (Symantec Corporation)
(IDSvix86) Symantec Intrusion Prevention Driver [Kernel | System | Running] -> C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100210.001\IDSvix86.sys -> [2009/11/20 23:22:06 | 000,286,768 | ---- | M | MD5 = BBBC8B3F0DB98EF2494327694222D658] (Symantec Corporation)
(fssfltr) fssfltr [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\fssfltr.sys -> [2009/08/05 23:48:42 | 000,054,632 | ---- | M | MD5 = B74B0578FD1D3F897E95F2A2B69EA051] (Microsoft Corporation)
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\USBAUDIO.sys -> [2009/04/10 21:42:54 | 000,073,216 | ---- | M | MD5 = 32DB9517628FF0D070682AAB61E688F0] (Microsoft Corporation)
(SPBBCDrv) SPBBCDrv [Kernel | System | Running] -> C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -> [2009/03/17 13:56:58 | 000,447,024 | ---- | M | MD5 = DC4DC886D3779C446F9B0E9D6B006E72] (Symantec Corporation)
(SymIM) Symantec Network Security Intermediate Filter Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\SymIMV.sys -> [2009/02/19 13:31:42 | 000,024,112 | ---- | M | MD5 = 8EAB28DD6CD25355B951AE460FA86B48] (Symantec Corporation)
(SYMNDISV) SYMNDISV [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\SYMNDISV.SYS -> [2009/02/19 13:31:18 | 000,041,008 | ---- | M | MD5 = C94EACA4B522012EE0691F1E79C42A7D] (Symantec Corporation)
(SYMTDI) SYMTDI [Kernel | System | Running] -> C:\Windows\System32\Drivers\SYMTDI.SYS -> [2009/02/19 13:31:16 | 000,184,496 | ---- | M | MD5 = E6FF7ACE71D07CA90119F2C6AB592BA4] (Symantec Corporation)
(SYMFW) SYMFW [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\SYMFW.SYS -> [2009/02/19 13:31:16 | 000,096,560 | ---- | M | MD5 = A0EA9D273889E53CFAABF2444692CCBF] (Symantec Corporation)
(SYMREDRV) SYMREDRV [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\SYMREDRV.SYS -> [2009/02/19 13:31:16 | 000,022,320 | ---- | M | MD5 = 7C6505EA598E58099D3B7E1F70426864] (Symantec Corporation)
(SYMDNS) SYMDNS [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\SYMDNS.SYS -> [2009/02/19 13:31:16 | 000,013,616 | ---- | M | MD5 = FE9F8B3A8BC22D85332B42E92308DDF9] (Symantec Corporation)
(COH_Mon) COH_Mon [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\COH_Mon.sys -> [2008/07/30 18:42:12 | 000,023,888 | ---- | M | MD5 = 6186B6B953BDC884F0F379B84B3E3A98] (Symantec Corporation)
(igfx) igfx [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\igdkmd32.sys -> [2008/07/10 19:20:10 | 002,381,312 | ---- | M | MD5 = 0627FC0C422CD6E0F23E1B0D1D9F0899] (Intel Corporation)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTKVHDA.sys -> [2008/06/27 03:33:20 | 002,147,928 | ---- | M | MD5 = CF2219A2FED4F8F2E0817A2BF1658799] (Realtek Semiconductor Corp.)
(int15) int15 [Kernel | Auto | Running] -> C:\Windows\System32\drivers\int15.sys -> [2008/06/11 12:13:24 | 000,015,392 | ---- | M | MD5 = C6E5276C00EBDEB096BB5EF4B797D1B6] (Acer, Inc.)
(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Rtlh86.sys -> [2008/06/10 03:54:36 | 000,123,904 | ---- | M | MD5 = 125C504A34D0A2E152517E342E7E432C] (Realtek Corporation )
(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\athr.sys -> [2008/05/19 04:42:56 | 000,912,384 | ---- | M | MD5 = 997E25F5B7D53C94C0AD2DC080F6868E] (Atheros Communications, Inc.)
(ApfiltrService) Alps Pointing-device Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Apfiltr.sys -> [2008/02/18 07:09:40 | 000,166,960 | ---- | M | MD5 = 0ED1A5B7A8AE5939A92EA1EC39E16D21] (Alps Electric Co., Ltd.)
(SRTSPL) SRTSPL [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\srtspl.sys -> [2008/01/30 19:51:00 | 000,317,616 | ---- | M | MD5 = 4E44F0E22DF824D318988CAA6F321C30] (Symantec Corporation)
(SRTSP) SRTSP [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\srtsp.sys -> [2008/01/30 19:51:00 | 000,279,088 | ---- | M | MD5 = E0E54A571D4323567E95E11FE76A5FF3] (Symantec Corporation)
(SRTSPX) SRTSPX [Kernel | System | Running] -> C:\Windows\System32\drivers\srtspx.sys -> [2008/01/30 19:51:00 | 000,043,696 | ---- | M | MD5 = D3BB40427CF3D02E56BBA97FEDA0A3AA] (Symantec Corporation)
(NTIDrvr) Upper Class Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\NTIDrvr.sys -> [2008/01/30 02:52:06 | 000,014,848 | ---- | M | MD5 = 2757D2BA59AEE155209E24942AB127C9] (NewTech Infosystems, Inc.)
(UBHelper) UBHelper [Kernel | Boot | Running] -> C:\Windows\System32\drivers\UBHelper.sys -> [2008/01/30 02:51:50 | 000,013,824 | ---- | M | MD5 = F763E070843EE2803DE1395002B42938] (NewTech Infosystems Corporation)
(adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2008/01/20 19:32:53 | 000,149,560 | ---- | M | MD5 = 241C9E37F8CE45EF51C3DE27515CA4E5] (Adaptec, Inc.)
(megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2008/01/20 19:32:53 | 000,031,288 | ---- | M | MD5 = 0001CE609D66632FA17B84705F658879] (LSI Corporation)
(MegaSR) MegaSR [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasr.sys -> [2008/01/20 19:32:52 | 000,386,616 | ---- | M | MD5 = C252F32CD9A49DBFC25ECF26EBD51A99] (LSI Corporation, Inc.)
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2008/01/20 19:32:52 | 000,101,432 | ---- | M | MD5 = 8A42779B02AEC986EAB64ECFC98F8BD7] (Adaptec, Inc.)
(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2008/01/20 19:32:52 | 000,074,808 | ---- | M | MD5 = A99C6C8B0BAA970D8AA59DDC50B57F94] (Silicon Integrated Systems)
(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2008/01/20 19:32:52 | 000,040,504 | ---- | M | MD5 = 16EE7B23A009E00D835CDB79574A91A6] (Hewlett-Packard Company)
(adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2008/01/20 19:32:51 | 000,300,600 | ---- | M | MD5 = 60505E0041F7751BDBB80F88BF45C2CE] (Adaptec, Inc.)
(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2008/01/20 19:32:51 | 000,089,656 | ---- | M | MD5 = EE01EBAE8C9BF0FA072E0FF68718920A] (LSI Logic)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2008/01/20 19:32:50 | 001,122,360 | ---- | M | MD5 = 0A6DB55AFB7820C99AA1F3A1D270F4F6] (QLogic Corporation)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2008/01/20 19:32:50 | 000,118,784 | ---- | M | MD5 = 5425F74AC0C1DBD96A1E04F17D63F94C] (Intel Corporation)
(arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2008/01/20 19:32:50 | 000,079,928 | ---- | M | MD5 = 5E2A321BD7C8B3624E41FDEC3E244945] (Adaptec, Inc.)
(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2008/01/20 19:32:49 | 000,235,064 | ---- | M | MD5 = 54155EA1B0DF185878E0FC9EC3AC3A14] (Intel Corporation)
(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2008/01/20 19:32:49 | 000,130,616 | ---- | M | MD5 = 587253E09325E6BF226B299774B728A9] (VIA Technologies Inc.,Ltd)
(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2008/01/20 19:32:49 | 000,115,816 | ---- | M | MD5 = 38C3C6E62B157A6BC46594FADA45C62B] (Promise Technology, Inc.)
(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2008/01/20 19:32:49 | 000,096,312 | ---- | M | MD5 = C7E15E82879BF3235B559563D4185365] (LSI Logic)
(arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2008/01/20 19:32:49 | 000,079,416 | ---- | M | MD5 = 5D2888182FB46632511ACEE92FDAD522] (Adaptec, Inc.)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTDPV3.SYS -> [2008/01/20 19:32:48 | 000,987,648 | ---- | M | MD5 = EC36F1D542ED4252390D446BF6D4DFD0] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTCNXT3.SYS -> [2008/01/20 19:32:48 | 000,654,336 | ---- | M | MD5 = 5C7BDCF5864DB00323FE2D90FA26A8A2] (Conexant Systems, Inc.)
(elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2008/01/20 19:32:48 | 000,342,584 | ---- | M | MD5 = 23B62471681A124889978F6295B3F4C6] (Emulex)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTAZL3.SYS -> [2008/01/20 19:32:48 | 000,200,704 | ---- | M | MD5 = 46D67209550973257601A533E2AC5785] (Conexant Systems, Inc.)
(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2008/01/20 19:32:48 | 000,096,312 | ---- | M | MD5 = 912A04696E9CA30146A62AFA1463DD5C] (LSI Logic)
(nvraid) NVIDIA nForce RAID Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2008/01/20 19:32:47 | 000,102,968 | ---- | M | MD5 = 2EDF9E7751554B42CBB60116DE727101] (NVIDIA Corporation)
(nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2008/01/20 19:32:47 | 000,045,112 | ---- | M | MD5 = ABED0C09758D1D97DB0042DBB2688177] (NVIDIA Corporation)
(adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2008/01/20 19:32:46 | 000,422,968 | ---- | M | MD5 = 04F0FCAC69C7C71A3AC4EB97FAFC8303] (Adaptec, Inc.)
(uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2008/01/20 19:32:45 | 000,238,648 | ---- | M | MD5 = 9224BB254F591DE4CA8D572A5F0D635C] (ULi Electronics Inc.)
(viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2008/01/20 19:32:21 | 000,020,024 | ---- | M | MD5 = AADF5587A4063F52C2C3FED7887426FC] (VIA Technologies, Inc.)
(cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2008/01/20 19:32:21 | 000,019,000 | ---- | M | MD5 = 0CA25E686A4928484E9FDABD168AB629] (CMD Technology, Inc.)
(aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2008/01/20 19:32:21 | 000,017,464 | ---- | M | MD5 = 9EAEF5FC9B8E351AFA7E78A6FAE91F91] (Acer Laboratories Inc.)
(BCM43XX) Broadcom 802.11 Network Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\BCMWL6.SYS -> [2007/10/25 23:41:02 | 001,044,984 | ---- | M | MD5 = E22ABCAA7B6FF580FEB0D49545DC4263] (Broadcom Corp.)
(CO_Mon) CO_Mon [Kernel | Auto | Running] -> C:\Windows\System32\drivers\CO_Mon.sys -> [2007/08/07 19:39:02 | 000,036,056 | ---- | M | MD5 = 73F5D6835BFA66019C03E316D99649DA] (Symantec Corporation)
(regi) regi [Kernel | Auto | Running] -> C:\Windows\System32\drivers\regi.sys -> [2007/04/17 21:09:28 | 000,011,032 | ---- | M | MD5 = 001B4278407F4303EFC902A2B16F2453] (InterVideo)
(DKbFltr) Dritek Keyboard Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\DKbFltr.sys -> [2006/11/02 06:29:36 | 000,021,264 | ---- | M | MD5 = 73BAF270D24FE726B9CD7F80BB17A23D] (Dritek System Inc.)
(DritekPortIO) Dritek General Port I/O [Kernel | System | Running] -> C:\Program Files\Launch Manager\DPortIO.sys -> [2006/11/02 06:27:34 | 000,020,112 | ---- | M | MD5 = 5C918D413F5837E67A85775C9873775E] (Dritek System Inc.)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 02:50:35 | 000,106,088 | ---- | M | MD5 = 81A7E5C076E59995D54BC1ED3A16E60B] (QLogic Corporation)
(UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 02:50:35 | 000,098,408 | ---- | M | MD5 = 8514D0E5CD0534467C5FC61BE94A569F] (Promise Technology, Inc.)
(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 02:50:19 | 000,045,160 | ---- | M | MD5 = 2E7FB731D4790A1BC6270ACCEFACB36E] (IBM Corporation)
(iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 02:50:17 | 000,041,576 | ---- | M | MD5 = 2D077BF86E843F901D8DB709C95B49A5] (Intel Corp./ICP vortex GmbH)
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 02:50:11 | 000,071,272 | ---- | M | MD5 = AE1FDF7BF7BB6C6A70F67699D880592A] (Adaptec, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 02:50:09 | 000,035,944 | ---- | M | MD5 = 06FA654504A498C30ADCA8BEC4E87E7E] (Integrated Technology Express, Inc.)
(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 02:50:07 | 000,035,944 | ---- | M | MD5 = BCED60D16156E428F8DF8CF27B0DF150] (Integrated Technology Express, Inc.)
(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 02:50:05 | 000,035,944 | ---- | M | MD5 = 192AA3AC01DF071B541094F251DEED10] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 02:50:03 | 000,034,920 | ---- | M | MD5 = 8072AF52B5FD103BBBA387A1E49F62CB] (LSI Logic)
(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 02:49:59 | 000,033,384 | ---- | M | MD5 = 4FBBB70D30FD20EC51F80061703B001E] (LSI Logic Corporation)
(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 02:49:56 | 000,031,848 | ---- | M | MD5 = 8C8EB8C76736EBAF3B13B633B2E64125] (LSI Logic)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 01:25:24 | 000,071,808 | ---- | M | MD5 = B304E75CFF293029EDDF094246747113] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 01:24:47 | 000,011,904 | ---- | M | MD5 = AF72ED54503F717A43268B3CC5FAEC2E] (Brother Industries Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 01:24:46 | 000,005,248 | ---- | M | MD5 = 56801AD62213A41F6497F96DEE83755A] (Brother Industries, Ltd.)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 01:24:45 | 000,013,568 | ---- | M | MD5 = 9F9ACC7F7CCDE8A15C282D3F88B43309] (Brother Industries, Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 01:24:44 | 000,062,336 | ---- | M | MD5 = 203F0B1E73ADADBBB7B7B1FABD901F6B] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 01:24:44 | 000,012,160 | ---- | M | MD5 = BD456606156BA17E60A04E18016AE54B] (Brother Industries Ltd.)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 00:36:50 | 000,020,608 | ---- | M | MD5 = E875C093AEC0C978A90F30C9E0DFBB72] (N-trig Innovative Technologies)

