Recommended for You:
Fix up your PC Fast

TuneUp Utilities 2012 takes out the trash: Get back long lost disk space and performance in a snap – Free Download!






You are not connected. Please login or register

SecuraGeek Forums » Malware/Threat Removal » System Tool 2011 removal

Goto page : 1, 2  Next

View previous topic View next topic Go down  Message [Page 1 of 2]

1 System Tool 2011 removal on Thu Dec 16, 2010 2:11 pm

koobeyos


Member
Member
i attached my log

2 Re: System Tool 2011 removal on Thu Dec 16, 2010 2:13 pm

koobeyos


Member
Member
here it is
Attachments
log one.docx
log one
You don't have permission to download attachments.
(51 Kb) Downloaded 6 times

3 Re: System Tool 2011 removal on Thu Dec 16, 2010 2:30 pm

Sneakyone


Secondary Administrator
Secondary Administrator
Hi,

I don't have Microsoft Word. Could you please upload a .txt file instead?


..........................................................


4 Re: System Tool 2011 removal on Thu Dec 16, 2010 3:13 pm

koobeyos


Member
Member
ok no problem
Attachments
log one.txt
You don't have permission to download attachments.
(176 Kb) Downloaded 6 times

5 Re: System Tool 2011 removal on Thu Dec 16, 2010 3:20 pm

Sneakyone


Secondary Administrator
Secondary Administrator
Hi,

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.sys
    %systemroot%\system32\drivers\*.dll
    %systemroot%\system32\drivers\*.ini
    %systemroot%\system32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    disk.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    usbstor.sys
    /md5stop
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Note: in the event that OTL fails to run, please use alternate download links to try again:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr


..........................................................


6 Re: System Tool 2011 removal on Thu Dec 16, 2010 7:21 pm

koobeyos


Member
Member
ok here they are

OTL logfile created on: 12/16/2010 6:42:45 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ed Cubillos\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 707.00 Mb Available Physical Memory | 69.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.07 Gb Total Space | 52.05 Gb Free Space | 55.93% Space Free | Partition Type: NTFS

Computer Name: EDUARDO | User Name: Ed Cubillos | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/16 18:36:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
PRC - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2010/09/30 13:10:36 | 001,193,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe


========== Modules (SafeList) ==========

MOD - [2010/12/16 18:36:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\TEMP\023384~1.EXE -- (0233841290566423mcinstcleanup) McAfee Application Installer Cleanup (0233841290566423)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 21:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] () [Unknown | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/02/10 14:16:11 | 000,030,192 | ---- | M] (Google) [Disabled | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/04/02 12:47:04 | 000,234,888 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/04/02 12:47:02 | 000,464,264 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008/07/31 20:02:10 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe -- (ACT! Scheduler)
SRV - [2008/02/08 06:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/12/24 15:46:47 | 000,039,936 | ---- | M] (C-Dilla Ltd) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2005/05/19 15:48:34 | 000,053,248 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2005/01/31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/27 17:33:32 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Disabled | Stopped] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2004/05/13 15:46:02 | 000,053,248 | ---- | M] () [Disabled | Stopped] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2004/04/07 14:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/03/29 15:08:16 | 000,049,152 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Dynex Wireless G Enhanced Adapter\WLService.exe -- (Dynex DX-WGPUSB WLService)
SRV - [2003/01/30 18:55:44 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm09.exe -- (Pml Driver)
SRV - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
SRV - [2002/07/23 05:45:12 | 000,065,536 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\vvrgs.sys -- (ewun)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\EDCUBI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/10/13 22:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 22:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 22:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 22:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 22:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 22:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 22:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/13 22:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/05/31 09:09:33 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/25 11:30:55 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/25 11:30:55 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/17 15:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/04/13 13:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/13 13:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 13:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 13:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2006/10/04 21:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/03/24 19:46:51 | 000,082,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2006/03/24 19:46:51 | 000,051,040 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2006/03/24 19:46:51 | 000,006,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/12/24 15:46:46 | 000,008,864 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2005/11/30 09:12:36 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/08/09 21:40:22 | 000,136,064 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ttv300x.sys -- (ttv300x)
DRV - [2005/05/19 15:48:24 | 000,070,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2005/05/10 19:50:00 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/04/15 19:31:00 | 003,152,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/03/05 07:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/02/25 02:33:26 | 000,102,320 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/01/14 03:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2005/01/14 03:05:00 | 000,099,098 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2005/01/14 03:05:00 | 000,087,706 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2005/01/14 03:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2005/01/14 03:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2005/01/14 03:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2005/01/14 03:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2005/01/14 03:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2005/01/14 03:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2005/01/12 03:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10N.sys -- (KR10N)
DRV - [2004/12/23 04:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/12/02 13:04:20 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/12/02 13:04:10 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/11/09 03:02:40 | 000,031,104 | R--- | M] (Sony) [Video Capture] [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\VRDVC20X.SYS -- (VRDVC20)
DRV - [2004/10/29 20:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/09/08 20:49:00 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALZ.SYS -- (TVALZ)
DRV - [2004/08/17 05:21:00 | 000,087,168 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/05/08 22:38:06 | 000,101,833 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/05 16:09:02 | 000,003,904 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS -- (MAPMEM)
DRV - [2004/03/05 16:09:00 | 000,003,744 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS -- (BCMNTIO)
DRV - [2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/09/19 17:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/09/11 01:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/01/30 18:55:44 | 000,050,800 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphid409.sys -- (Dot4 HPH09)
DRV - [2003/01/30 18:55:44 | 000,050,211 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphs2k09.sys -- (Dot4Storage HPH09) Storage Class Driver for IEEE-1284.4 (HPH09)
DRV - [2003/01/30 18:55:44 | 000,018,864 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphius09.sys -- (Dot4Usb HPH09)
DRV - [2003/01/30 18:55:44 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphipr09.sys -- (Dot4Print HPH09)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/13 10:19:26 | 000,249,344 | ---- | M] (Roxio) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/01/13 10:19:26 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/01/13 10:19:26 | 000,118,422 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/01/13 10:19:26 | 000,022,758 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/01/13 10:19:26 | 000,021,654 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2003/01/10 18:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/07/09 22:33:12 | 000,182,248 | ---- | M] (Matrox Electronic Systems Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\MtxDma0.sys -- (MtxDma0) Matrox Dma Manager (0)
DRV - [2001/10/28 16:34:46 | 000,153,760 | R--- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuvvid2.sys -- (NUVision)
DRV - [2001/10/03 02:00:00 | 000,013,325 | ---- | M] (SCM Microsystems Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\Stltrk2k.sys -- (Stltrk2k)
DRV - [2001/07/11 12:41:08 | 000,025,024 | R--- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuvaud2.sys -- (nuvaud2)

7 Re: System Tool 2011 removal on Thu Dec 16, 2010 7:22 pm

koobeyos


Member
Member
========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=10607&gct=&gc=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/12 19:21:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/12/14 00:34:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/11 11:02:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/11 11:02:20 | 000,000,000 | ---D | M]

[2010/01/12 16:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Extensions
[2010/01/12 16:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/12 15:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions
[2009/08/31 18:39:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/11 17:09:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/02/23 16:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions\firefox@tvunetworks.com
[2010/01/12 15:35:39 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\searchplugins\ask.xml
[2009/08/31 13:35:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll

O1 HOSTS File: ([2010/06/24 15:31:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101110093239.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Free TV Bar c3 Toolbar) - {3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [gKkLf06308] C:\Documents and Settings\All Users\Application Data\gKkLf06308\gKkLf06308.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Ed Cubillos\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159666397453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/14 15:20:39 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{f3831ec0-aa6f-11dd-a859-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{f3831ec0-aa6f-11dd-a859-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f3831ec0-aa6f-11dd-a859-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/16 18:36:44 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
[2010/12/16 13:34:14 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\TFC.exe
[2010/12/16 12:20:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/12/15 20:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\gKkLf06308
[2005/12/24 20:01:07 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\IMPLODE.DLL

========== Files - Modified Within 30 Days ==========

[2010/12/16 18:36:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
[2010/12/16 18:33:48 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/16 18:31:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/16 18:31:19 | 000,001,603 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/12/16 18:30:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/16 14:10:12 | 000,051,205 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Desktop\log one.docx
[2010/12/16 14:01:44 | 000,184,832 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Desktop\mss.exe
[2010/12/16 13:50:17 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/16 13:50:04 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2583217261-2098618498-503970053-1005.job
[2010/12/16 13:34:02 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\TFC.exe
[2010/12/16 12:44:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{42ABC565-E5F2-4260-A9F4-6204C42BEFC7}.job
[2010/12/16 12:27:48 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/16 12:27:48 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/15 22:45:23 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/12/15 22:00:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/15 21:50:52 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2010/12/15 20:45:34 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2583217261-2098618498-503970053-1005.job
[2010/12/15 03:32:06 | 000,796,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/15 03:12:53 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/10 23:32:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2010/12/10 20:10:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/20 08:01:30 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/11/20 08:01:29 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk

========== Files Created - No Company Name ==========

[2010/12/16 14:10:11 | 000,051,205 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Desktop\log one.docx
[2010/12/16 14:01:43 | 000,184,832 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Desktop\mss.exe
[2010/12/16 12:27:48 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/16 12:27:48 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/15 21:18:45 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2010/12/05 14:56:51 | 000,001,603 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/01/11 17:11:17 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Local Settings\Application Data\xobni_installer_updater.log
[2009/12/03 17:24:05 | 000,007,256 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\N360BUOptions.ini
[2009/03/06 15:54:01 | 000,007,669 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/01/30 21:09:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008/10/29 15:50:13 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\450C4DF75F.sys
[2008/10/29 15:50:12 | 000,000,952 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/10/29 15:49:45 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\ActUpdate.log
[2008/10/12 17:42:02 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\DSPlayer.dll
[2008/06/08 17:29:41 | 000,172,032 | R--- | C] () -- C:\WINDOWS\System32\mcs_cor2.dll
[2008/06/08 17:29:40 | 000,450,560 | R--- | C] () -- C:\WINDOWS\System32\mcs_cor1.dll
[2007/10/19 16:41:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\WGPUSB.dll
[2007/10/19 16:41:19 | 000,000,123 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2007/10/19 16:41:17 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2007/02/05 16:02:18 | 000,000,030 | ---- | C] () -- C:\WINDOWS\EZLEGAL.INI
[2007/02/02 12:42:55 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2007/01/03 10:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 10:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 10:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/05 12:38:55 | 000,070,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2006/10/27 17:34:23 | 000,087,040 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/01 14:10:18 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\$_hpcst$.hpc
[2006/09/22 21:46:09 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2006/06/17 14:28:08 | 000,122,880 | ---- | C] () -- C:\WINDOWS\iSYS_RED_EYE_Removal_1_1.dll
[2006/05/21 16:54:07 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\ViewerApp.dat
[2006/04/10 19:11:06 | 000,000,092 | ---- | C] () -- C:\WINDOWS\NogaTw.INI
[2006/03/31 19:09:54 | 000,002,931 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/02/14 11:56:54 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006/01/14 15:37:22 | 000,000,041 | ---- | C] () -- C:\WINDOWS\crw.ini
[2006/01/11 13:13:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/28 18:19:21 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/12/26 19:04:01 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\wklnhst.dat
[2005/12/24 20:31:04 | 000,068,608 | ---- | C] () -- C:\WINDOWS\System32\tbplib.dll
[2005/12/24 20:31:01 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\midilib.dll
[2005/12/24 20:31:01 | 000,011,424 | ---- | C] () -- C:\WINDOWS\System32\fprun300.dll
[2005/12/24 20:18:46 | 000,262,416 | ---- | C] () -- C:\WINDOWS\System32\ASFV2.DLL
[2005/12/24 20:17:11 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2005/12/24 20:05:03 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS71.DLL
[2005/12/24 20:01:15 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\U2LSAMP1.DLL
[2005/12/24 20:01:15 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\U2LFINRA.DLL
[2005/12/24 20:01:14 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\U2LESBSE.DLL
[2005/12/24 20:01:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\U25STORE.DLL
[2005/12/24 20:01:14 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\U25TOTAL.DLL
[2005/12/24 20:01:14 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\U25DTS.DLL
[2005/12/24 20:01:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\U2LBAR.DLL
[2005/12/24 20:01:14 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\U2LDTS.DLL
[2005/12/24 20:01:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\U2LEXCH.DLL
[2005/12/24 19:59:11 | 000,000,870 | ---- | C] () -- C:\WINDOWS\wnsetup.ini
[2005/12/24 19:44:08 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\FDUTL14.DLL
[2005/12/24 19:44:08 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Ivtrn13.dll
[2005/12/24 19:35:42 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2005/12/24 15:46:49 | 000,112,128 | RH-- | C] () -- C:\WINDOWS\CdaC14BA.DLL
[2005/12/24 15:46:46 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2005/12/24 12:17:46 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Local Settings\Application Data\fusioncache.dat
[2005/12/23 22:36:39 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2005/08/30 16:48:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/30 14:18:37 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/08/30 14:18:37 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/08/30 14:18:37 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/08/30 14:18:37 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/13 16:34:24 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2005/05/13 16:34:24 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005/05/10 12:40:40 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/05/10 12:30:13 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/05/10 12:30:13 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/05/10 12:30:13 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/05/10 12:30:13 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/05/10 12:30:13 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/05/10 12:30:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/05/10 12:24:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/05/10 12:23:43 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/05/10 11:46:38 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\Volume.dll
[2005/05/10 11:45:02 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/05/09 18:28:55 | 000,000,590 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/09 18:17:54 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/05/09 17:51:44 | 000,000,338 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/09 11:13:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/03/23 20:35:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/13 14:21:58 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/24 01:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2002/05/24 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2000/09/13 18:15:38 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pagesync.dll
[2000/05/22 14:28:08 | 000,161,280 | ---- | C] () -- C:\WINDOWS\System32\ltvid12n.dll
[2000/04/12 16:28:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2000/04/12 16:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll

========== LOP Check ==========

[2008/11/15 15:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2008/10/29 16:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACT
[2010/01/11 17:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2005/12/29 17:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/03/13 15:39:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/10/09 00:05:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2009/03/13 15:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2008/10/07 15:39:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2005/05/10 13:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/12/15 20:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\gKkLf06308
[2009/08/30 10:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\gra
[2005/08/30 12:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/01/27 17:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2005/12/29 18:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
[2008/06/08 17:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/11/27 22:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/08 18:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2009/03/20 23:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/03 06:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/18 19:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/10 19:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/11/15 15:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\acccore
[2008/10/29 15:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\ACT
[2010/02/20 10:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Azureus
[2008/10/07 15:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Canon
[2010/05/18 17:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2005/12/24 19:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\FileMaker
[2006/07/28 19:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Interact Commerce
[2005/05/10 12:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\InterTrust
[2005/08/30 16:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\InterVideo
[2008/10/29 15:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\IsolatedStorage
[2006/09/02 14:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Leadertech
[2010/12/15 03:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\LimeWire
[2008/09/03 10:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Nikon
[2010/12/15 20:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\PriceGong
[2009/12/13 12:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Software Informer
[2009/02/09 13:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Template
[2007/10/17 19:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\toshiba
[2008/06/08 20:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Ulead Systems
[2006/02/04 15:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\VERITAS
[2008/06/26 09:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Viewpoint
[2007/03/14 16:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Windows Desktop Search
[2010/12/15 22:45:23 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2010/12/10 23:32:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job
[2010/12/16 18:33:48 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/12/16 12:44:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{42ABC565-E5F2-4260-A9F4-6204C42BEFC7}.job

========== Purity Check ==========



========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2005/05/09 11:12:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/05/09 11:12:36 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/05/09 11:12:36 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2004/08/10 07:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2004/08/10 07:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\GTNDIS5.sys
[2004/08/10 07:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/10 07:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/10 07:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2004/08/10 07:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/10 07:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/10 07:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/10 07:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/10 07:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/10 07:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/10 07:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/10 07:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/10 07:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/10 07:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/13 13:44:59 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/10/26 08:25:00 | 001,853,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys

8 Re: System Tool 2011 removal on Thu Dec 16, 2010 7:22 pm

koobeyos


Member
Member
< %systemroot%\system32\drivers\*.dll >
[2008/04/13 19:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/13 19:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/13 19:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/13 19:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/13 19:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/13 19:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/13 19:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008/04/13 19:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/13 19:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/13 19:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/13 19:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/13 19:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/13 19:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2007/01/26 15:49:28 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\DIFxAPI.dll
[2008/04/13 19:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2001/07/03 20:39:00 | 000,003,654 | ---- | M] () -- C:\WINDOWS\system32\drivers\Sonyhcp.dll
[2008/04/13 19:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2005/12/24 15:46:47 | 000,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE

< %SYSTEMDRIVE%\*.* >
[2009/09/05 15:46:34 | 000,001,034 | ---- | M] () -- C:\ASLog.txt
[2006/01/14 15:20:39 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/06/24 12:15:43 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2005/05/09 18:22:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/13 02:39:03 | 000,000,182 | ---- | M] () -- C:\drwtsn32.log
[2010/12/15 21:50:52 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2005/05/09 18:22:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/05/10 12:55:51 | 000,000,896 | -H-- | M] () -- C:\IPH.PH
[2005/12/24 20:15:48 | 000,000,017 | ---- | M] () -- C:\log.txt
[2005/05/09 18:22:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/10 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/16 10:57:41 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/12/16 18:30:10 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2010/11/01 13:52:20 | 000,598,368 | ---- | M] (RealNetworks, Inc.) -- C:\RealPlayer.exe
[2010/02/05 16:05:09 | 000,000,909 | ---- | M] () -- C:\updatedatfix.log

< %PROGRAMFILES%\*. >
[2008/11/27 22:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\ACT
[2010/05/18 17:49:26 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2005/12/24 19:49:29 | 000,000,000 | ---D | M] -- C:\Program Files\AEC Software
[2006/01/13 18:52:24 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
[2005/05/10 12:55:50 | 000,000,000 | ---D | M] -- C:\Program Files\America Online 9.0
[2005/05/10 11:30:47 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2005/05/10 12:55:47 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Companion
[2005/08/30 13:28:20 | 000,000,000 | ---D | M] -- C:\Program Files\Apoint2K
[2008/08/08 05:32:42 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2008/10/07 15:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2010/01/11 17:09:10 | 000,000,000 | ---D | M] -- C:\Program Files\AskBarDis
[2005/05/10 12:54:17 | 000,000,000 | ---D | M] -- C:\Program Files\AT&T
[2005/12/23 23:41:02 | 000,000,000 | ---D | M] -- C:\Program Files\AvantGo Connect
[2010/09/25 07:08:51 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2006/01/01 13:56:56 | 000,000,000 | ---D | M] -- C:\Program Files\Broderbund
[2009/03/23 16:59:16 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2009/03/23 16:39:19 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2010/06/24 12:20:57 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2007/07/18 15:27:31 | 000,000,000 | ---D | M] -- C:\Program Files\CheckIt
[2009/05/14 17:11:07 | 000,000,000 | ---D | M] -- C:\Program Files\Cleaning
[2010/11/12 19:21:15 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2005/05/09 18:19:11 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/10/08 20:21:16 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2010/10/29 14:35:35 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2006/02/04 15:21:05 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2005/05/10 11:59:37 | 000,000,000 | ---D | M] -- C:\Program Files\DataLode
[2008/11/09 12:54:03 | 000,000,000 | ---D | M] -- C:\Program Files\DAZZLE
[2008/06/08 17:28:07 | 000,000,000 | ---D | M] -- C:\Program Files\DevGuru
[2008/02/01 04:33:30 | 000,000,000 | ---D | M] -- C:\Program Files\DIGStream
[2005/12/24 15:58:30 | 000,000,000 | ---D | M] -- C:\Program Files\directx
[2009/10/11 23:25:32 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2008/11/23 16:27:15 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Complete
[2005/05/10 12:27:11 | 000,000,000 | ---D | M] -- C:\Program Files\DVD-RAM
[2007/10/19 16:41:53 | 000,000,000 | ---D | M] -- C:\Program Files\Dynex Wireless G Enhanced Adapter
[2005/12/24 19:59:02 | 000,000,000 | ---D | M] -- C:\Program Files\E-Z Legal Software
[2005/05/10 13:02:00 | 000,000,000 | ---D | M] -- C:\Program Files\EnglishOtto
[2005/05/10 13:02:09 | 000,000,000 | ---D | M] -- C:\Program Files\ESPNMotion
[2009/05/14 17:37:13 | 000,000,000 | ---D | M] -- C:\Program Files\Executive ToolKit 5
[2005/12/24 19:40:38 | 000,000,000 | ---D | M] -- C:\Program Files\FileMaker
[2006/11/11 20:34:07 | 000,000,000 | ---D | M] -- C:\Program Files\Financial Tools 2nd Edition
[2010/10/29 14:35:35 | 000,000,000 | ---D | M] -- C:\Program Files\Free_TV_Bar_c3
[2005/05/10 13:02:03 | 000,000,000 | ---D | M] -- C:\Program Files\GemMaster
[2010/11/12 21:37:20 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/02/05 16:05:16 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2005/12/23 22:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\hp photosmart
[2005/08/30 16:18:16 | 000,000,000 | ---D | M] -- C:\Program Files\illiminable
[2006/11/11 20:43:32 | 000,000,000 | ---D | M] -- C:\Program Files\IMSI
[2010/09/28 16:27:12 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/03/02 10:36:27 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/12/15 03:32:02 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2005/05/13 16:35:06 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2009/09/18 19:41:43 | 000,000,000 | ---D | M] -- C:\Program Files\iPhone Configuration Utility
[2010/11/12 21:45:59 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2007/08/22 12:11:52 | 000,000,000 | ---D | M] -- C:\Program Files\iPod(2)
[2008/11/27 22:20:47 | 000,000,000 | ---D | M] -- C:\Program Files\iPod(3)
[2010/11/12 21:48:02 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2007/08/22 12:11:52 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes(2)
[2008/11/27 22:20:48 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes(3)
[2009/10/05 17:58:10 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2005/05/10 12:55:41 | 000,000,000 | ---D | M] -- C:\Program Files\Learn2.com
[2010/07/24 21:19:03 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2005/08/30 14:18:37 | 000,000,000 | ---D | M] -- C:\Program Files\ltmoh