joh turner · 10 Re: help on Fri May 21, 2010 5:13 am

joh turner

Member
Member

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=1208&m=e520 ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: URLSearchHooks\\"{A3BC75A2-1F87-4686-AA43-5347D756017C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\] > -> ->
HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\: Main\\"SearchDefaultBranded" -> 1 ->
HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\: Main\\"Start Page" -> http://www.google.co.uk/ ->
HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\: Main\\"StartPageCache" -> 1 ->
HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\: SearchURL\\"" -> http://www.google.com/search/?q=%s ->
HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\: URLSearchHooks\\"{00000000-6E41-4FD3-8538-502F5495E5FC}" [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [UrlSearchHook Class] -> [2010/02/04 17:50:26 | 001,197,448 | ---- | M | MD5 = 858E56FE2AFCE38AD37E5F675067D1AD] (Ask.com)
HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\: "ProxyOverride" -> *.local ->
< FireFox Settings [Prefs.js] > -> C:\Users\Josh\AppData\Roaming\Mozilla\FireFox\Profiles\lec2lh7l.default\prefs.js ->
extensions.enabledItems -> {3FC26A8E-3EDC-4626-82F6-2EC5F56CB638}:1.0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
< FireFox Extensions [User Folders] > ->
-> C:\Users\Josh\AppData\Roaming\Mozilla\Extensions -> [2010/03/17 22:48:47 | 000,000,000 | ---D | M]
-> C:\Users\Josh\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org -> [2010/03/17 22:48:47 | 000,000,000 | ---D | M]
-> C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\lec2lh7l.default\extensions -> [2010/03/09 22:48:26 | 000,000,000 | ---D | M]
No name found -> C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\lec2lh7l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2010/03/09 22:48:48 | 000,000,000 | ---D | M]
< HOSTS File > ([2006/09/18 14:41:30 | 000,000,761 | ---- | M | MD5 = 01505BB3F7004537F4F2C0FBBA349A1F] - 20 lines) -> C:\Windows\System32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
::1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG8\avgssie.dll [AVG Safe Search] -> [2010/05/19 11:12:01 | 001,111,320 | ---- | M | MD5 = 4343834DFB40CEAB85B0B4D77AFF1718] (AVG Technologies CZ, s.r.o.)
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [Reg Error: Value error.] -> [2009/03/31 23:47:22 | 000,357,744 | ---- | M | MD5 = AF8FCE586FE158542035EFE79B16A9BB] (Symantec Corporation)
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll [Symantec Intrusion Prevention] -> [2008/08/28 12:21:22 | 000,116,088 | ---- | M | MD5 = 317FC88BDD45DD92A4A8A6C1F7963EF3] (Symantec Corporation)
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [Search Helper] -> [2009/05/19 12:36:18 | 000,137,600 | ---- | M | Unable to obtain MD5] (Microsoft Corporation)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/01/25 21:45:13 | 000,279,664 | ---- | M | MD5 = CE18BAFCF08340AC9A31044B86FA5FED] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [Google Toolbar Notifier BHO] -> [2010/02/04 17:59:48 | 000,812,528 | ---- | M | MD5 = A414F9F0E60B3AB385E56586D4EEAAF3] (Google Inc.)
{D4027C7F-154A-4066-A1AD-4243D8127440} [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask Toolbar] -> [2010/02/04 17:50:26 | 001,197,448 | ---- | M | MD5 = 858E56FE2AFCE38AD37E5F675067D1AD] (Ask.com)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M | MD5 = 28455424E3C8B81661C5A40E18066BB1] (Microsoft Corporation)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M | MD5 = 28455424E3C8B81661C5A40E18066BB1] (Microsoft Corporation)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/01/25 21:45:13 | 000,279,664 | ---- | M | MD5 = CE18BAFCF08340AC9A31044B86FA5FED] (Google Inc.)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [Show Norton Toolbar] -> [2009/03/31 23:47:22 | 000,357,744 | ---- | M | MD5 = AF8FCE586FE158542035EFE79B16A9BB] (Symantec Corporation)
"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask Toolbar] -> [2010/02/04 17:50:26 | 001,197,448 | ---- | M | MD5 = 858E56FE2AFCE38AD37E5F675067D1AD] (Ask.com)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\] > -> HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M | MD5 = 28455424E3C8B81661C5A40E18066BB1] (Microsoft Corporation)
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/01/25 21:45:13 | 000,279,664 | ---- | M | MD5 = CE18BAFCF08340AC9A31044B86FA5FED] (Google Inc.)
WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [Show Norton Toolbar] -> [2009/03/31 23:47:22 | 000,357,744 | ---- | M | MD5 = AF8FCE586FE158542035EFE79B16A9BB] (Symantec Corporation)
WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask Toolbar] -> [2010/02/04 17:50:26 | 001,197,448 | ---- | M | MD5 = 858E56FE2AFCE38AD37E5F675067D1AD] (Ask.com)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AVG8_TRAY" -> C:\Program Files\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> [2010/05/19 11:12:09 | 002,046,816 | ---- | M | MD5 = CB7874592B0FA7E05EE577F40EB3B545] (AVG Technologies CZ, s.r.o.)
"BkupTray" -> C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ["C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"] -> [2008/04/06 22:42:36 | 000,034,040 | ---- | M | MD5 = 6882D187F65ECA79110848A68FDEB2BF] ()
"ccApp" -> c:\Program Files\Common Files\Symantec Shared\ccApp.exe ["c:\Program Files\Common Files\Symantec Shared\ccApp.exe"] -> [2008/10/17 16:52:10 | 000,051,048 | ---- | M | MD5 = B01902E9451B3D39DC5CAFDC9B9B398C] (Symantec Corporation)
"DivXUpdate" -> C:\Program Files\DivX\DivX Update\DivXUpdate.exe ["C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW] -> [2010/04/12 15:46:36 | 001,135,912 | ---- | M | MD5 = D41DAA100382264DCA6AAF9D19805A2A] ()
"LManager" -> C:\Program Files\Launch Manager\LManager.exe [C:\PROGRA~1\LAUNCH~1\LManager.exe] -> [2008/07/24 21:18:26 | 000,768,520 | ---- | M | MD5 = 00DAA6154E1A232751D03D7A2D7760BF] (Dritek System Inc.)
"osCheck" -> c:\Program Files\Norton 360\osCheck.exe ["c:\Program Files\Norton 360\osCheck.exe"] -> [2008/02/25 08:50:00 | 000,988,512 | ---- | M | MD5 = 956740878FF68E493C1D9923C65C9A20] (Symantec Corporation)
"RtHDVCpl" -> C:\Windows\RtHDVCpl.exe [RtHDVCpl.exe] -> [2008/06/27 03:33:18 | 006,244,896 | ---- | M | MD5 = 5E6DCE5FFCE1F21EF5BD690CB8CFD57B] (Realtek Semiconductor)
"Skytel" -> C:\Windows\SkyTel.exe [Skytel.exe] -> [2008/06/27 03:33:22 | 001,826,816 | ---- | M | MD5 = C8612E58FB7FCFA5EEA4E39F7B8CBC17] (Realtek Semiconductor Corp.)
"WarReg_PopUp" -> C:\Program Files\EMACHINES\WR_PopUp\WarReg_PopUp.exe [C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe] -> [2008/05/09 20:18:04 | 000,049,152 | ---- | M | MD5 = E3CC162D68C5443C98FA67D34D1EDFDF] (eMachines)
"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/20 19:33:00 | 001,008,184 | ---- | M | MD5 = 0D392EDE3B97E0B3131B2F63EF1DB94E] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\] > -> HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2009/12/25 09:44:26 | 000,068,856 | ---- | M | MD5 = E616A6A6E91B0A86F2F6217CDE835FFE] (Google Inc.)
"uTorrent" -> C:\Program Files\uTorrent\uTorrent.exe ["C:\Program Files\uTorrent\uTorrent.exe"] -> [2010/05/12 19:28:08 | 000,321,328 | ---- | M | MD5 = 96C5EF1E29C3CB554716A75E7F509CD2] (BitTorrent, Inc.)
< Software Policy Settings [HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000] > -> HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000] > -> HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000] > -> HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\] > -> HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2010/01/15 01:57:10 | 018,343,272 | ---- | M | MD5 = 78BDB5D66A4B6CF110847A8ABF29FAE8] (Microsoft Corporation)
Google Sidewiki... -> C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> [2010/01/25 21:51:20 | 000,848,896 | ---- | M | MD5 = 9C626E135B52F704B9934774E37DDE4A] (Google Inc.)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M | MD5 = F008B25C34C98E4F207B00852E25E97D] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M | MD5 = F008B25C34C98E4F207B00852E25E97D] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M | MD5 = 79F7DB36E67B9E8365FA824AD96DF400] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M | MD5 = 79F7DB36E67B9E8365FA824AD96DF400] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 05:04:56 | 000,039,464 | ---- | M | MD5 = AEF204E782BFA2C8448CB43A58960744] (Microsoft Corporation)
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\] > -> HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\] > -> HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> http://download.divx.com/player/DivXBrowserPlugin.cab [Reg Error: Key error.] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab [Java Plug-in 1.6.0_19] ->
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab [Java Plug-in 1.6.0_19] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab [Java Plug-in 1.6.0_19] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.0.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{0B3F1445-0258-41EF-AB22-F8361D061477}\\DhcpNameServer -> 192.168.0.1 (Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)) ->
{8C66D23F-0C0F-4484-83F4-F0EF2E451CB2}\\DhcpNameServer -> 192.168.0.1 (Atheros AR5007EG Wireless Network Adapter) ->
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\Windows\System32\avgrsstx.dll -> C:\Windows\System32\avgrsstx.dll -> [2010/05/19 11:12:26 | 000,011,952 | ---- | M | MD5 = 72A575126B3E55B365A69A9ED1384A1E] (AVG Technologies CZ, s.r.o.)
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\Windows\explorer.exe -> [2009/04/10 23:27:36 | 002,926,592 | ---- | M | MD5 = D07D4C3038F3578FFCE1C0237F2A1253] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> C:\Windows\System32\igfxdev.dll -> [2008/07/10 18:50:26 | 000,208,896 | ---- | M | MD5 = 7CCA4B4A9779A850948DFFD24BA88F16] (Intel Corporation)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> Reg Error: Key error. [] -> File not found
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006/09/18 14:43:36 | 000,000,024 | ---- | M | MD5 = D9EBEC6668A6092FCBD1713C347AA5E0] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< AppCertDlls [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

joh turner · 11 Re: help on Fri May 21, 2010 5:14 am

joh turner

Member
Member

[Registry - Additional Scans - Safe List]
< Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
"msacm.l3acm" -> C:\Windows\System32\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2010/01/21 08:05:44 | 000,062,464 | ---- | M | MD5 = 8A64A3F68F0E24917759852C842DCD74] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.siren" -> C:\Windows\System32\sirenacm.dll [sirenacm.dll] -> [2009/07/26 17:44:56 | 000,048,448 | ---- | M | MD5 = CF1C4265A73D50A1CE97FD308CE1AFC9] (Microsoft Corporation)
"MSVideo8" -> C:\Windows\System32\vfwwdm32.dll [VfWWDM32.dll] -> [2008/01/20 19:33:27 | 000,056,832 | ---- | M | MD5 = 65C092EF598DCCA1D665D52F06829512] (Microsoft Corporation)
"vidc.cvid" -> C:\Windows\System32\iccvid.dll [iccvid.dll] -> [2006/11/02 05:33:57 | 000,081,920 | ---- | M | MD5 = 81ECD1670CD56677FC124B9479DBE5F0] (Radius Inc.)
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ ->
{02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files\Microsoft Office\Office12\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2008/10/25 07:18:50 | 000,172,880 | ---- | M | MD5 = E6BC6BA065287D7B6C22D9231E80AF3B] ()
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/11 00:35:52 | 000,795,952 | ---- | M | MD5 = 25394D529D9616E09C2B61EE5B438F7D] (Apple Inc.)
{034FF210-4CFD-4592-81B7-C6FD79C3BF1E} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\SymSupCC.dll [PSFactoryBuffer] -> [2008/02/13 10:20:34 | 000,075,152 | ---- | M | MD5 = 434EF6323749AA462697644179F50669] (Symantec Corporation)
{07B06095-5687-4D13-9E32-12B4259C9813} [HKLM] -> C:\Program Files\Microsoft Office\Office12\STSUPLD.DLL [STSUpld UploadCtl Class] -> [2006/10/26 19:59:30 | 000,227,128 | ---- | M | MD5 = 40A2F9DBE7434EB9B866D4B67FCA6C5B] (Microsoft Corporation)
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\Windows\System32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2010/01/11 23:40:40 | 000,213,272 | ---- | M | MD5 = 95244A5ECEFFF530AE1DF421018C6EF9] (Adobe Systems, Inc.)
{1B1B260C-2D5A-47DD-AA70-BA2396E00D81} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\SymXPep2.dll [SymXPep2_Collector Class] -> [2008/02/13 10:20:18 | 000,357,768 | ---- | M | MD5 = 632DFD6A7C80D9BE52E8F0D9B6D108FA] (Symantec Corporation)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\Windows\System32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2010/01/11 23:40:40 | 000,213,272 | ---- | M | MD5 = 95244A5ECEFFF530AE1DF421018C6EF9] (Adobe Systems, Inc.)
{34F12AFD-E9B5-492A-85D2-40FA4535BE83} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\nprdtinf.dll [AxProdInfoCtl Class] -> [2008/02/13 10:20:16 | 000,333,176 | R--- | M | MD5 = 146D3C8C954E09FEDFD2E6802C158655] (Symantec Corporation)
{37264891-E702-4A53-8446-1C50D874F561} [HKLM] -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
{3E8FD258-0359-4476-AAF4-7C5F65E9B46E} [HKLM] -> C:\Program Files\Common Files\Oberon Media\Odyssey\2.0.0.29\Odyssey.dll [OdysseyActiveX Class] -> [2007/07/04 04:17:40 | 000,206,120 | ---- | M | MD5 = B4D62A48B95542BBCEF81216BEDA3C86] (Oberon Media)
{3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Spreadsheet Launcher] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M | MD5 = 29598106730A792694FA91E1184E5501] (Microsoft Corporation)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/11 00:35:52 | 000,795,952 | ---- | M | MD5 = 25394D529D9616E09C2B61EE5B438F7D] (Apple Inc.)
{44990100-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\sdcnetck.dll [SdcNetCheckCtl Class] -> [2008/02/13 10:20:28 | 000,630,464 | ---- | M | MD5 = 37F187C6F50A981DA6EFD87E369028A7] (Symantec, Inc.)
{44990200-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\tgctlsi.dll [Symantec SmartIssue] -> [2008/02/13 10:20:36 | 001,156,568 | ---- | M | MD5 = 4BB54859FB074B36136844DD678CDDEF] (Symantec, Inc.)
{44990301-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\tgctlsr.dll [Symantec script Runner Class] -> [2008/02/13 10:20:36 | 000,583,128 | ---- | M | MD5 = E99C555515FE923B323947952879BC86] (Symantec, Inc.)
{44990400-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\ssextern.dll [Symantec External Control] -> [2008/02/13 10:20:32 | 000,640,400 | ---- | M | MD5 = EB234F50C17A86D12A0C6C67354276C9] (Symantec, Inc.)
{44990500-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\ssctrlln.dll [Symantec Listener Control] -> [2008/02/13 10:20:30 | 001,340,816 | ---- | M | MD5 = 7A1EB5167EC4E62B040FDD4213612C91] (Symantec, Inc.)
{44990509-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\sslisten.exe [SprtImpListener Class] -> [2008/02/13 10:20:20 | 001,213,840 | ---- | M | MD5 = A9693B4504E65E54F792812D976375E3] (Symantec, Inc.)
{4499050c-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\sslisten.exe [Symantec ListenerUI Class] -> [2008/02/13 10:20:20 | 001,213,840 | ---- | M | MD5 = A9693B4504E65E54F792812D976375E3] (Symantec, Inc.)
{4499050f-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\ssctrlln.dll [ImpListener Class] -> [2008/02/13 10:20:30 | 001,340,816 | ---- | M | MD5 = 7A1EB5167EC4E62B040FDD4213612C91] (Symantec, Inc.)
{44990701-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\ssctlbr.dll [SprtCtlBrowse Class] -> [2008/02/13 10:20:30 | 000,173,456 | ---- | M | MD5 = 367CDCD4919F34066DC9B6B38DA402BC] (Symantec, Inc.)
{44990801-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\ssctlwmi.dll [SprtWMIControl Class] -> [2008/02/13 10:20:30 | 000,091,536 | ---- | M | MD5 = 01F3EA649369ED7BEFF64665F61F4BC4] (Symantec, Inc.)
{44990900-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\tgctlss.dll [Symantec ScreenShot Class] -> [2008/02/13 10:20:38 | 000,206,224 | ---- | M | MD5 = 71A9F2107DE960C6E847E23B24E12B4A] (Symantec, Inc.)
{44990b00-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\tgctlcm.dll [Symantec Configuration Class] -> [2008/02/13 10:20:34 | 000,292,240 | ---- | M | MD5 = 73B8038067C4666DF6D8959D5380DD19] (Symantec, Inc.)
{44990b0a-3c9d-426d-81df-aab636fa4345} [HKLM] -> Reg Error: Key error. [Handler for ElevationHelper Class] -> File not found
{44990b0b-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\sshelper.exe [Symantec User Helper Class] -> [2008/02/13 10:20:20 | 000,071,056 | ---- | M | MD5 = EEA1704CB6A391223A2639794D732374] (Symantec, Inc.)
{44990b0c-3c9d-426d-81df-aab636fa4345} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\tgctlcm.dll [Symantec Elevation Helper Class] -> [2008/02/13 10:20:34 | 000,292,240 | ---- | M | MD5 = 73B8038067C4666DF6D8959D5380DD19] (Symantec, Inc.)
{4F07F79F-087F-42cf-8B36-7A88D06088E9} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M | MD5 = 7EE6C2556E674AB1A6EBF89C1800302F] (Microsoft Corporation)
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2010/03/09 04:28:24 | 000,108,320 | ---- | M | MD5 = 2AC5774E748E95F10A5123FE8F44BE74] (Sun Microsystems, Inc.)
{62B4D041-4667-40B6-BB50-4BC0A5043A73} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Export Database Launcher] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M | MD5 = 29598106730A792694FA91E1184E5501] (Microsoft Corporation)
{65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [HKLM] -> C:\Program Files\Microsoft Office\Office12\STSLIST.DLL [Microsoft Office List 12.0] -> [2009/03/06 04:01:06 | 002,335,648 | ---- | M | MD5 = 573689497BF82AD0FEAF4581AB6E4042] (Microsoft Corporation)
{760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\System32\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/04/10 23:28:21 | 000,179,712 | ---- | M | MD5 = 584C4A26F210B823BBF73BB985CAA2CE] (Microsoft Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_19] -> [2010/03/09 04:28:23 | 000,108,320 | ---- | M | MD5 = 012CEBF724A4A67673B6F4A0ADD0165D] ()
{8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\System32\RegCtrl.dll [Registration Control] -> [2008/01/20 19:34:07 | 000,040,960 | ---- | M | MD5 = 355B623E5E870E2166AAF997DBAE9C89] (Microsoft Corporation)
{9203C2CB-1DC1-482D-967E-597AFF270F0D} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint OpenDocuments Class] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M | MD5 = 29598106730A792694FA91E1184E5501] (Microsoft Corporation)
{9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found
{A78CA9D6-780A-4eb7-B725-62F35A23892F} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\SymSupCC.dll [ControlInstaller Class] -> [2008/02/13 10:20:34 | 000,075,152 | ---- | M | MD5 = 434EF6323749AA462697644179F50669] (Symantec Corporation)
{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\System32\msnetobj.dll [RMGetLicense Class] -> [2009/04/10 23:28:21 | 000,179,712 | ---- | M | MD5 = 584C4A26F210B823BBF73BB985CAA2CE] (Microsoft Corporation)
{BDEADE3E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientEventSubscription Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientMiscApis Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADE40-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCommentThread Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADE42-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientComment Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADE43-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSBrowserUI Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWS Post Data] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [SharePoint Spreadsheet Launcher] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEB3-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEB4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEB5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEB7-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionServers Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEB8-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCollaboration Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEDA-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussion] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEDB-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussions] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEDC-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServer] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEDD-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServers] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE Global Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEE0-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionBar Class] -> [2008/11/21 03:34:20 | 000,798,584 | ---- | M | MD5 = 7A61912304B78F99CB1E6E311FEFF253] (Microsoft Corporation)
{BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found
{BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint Stssync Handler] -> File not found
{BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Stssync Handler] -> [2009/03/06 05:23:08 | 000,140,168 | ---- | M | MD5 = 29598106730A792694FA91E1184E5501] (Microsoft Corporation)
{C2828995-4A83-4100-A212-3024BA117356} [HKLM] -> C:\Program Files\Windows Live SkyDrive\Microsoft.Live.Folders.RichUpload.3.dll [Windows Live Upload Tool] -> [2008/10/29 12:46:56 | 000,245,112 | ---- | M | MD5 = DA204A2BAB5780A0DF37EB5BE58FCA57] (Microsoft Corporation)
{C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\Program Files\Microsoft Office\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2008/10/25 07:18:46 | 000,054,152 | ---- | M | MD5 = 96ED72080E20A360AB0D2597D1AC4EF6] (Microsoft Corporation)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_19] -> [2010/03/09 04:28:23 | 000,108,320 | ---- | M | MD5 = 012CEBF724A4A67673B6F4A0ADD0165D] ()
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_19] -> [2010/03/09 04:28:23 | 000,108,320 | ---- | M | MD5 = 012CEBF724A4A67673B6F4A0ADD0165D] ()
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_19] -> [2010/03/09 04:28:23 | 000,108,320 | ---- | M | MD5 = 012CEBF724A4A67673B6F4A0ADD0165D] ()
{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\System32\deploytk.dll [Deployment Toolkit] -> [2010/03/09 04:28:20 | 000,411,368 | ---- | M | MD5 = FA8D8FA6C60AB99C07693560842C9BB6] (Sun Microsystems, Inc.)
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2009/11/11 00:35:52 | 000,795,952 | ---- | M | MD5 = 25394D529D9616E09C2B61EE5B438F7D] (Apple Inc.)
{CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\Program Files\Microsoft Office\Office12\STSUPLD.DLL [STSUpld CopyCtl Class] -> [2006/10/26 19:59:30 | 000,227,128 | ---- | M | MD5 = 40A2F9DBE7434EB9B866D4B67FCA6C5B] (Microsoft Corporation)
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10d.ocx [Shockwave Flash Object] -> [2009/11/02 17:24:58 | 003,982,240 | R--- | M | Unable to obtain MD5] (Adobe Systems, Inc.)
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2009/11/12 17:33:00 | 000,111,912 | ---- | M | MD5 = EDD2B46BF3B59542C0220773ACEDE460] (Apple Inc.)
{DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll [Microsoft Silverlight] -> [2010/01/06 01:33:56 | 000,876,872 | ---- | M | MD5 = 98C15480C8AD4FEF5CF62769FAE65C92] ( Microsoft Corporation)
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M | MD5 = 7EE6C2556E674AB1A6EBF89C1800302F] (Microsoft Corporation)
{E543A17A-F212-49C0-B63D-BF09B460250E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\oisctrl.dll [OISClientLauncher Class] -> [2009/03/06 05:23:50 | 000,022,432 | ---- | M | MD5 = EA9E5B8D043D01851977B6D4C4C8F2A8] (Microsoft Corporation)
{E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [HKLM] -> C:\Program Files\Common Files\microsoft shared\Portal\PortalConnectCore.dll [PersonalSite Class] -> [2008/10/26 06:42:16 | 000,482,656 | ---- | M | MD5 = 2569192656E36C43D807DC37D5335919] ()
{F06608C7-1874-4EEA-B3B2-DF99EBB144B8} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M | MD5 = 7EE6C2556E674AB1A6EBF89C1800302F] (Microsoft Corporation)
{F5CF5C57-A375-471e-B47E-ECA097CBB75C} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\Support Controls\SymAData.dll [ActiveDataInfo Class] -> [2008/02/13 10:20:32 | 000,198,032 | ---- | M | MD5 = BA5C71CF24D69AECFCE29F7DA459CF51] (Symantec Corporation)
{FF4E22ED-17D0-4D43-AD6F-E53D11FA3C61} [HKLM] -> C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll [Google Update Plugin] -> [2010/03/17 23:11:54 | 000,220,656 | ---- | M | MD5 = 94E2DDC3BD6C6AA620FD83B2AE87AA9F] (Google Inc.)
3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
435899C9-44AB-11D1-AF00-080036234103 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
4F664F91-FF01-11D0-8AED-00C04FD7B597 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
65303443-AD66-11D1-9D65-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
92337A8C-E11D-11D0-BE48-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
C3701884-B39B-11D1-9D68-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\Windows\System32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2010/01/11 23:40:40 | 000,213,272 | ---- | M | MD5 = 95244A5ECEFFF530AE1DF421018C6EF9] (Adobe Systems, Inc.)
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{21FA44EF-376D-4D53-9B0F-8A89D3229068} [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M | MD5 = 28455424E3C8B81661C5A40E18066BB1] (Microsoft Corporation)
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/01/25 21:45:13 | 000,279,664 | ---- | M | MD5 = CE18BAFCF08340AC9A31044B86FA5FED] (Google Inc.)
{2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG8\avgssie.dll [AVG Safe Search] -> [2010/05/19 11:12:01 | 001,111,320 | ---- | M | MD5 = 4343834DFB40CEAB85B0B4D77AFF1718] (AVG Technologies CZ, s.r.o.)
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [Reg Error: Value error.] -> [2009/03/31 23:47:22 | 000,357,744 | ---- | M | MD5 = AF8FCE586FE158542035EFE79B16A9BB] (Symantec Corporation)
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll [Symantec Intrusion Prevention] -> [2008/08/28 12:21:22 | 000,116,088 | ---- | M | MD5 = 317FC88BDD45DD92A4A8A6C1F7963EF3] (Symantec Corporation)
{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [Search Helper] -> [2009/05/19 12:36:18 | 000,137,600 | ---- | M | Unable to obtain MD5] (Microsoft Corporation)
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [Show Norton Toolbar] -> [2009/03/31 23:47:22 | 000,357,744 | ---- | M | MD5 = AF8FCE586FE158542035EFE79B16A9BB] (Symantec Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{A057A204-BACC-4D26-9990-79A187E2698E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/01/25 21:45:13 | 000,279,664 | ---- | M | MD5 = CE18BAFCF08340AC9A31044B86FA5FED] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [Google Toolbar Notifier BHO] -> [2010/02/04 17:59:48 | 000,812,528 | ---- | M | MD5 = A414F9F0E60B3AB385E56586D4EEAAF3] (Google Inc.)
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10d.ocx [Shockwave Flash Object] -> [2009/11/02 17:24:58 | 003,982,240 | R--- | M | Unable to obtain MD5] (Adobe Systems, Inc.)
{D4027C7F-154A-4066-A1AD-4243D8127440} [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask Toolbar] -> [2010/02/04 17:50:26 | 001,197,448 | ---- | M | MD5 = 858E56FE2AFCE38AD37E5F675067D1AD] (Ask.com)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M | MD5 = 28455424E3C8B81661C5A40E18066BB1] (Microsoft Corporation)
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ ->
{00000000-0000-0000-0000-000000000000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{00000000-6E41-4FD3-8538-502F5495E5FC} [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [UrlSearchHook Class] -> [2010/02/04 17:50:26 | 001,197,448 | ---- | M | MD5 = 858E56FE2AFCE38AD37E5F675067D1AD] (Ask.com)
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google script Object] -> [2010/01/25 21:45:13 | 000,279,664 | ---- | M | MD5 = CE18BAFCF08340AC9A31044B86FA5FED] (Google Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\Windows\System32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2010/01/11 23:40:40 | 000,213,272 | ---- | M | MD5 = 95244A5ECEFFF530AE1DF421018C6EF9] (Adobe Systems, Inc.)
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{21FA44EF-376D-4D53-9B0F-8A89D3229068} [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M | MD5 = 28455424E3C8B81661C5A40E18066BB1] (Microsoft Corporation)
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/01/25 21:45:13 | 000,279,664 | ---- | M | MD5 = CE18BAFCF08340AC9A31044B86FA5FED] (Google Inc.)
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\Windows\System32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2010/01/11 23:40:40 | 000,213,272 | ---- | M | MD5 = 95244A5ECEFFF530AE1DF421018C6EF9] (Adobe Systems, Inc.)
{2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{32004B8A-44A9-43E7-84E9-808838809519} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Side Bar] -> [2010/01/25 21:45:13 | 000,279,664 | ---- | M | MD5 = CE18BAFCF08340AC9A31044B86FA5FED] (Google Inc.)
{38481807-CA0E-42D2-BF39-B33AF135CC4D} [HKLM] -> C:\Program Files\Common Files\microsoft shared\Smart Tag\IETAG.DLL [IETag Factory] -> [2009/04/02 13:01:44 | 000,177,520 | ---- | M | MD5 = 83D37353EDA424687D61386E1498E048] (Microsoft Corporation)
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG8\avgssie.dll [AVG Safe Search] -> [2010/05/19 11:12:01 | 001,111,320 | ---- | M | MD5 = 4343834DFB40CEAB85B0B4D77AFF1718] (AVG Technologies CZ, s.r.o.)
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/11 00:35:52 | 000,795,952 | ---- | M | MD5 = 25394D529D9616E09C2B61EE5B438F7D] (Apple Inc.)
{5C255C8A-E604-49B4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [Reg Error: Value error.] -> [2009/03/31 23:47:22 | 000,357,744 | ---- | M | MD5 = AF8FCE586FE158542035EFE79B16A9BB] (Symantec Corporation)
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll [Symantec Intrusion Prevention] -> [2008/08/28 12:21:22 | 000,116,088 | ---- | M | MD5 = 317FC88BDD45DD92A4A8A6C1F7963EF3] (Symantec Corporation)
{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [Search Helper] -> [2009/05/19 12:36:18 | 000,137,600 | ---- | M | Unable to obtain MD5] (Microsoft Corporation)
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} [HKLM] -> c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [Show Norton Toolbar] -> [2009/03/31 23:47:22 | 000,357,744 | ---- | M | MD5 = AF8FCE586FE158542035EFE79B16A9BB] (Symantec Corporation)
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{A057A204-BACC-4D26-9990-79A187E2698E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/01/25 21:45:13 | 000,279,664 | ---- | M | MD5 = CE18BAFCF08340AC9A31044B86FA5FED] (Google Inc.)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [Google Toolbar Notifier BHO] -> [2010/02/04 17:59:48 | 000,812,528 | ---- | M | MD5 = A414F9F0E60B3AB385E56586D4EEAAF3] (Google Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\System32\deploytk.dll [Deployment Toolkit] -> [2010/03/09 04:28:20 | 000,411,368 | ---- | M | MD5 = FA8D8FA6C60AB99C07693560842C9BB6] (Sun Microsystems, Inc.)
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10d.ocx [Shockwave Flash Object] -> [2009/11/02 17:24:58 | 003,982,240 | R--- | M | Unable to obtain MD5] (Adobe Systems, Inc.)
{D4027C7F-154A-4066-A1AD-4243D8127440} [HKLM] -> C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask Toolbar] -> [2010/02/04 17:50:26 | 001,197,448 | ---- | M | MD5 = 858E56FE2AFCE38AD37E5F675067D1AD] (Ask.com)
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll [Microsoft Silverlight] -> [2010/01/06 01:33:56 | 000,876,872 | ---- | M | MD5 = 98C15480C8AD4FEF5CF62769FAE65C92] ( Microsoft Corporation)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M | MD5 = 28455424E3C8B81661C5A40E18066BB1] (Microsoft Corporation)
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [HKLM] -> C:\Program Files\Windows Live\Messenger\msgsc.14.0.8089.0726.dll [Reg Error: Value error.] -> [2009/07/26 17:44:56 | 000,221,520 | ---- | M | MD5 = 7EE6C2556E674AB1A6EBF89C1800302F] (Microsoft Corporation)
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.hlp [@ = hlpfile] -> C:\Windows\winhlp32.exe -> [2006/11/02 02:45:57 | 000,009,216 | ---- | M | MD5 = FCC0222CF1B1A6049D17378D2640FC95] (Microsoft Corporation)
.html [@ = ChromeHTML] -> C:\Program Files\Google\Chrome\Application\chrome.exe -> [2010/04/26 10:13:25 | 000,531,440 | ---- | M | MD5 = AFDA3763B7E858DC78B3A15C407DA559] (Google Inc.)
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Classes\\ ->
.html [@ = ChromeHTML] -> Reg Error: Key error. -> File not found
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
UxTuneUp -> C:\Windows\System32\uxtuneup.dll -> [2010/05/07 16:34:32 | 000,030,024 | ---- | M | MD5 = 07524A835ACF04FB47E9DAEF2859294D] (TuneUp Software)
FastUserSwitchingCompatibility -> -> File not found
Ias -> C:\Windows\System32\ias -> [2008/01/20 19:46:39 | 000,000,000 | ---D | M]
Nla -> -> File not found
Ntmssvc -> -> File not found
NWCWorkstation -> -> File not found
Nwsapagent -> -> File not found
SRService -> -> File not found
Wmi -> C:\Windows\System32\wmi.dll -> [2006/11/02 02:44:15 | 000,005,120 | ---- | M | MD5 = BFE74095684093F14D24801C8C0D16E3] (Microsoft Corporation)
WmdmPmSp -> -> File not found
LogonHours -> -> File not found
PCAudit -> -> File not found
helpsvc -> -> File not found
uploadmgr -> -> File not found
*MultiFile Done* -> ->
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2008/10/25 10:27:54 | 000,044,408 | ---- | M | MD5 = 40F9FC39CCF5445F3075083380BD5421] (Microsoft Corporation)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
linkscanner:{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} [HKLM] -> C:\Program Files\AVG\AVG8\avgpp.dll[XPLPPFilter Class] -> [2010/05/19 11:12:01 | 000,087,320 | ---- | M | MD5 = F82975F96659320BC9C7B1190BB5330C] (AVG Technologies CZ, s.r.o.)
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> C:\Program Files\Common Files\microsoft shared\Help\hxds.dll[HxProtocol Class] -> [2006/10/26 13:45:02 | 000,873,216 | ---- | M | MD5 = 9E7370CC3D6A43942433F85D0E2BBDD8] (Microsoft Corporation)
wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> C:\Program Files\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2009/07/26 17:44:48 | 000,789,824 | ---- | M | MD5 = 021E1FA87DAB47ACE09F900B00074774] (Microsoft Corporation)
< SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
NTDS -> -> File not found
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
Primary disk -> Driver Group
sacsvr -> Service
SCSI Class -> Driver Group
System Bus Extender -> Driver Group
WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 19:33:00 | 000,272,952 | ---- | M | MD5 = 4575AA12561C5648483403541D0D7F2B] (Microsoft Corporation)
< SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
{D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
HelpSvc -> Service
Messenger -> Service
NDIS Wrapper -> Driver Group
NetBIOSGroup -> Driver Group
NetDDEGroup -> Driver Group
Network -> Driver Group
NetworkProvider -> Driver Group
NTDS -> -> File not found
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
Primary disk -> Driver Group
rdsessmgr -> Service
sacsvr -> Service
SCSI Class -> Driver Group
Streams Drivers -> Driver Group
System Bus Extender -> Driver Group
TDI -> Driver Group
WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 19:33:00 | 000,272,952 | ---- | M | MD5 = 4575AA12561C5648483403541D0D7F2B] (Microsoft Corporation)
WudfPf -> Driver
WudfUsbccidDriver -> Driver
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" -> [1] -> File not found
\\"FirewallDisableNotify" -> [0] -> File not found
\\"AntiVirusDisableNotify" -> [0] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"AntiVirusOverride" -> [0] -> File not found
\Svc\\"AntiSpywareOverride" -> [0] -> File not found
\Svc\\"FirewallOverride" -> [0] -> File not found
\Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
\Svc\\"VistaSp2" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DisableNotifications" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2010/02/12 11:46:12 | 000,152,864 | ---- | M | MD5 = 109D9238C7DA72F9733D3DB85A31F5C4] (Apple Inc.)
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
ldap -> 4 = Restricted sites (Not a Default Protocol) ->
news -> 4 = Restricted sites (Not a Default Protocol) ->
nntp -> 4 = Restricted sites (Not a Default Protocol) ->