[2010/12/16 12:42:56 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2006/06/17 14:28:23 | 000,000,000 | ---D | M] -- C:\Program Files\Matrox Imaging
[2010/07/23 17:24:10 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2010/05/18 17:51:23 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2010/07/23 17:22:43 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2008/09/16 12:30:22 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2007/08/21 18:00:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Access Runtime
[2009/10/14 18:21:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/03/23 15:14:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft AntiSpyware
[2005/05/09 18:23:11 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2007/03/14 15:39:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2005/12/24 16:00:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Picture It! 2002
[2006/02/21 14:49:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Producer 2
[2010/10/01 21:10:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/10/15 02:11:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2007/03/14 15:39:01 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2007/03/24 19:42:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
[2009/05/27 10:36:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/06/25 08:37:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/13 02:07:01 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/07/12 14:55:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/02/22 11:34:55 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2006/01/31 19:00:25 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2005/05/09 18:18:00 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2006/10/14 02:02:10 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2008/10/29 15:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2007/02/02 12:53:07 | 000,000,000 | ---D | M] -- C:\Program Files\MTV Networks
[2008/09/16 11:01:03 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2005/12/25 13:54:29 | 000,000,000 | ---D | M] -- C:\Program Files\Nikon
[2005/12/29 17:00:13 | 000,000,000 | ---D | M] -- C:\Program Files\Notebook Maximizer
[2006/02/17 15:14:08 | 000,000,000 | ---D | M] -- C:\Program Files\Office-Kit.com
[2006/07/17 19:42:59 | 000,000,000 | ---D | M] -- C:\Program Files\OfficeUpdate11
[2005/05/09 18:18:53 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/15 03:03:21 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2009/01/27 17:46:00 | 000,000,000 | ---D | M] -- C:\Program Files\PC Drivers HeadQuarters
[2006/02/13 15:50:57 | 000,000,000 | ---D | M] -- C:\Program Files\Photo Story 3 for Windows
[2008/09/22 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files\Picasa2
[2009/02/28 10:15:09 | 000,000,000 | ---D | M] -- C:\Program Files\Pure Networks
[2005/12/29 15:53:52 | 000,000,000 | ---D | M] -- C:\Program Files\Quicken
[2008/02/27 11:02:57 | 000,000,000 | ---D | M] -- C:\Program Files\Quicken Legal Business Pro 2005
[2010/12/11 11:02:19 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/11/12 19:21:25 | 000,000,000 | ---D | M] -- C:\Program Files\real
[2009/02/22 11:34:45 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2005/05/10 13:04:36 | 000,000,000 | ---D | M] -- C:\Program Files\RGB
[2005/12/28 18:48:52 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/11/20 08:01:27 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2006/03/24 19:59:10 | 000,000,000 | ---D | M] -- C:\Program Files\SAMSUNG
[2005/12/28 19:09:14 | 000,000,000 | ---D | M] -- C:\Program Files\SCM Microsystems
[2009/12/13 11:00:37 | 000,000,000 | ---D | M] -- C:\Program Files\Software Informer
[2006/02/04 15:11:41 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2006/06/17 14:32:53 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2005/12/24 19:35:28 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Corporation
[2010/11/27 11:06:31 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2005/12/29 18:09:45 | 000,000,000 | ---D | M] -- C:\Program Files\The Print Shop 20
[2005/05/13 17:10:15 | 000,000,000 | ---D | M] -- C:\Program Files\Toshiba
[2005/05/10 12:05:45 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA Corporation
[2008/06/08 17:32:17 | 000,000,000 | ---D | M] -- C:\Program Files\Ulead Systems
[2005/05/09 18:26:57 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2006/02/04 15:09:31 | 000,000,000 | ---D | M] -- C:\Program Files\VERITAS Software
[2008/11/27 22:21:37 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2010/01/11 17:09:31 | 000,000,000 | ---D | M] -- C:\Program Files\Vuze
[2005/12/30 10:32:01 | 000,000,000 | ---D | M] -- C:\Program Files\Web Publish
[2008/08/22 14:14:45 | 000,000,000 | ---D | M] -- C:\Program Files\Western Digital
[2009/10/15 10:39:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2007/03/14 16:04:26 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2007/05/15 15:40:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Favorites
[2007/12/01 03:01:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2008/06/08 17:33:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2007/02/02 12:35:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2007/02/02 12:35:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/09/16 11:00:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/05/09 18:18:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Plus
[2005/05/09 18:21:02 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2008/11/09 20:41:45 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2010/09/28 16:27:15 | 000,000,000 | ---D | M] -- C:\Program Files\WordSmart
[2005/12/24 19:59:14 | 000,000,000 | ---D | M] -- C:\Program Files\WorldNet
[2006/01/09 16:46:21 | 000,000,000 | ---D | M] -- C:\Program Files\WWL
[2005/05/09 18:23:12 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2006/06/11 09:14:09 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!