joh turner · 12 Re: help on Fri May 21, 2010 5:15 am

joh turner

Member
Member

oecmd -> 4 = Restricted sites (Not a Default Protocol) ->
snews -> 4 = Restricted sites (Not a Default Protocol) ->
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{040A6E85-C23F-4A23-ADBB-821C60C5DF0F}_is1 -> Fahren Lernen 1.2
{0BDD3FAD-61CD-4BF3-B9C4-4CEFD43F53F8} -> Norton 360 HTMLHelp
{121C477C-5B7B-44E3-B621-BDDB542AE8FD} -> TuneUp Utilities Language Pack (en-GB)
{12EFA1A4-AC3B-443C-8143-237EDE760403} -> NTI Backup Now Standard
{139E303E-1050-497F-98B1-9AE87B15C463} -> Windows Live Family Safety
{1407F7AF-5C62-4054-8FCA-DC8F1D36097D} -> SymNet
{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} -> QuickTime
{178832DE-9DE0-4C87-9F82-9315A9B03985} -> Windows Live Writer
{18455581-E099-4BA8-BC6B-F34B2F06600C} -> Google Toolbar for Internet Explorer
{20471B27-D702-4FE8-8DEC-0702CC8C0A85} -> InterVideo WinDVD 8
{205C6BDD-7B73-42DE-8505-9A093F35A238} -> Windows Live Upload Tool
{206FD69B-F9FE-4164-81BD-D52552BC9C23} -> GearDrvs
{21829177-4DED-4209-AD08-490B3AC9C01A} -> Norton 360
{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT
{2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer
{2413930C-8309-47A6-BC61-5EF27A4222BC} -> NTI Media Maker 8
{24DF7221-644B-4C3A-A478-459502D40522} -> Backup
{26A24AE4-039D-4CA4-87B4-2F83216016FF} -> Java(TM) 6 Update 19
{2BD2FA21-B51D-4F01-94A7-AC16737B2163} -> Adobe Flash Player 10 ActiveX
{2D617065-1C52-4240-B5BC-C0AE12157777} -> Norton 360
{3D5044A5-97B8-45C0-B956-BB2376569188} -> Windows Live Movie Maker
{45338B07-A236-4270-9A77-EBB4115517B5} -> Windows Live Sign-in Assistant
{45690715-80A6-4445-B61D-ADEC5888E8CD} -> Symantec Technical Support Controls
{4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater
{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} -> Microsoft Search Enhancement Pack
{553255F3-78FD-40F1-A6F8-6882140265FE} -> Apple Application Support
{55A6283C-638A-4EE0-B491-51118554BDA2} -> Norton Confidential Core
{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} -> Microsoft Office Live Add-in 1.3
{5EE7D259-D137-4438-9A5F-42F432EC0421} -> VC80CRTRedist - 8.0.50727.4053
{6412CECE-8172-4BE5-935B-6CECACD2CA87} -> Windows Live Mail
{67E03279-F703-408F-B4BF-46B5FC8D70CD} -> Microsoft Works
{6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{76BC2442-0002-47FA-9617-43BAD82BEF4C} -> Bonjour
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{77772678-817F-4401-9301-ED1D01A8DA56} -> SPBBC 32bit
{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC} -> eMachines ScreenSaver
{7F811A54-5A09-4579-90E1-C93498E230D9} -> eMachines Recovery Management
{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} -> Windows Live Essentials
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700} -> Zuma Deluxe
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233} -> Bookworm Deluxe
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11019760} -> eMachines
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407} -> Bejeweled 2 Deluxe
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123} -> Bricks of Egypt
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110305887} -> Diner Dash
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970} -> Chuzzle
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433} -> Mystery Case Files - Huntsville
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750} -> Cake Mania
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743} -> Mahjong Escape Ancient China
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111265347} -> Luxor
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457} -> Galapago
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363} -> Mystery Solitaire - Secret Island
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863} -> Agatha Christie Death on the Nile
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767} -> Alice Greenfingers
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953} -> Turbo Pizza
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210} -> Azada
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113537610} -> Build-a-lot
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113772953} -> Amazing Adventures The Lost Tomb
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110} -> Dream Day First Home
{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11386547} -> Farm Frenzy
{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1} -> Windows Live Sync
{86D4B82A-ABED-442A-BE86-96357B70F4FE} -> Ask Toolbar
{8833FFB6-5B0C-4764-81AA-06DFEED9A476} -> Realtek 8169 8168 8101E 8102E Ethernet Driver
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8A74E887-8F0F-4017-AF53-CBA42211AAA5} -> Microsoft Sync Framework Runtime Native v1.0 (x86)
{90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007
{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007
{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007
{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system
{90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007
{90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007
{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007
{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007
{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{91120000-002F-0000-0000-0000000FF1CE} -> Microsoft Office Home and Student 2007
{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581)
{95120000-00AF-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (English)
{95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting
{995F1E2E-F542-4310-8E1D-9926F5A279B3} -> Windows Live Toolbar
{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} -> ALPS Touch Pad Driver
{A49F249F-0C91-497F-86DF-B2585E8E76B7} -> Microsoft Visual C++ 2005 Redistributable
{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5} -> iTunes
{A85FD55B-891B-4314-97A5-EA96C0BD80B5} -> Windows Live Messenger
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper
{B24E05CC-46FF-4787-BBB8-5CD516AFB118} -> ccCommon
{B5C3B892-0849-476C-9F46-B12F84819D57} -> Apple Mobile Device Support
{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} -> Microsoft Sync Framework Services Native v1.0 (x86)
{CB84F0F2-927B-458D-9DC5-87832E3DC653} -> GearDrvs
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{CE386A4E-D0DA-4208-8235-BCE43275C694} -> LightScribe 1.4.142.1
{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> TuneUp Utilities
{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA} -> Windows Live Photo Gallery
{D6E6FA4A-5445-4850-8365-CF216C1CBB7A} -> Symantec Real Time Storage Protection Component
{E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update
{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} -> Microsoft Office Suite Activation Assistant
{E80F62FF-5D3C-4A19-8409-9721F2928206} -> LiveUpdate (Symantec Corporation)
{ED00D08A-3C5F-488D-93A0-A04F21F23956} -> Windows Live Communications Platform
{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} -> AppCore
{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU]
{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F6BD194C-4190-4D73-B1B1-C48C99921BFE} -> Windows Live Call
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin
Adobe Shockwave Player -> Adobe Shockwave Player 11.5
AVG8Uninstall -> AVG 8.5
BrowserQuest -> BrowserQuest 1.0 build 131
DivX Setup.divx.com -> DivX Setup
Google Chrome -> Google Chrome
Graboid Video -> Graboid Video 1.73
HDMI -> Intel(R) Graphics Media Accelerator Driver
HijackThis -> HijackThis 2.0.2
HOMESTUDENTR -> Microsoft Office Home and Student 2007
InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403} -> NTI Backup Now 5
InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85} -> InterVideo WinDVD 8
InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC} -> NTI Media Maker 8
LimeWire -> LimeWire 5.3.6
LManager -> Launch Manager
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
MAXOND23FFDAC -> CINEMA 4D Demo 11.528
McAfee Security Scan -> McAfee Security Scan Plus
Messenger Plus! Live -> Messenger Plus! Live
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
NSS -> Norton Security Scan
PsuedoLiveUpdate -> LiveUpdate (Symantec Corporation)
SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777} -> Norton 360 (Symantec Corporation)
TuneUp Utilities -> TuneUp Utilities
uTorrent -> µTorrent
VLC media player -> VLC media player 1.0.1
WinLiveSuite_Wave3 -> Windows Live Essentials
< Uninstall List [HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\] > -> HKEY_USERS\S-1-5-21-4220228844-2062519520-506279365-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
PhotoFiltre -> PhotoFiltre
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 15/05/2010 19:35:07 Computer Name = Josh-PC | Source = Bonjour Service | ID = 100 -> Description = Task Scheduling Error: m->NextScheduledSPRetry 1201
Application [ Error ] 15/05/2010 19:35:08 Computer Name = Josh-PC | Source = Bonjour Service | ID = 100 -> Description = Task Scheduling Error: Continuously busy for more than a second
Application [ Error ] 15/05/2010 19:35:08 Computer Name = Josh-PC | Source = Bonjour Service | ID = 100 -> Description = Task Scheduling Error: m->NextScheduledEvent 2418
Application [ Error ] 15/05/2010 19:35:08 Computer Name = Josh-PC | Source = Bonjour Service | ID = 100 -> Description = Task Scheduling Error: m->NextScheduledSPRetry 2418
Application [ Error ] 15/05/2010 19:35:09 Computer Name = Josh-PC | Source = Bonjour Service | ID = 100 -> Description = Task Scheduling Error: Continuously busy for more than a second
Application [ Error ] 15/05/2010 19:35:09 Computer Name = Josh-PC | Source = Bonjour Service | ID = 100 -> Description = Task Scheduling Error: m->NextScheduledEvent 3479
Application [ Error ] 15/05/2010 19:35:09 Computer Name = Josh-PC | Source = Bonjour Service | ID = 100 -> Description = Task Scheduling Error: m->NextScheduledSPRetry 3479
Application [ Error ] 15/05/2010 19:35:10 Computer Name = Josh-PC | Source = Bonjour Service | ID = 100 -> Description = Task Scheduling Error: Continuously busy for more than a second
Application [ Error ] 15/05/2010 19:35:10 Computer Name = Josh-PC | Source = Bonjour Service | ID = 100 -> Description = Task Scheduling Error: m->NextScheduledEvent 4555
Application [ Error ] 15/05/2010 19:35:10 Computer Name = Josh-PC | Source = Bonjour Service | ID = 100 -> Description = Task Scheduling Error: m->NextScheduledSPRetry 4555
System [ Error ] 27/02/2010 04:51:47 Computer Name = Josh-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 -> Description =
System [ Error ] 27/02/2010 04:51:47 Computer Name = Josh-PC | Source = HTTP | ID = 15016 -> Description =
System [ Error ] 27/02/2010 05:39:51 Computer Name = Josh-PC | Source = DCOM | ID = 10010 -> Description =
System [ Error ] 27/02/2010 05:44:31 Computer Name = Josh-PC | Source = DCOM | ID = 10010 -> Description =
System [ Error ] 27/02/2010 05:50:36 Computer Name = Josh-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 -> Description =
System [ Error ] 27/02/2010 10:00:21 Computer Name = Josh-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 -> Description =
System [ Error ] 27/02/2010 22:57:02 Computer Name = Josh-PC | Source = DCOM | ID = 10010 -> Description =
System [ Error ] 27/02/2010 23:47:57 Computer Name = Josh-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 -> Description =
System [ Error ] 28/02/2010 02:35:31 Computer Name = Josh-PC | Source = DCOM | ID = 10010 -> Description =
System [ Error ] 28/02/2010 22:43:25 Computer Name = Josh-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000 -> Description =

[Files/Folders - Created Within 90 Days]
OTS.exe -> C:\Users\Josh\Desktop\OTS.exe -> [2010/05/20 08:34:22 | 000,640,000 | ---- | C | MD5 = C7A61D4B69CF0E784AAB1E2105529300] (OldTimer Tools)
Computer fix -> C:\Users\Josh\Desktop\Computer fix -> [2010/05/19 17:39:25 | 000,000,000 | ---D | C]
$RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2010/05/19 12:09:49 | 000,000,000 | -HSD | C]
SWREG.exe -> C:\Windows\SWREG.exe -> [2010/05/19 11:41:12 | 000,161,792 | ---- | C | MD5 = 01D95A1F8CF13D07CC564AABB36BCC0B] (SteelWerX)
SWSC.exe -> C:\Windows\SWSC.exe -> [2010/05/19 11:41:12 | 000,136,704 | ---- | C | MD5 = B7517DB073B28F5696A1E5528ABEB5D0] (SteelWerX)
NIRCMD.exe -> C:\Windows\NIRCMD.exe -> [2010/05/19 11:41:12 | 000,031,232 | ---- | C | MD5 = AE72E8619CB31D84DA25E2435E55003C] (NirSoft)
ERDNT -> C:\Windows\ERDNT -> [2010/05/19 11:41:00 | 000,000,000 | ---D | C]
SWXCACLS.exe -> C:\Windows\SWXCACLS.exe -> [2010/05/19 11:40:14 | 000,212,480 | ---- | C | MD5 = B1A9CF0B6F80611D31987C247EC630B4] (SteelWerX)
Qoobox -> C:\Qoobox -> [2010/05/19 11:32:00 | 000,000,000 | ---D | C]
AVG Security Toolbar -> C:\ProgramData\AVG Security Toolbar -> [2010/05/19 11:18:36 | 000,000,000 | ---D | C]
Trend Micro -> C:\Program Files\Trend Micro -> [2010/05/18 15:59:40 | 000,000,000 | ---D | C]
$AVG8.VAULT$ -> C:\$AVG8.VAULT$ -> [2010/05/18 15:18:13 | 000,000,000 | ---D | C]
avgrsstx.dll -> C:\Windows\System32\avgrsstx.dll -> [2010/05/18 14:08:45 | 000,011,952 | ---- | C | MD5 = 72A575126B3E55B365A69A9ED1384A1E] (AVG Technologies CZ, s.r.o.)
avgtdix.sys -> C:\Windows\System32\drivers\avgtdix.sys -> [2010/05/18 14:08:44 | 000,108,552 | ---- | C | MD5 = 92D8E1E8502E649B60E70074EB29C380] (AVG Technologies CZ, s.r.o.)
avgldx86.sys -> C:\Windows\System32\drivers\avgldx86.sys -> [2010/05/18 14:08:31 | 000,335,240 | ---- | C | MD5 = BC12F2404BB6F2B6B2FF3C4C246CB752] (AVG Technologies CZ, s.r.o.)
avgmfx86.sys -> C:\Windows\System32\drivers\avgmfx86.sys -> [2010/05/18 14:08:30 | 000,027,784 | ---- | C | MD5 = 5903D729D4F0C5BCA74123C96A1B29E0] (AVG Technologies CZ, s.r.o.)
Avg -> C:\Windows\System32\drivers\Avg -> [2010/05/18 14:08:21 | 000,000,000 | ---D | C]
AVG -> C:\Program Files\AVG -> [2010/05/18 14:07:32 | 000,000,000 | ---D | C]
avg8 -> C:\ProgramData\avg8 -> [2010/05/18 14:07:31 | 000,000,000 | ---D | C]
TURegOpt.exe -> C:\Windows\System32\TURegOpt.exe -> [2010/05/18 12:40:19 | 000,030,536 | ---- | C | MD5 = 580E7DCE477225428531BEBDD0F4FF99] (TuneUp Software)
uxtuneup.dll -> C:\Windows\System32\uxtuneup.dll -> [2010/05/18 12:40:11 | 000,030,024 | ---- | C | MD5 = 07524A835ACF04FB47E9DAEF2859294D] (TuneUp Software)
authuitu.dll -> C:\Windows\System32\authuitu.dll -> [2010/05/18 12:40:11 | 000,021,320 | ---- | C | MD5 = EB4DF490974E72CAA2C7056F162CAED0] (TuneUp Software)
TuneUp Software -> C:\Users\Josh\AppData\Roaming\TuneUp Software -> [2010/05/18 12:39:02 | 000,000,000 | ---D | C]
TuneUp Utilities 2010 -> C:\Program Files\TuneUp Utilities 2010 -> [2010/05/18 12:38:35 | 000,000,000 | ---D | C]
My Google Gadgets -> C:\Users\Josh\Documents\My Google Gadgets -> [2010/05/18 12:36:38 | 000,000,000 | ---D | C]
TuneUp Software -> C:\ProgramData\TuneUp Software -> [2010/05/18 12:35:42 | 000,000,000 | ---D | C]
{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> [2010/05/18 12:35:29 | 000,000,000 | -HSD | C]
Malwarebytes -> C:\Users\Josh\AppData\Roaming\Malwarebytes -> [2010/05/17 16:42:46 | 000,000,000 | ---D | C]
mbamswissarmy.sys -> C:\Windows\System32\drivers\mbamswissarmy.sys -> [2010/05/17 16:42:25 | 000,038,224 | ---- | C | MD5 = C7DD7D9739785BD3A6B8499EEC1DEE7E] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2010/05/17 16:42:24 | 000,020,952 | ---- | C | MD5 = 67B48A903430C6D4FB58CBACA1866601] (Malwarebytes Corporation)
Malwarebytes -> C:\ProgramData\Malwarebytes -> [2010/05/17 16:42:24 | 000,000,000 | ---D | C]
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/05/17 16:42:23 | 000,000,000 | ---D | C]
uTorrent -> C:\Program Files\uTorrent -> [2010/05/12 19:27:27 | 000,000,000 | ---D | C]
vlc -> C:\Users\Josh\AppData\Roaming\vlc -> [2010/05/06 19:50:17 | 000,000,000 | ---D | C]
Graboid_Inc -> C:\Users\Josh\AppData\Local\Graboid_Inc -> [2010/05/06 19:45:30 | 000,000,000 | ---D | C]
Graboid -> C:\Users\Josh\AppData\Local\Graboid -> [2010/05/06 19:45:28 | 000,000,000 | ---D | C]
MozillaControl -> C:\Users\Josh\AppData\Roaming\MozillaControl -> [2010/05/06 19:45:13 | 000,000,000 | ---D | C]
Mozilla ActiveX Control v1.7.12 -> C:\Program Files\Mozilla ActiveX Control v1.7.12 -> [2010/05/06 19:44:27 | 000,000,000 | ---D | C]
VideoLAN -> C:\Program Files\VideoLAN -> [2010/05/06 19:42:23 | 000,000,000 | ---D | C]
Graboid -> C:\Program Files\Graboid -> [2010/05/06 19:41:59 | 000,000,000 | ---D | C]
IPOD music -> C:\Users\Josh\Documents\IPOD music -> [2010/05/01 20:03:44 | 000,000,000 | ---D | C]
browserchoice.exe -> C:\Windows\System32\browserchoice.exe -> [2010/04/21 15:54:52 | 000,293,376 | ---- | C | MD5 = DA1919D896DBD5895E138932AE9E398B] (Microsoft Corporation)
Option -> C:\Users\Josh\Option -> [2010/04/14 17:56:13 | 000,000,000 | ---D | C]
uTorrent -> C:\Users\Josh\AppData\Roaming\uTorrent -> [2010/04/14 17:00:57 | 000,000,000 | ---D | C]
Downloads -> C:\Users\Josh\Documents\Downloads -> [2010/04/14 16:47:19 | 000,000,000 | ---D | C]
DivX -> C:\ProgramData\DivX -> [2010/04/14 16:20:29 | 000,000,000 | ---D | C]
ntkrnlpa.exe -> C:\Windows\System32\ntkrnlpa.exe -> [2010/04/13 19:45:15 | 003,600,776 | ---- | C | MD5 = 8BBC454D2F91D92E3E73DB5B5A0D8D8E] (Microsoft Corporation)
ntoskrnl.exe -> C:\Windows\System32\ntoskrnl.exe -> [2010/04/13 19:45:15 | 003,548,040 | ---- | C | MD5 = A5D0B405442724448D23D61821BEA92A] (Microsoft Corporation)
vbscript.dll -> C:\Windows\System32\vbscript.dll -> [2010/04/13 19:45:10 | 000,420,352 | ---- | C | MD5 = 5A9C91B12C2CBF85F6033FED62CE087A] (Microsoft Corporation)
Bonjour -> C:\Program Files\Bonjour -> [2010/04/10 22:46:22 | 000,000,000 | ---D | C]
Sun -> C:\ProgramData\Sun -> [2010/04/09 11:14:13 | 000,000,000 | ---D | C]
Java -> C:\Program Files\Common Files\Java -> [2010/04/09 11:14:09 | 000,000,000 | ---D | C]
DivXControlPanelApplet.cpl -> C:\Windows\System32\DivXControlPanelApplet.cpl -> [2010/03/30 18:58:24 | 000,353,592 | ---- | C | MD5 = 22A543DA58C08A3D7CB3E7DFFCA1B8A9] (DivX, Inc.)
inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2010/03/29 21:56:22 | 001,469,440 | ---- | C | MD5 = 1F49D8BF29681ADE8E81674E684E6F1E] (Microsoft Corporation)
mstime.dll -> C:\Windows\System32\mstime.dll -> [2010/03/29 21:56:22 | 000,611,840 | ---- | C | MD5 = 39F24FA678B24A80E7BE7277BE7E5231] (Microsoft Corporation)
msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2010/03/29 21:56:22 | 000,594,432 | ---- | C | MD5 = 1D63CDF43E5A16E44A4D8BF4FF479783] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2010/03/29 21:56:22 | 000,387,584 | ---- | C | MD5 = C8696C4AACFF9C2B14891B00DB117B87] (Microsoft Corporation)
ieui.dll -> C:\Windows\System32\ieui.dll -> [2010/03/29 21:56:22 | 000,164,352 | ---- | C | MD5 = 8E968AAFB813AFBB1354619A008702CE] (Microsoft Corporation)
mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2010/03/29 21:56:21 | 001,638,912 | ---- | C | MD5 = 0346028DF1A92F67CAAE86A637432C09] (Microsoft Corporation)
iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2010/03/29 21:56:21 | 000,184,320 | ---- | C | MD5 = F87EED552081BBBFCF721A689C8C87CB] (Microsoft Corporation)
ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2010/03/29 21:56:21 | 000,173,056 | ---- | C | MD5 = 8B08D5F137DE74DDB3A7F408E18C03DD] (Microsoft Corporation)
ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2010/03/29 21:56:21 | 000,133,632 | ---- | C | MD5 = 2C4A41BCE5967DB09BC59F742CFAE108] (Microsoft Corporation)
iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2010/03/29 21:56:21 | 000,109,056 | ---- | C | MD5 = ABC4F2F5C66B520AA59877772A26121A] (Microsoft Corporation)
iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2010/03/29 21:56:21 | 000,071,680 | ---- | C | MD5 = 47A0E748323F3CADA388E39FA95273C1] (Microsoft Corporation)
iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2010/03/29 21:56:21 | 000,055,808 | ---- | C | MD5 = 472BBDE873A5DB8FFEBE7C55E786A6F7] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2010/03/29 21:56:21 | 000,055,296 | ---- | C | MD5 = D6E6C59A3FF44DA456B7080095D69A38] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2010/03/29 21:56:21 | 000,025,600 | ---- | C | MD5 = AC8371BE69BB6AFE86F3407D8A569FA2] (Microsoft Corporation)
msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2010/03/29 21:56:21 | 000,013,312 | ---- | C | MD5 = 8D9813566860D6B18A79DCA2AA520B6C] (Microsoft Corporation)
3acea880dd72fb6fd7bbd2 -> C:\3acea880dd72fb6fd7bbd2 -> [2010/03/27 11:44:27 | 000,000,000 | ---D | C]
CheckSur -> C:\Windows\CheckSur -> [2010/03/27 11:43:23 | 000,000,000 | ---D | C]
My Chat Logs -> C:\Users\Josh\Documents\My Chat Logs -> [2010/03/23 17:38:39 | 000,000,000 | ---D | C]
BitZipper -> C:\Users\Josh\AppData\Roaming\BitZipper -> [2010/03/21 18:40:34 | 000,000,000 | ---D | C]
Babylon -> C:\Users\Josh\AppData\Local\Babylon -> [2010/03/21 18:40:19 | 000,000,000 | ---D | C]
BitZipper -> C:\Program Files\BitZipper -> [2010/03/21 18:40:04 | 000,000,000 | ---D | C]
myBabylon_English4 -> C:\Program Files\myBabylon_English4 -> [2010/03/21 18:38:40 | 000,000,000 | ---D | C]
Winferno -> C:\Program Files\Winferno -> [2010/03/21 18:38:25 | 000,000,000 | ---D | C]
Babylon -> C:\Program Files\Babylon -> [2010/03/21 18:38:25 | 000,000,000 | ---D | C]
Babylon -> C:\ProgramData\Babylon -> [2010/03/21 18:38:04 | 000,000,000 | ---D | C]
Babylon -> C:\Users\Josh\AppData\Roaming\Babylon -> [2010/03/21 18:38:00 | 000,000,000 | ---D | C]
PriceGong -> C:\Program Files\PriceGong -> [2010/03/21 18:37:46 | 000,000,000 | ---D | C]
Uniblue -> C:\Users\Josh\AppData\Roaming\Uniblue -> [2010/03/21 18:33:20 | 000,000,000 | ---D | C]
Uniblue -> C:\Program Files\Uniblue -> [2010/03/21 18:32:59 | 000,000,000 | ---D | C]
LimeWire -> C:\Users\Josh\Documents\LimeWire -> [2010/03/17 22:49:18 | 000,000,000 | ---D | C]
NSS -> C:\Windows\System32\drivers\NSS -> [2010/03/15 20:16:42 | 000,000,000 | ---D | C]
Norton Security Scan -> C:\Program Files\Norton Security Scan -> [2010/03/15 20:16:42 | 000,000,000 | ---D | C]
Norton -> C:\ProgramData\Norton -> [2010/03/15 20:16:42 | 000,000,000 | ---D | C]
0207030.022 -> C:\Windows\System32\drivers\NSS\0207030.022 -> [2010/03/15 20:16:42 | 000,000,000 | ---D | C]
NortonInstaller -> C:\ProgramData\NortonInstaller -> [2010/03/15 20:16:39 | 000,000,000 | ---D | C]
NortonInstaller -> C:\Program Files\NortonInstaller -> [2010/03/15 20:16:39 | 000,000,000 | ---D | C]
Adobe -> C:\Windows\System32\Adobe -> [2010/03/14 19:43:05 | 000,000,000 | ---D | C]
Apple -> C:\Users\Josh\AppData\Local\Apple -> [2010/03/10 20:38:24 | 000,000,000 | ---D | C]
Apple Computer -> C:\Users\Josh\AppData\Roaming\Apple Computer -> [2010/03/10 20:37:56 | 000,000,000 | ---D | C]
Apple Computer -> C:\Users\Josh\AppData\Local\Apple Computer -> [2010/03/10 20:37:56 | 000,000,000 | ---D | C]
Macromedia -> C:\Users\Josh\AppData\Roaming\Macromedia -> [2010/03/10 19:24:35 | 000,000,000 | ---D | C]
Adobe -> C:\Users\Josh\AppData\Roaming\Adobe -> [2010/03/09 23:00:33 | 000,000,000 | ---D | C]
Google -> C:\Users\Josh\AppData\Roaming\Google -> [2010/03/09 22:59:44 | 000,000,000 | ---D | C]
Tracing -> C:\Users\Josh\Tracing -> [2010/03/09 22:59:15 | 000,000,000 | ---D | C]
Google -> C:\Users\Josh\AppData\Local\Google -> [2010/03/09 22:51:25 | 000,000,000 | ---D | C]
VirtualStore -> C:\Users\Josh\AppData\Local\VirtualStore -> [2010/03/09 22:50:43 | 000,000,000 | ---D | C]
SysWoW32 -> C:\ProgramData\SysWoW32 -> [2010/03/07 22:16:52 | 000,000,000 | -HSD | C]
System Volume Data -> C:\System Volume Data -> [2010/03/07 22:10:39 | 000,000,000 | ---D | C]
Windows Portable Devices -> C:\Program Files\Windows Portable Devices -> [2010/02/28 21:23:26 | 000,000,000 | ---D | C]
UIAnimation.dll -> C:\Windows\System32\UIAnimation.dll -> [2010/02/28 19:59:22 | 000,092,672 | ---- | C | MD5 = D6BACADF83661F08F9E1515AAE74B03E] (Microsoft Corporation)
UIRibbonRes.dll -> C:\Windows\System32\UIRibbonRes.dll -> [2010/02/28 19:59:21 | 001,164,800 | ---- | C | MD5 = 22C2646DD3ED24004F994D0DA9755955] (Microsoft Corporation)
UIRibbon.dll -> C:\Windows\System32\UIRibbon.dll -> [2010/02/28 19:59:20 | 003,023,360 | ---- | C | MD5 = 8C459CFAC2FB3DFB693BCFEC32F25407] (Microsoft Corporation)
WMPhoto.dll -> C:\Windows\System32\WMPhoto.dll -> [2010/02/28 19:58:14 | 000,369,664 | ---- | C | MD5 = 8375E2BD58BFB375695135A511EBEE00] (Microsoft Corporation)
cdd.dll -> C:\Windows\System32\cdd.dll -> [2010/02/28 19:58:14 | 000,037,888 | ---- | C | MD5 = 9D90B2073770EF7ADB648616A2C398F0] (Microsoft Corporation)
WindowsCodecs.dll -> C:\Windows\System32\WindowsCodecs.dll -> [2010/02/28 19:58:13 | 000,974,848 | ---- | C | MD5 = 6836D001FC733F205ACB80A7986CB6C9] (Microsoft Corporation)
d3d10warp.dll -> C:\Windows\System32\d3d10warp.dll -> [2010/02/28 19:58:13 | 000,829,440 | ---- | C | MD5 = 22B5E03E2D446E56289E18B14E92EC16] (Microsoft Corporation)
d2d1.dll -> C:\Windows\System32\d2d1.dll -> [2010/02/28 19:58:13 | 000,828,928 | ---- | C | MD5 = AE3FF218BE09FB9B1E1BD1CC037730AA] (Microsoft Corporation)
printfilterpipelinesvc.exe -> C:\Windows\System32\printfilterpipelinesvc.exe -> [2010/02/28 19:58:13 | 000,667,648 | ---- | C | MD5 = 6A361CA7471C031E3E2750546AF13BA2] (Microsoft Corporation)
PhotoMetadataHandler.dll -> C:\Windows\System32\PhotoMetadataHandler.dll -> [2010/02/28 19:58:13 | 000,321,024 | ---- | C | MD5 = 247609D2CD28A57BC1FE37FDA48AC0DB] (Microsoft Corporation)
XpsGdiConverter.dll -> C:\Windows\System32\XpsGdiConverter.dll -> [2010/02/28 19:58:13 | 000,280,064 | ---- | C | MD5 = 6CB4C7E88976D6A2CAFE1C22E70C0BF1] (Microsoft Corporation)
dxdiag.exe -> C:\Windows\System32\dxdiag.exe -> [2010/02/28 19:58:13 | 000,252,928 | ---- | C | MD5 = 60BBAF3F5A38D0274B0C46710A218051] (Microsoft Corporation)
dxdiagn.dll -> C:\Windows\System32\dxdiagn.dll -> [2010/02/28 19:58:13 | 000,195,584 | ---- | C | MD5 = D1C47F951EA35073C97EF2E928CF9D6F] (Microsoft Corporation)
WindowsCodecsExt.dll -> C:\Windows\System32\WindowsCodecsExt.dll -> [2010/02/28 19:58:13 | 000,189,440 | ---- | C | MD5 = 012A965F34414458075EF4F0EDC11536] (Microsoft Corporation)
XpsRasterService.dll -> C:\Windows\System32\XpsRasterService.dll -> [2010/02/28 19:58:13 | 000,135,680 | ---- | C | MD5 = 6757D04DA66384C8058754C7B68238C3] (Microsoft Corporation)
printfilterpipelineprxy.dll -> C:\Windows\System32\printfilterpipelineprxy.dll -> [2010/02/28 19:58:13 | 000,026,112 | ---- | C | MD5 = 28A510BFAC3CB13AC1E9005FEA50EE01] (Microsoft Corporation)
xpsservices.dll -> C:\Windows\System32\xpsservices.dll -> [2010/02/28 19:58:12 | 001,554,432 | ---- | C | MD5 = 06C426B2FBEC302BD5763D7D654B4022] (Microsoft Corporation)
DWrite.dll -> C:\Windows\System32\DWrite.dll -> [2010/02/28 19:58:12 | 001,064,448 | ---- | C | MD5 = 773A7F4CD77A7572440C3B2CA4538BB4] (Microsoft Corporation)
d3d10.dll -> C:\Windows\System32\d3d10.dll -> [2010/02/28 19:58:12 | 001,030,144 | ---- | C | MD5 = 52D87BEB509685A5343D6489EBBB1D0F] (Microsoft Corporation)
OpcServices.dll -> C:\Windows\System32\OpcServices.dll -> [2010/02/28 19:58:12 | 000,847,360 | ---- | C | MD5 = 4AEDEEC05211864EC41FCB099C1065FA] (Microsoft Corporation)
FntCache.dll -> C:\Windows\System32\FntCache.dll -> [2010/02/28 19:58:12 | 000,793,088 | ---- | C | MD5 = D49705F25390265CAD9B620F55EA968C] (Microsoft Corporation)
d3d11.dll -> C:\Windows\System32\d3d11.dll -> [2010/02/28 19:58:12 | 000,519,680 | ---- | C | MD5 = 6E895BDCB3158E3860A49662332736BA] (Microsoft Corporation)
d3d10level9.dll -> C:\Windows\System32\d3d10level9.dll -> [2010/02/28 19:58:12 | 000,486,912 | ---- | C | MD5 = 354A9603AB7FC426C2755964B79F0259] (Microsoft Corporation)
dxgi.dll -> C:\Windows\System32\dxgi.dll -> [2010/02/28 19:58:12 | 000,481,792 | ---- | C | MD5 = A83ADF0BF9AAD2FB42079ACAB32C0F99] (Microsoft Corporation)
XpsPrint.dll -> C:\Windows\System32\XpsPrint.dll -> [2010/02/28 19:58:12 | 000,351,232 | ---- | C | MD5 = 242EBC595C75B4C3867CD35D80A1CE4D] (Microsoft Corporation)
d3d10_1core.dll -> C:\Windows\System32\d3d10_1core.dll -> [2010/02/28 19:58:12 | 000,218,112 | ---- | C | MD5 = E66DD8E6D4337CCB08B329856062950E] (Microsoft Corporation)
d3d10core.dll -> C:\Windows\System32\d3d10core.dll -> [2010/02/28 19:58:12 | 000,190,464 | ---- | C | MD5 = 7D252A3C490B09393A399032870F3524] (Microsoft Corporation)
d3d10_1.dll -> C:\Windows\System32\d3d10_1.dll -> [2010/02/28 19:58:12 | 000,161,280 | ---- | C | MD5 = 4A58284F205F00E27AA207B1F84474D6] (Microsoft Corporation)
BthMtpContextHandler.dll -> C:\Windows\System32\BthMtpContextHandler.dll -> [2010/02/28 19:57:21 | 000,031,232 | ---- | C | MD5 = 9B9108D3019C18BD6D38B860813E6E52] (Microsoft Corporation)
WPDShextAutoplay.exe -> C:\Windows\System32\WPDShextAutoplay.exe -> [2010/02/28 19:57:21 | 000,030,208 | ---- | C | MD5 = 1D7D7E32A80109D5C3167309265EAC83] (Microsoft Corporation)
PortableDeviceConnectApi.dll -> C:\Windows\System32\PortableDeviceConnectApi.dll -> [2010/02/28 19:57:13 | 000,060,928 | ---- | C | MD5 = B53BD9E63867CD9FD853F666CA172713] (Microsoft Corporation)
WpdMtpUS.dll -> C:\Windows\System32\WpdMtpUS.dll -> [2010/02/28 19:57:07 | 000,061,952 | ---- | C | MD5 = 3501443C148C780E8CE6B5108CE6D95E] (Microsoft Corporation)
WpdConns.dll -> C:\Windows\System32\WpdConns.dll -> [2010/02/28 19:57:07 | 000,033,280 | ---- | C | MD5 = 58E42DDB9F734E8DBDA17E806EF3F64A] (Microsoft Corporation)
wpd_ci.dll -> C:\Windows\System32\wpd_ci.dll -> [2010/02/28 19:57:06 | 000,546,816 | ---- | C | MD5 = 81072240917688254A55C1C568B2377B] (Microsoft Corporation)
WpdMtp.dll -> C:\Windows\System32\WpdMtp.dll -> [2010/02/28 19:57:06 | 000,226,816 | ---- | C | MD5 = A8FB1B20C5ABD1817B7F96251293BFF9] (Microsoft Corporation)
PortableDeviceTypes.dll -> C:\Windows\System32\PortableDeviceTypes.dll -> [2010/02/28 19:57:06 | 000,160,256 | ---- | C | MD5 = 883D02AB5D350BC45E0F60E8CFA97FDC] (Microsoft Corporation)
WPDSp.dll -> C:\Windows\System32\WPDSp.dll -> [2010/02/28 19:57:05 | 000,350,208 | ---- | C | MD5 = 49456BFE373D90B895795C5A1A13A7C8] (Microsoft Corporation)
PortableDeviceApi.dll -> C:\Windows\System32\PortableDeviceApi.dll -> [2010/02/28 19:57:05 | 000,334,848 | ---- | C | MD5 = 2205A220A264E8C8B86492BF3D112907] (Microsoft Corporation)
PortableDeviceWMDRM.dll -> C:\Windows\System32\PortableDeviceWMDRM.dll -> [2010/02/28 19:57:05 | 000,196,608 | ---- | C | MD5 = C220FC95DA7AD00AB03C184AFDDC5314] (Microsoft Corporation)
PortableDeviceClassExtension.dll -> C:\Windows\System32\PortableDeviceClassExtension.dll -> [2010/02/28 19:57:05 | 000,100,864 | ---- | C | MD5 = B2B117BD8D1EA80536CDD91797EF4A0A] (Microsoft Corporation)
oleaccrc.dll -> C:\Windows\System32\oleaccrc.dll -> [2010/02/28 19:55:16 | 000,004,096 | ---- | C | MD5 = 3551474B2DB6312DB6DF56140A68DF6E] (Microsoft Corporation)
UIAutomationCore.dll -> C:\Windows\System32\UIAutomationCore.dll -> [2010/02/28 19:55:15 | 000,555,520 | ---- | C | MD5 = DA852A35071D3881607E526794B4F023] (Microsoft Corporation)
httpapi.dll -> C:\Windows\System32\httpapi.dll -> [2010/02/27 07:53:47 | 000,030,720 | ---- | C | MD5 = D9011D2091C6B037A5075C27A470188C] (Microsoft Corporation)
nshhttp.dll -> C:\Windows\System32\nshhttp.dll -> [2010/02/27 07:53:46 | 000,024,064 | ---- | C | MD5 = E9584BF02974F48B6F8B62E9614B5757] (Microsoft Corporation)
gameux.dll -> C:\Windows\System32\gameux.dll -> [2010/02/27 07:53:05 | 001,696,256 | ---- | C | MD5 = 9C92BDBD4B2930DE83053D851D90B409] (Microsoft Corporation)
Apphlpdm.dll -> C:\Windows\System32\Apphlpdm.dll -> [2010/02/27 07:53:03 | 000,028,672 | ---- | C | MD5 = 00AD6E3868B390745F9E3C58A557BC31] (Microsoft Corporation)
GameUXLegacyGDFs.dll -> C:\Windows\System32\GameUXLegacyGDFs.dll -> [2010/02/27 07:53:00 | 004,240,384 | ---- | C | MD5 = 7EE94754C9AF5B8A4A97E620C4C07541] (Microsoft)
eu-ES -> C:\Windows\System32\eu-ES -> [2010/02/27 02:45:56 | 000,000,000 | ---D | C]
ca-ES -> C:\Windows\System32\ca-ES -> [2010/02/27 02:45:56 | 000,000,000 | ---D | C]
vi-VN -> C:\Windows\System32\vi-VN -> [2010/02/27 02:45:55 | 000,000,000 | ---D | C]
jscript.dll -> C:\Windows\System32\jscript.dll -> [2010/02/22 20:37:47 | 000,726,528 | ---- | C | MD5 = 46E35CDEA68DFCE274BE2B51EB9F0D36] (Microsoft Corporation)
tzres.dll -> C:\Windows\System32\tzres.dll -> [2010/02/22 20:37:32 | 000,002,048 | ---- | C | MD5 = 4CD126CC33947A4CBC6DC3D773E9DE93] (Microsoft Corporation)
RMActivate_isv.exe -> C:\Windows\System32\RMActivate_isv.exe -> [2010/02/22 20:36:25 | 000,526,336 | ---- | C | MD5 = 447D3599FA65A9A8BCF7F9048BDB7035] (Microsoft Corporation)
RMActivate.exe -> C:\Windows\System32\RMActivate.exe -> [2010/02/22 20:36:25 | 000,518,144 | ---- | C | MD5 = 8FB90F7CFBCCF50DF2E3080A2BC6F23B] (Microsoft Corporation)
secproc_isv.dll -> C:\Windows\System32\secproc_isv.dll -> [2010/02/22 20:36:23 | 000,471,552 | ---- | C | MD5 = F4BFD5330DA0899771EB24A0DDEF87AF] (Microsoft Corporation)
secproc.dll -> C:\Windows\System32\secproc.dll -> [2010/02/22 20:36:22 | 000,471,552 | ---- | C | MD5 = C7EF2D81B9AC543DA9205701C45F62BD] (Microsoft Corporation)
RMActivate_ssp.exe -> C:\Windows\System32\RMActivate_ssp.exe -> [2010/02/22 20:36:22 | 000,347,136 | ---- | C | MD5 = D1194E75C78C451698D7DFFDAB22C5DA] (Microsoft Corporation)
RMActivate_ssp_isv.exe -> C:\Windows\System32\RMActivate_ssp_isv.exe -> [2010/02/22 20:36:21 | 000,346,624 | ---- | C | MD5 = A64C3712DF40DF6BD489A98E280130E7] (Microsoft Corporation)
msdrm.dll -> C:\Windows\System32\msdrm.dll -> [2010/02/22 20:36:20 | 000,332,288 | ---- | C | MD5 = 2D74D853886BDD0CDE60BE5FDF22AD9A] (Microsoft Corporation)
secproc_ssp_isv.dll -> C:\Windows\System32\secproc_ssp_isv.dll -> [2010/02/22 20:36:20 | 000,152,576 | ---- | C | MD5 = 7857CFD06825D710E18793D5306C7724] (Microsoft Corporation)
secproc_ssp.dll -> C:\Windows\System32\secproc_ssp.dll -> [2010/02/22 20:36:20 | 000,152,064 | ---- | C | MD5 = B385C4E499591941E362E324969BB6FB] (Microsoft Corporation)
Verlag_Heinrich_Vogel_in_ -> C:\Users\Josh\AppData\Local\Verlag_Heinrich_Vogel_in_ -> [2010/02/20 14:55:34 | 000,000,000 | ---D | C]
Vogel Verlag -> C:\Program Files\Vogel Verlag -> [2010/02/20 14:45:43 | 000,000,000 | ---D | C]

[Files/Folders - Modified Within 90 Days]
ntuser.dat -> C:\Users\Josh\ntuser.dat -> [2010/05/20 09:00:31 | 003,145,728 | -HS- | M | Unable to obtain MD5] ()
OTS.exe -> C:\Users\Josh\Desktop\OTS.exe -> [2010/05/20 08:34:36 | 000,640,000 | ---- | M | MD5 = C7A61D4B69CF0E784AAB1E2105529300] (OldTimer Tools)
incavi.avm -> C:\Windows\System32\drivers\Avg\incavi.avm -> [2010/05/20 08:26:14 | 060,218,969 | ---- | M | MD5 = DDBB1C1A84AC59996977456BC1ECD1D4] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/05/20 08:18:56 | 000,000,880 | ---- | M | MD5 = F12DD39627FC8EF4FC1BB3D9F6F6B884] ()
LogConfigTemp.xml -> C:\Windows\System32\LogConfigTemp.xml -> [2010/05/20 08:18:27 | 000,000,000 | ---- | M | Unable to obtain MD5] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/05/20 08:18:06 | 000,003,216 | -H-- | M | Unable to obtain MD5] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/05/20 08:18:06 | 000,003,216 | -H-- | M | Unable to obtain MD5] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/05/20 08:17:58 | 000,000,006 | -H-- | M | MD5 = F1A6CD5ADAAB953A6764EA364E17BFB8] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2010/05/20 08:17:50 | 000,067,584 | --S- | M | MD5 = 1F6B44AA61EE4A110F6598FEF0BF9920] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/05/20 08:17:46 | 1000,366,080 | -HS- | M | Unable to obtain MD5] ()
ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Josh\ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> [2010/05/19 23:46:42 | 000,524,288 | -HS- | M | Unable to obtain MD5] ()
ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.

joh turner · 13 Re: help on Fri May 21, 2010 5:15 am

joh turner

Member
Member

TM.blf -> C:\Users\Josh\ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TM.blf -> [2010/05/19 23:46:42 | 000,065,536 | -HS- | M | Unable to obtain MD5] ()
IconCache.db -> C:\Users\Josh\AppData\Local\IconCache.db -> [2010/05/19 23:46:06 | 003,049,445 | -H-- | M | MD5 = 6BADB36D04EA4D69B9790525B809997D] ()
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/05/19 23:17:02 | 000,000,884 | ---- | M | MD5 = DE94FF493F4DE0972DA8CC3BC6E51C08] ()
PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2010/05/19 12:36:31 | 000,690,960 | ---- | M | MD5 = FEB43FA0FB2FEB482C5BDA553862EA8D] ()
perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2010/05/19 12:36:31 | 000,600,378 | ---- | M | MD5 = 10D38CFBDE270FBADD948D2621034E90] ()
perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2010/05/19 12:36:31 | 000,105,852 | ---- | M | MD5 = 57ECFE9F8090B8BBA999F08BF9B4ABD7] ()
system.ini -> C:\Windows\system.ini -> [2010/05/19 11:59:29 | 000,000,215 | ---- | M | MD5 = 3CF3D4A45CC2AF973DBC30EC8D33252B] ()
Browser Choice.lnk -> C:\Users\Public\Desktop\Browser Choice.lnk -> [2010/05/19 11:32:02 | 000,001,591 | ---- | M | MD5 = BB7DF3EBC81FF8DFB85BD1B8BF1D175F] ()
avgrsstx.dll -> C:\Windows\System32\avgrsstx.dll -> [2010/05/19 11:12:26 | 000,011,952 | ---- | M | MD5 = 72A575126B3E55B365A69A9ED1384A1E] (AVG Technologies CZ, s.r.o.)
avgldx86.sys -> C:\Windows\System32\drivers\avgldx86.sys -> [2010/05/19 11:12:25 | 000,335,240 | ---- | M | MD5 = BC12F2404BB6F2B6B2FF3C4C246CB752] (AVG Technologies CZ, s.r.o.)
avgmfx86.sys -> C:\Windows\System32\drivers\avgmfx86.sys -> [2010/05/19 11:12:25 | 000,027,784 | ---- | M | MD5 = 5903D729D4F0C5BCA74123C96A1B29E0] (AVG Technologies CZ, s.r.o.)
avgtdix.sys -> C:\Windows\System32\drivers\avgtdix.sys -> [2010/05/19 11:12:07 | 000,108,552 | ---- | M | MD5 = 92D8E1E8502E649B60E70074EB29C380] (AVG Technologies CZ, s.r.o.)
Norton Security Scan for Josh.job -> C:\Windows\tasks\Norton Security Scan for Josh.job -> [2010/05/18 17:43:59 | 000,000,472 | -H-- | M | MD5 = E24C4200ABAAE5FF354AC98CF3804F0A] ()
miniavi.avg -> C:\Windows\System32\drivers\Avg\miniavi.avg -> [2010/05/18 14:16:06 | 000,492,629 | ---- | M | MD5 = 950966A589EFA4C4CC2EDB9BD22FF3CB] ()
microavi.avg -> C:\Windows\System32\drivers\Avg\microavi.avg -> [2010/05/18 14:16:06 | 000,142,495 | ---- | M | MD5 = E271CCAD19CDF8255A898D259D9066BF] ()
AVG Free 8.5.lnk -> C:\Users\Public\Desktop\AVG Free 8.5.lnk -> [2010/05/18 14:08:45 | 000,001,649 | ---- | M | MD5 = B8AE9EC6064834A4593DA5692FFFA97A] ()
avi7.avg -> C:\Windows\System32\drivers\Avg\avi7.avg -> [2010/05/18 14:08:23 | 006,061,540 | ---- | M | MD5 = 6A74707B6F6D569044B0A32481E9B919] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/05/18 13:16:19 | 000,017,408 | ---- | M | MD5 = 0F8EE32D6064CE1ABB4444545B59201F] ()
TuneUp 1-Click Maintenance.lnk -> C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk -> [2010/05/18 12:39:58 | 000,001,855 | ---- | M | MD5 = 486FC66A5D746B38D981D8327FFD549A] ()
TuneUp Utilities.lnk -> C:\Users\Public\Desktop\TuneUp Utilities.lnk -> [2010/05/18 12:39:58 | 000,001,853 | ---- | M | MD5 = CE70FD78FA07773A8B6614E88317390E] ()
Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/05/17 16:42:28 | 000,000,820 | ---- | M | MD5 = D5958459C4F8A3490F426A546A622945] ()
tutti_frutti%20Large_jar.jpg -> C:\Users\Josh\Documents\tutti_frutti%20Large_jar.jpg -> [2010/05/13 16:29:30 | 000,038,024 | ---- | M | MD5 = DDD2D8F81AF6718A828937AC75DF1442] ()
µTorrent.lnk -> C:\Users\Public\Desktop\µTorrent.lnk -> [2010/05/12 19:28:08 | 000,000,754 | ---- | M | MD5 = 0E1B5791E0DD3BE434CF58F73484F4E2] ()
TURegOpt.exe -> C:\Windows\System32\TURegOpt.exe -> [2010/05/07 16:40:56 | 000,030,536 | ---- | M | MD5 = 580E7DCE477225428531BEBDD0F4FF99] (TuneUp Software)
authuitu.dll -> C:\Windows\System32\authuitu.dll -> [2010/05/07 16:34:46 | 000,021,320 | ---- | M | MD5 = EB4DF490974E72CAA2C7056F162CAED0] (TuneUp Software)
uxtuneup.dll -> C:\Windows\System32\uxtuneup.dll -> [2010/05/07 16:34:32 | 000,030,024 | ---- | M | MD5 = 07524A835ACF04FB47E9DAEF2859294D] (TuneUp Software)
Graboid Video.lnk -> C:\Users\Josh\Desktop\Graboid Video.lnk -> [2010/05/06 19:44:27 | 000,001,095 | ---- | M | MD5 = DE360477631B4B60D657315A16248DE1] ()
VLC media player.lnk -> C:\Users\Public\Desktop\VLC media player.lnk -> [2010/05/06 19:43:00 | 000,000,861 | ---- | M | MD5 = 45B46FD6D647DA57F19DB00EC84C9CBD] ()
FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2010/04/30 17:54:21 | 000,304,592 | ---- | M | MD5 = 04C270D1DBC517C89665ED53747D973D] ()
mbamswissarmy.sys -> C:\Windows\System32\drivers\mbamswissarmy.sys -> [2010/04/29 15:39:38 | 000,038,224 | ---- | M | MD5 = C7DD7D9739785BD3A6B8499EEC1DEE7E] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2010/04/29 15:39:26 | 000,020,952 | ---- | M | MD5 = 67B48A903430C6D4FB58CBACA1866601] (Malwarebytes Corporation)
ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\Josh\ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/29 07:35:55 | 000,524,288 | -HS- | M | Unable to obtain MD5] ()
Google Chrome.lnk -> C:\Users\Public\Desktop\Google Chrome.lnk -> [2010/04/29 07:18:42 | 000,001,973 | ---- | M | MD5 = C0B3D8B6EA7E26A4BFE0BFA7AE1F9E45] ()
ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Josh\ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/28 22:14:20 | 000,524,288 | -HS- | M | MD5 = BD580C8357804E2C0D42BBC192BDF855] ()
ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TM.blf -> C:\Users\Josh\ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TM.blf -> [2010/04/28 22:14:20 | 000,065,536 | -HS- | M | MD5 = 5A45A2233E892F2F13B17947907DD781] ()
PEV.exe -> C:\Windows\PEV.exe -> [2010/04/26 15:58:12 | 000,256,512 | ---- | M | MD5 = F1FBA6185A6A2BC6456970914875078E] ()
DivX Movies.lnk -> C:\Users\Josh\Desktop\DivX Movies.lnk -> [2010/04/14 16:25:14 | 000,001,395 | ---- | M | MD5 = 25374AFB1898FB331DCCC68D70641545] ()
DivXControlPanelApplet.cpl -> C:\Windows\System32\DivXControlPanelApplet.cpl -> [2010/03/30 18:58:24 | 000,353,592 | ---- | M | MD5 = 22A543DA58C08A3D7CB3E7DFFCA1B8A9] (DivX, Inc.)
ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\Josh\ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> [2010/03/23 18:58:44 | 000,524,288 | -HS- | M | MD5 = 59071590099D21DD439896592338BF95] ()
dean address.docx -> C:\Users\Josh\Documents\dean address.docx -> [2010/03/22 19:47:30 | 000,010,332 | ---- | M | MD5 = 84732DAFF81EE4FAF749A7FB6F3E936C] ()
Prestige Hack.rar -> C:\Users\Josh\Documents\Prestige Hack.rar -> [2010/03/21 18:29:18 | 000,078,007 | ---- | M | MD5 = 2B92790FFA58C44C9B629C960AF50C53] ()
ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Josh\ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> [2010/03/20 22:36:43 | 000,524,288 | -HS- | M | MD5 = 3BAC199E19C0FD728C631A3C5F72CC0E] ()
ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TM.blf -> C:\Users\Josh\ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TM.blf -> [2010/03/20 22:36:43 | 000,065,536 | -HS- | M | MD5 = A257D465B226C6D536C9434BBC3733E1] ()
Documents - Shortcut.lnk -> C:\Users\Josh\Documents - Shortcut.lnk -> [2010/03/19 01:36:29 | 000,000,372 | ---- | M | MD5 = 1BB3A8F0F84F852004D8E3EBEA076BD5] ()
Norton Security Scan.lnk -> C:\Users\Public\Desktop\Norton Security Scan.lnk -> [2010/03/15 20:16:48 | 000,001,139 | ---- | M | MD5 = A39BF87CFA7CDC4487DE709DEF552A10] ()
isolate.ini -> C:\Windows\System32\drivers\NSS\0207030.022\isolate.ini -> [2010/03/15 20:16:42 | 000,000,172 | ---- | M | MD5 = 01DB2BF9DD6DE07AF9104FEA05C6CBB6] ()
listino.pdf -> C:\Users\Josh\Documents\listino.pdf -> [2010/03/15 20:15:09 | 002,158,429 | ---- | M | MD5 = 13AA4BE7B18B7D7753A55252B2A49DE4] ()
Road Trip for summer 2010.docx -> C:\Users\Josh\Documents\Road Trip for summer 2010.docx -> [2010/03/13 14:25:09 | 000,590,920 | ---- | M | MD5 = 2752E73CFA4C6232FD02C1E98387D4F5] ()
ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\Josh\ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> [2010/03/09 22:51:52 | 000,524,288 | -HS- | M | MD5 = 59071590099D21DD439896592338BF95] ()
1818374223 -> C:\ProgramData\1818374223 -> [2010/03/07 22:30:51 | 000,000,817 | ---- | M | MD5 = DA69203ACF91A8E78497D10BE6B78732] ()
1009934367 -> C:\ProgramData\1009934367 -> [2010/03/07 22:17:19 | 000,001,339 | -HS- | M | MD5 = 5DD574199B5FC45AE83D92ABBCEB716A] ()
GDIPFONTCACHEV1.DAT -> C:\Windows\System32\GDIPFONTCACHEV1.DAT -> [2010/03/05 16:44:30 | 000,072,752 | ---- | M | MD5 = 5593F94FFA101E41CF9E8F1D90D3A48A] ()
vbscript.dll -> C:\Windows\System32\vbscript.dll -> [2010/03/05 07:01:02 | 000,420,352 | ---- | M | MD5 = 5A9C91B12C2CBF85F6033FED62CE087A] (Microsoft Corporation)
Msft_User_WpdMtpDr_01_07_00.Wdf -> C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf -> [2010/02/28 21:23:05 | 000,000,000 | -H-- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
Msft_User_WpdFs_01_07_00.Wdf -> C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf -> [2010/02/28 21:22:57 | 000,000,000 | -H-- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
mstime.dll -> C:\Windows\System32\mstime.dll -> [2010/02/22 23:35:21 | 000,611,840 | ---- | M | MD5 = 39F24FA678B24A80E7BE7277BE7E5231] (Microsoft Corporation)
msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2010/02/22 23:34:49 | 000,594,432 | ---- | M | MD5 = 1D63CDF43E5A16E44A4D8BF4FF479783] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2010/02/22 23:34:49 | 000,055,296 | ---- | M | MD5 = D6E6C59A3FF44DA456B7080095D69A38] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2010/02/22 23:34:06 | 000,025,600 | ---- | M | MD5 = AC8371BE69BB6AFE86F3407D8A569FA2] (Microsoft Corporation)
inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2010/02/22 23:33:59 | 001,469,440 | ---- | M | MD5 = 1F49D8BF29681ADE8E81674E684E6F1E] (Microsoft Corporation)
ieui.dll -> C:\Windows\System32\ieui.dll -> [2010/02/22 23:33:45 | 000,164,352 | ---- | M | MD5 = 8E968AAFB813AFBB1354619A008702CE] (Microsoft Corporation)
iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2010/02/22 23:33:45 | 000,109,056 | ---- | M | MD5 = ABC4F2F5C66B520AA59877772A26121A] (Microsoft Corporation)
iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2010/02/22 23:33:45 | 000,071,680 | ---- | M | MD5 = 47A0E748323F3CADA388E39FA95273C1] (Microsoft Corporation)
iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2010/02/22 23:33:44 | 000,184,320 | ---- | M | MD5 = F87EED552081BBBFCF721A689C8C87CB] (Microsoft Corporation)
iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2010/02/22 23:33:44 | 000,055,808 | ---- | M | MD5 = 472BBDE873A5DB8FFEBE7C55E786A6F7] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2010/02/22 23:33:38 | 000,387,584 | ---- | M | MD5 = C8696C4AACFF9C2B14891B00DB117B87] (Microsoft Corporation)
ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2010/02/22 21:55:36 | 000,133,632 | ---- | M | MD5 = 2C4A41BCE5967DB09BC59F742CFAE108] (Microsoft Corporation)
ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2010/02/22 21:55:24 | 000,173,056 | ---- | M | MD5 = 8B08D5F137DE74DDB3A7F408E18C03DD] (Microsoft Corporation)
msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2010/02/22 21:54:43 | 000,013,312 | ---- | M | MD5 = 8D9813566860D6B18A79DCA2AA520B6C] (Microsoft Corporation)
mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2010/02/22 21:54:20 | 001,638,912 | ---- | M | MD5 = 0346028DF1A92F67CAAE86A637432C09] (Microsoft Corporation)
Fahren Lernen.lnk -> C:\Users\Public\Desktop\Fahren Lernen.lnk -> [2010/02/20 14:52:22 | 000,001,061 | ---- | M | MD5 = 03BB31CA73B6F958827FEEDD26B36BCC] ()
Msft_User_WpdMtpDr_01_00_00.Wdf -> C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf -> [2010/02/20 08:18:50 | 000,000,000 | -H-- | M | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
3 C:\Users\Josh\AppData\Local\Temp\*.tmp files -> C:\Users\Josh\AppData\Local\Temp\*.tmp ->

[Files - No Company Name]
PEV.exe -> C:\Windows\PEV.exe -> [2010/05/19 11:41:12 | 000,256,512 | ---- | C | MD5 = F1FBA6185A6A2BC6456970914875078E] ()
sed.exe -> C:\Windows\sed.exe -> [2010/05/19 11:41:12 | 000,098,816 | ---- | C | MD5 = 2B657A67AEBB84AEA5632C53E61E23BF] ()
grep.exe -> C:\Windows\grep.exe -> [2010/05/19 11:41:12 | 000,080,412 | ---- | C | MD5 = 9E05A9C264C8A908A8E79450FCBFF047] ()
MBR.exe -> C:\Windows\MBR.exe -> [2010/05/19 11:41:12 | 000,077,312 | ---- | C | MD5 = C5EC72A20B4C98DB5314E6C46765B148] ()
zip.exe -> C:\Windows\zip.exe -> [2010/05/19 11:41:12 | 000,068,096 | ---- | C | MD5 = 5E832F4FAF5F481F2EAF3B3A48F603B8] ()
Browser Choice.lnk -> C:\Users\Public\Desktop\Browser Choice.lnk -> [2010/05/19 11:32:02 | 000,001,591 | ---- | C | MD5 = BB7DF3EBC81FF8DFB85BD1B8BF1D175F] ()
AVG Free 8.5.lnk -> C:\Users\Public\Desktop\AVG Free 8.5.lnk -> [2010/05/18 14:08:45 | 000,001,649 | ---- | C | MD5 = B8AE9EC6064834A4593DA5692FFFA97A] ()
incavi.avm -> C:\Windows\System32\drivers\Avg\incavi.avm -> [2010/05/18 14:08:23 | 060,218,969 | ---- | C | MD5 = DDBB1C1A84AC59996977456BC1ECD1D4] ()
miniavi.avg -> C:\Windows\System32\drivers\Avg\miniavi.avg -> [2010/05/18 14:08:23 | 000,492,629 | ---- | C | MD5 = 950966A589EFA4C4CC2EDB9BD22FF3CB] ()
microavi.avg -> C:\Windows\System32\drivers\Avg\microavi.avg -> [2010/05/18 14:08:23 | 000,142,495 | ---- | C | MD5 = E271CCAD19CDF8255A898D259D9066BF] ()
avi7.avg -> C:\Windows\System32\drivers\Avg\avi7.avg -> [2010/05/18 14:08:21 | 006,061,540 | ---- | C | MD5 = 6A74707B6F6D569044B0A32481E9B919] ()
TuneUp 1-Click Maintenance.lnk -> C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk -> [2010/05/18 12:39:58 | 000,001,855 | ---- | C | MD5 = 486FC66A5D746B38D981D8327FFD549A] ()
TuneUp Utilities.lnk -> C:\Users\Public\Desktop\TuneUp Utilities.lnk -> [2010/05/18 12:39:58 | 000,001,853 | ---- | C | MD5 = CE70FD78FA07773A8B6614E88317390E] ()
Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/05/17 16:42:27 | 000,000,820 | ---- | C | MD5 = D5958459C4F8A3490F426A546A622945] ()
tutti_frutti%20Large_jar.jpg -> C:\Users\Josh\Documents\tutti_frutti%20Large_jar.jpg -> [2010/05/13 16:29:44 | 000,038,024 | ---- | C | MD5 = DDD2D8F81AF6718A828937AC75DF1442] ()
µTorrent.lnk -> C:\Users\Public\Desktop\µTorrent.lnk -> [2010/05/12 19:27:27 | 000,000,754 | ---- | C | MD5 = 0E1B5791E0DD3BE434CF58F73484F4E2] ()
Graboid Video.lnk -> C:\Users\Josh\Desktop\Graboid Video.lnk -> [2010/05/06 19:44:27 | 000,001,095 | ---- | C | MD5 = DE360477631B4B60D657315A16248DE1] ()
VLC media player.lnk -> C:\Users\Public\Desktop\VLC media player.lnk -> [2010/05/06 19:43:00 | 000,000,861 | ---- | C | MD5 = 45B46FD6D647DA57F19DB00EC84C9CBD] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/04/29 19:14:50 | 1000,366,080 | -HS- | C | Unable to obtain MD5] ()
ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\Josh\ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> [2010/04/29 07:14:09 | 000,524,288 | -HS- | C | Unable to obtain MD5] ()
ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Josh\ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> [2010/04/29 07:14:09 | 000,524,288 | -HS- | C | Unable to obtain MD5] ()
ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TM.blf -> C:\Users\Josh\ntuser.dat{37c6c817-5399-11df-9b01-001eecd7a30d}.TM.blf -> [2010/04/29 07:14:09 | 000,065,536 | -HS- | C | Unable to obtain MD5] ()
Google Chrome.lnk -> C:\Users\Public\Desktop\Google Chrome.lnk -> [2010/04/14 16:25:33 | 000,001,973 | ---- | C | MD5 = C0B3D8B6EA7E26A4BFE0BFA7AE1F9E45] ()
ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Josh\ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> [2010/03/23 17:36:00 | 000,524,288 | -HS- | C | MD5 = BD580C8357804E2C0D42BBC192BDF855] ()
ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\Josh\ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> [2010/03/23 17:36:00 | 000,524,288 | -HS- | C | MD5 = 59071590099D21DD439896592338BF95] ()
ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TM.blf -> C:\Users\Josh\ntuser.dat{21b2b40b-36dd-11df-9813-001eecd7a30d}.TM.blf -> [2010/03/23 17:36:00 | 000,065,536 | -HS- | C | MD5 = 5A45A2233E892F2F13B17947907DD781] ()
dean address.docx -> C:\Users\Josh\Documents\dean address.docx -> [2010/03/22 19:47:28 | 000,010,332 | ---- | C | MD5 = 84732DAFF81EE4FAF749A7FB6F3E936C] ()
Prestige Hack.rar -> C:\Users\Josh\Documents\Prestige Hack.rar -> [2010/03/21 18:29:10 | 000,078,007 | ---- | C | MD5 = 2B92790FFA58C44C9B629C960AF50C53] ()
Documents - Shortcut.lnk -> C:\Users\Josh\Documents - Shortcut.lnk -> [2010/03/19 01:36:29 | 000,000,372 | ---- | C | MD5 = 1BB3A8F0F84F852004D8E3EBEA076BD5] ()
Norton Security Scan for Josh.job -> C:\Windows\tasks\Norton Security Scan for Josh.job -> [2010/03/15 20:16:51 | 000,000,472 | -H-- | C | MD5 = E24C4200ABAAE5FF354AC98CF3804F0A] ()
Norton Security Scan.lnk -> C:\Users\Public\Desktop\Norton Security Scan.lnk -> [2010/03/15 20:16:47 | 000,001,139 | ---- | C | MD5 = A39BF87CFA7CDC4487DE709DEF552A10] ()
isolate.ini -> C:\Windows\System32\drivers\NSS\0207030.022\isolate.ini -> [2010/03/15 20:16:42 | 000,000,172 | ---- | C | MD5 = 01DB2BF9DD6DE07AF9104FEA05C6CBB6] ()
listino.pdf -> C:\Users\Josh\Documents\listino.pdf -> [2010/03/15 20:14:59 | 002,158,429 | ---- | C | MD5 = 13AA4BE7B18B7D7753A55252B2A49DE4] ()
Road Trip for summer 2010.docx -> C:\Users\Josh\Documents\Road Trip for summer 2010.docx -> [2010/03/12 22:57:43 | 000,590,920 | ---- | C | MD5 = 2752E73CFA4C6232FD02C1E98387D4F5] ()
IconCache.db -> C:\Users\Josh\AppData\Local\IconCache.db -> [2010/03/09 22:51:34 | 003,049,445 | -H-- | C | MD5 = 6BADB36D04EA4D69B9790525B809997D] ()
ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\Josh\ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TMContainer00000000000000000002.regtrans-ms -> [2010/03/09 22:50:26 | 000,524,288 | -HS- | C | MD5 = 59071590099D21DD439896592338BF95] ()
ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Josh\ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TMContainer00000000000000000001.regtrans-ms -> [2010/03/09 22:50:26 | 000,524,288 | -HS- | C | MD5 = 3BAC199E19C0FD728C631A3C5F72CC0E] ()
ntuser.dat.LOG1 -> C:\Users\Josh\ntuser.dat.LOG1 -> [2010/03/09 22:50:26 | 000,262,144 | -H-- | C | Unable to obtain MD5] ()
ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TM.blf -> C:\Users\Josh\ntuser.dat{b2c1d4f5-2c08-11df-a8a2-001eecd7a30d}.TM.blf -> [2010/03/09 22:50:26 | 000,065,536 | -HS- | C | MD5 = A257D465B226C6D536C9434BBC3733E1] ()
ntuser.dat.LOG2 -> C:\Users\Josh\ntuser.dat.LOG2 -> [2010/03/09 22:50:26 | 000,000,000 | -H-- | C | Unable to obtain MD5] ()
1009934367 -> C:\ProgramData\1009934367 -> [2010/03/07 22:17:19 | 000,001,339 | -HS- | C | MD5 = 5DD574199B5FC45AE83D92ABBCEB716A] ()
1818374223 -> C:\ProgramData\1818374223 -> [2010/03/07 22:17:17 | 000,000,817 | ---- | C | MD5 = DA69203ACF91A8E78497D10BE6B78732] ()
Msft_User_WpdMtpDr_01_07_00.Wdf -> C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf -> [2010/02/28 21:23:05 | 000,000,000 | -H-- | C | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
Msft_User_WpdFs_01_07_00.Wdf -> C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf -> [2010/02/28 21:22:57 | 000,000,000 | -H-- | C | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
Fahren Lernen.lnk -> C:\Users\Public\Desktop\Fahren Lernen.lnk -> [2010/02/20 14:52:22 | 000,001,061 | ---- | C | MD5 = 03BB31CA73B6F958827FEEDD26B36BCC] ()
Msft_User_WpdMtpDr_01_00_00.Wdf -> C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf -> [2010/02/20 08:18:50 | 000,000,000 | -H-- | C | MD5 = D41D8CD98F00B204E9800998ECF8427E] ()
WinInit.Ini -> C:\Windows\WinInit.Ini -> [2010/02/12 15:45:05 | 000,000,226 | ---- | C | MD5 = 1567C90571F07D443E728180824ABE4E] ()
EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/12/30 00:29:34 | 000,117,248 | ---- | C | MD5 = 358A03A7A47F0AD71E84306AC635A626] ()
INT15.dll -> C:\Windows\System32\INT15.dll -> [2008/12/04 00:37:30 | 000,487,424 | ---- | C | MD5 = 9007C725D9D15D8E8851D3166E06EBE9] ()
NTIBUN5.dll -> C:\Windows\System32\NTIBUN5.dll -> [2008/08/28 12:26:55 | 000,001,024 | RH-- | C | MD5 = AA969416FE162DB143424E6B6D3EB2D7] ()
NTIOFM4.dll -> C:\Windows\System32\NTIOFM4.dll -> [2008/08/28 12:26:55 | 000,001,024 | RH-- | C | MD5 = 16F312DD5ECCB018C0080732EBFD744F] ()
igfxCoIn_v1527.dll -> C:\Windows\System32\igfxCoIn_v1527.dll -> [2008/08/28 12:24:09 | 000,147,456 | ---- | C | MD5 = 2571B6A9691046B66940CE9AD8CF176B] ()
RtDefLvl.ini -> C:\Windows\RtDefLvl.ini -> [2008/08/14 18:41:29 | 000,001,694 | ---- | C | MD5 = C9BA70A77A1BB142E215CA0A63B0AB8B] ()
GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006/11/02 05:35:51 | 000,037,665 | ---- | C | MD5 = E3E173CDA7B3982D762143BE19047ED5] ()
GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006/11/02 05:35:51 | 000,029,779 | ---- | C | MD5 = B77AB4697B17FBBB25E41A15CC31D94E] ()
GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006/11/02 05:35:51 | 000,026,489 | ---- | C | MD5 = D6B2075824BA9FAA4B37D98B13447F32] ()
GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006/11/02 05:35:51 | 000,026,040 | ---- | C | MD5 = B7F882C45E520600053327AA42FA3A4F] ()
pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 00:40:29 | 000,013,750 | ---- | C | MD5 = 4E9441F96C056BFF44F513C7F275AD81] ()
multiplex_vcd.dll -> C:\Windows\System32\multiplex_vcd.dll -> [2001/12/26 16:12:30 | 000,065,536 | ---- | C | MD5 = 7A217516B33FF1BAE1682935DCEC35D3] ()
Hmpg12.dll -> C:\Windows\System32\Hmpg12.dll -> [2001/09/03 23:46:38 | 000,110,592 | ---- | C | MD5 = FE34D72FBD99A4CD761C6465BEE74487] ()
HMPV2_ENC.dll -> C:\Windows\System32\HMPV2_ENC.dll -> [2001/07/30 16:33:56 | 000,118,784 | ---- | C | MD5 = 38B78898C70E740BED0334BDC0C783CE] ()
HMPV2_ENC_MMX.dll -> C:\Windows\System32\HMPV2_ENC_MMX.dll -> [2001/07/23 22:04:36 | 000,118,784 | ---- | C | MD5 = D7D0FDA4BCA293CE1FB4DBAF4C39AC5B] ()

[File - Lop Check]
Babylon -> C:\Users\Josh\AppData\Roaming\Babylon -> [2010/03/21 19:12:25 | 000,000,000 | ---D | M]
BitZipper -> C:\Users\Josh\AppData\Roaming\BitZipper -> [2010/03/21 18:40:34 | 000,000,000 | ---D | M]
LimeWire -> C:\Users\Josh\AppData\Roaming\LimeWire -> [2010/05/20 08:49:08 | 000,000,000 | ---D | M]
PhotoFiltre -> C:\Users\Josh\AppData\Roaming\PhotoFiltre -> [2010/03/09 22:48:48 | 000,000,000 | ---D | M]
TuneUp Software -> C:\Users\Josh\AppData\Roaming\TuneUp Software -> [2010/05/18 12:39:02 | 000,000,000 | ---D | M]
Uniblue -> C:\Users\Josh\AppData\Roaming\Uniblue -> [2010/03/21 18:33:21 | 000,000,000 | ---D | M]
uTorrent -> C:\Users\Josh\AppData\Roaming\uTorrent -> [2010/05/20 08:49:28 | 000,000,000 | ---D | M]
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2010/05/19 23:47:04 | 000,032,600 | ---- | M | Unable to obtain MD5] ()

[File - Purity Scan]

[Custom Scans]
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
rsaenh.dll : Unable to obtain MD5 -> C:\Windows\System32\rsaenh.dll -> [2009/04/10 23:27:47 | 000,241,128 | ---- | M | Unable to obtain MD5] (Microsoft Corporation)
SLC.dll : Unable to obtain MD5 -> C:\Windows\System32\SLC.dll -> [2009/04/10 23:28:23 | 000,228,352 | ---- | M | Unable to obtain MD5] (Microsoft Corporation)
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
COMPONENTS.SAV -> C:\Windows\System32\config\COMPONENTS.SAV -> [2008/01/20 20:31:11 | 015,716,352 | ---- | M | MD5 = 3A25A6840DEA2295960F298900FB93FB] ()
DEFAULT.SAV -> C:\Windows\System32\config\DEFAULT.SAV -> [2008/01/20 20:31:01 | 000,102,400 | ---- | M | MD5 = B2566A32D65A69738C3ECE74207195F5] ()
SECURITY.SAV -> C:\Windows\System32\config\SECURITY.SAV -> [2008/01/20 20:31:12 | 000,020,480 | ---- | M | MD5 = 4895C70E22DD6751A8FA22C584C190B1] ()
SOFTWARE.SAV -> C:\Windows\System32\config\SOFTWARE.SAV -> [2006/11/02 03:34:08 | 010,133,504 | ---- | M | MD5 = 8B507B5CF95AD726A6568A48C9CAC380] ()
SYSTEM.SAV -> C:\Windows\System32\config\SYSTEM.SAV -> [2006/11/02 03:34:08 | 001,826,816 | ---- | M | MD5 = CFAB712AC5AE09309FE60ACBEB591D28] ()
< %systemroot%\System32\*.sys >
ANSI.SYS -> C:\Windows\System32\ANSI.SYS -> [2006/11/02 00:09:42 | 000,009,029 | ---- | M | MD5 = 8AAD333C876590293F72B315E162BCC7] ()
clfs.sys -> C:\Windows\System32\clfs.sys -> [2009/04/10 23:32:46 | 000,245,736 | ---- | M | MD5 = D7659D3B5B92C31E84E53C1431F35132] (Microsoft Corporation)
country.sys -> C:\Windows\System32\country.sys -> [2006/11/02 00:09:45 | 000,027,097 | ---- | M | MD5 = 0FE9F16075C9ACB941C957B7C649176E] ()
HIMEM.SYS -> C:\Windows\System32\HIMEM.SYS -> [2006/11/02 00:09:41 | 000,004,768 | ---- | M | MD5 = E6BC0F98FECEF245A0010D350C1A0B9B] ()
KEY01.SYS -> C:\Windows\System32\KEY01.SYS -> [2006/11/02 00:09:44 | 000,042,809 | ---- | M | MD5 = 492090267B9608C62B956CD29BE3AFB7] ()
KEYBOARD.SYS -> C:\Windows\System32\KEYBOARD.SYS -> [2006/11/02 00:09:44 | 000,042,537 | ---- | M | MD5 = FBBCFEC1379C5C02D88A361993EDF1B8] ()
NTDOS.SYS -> C:\Windows\System32\NTDOS.SYS -> [2006/11/02 00:09:29 | 000,027,866 | ---- | M | MD5 = FFFF296A08DBF2AC0126C62E3778AC0D] ()
NTDOS404.SYS -> C:\Windows\System32\NTDOS404.SYS -> [2006/11/02 00:09:35 | 000,029,146 | ---- | M | MD5 = CF9ED169FF86D935E47999E82359E898] ()
NTDOS411.SYS -> C:\Windows\System32\NTDOS411.SYS -> [2006/11/02 00:09:38 | 000,029,370 | ---- | M | MD5 = 03B945AC0481CD8BB161C3569D8ED1C3] ()
NTDOS412.SYS -> C:\Windows\System32\NTDOS412.SYS -> [2006/11/02 00:09:40 | 000,029,274 | ---- | M | MD5 = BBC957DC18C17CC027EB80B7C77F2AEA] ()
NTDOS804.SYS -> C:\Windows\System32\NTDOS804.SYS -> [2006/11/02 00:09:31 | 000,029,146 | ---- | M | MD5 = 3CFFAEFFF23B0D208214A6D3061A5B1B] ()
NTIO.SYS -> C:\Windows\System32\NTIO.SYS -> [2006/11/02 00:09:20 | 000,033,952 | ---- | M | MD5 = 2E4112FB7D1B76E11ADFD7487B5D0E95] ()
NTIO404.SYS -> C:\Windows\System32\NTIO404.SYS -> [2006/11/02 00:09:23 | 000,034,672 | ---- | M | MD5 = A98EBD4C2DF983665BF2D1AF49949974] ()
NTIO411.SYS -> C:\Windows\System32\NTIO411.SYS -> [2006/11/02 00:09:24 | 000,035,776 | ---- | M | MD5 = 3F7E6406EDEF197C5CAAB2240EEF6F48] ()
NTIO412.SYS -> C:\Windows\System32\NTIO412.SYS -> [2006/11/02 00:09:26 | 000,035,536 | ---- | M | MD5 = 3E64D681B776CC57BDC38A46D881F85B] ()
NTIO804.SYS -> C:\Windows\System32\NTIO804.SYS -> [2006/11/02 00:09:22 | 000,034,672 | ---- | M | MD5 = D86B6435729231C171432B4E77801BDB] ()
win32k.sys -> C:\Windows\System32\win32k.sys -> [2009/08/14 06:27:17 | 002,036,736 | ---- | M | MD5 = 8705038245789561EE714D12CC3368CE] (Microsoft Corporation)
< %systemroot%\System32\drivers\*.dll >
< %systemroot%\System32\drivers\*.ini >
< %systemroot%\System32\drivers\*.exe >
< %SYSTEMDRIVE%\*.* >
autoexec.bat -> C:\autoexec.bat -> [2006/09/18 14:43:36 | 000,000,024 | ---- | M | MD5 = D9EBEC6668A6092FCBD1713C347AA5E0] ()
bootmgr -> C:\bootmgr -> [2009/04/10 23:36:36 | 000,333,257 | RHS- | M | MD5 = 14B9D882551EC9FFB3C51A7D94C4266C] ()
BOOTSECT.BAK -> C:\BOOTSECT.BAK -> [2008/08/28 12:26:10 | 000,008,192 | R-S- | M | MD5 = 8EB7EE2AE0A4FA775BCE6E8B3AE49AC5] ()
ComboFix.txt -> C:\ComboFix.txt -> [2010/05/19 12:11:22 | 000,015,843 | ---- | M | MD5 = 38F7D6AD506B79FA8E7212CAEB4F72A4] ()
config.sys -> C:\config.sys -> [2006/09/18 14:43:37 | 000,000,010 | ---- | M | MD5 = ED4FC5980BD8B1AD869FF725C7776338] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/05/20 08:17:46 | 1000,366,080 | -HS- | M | Unable to obtain MD5] ()
pagefile.sys -> C:\pagefile.sys -> [2010/05/20 08:17:45 | 1314,152,448 | -HS- | M | Unable to obtain MD5] ()
RHDSetup.log -> C:\RHDSetup.log -> [2008/08/28 12:04:11 | 000,000,426 | ---- | M | MD5 = CB1F446D59795C0F818687ED8673DD90] ()
vcredist_x86.log -> C:\vcredist_x86.log -> [2008/12/04 00:40:08 | 000,389,196 | ---- | M | MD5 = 33A1576CADAB559C5212CF97F80FA42B] ()
< %PROGRAMFILES%\*. >
Acer Incorporated -> C:\Program Files\Acer Incorporated -> [2008/12/04 00:48:19 | 000,000,000 | ---D | M]
Apoint2K -> C:\Program Files\Apoint2K -> [2008/12/04 00:35:39 | 000,000,000 | ---D | M]
Apple Software Update -> C:\Program Files\Apple Software Update -> [2010/01/23 20:05:11 | 000,000,000 | ---D | M]
Ask.com -> C:\Program Files\Ask.com -> [2010/02/19 18:05:34 | 000,000,000 | ---D | M]
AVG -> C:\Program Files\AVG -> [2010/05/18 14:07:32 | 000,000,000 | ---D | M]
Babylon -> C:\Program Files\Babylon -> [2010/03/21 18:38:25 | 000,000,000 | ---D | M]
BitZipper -> C:\Program Files\BitZipper -> [2010/03/21 18:41:16 | 000,000,000 | ---D | M]
Bonjour -> C:\Program Files\Bonjour -> [2010/04/10 22:46:23 | 000,000,000 | ---D | M]
BrowserQuest -> C:\Program Files\BrowserQuest -> [2010/04/14 16:38:51 | 000,000,000 | ---D | M]
Circle Developemen -> C:\Program Files\Circle Developemen -> [2009/12/26 05:41:13 | 000,000,000 | ---D | M]
Common Files -> C:\Program Files\Common Files -> [2010/05/19 11:52:00 | 000,000,000 | ---D | M]
DivX -> C:\Program Files\DivX -> [2010/04/14 16:25:05 | 000,000,000 | ---D | M]
EMACHINES -> C:\Program Files\EMACHINES -> [2009/12/25 09:44:49 | 000,000,000 | ---D | M]
eMachines GameZone -> C:\Program Files\eMachines GameZone -> [2008/08/28 12:18:03 | 000,000,000 | ---D | M]
Google -> C:\Program Files\Google -> [2010/05/19 11:04:17 | 000,000,000 | ---D | M]
Graboid -> C:\Program Files\Graboid -> [2010/05/06 19:45:00 | 000,000,000 | ---D | M]
InstallShield Installation Information -> C:\Program Files\InstallShield Installation Information -> [2008/12/04 00:48:15 | 000,000,000 | -H-D | M]
Intel -> C:\Program Files\Intel -> [2008/08/28 11:55:31 | 000,000,000 | ---D | M]
Internet Explorer -> C:\Program Files\Internet Explorer -> [2010/03/30 22:59:16 | 000,000,000 | ---D | M]
InterVideo -> C:\Program Files\InterVideo -> [2008/12/04 00:42:25 | 000,000,000 | ---D | M]
iPod -> C:\Program Files\iPod -> [2010/01/23 20:11:49 | 000,000,000 | ---D | M]
iTunes -> C:\Program Files\iTunes -> [2010/01/23 20:13:06 | 000,000,000 | ---D | M]
Java -> C:\Program Files\Java -> [2010/04/09 11:13:24 | 000,000,000 | ---D | M]
Launch Manager -> C:\Program Files\Launch Manager -> [2008/12/04 00:33:12 | 000,000,000 | ---D | M]
LimeWire -> C:\Program Files\LimeWire -> [2010/01/23 21:19:09 | 000,000,000 | ---D | M]
Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2010/05/17 16:42:30 | 000,000,000 | ---D | M]
MAXON -> C:\Program Files\MAXON -> [2010/01/18 18:13:14 | 000,000,000 | ---D | M]
McAfee Security Scan -> C:\Program Files\McAfee Security Scan -> [2010/02/05 20:06:01 | 000,000,000 | ---D | M]
Messenger Plus! Live -> C:\Program Files\Messenger Plus! Live -> [2009/12/26 05:41:11 | 000,000,000 | ---D | M]
Microsoft -> C:\Program Files\Microsoft -> [2009/12/25 02:53:18 | 000,000,000 | ---D | M]
Microsoft Games -> C:\Program Files\Microsoft Games -> [2006/11/02 05:35:51 | 000,000,000 | ---D | M]
Microsoft Office -> C:\Program Files\Microsoft Office -> [2008/08/28 12:31:50 | 000,000,000 | ---D | M]
Microsoft Office Suite Activation Assistant -> C:\Program Files\Microsoft Office Suite Activation Assistant -> [2008/08/28 12:35:51 | 000,000,000 | ---D | M]
Microsoft Silverlight -> C:\Program Files\Microsoft Silverlight -> [2010/01/20 15:40:49 | 000,000,000 | ---D | M]
Microsoft SQL Server Compact Edition -> C:\Program Files\Microsoft SQL Server Compact Edition -> [2009/12/25 02:51:04 | 000,000,000 | ---D | M]
Microsoft Sync Framework -> C:\Program Files\Microsoft Sync Framework -> [2009/12/25 02:52:28 | 000,000,000 | ---D | M]
Microsoft Works -> C:\Program Files\Microsoft Works -> [2009/12/26 14:24:25 | 000,000,000 | ---D | M]
Microsoft.NET -> C:\Program Files\Microsoft.NET -> [2008/08/28 12:31:29 | 000,000,000 | ---D | M]
Movie Maker -> C:\Program Files\Movie Maker -> [2010/03/11 17:36:05 | 000,000,000 | ---D | M]
Mozilla ActiveX Control v1.7.12 -> C:\Program Files\Mozilla ActiveX Control v1.7.12 -> [2010/05/06 19:44:27 | 000,000,000 | ---D | M]
Mozilla Firefox -> C:\Program Files\Mozilla Firefox -> [2010/03/01 21:03:58 | 000,000,000 | ---D | M]
MSBuild -> C:\Program Files\MSBuild -> [2006/11/02 05:35:51 | 000,000,000 | ---D | M]
MSXML 4.0 -> C:\Program Files\MSXML 4.0 -> [2009/12/26 13:41:31 | 000,000,000 | ---D | M]
myBabylon_English4 -> C:\Program Files\myBabylon_English4 -> [2010/03/21 18:39:00 | 000,000,000 | ---D | M]
NewTech Infosystems -> C:\Program Files\NewTech Infosystems -> [2008/08/28 12:27:02 | 000,000,000 | ---D | M]
Norton 360 -> C:\Program Files\Norton 360 -> [2010/01/01 00:31:20 | 000,000,000 | ---D | M]
Norton Security Scan -> C:\Program Files\Norton Security Scan -> [2010/03/15 20:16:42 | 000,000,000 | ---D | M]
NortonInstaller -> C:\Program Files\NortonInstaller -> [2010/03/15 20:16:39 | 000,000,000 | ---D | M]
Oberon Media -> C:\Program Files\Oberon Media -> [2008/08/28 12:06:28 | 000,000,000 | ---D | M]
PhotoFiltre -> C:\Program Files\PhotoFiltre -> [2010/01/17 17:48:10 | 000,000,000 | ---D | M]
PriceGong -> C:\Program Files\PriceGong -> [2010/03/21 18:37:49 | 000,000,000 | ---D | M]
QuickTime -> C:\Program Files\QuickTime -> [2010/01/23 20:08:31 | 000,000,000 | ---D | M]
Realtek -> C:\Program Files\Realtek -> [2008/08/28 12:04:28 | 000,000,000 | ---D | M]
Reference Assemblies -> C:\Program Files\Reference Assemblies -> [2006/11/02 05:35:51 | 000,000,000 | ---D | M]
Symantec -> C:\Program Files\Symantec -> [2009/12/26 14:22:13 | 000,000,000 | ---D | M]
Trend Micro -> C:\Program Files\Trend Micro -> [2010/05/18 15:59:40 | 000,000,000 | ---D | M]
TuneUp Utilities 2010 -> C:\Program Files\TuneUp Utilities 2010 -> [2010/05/18 12:40:04 | 000,000,000 | ---D | M]
Uniblue -> C:\Program Files\Uniblue -> [2010/03/21 18:32:59 | 000,000,000 | ---D | M]
Uninstall Information -> C:\Program Files\Uninstall Information -> [2006/11/02 05:58:18 | 000,000,000 | -H-D | M]
uTorrent -> C:\Program Files\uTorrent -> [2010/05/13 16:14:48 | 000,000,000 | ---D | M]
VideoLAN -> C:\Program Files\VideoLAN -> [2010/05/06 19:42:23 | 000,000,000 | ---D | M]
Vogel Verlag -> C:\Program Files\Vogel Verlag -> [2010/02/20 14:45:43 | 000,000,000 | ---D | M]
Windows Calendar -> C:\Program Files\Windows Calendar -> [2010/02/27 02:46:47 | 000,000,000 | ---D | M]
Windows Collaboration -> C:\Program Files\Windows Collaboration -> [2010/02/27 02:46:46 | 000,000,000 | ---D | M]
Windows Defender -> C:\Program Files\Windows Defender -> [2010/02/27 02:46:45 | 000,000,000 | ---D | M]
Windows Live -> C:\Program Files\Windows Live -> [2009/12/25 02:53:06 | 000,000,000 | ---D | M]
Windows Live SkyDrive -> C:\Program Files\Windows Live SkyDrive -> [2009/12/25 02:48:50 | 000,000,000 | ---D | M]
Windows Mail -> C:\Program Files\Windows Mail -> [2010/05/11 20:27:13 | 000,000,000 | ---D | M]
Windows Media Player -> C:\Program Files\Windows Media Player -> [2010/02/27 02:46:47 | 000,000,000 | ---D | M]
Windows NT -> C:\Program Files\Windows NT -> [2006/11/02 05:35:51 | 000,000,000 | ---D | M]
Windows Photo Gallery -> C:\Program Files\Windows Photo Gallery -> [2010/02/27 02:46:46 | 000,000,000 | ---D | M]
Windows Portable Devices -> C:\Program Files\Windows Portable Devices -> [2010/02/28 21:23:26 | 000,000,000 | ---D | M]
Windows Sidebar -> C:\Program Files\Windows Sidebar -> [2010/02/27 02:46:47 | 000,000,000 | ---D | M]
Winferno -> C:\Program Files\Winferno -> [2010/03/21 18:39:23 | 000,000,000 | ---D | M]
< %appdata%\*.* >
< End of report >
[/code]

joh turner · 14 Re: help on Fri May 21, 2010 5:43 am

joh turner

Member
Member

sorry i no im giving u too much to do at once but my avg 8.5 ran a sceduled scan nd is picking up lots of the same things saying

"C:\ Program files\BrowserQuest\browersquest.dll"

DragonMaster Jay · 15 Re: help on Fri May 21, 2010 11:26 pm

DragonMaster Jay

Site Owner

Re-running ComboFix to remove infections:

Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open notepad and copy/paste the text in the box below into it:
killall::

Folder::
C:\Program files\BrowserQuest

Reboot::
Save this as CFScript.txt, in the same location as ComboFix.exe
Referring to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt
Please post the contents of the log in your next reply.

Ad Bot

Ad Bot

1 help on Wed May 19, 2010 10:07 am

joh turner

2 Re: help on Wed May 19, 2010 7:11 pm

DragonMaster Jay

3 Re: help on Thu May 20, 2010 6:44 am

joh turner

4 Re: help on Thu May 20, 2010 11:26 am

DragonMaster Jay

5 Re: help on Thu May 20, 2010 11:36 am

joh turner

6 Re: help on Thu May 20, 2010 11:54 am

DragonMaster Jay

7 Re: help on Thu May 20, 2010 2:14 pm

joh turner

8 Re: help on Thu May 20, 2010 6:44 pm

DragonMaster Jay

9 Re: help on Fri May 21, 2010 5:13 am

joh turner

10 Re: help on Fri May 21, 2010 5:13 am

joh turner

11 Re: help on Fri May 21, 2010 5:14 am

joh turner

12 Re: help on Fri May 21, 2010 5:15 am

joh turner

13 Re: help on Fri May 21, 2010 5:15 am

joh turner

14 Re: help on Fri May 21, 2010 5:43 am

joh turner

15 Re: help on Fri May 21, 2010 11:26 pm

DragonMaster Jay

Ad Bot

Log in