< %appdata%\*.* >
[2006/10/01 14:10:18 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\$_hpcst$.hpc
[2008/10/29 15:49:45 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\ActUpdate.log
[2005/05/09 11:13:35 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\desktop.ini
[2006/06/26 14:14:39 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\ViewerApp.dat
[2009/02/09 13:03:09 | 000,000,240 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\wklnhst.dat

9 Re: System Tool 2011 removal on Thu Dec 16, 2010 7:23 pm

koobeyos


Member
Member

< MD5 for: AGP440.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/10 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/10 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/10 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: KR10N.SYS >
[2005/01/12 03:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) MD5=00C1EA8DECF810B8ECCB5C5A8186A96E -- C:\WINDOWS\OemDir\KR10N.sys
[2005/01/12 03:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) MD5=00C1EA8DECF810B8ECCB5C5A8186A96E -- C:\WINDOWS\system32\drivers\KR10N.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/10 07:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:usbstor.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/04 01:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-12-15 08:14:17

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Ed Cubillos\Desktop\wddu.exe:SummaryInformation

< End of report >

========== Processes (SafeList) ==========

PRC - [2010/12/16 18:36:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
PRC - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2010/09/30 13:10:36 | 001,193,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe


========== Modules (SafeList) ==========

MOD - [2010/12/16 18:36:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 00:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/07/12 00:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2009/07/11 18:41:02 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
MOD - [2008/05/13 09:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MOD - [2008/04/13 19:11:50 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008/04/13 12:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2007/02/05 14:39:22 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
MOD - [2006/11/03 18:20:00 | 000,083,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpShHook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\TEMP\023384~1.EXE -- (0233841290566423mcinstcleanup) McAfee Application Installer Cleanup (0233841290566423)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 21:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] () [Unknown | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/02/10 14:16:11 | 000,030,192 | ---- | M] (Google) [Disabled | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/04/02 12:47:04 | 000,234,888 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/04/02 12:47:02 | 000,464,264 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008/07/31 20:02:10 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe -- (ACT! Scheduler)
SRV - [2008/02/08 06:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/12/24 15:46:47 | 000,039,936 | ---- | M] (C-Dilla Ltd) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2005/05/19 15:48:34 | 000,053,248 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2005/01/31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/27 17:33:32 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Disabled | Stopped] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2004/05/13 15:46:02 | 000,053,248 | ---- | M] () [Disabled | Stopped] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2004/04/07 14:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/03/29 15:08:16 | 000,049,152 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Dynex Wireless G Enhanced Adapter\WLService.exe -- (Dynex DX-WGPUSB WLService)
SRV - [2003/01/30 18:55:44 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm09.exe -- (Pml Driver)
SRV - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
SRV - [2002/07/23 05:45:12 | 000,065,536 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\vvrgs.sys -- (ewun)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\EDCUBI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/10/13 22:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 22:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 22:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 22:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 22:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 22:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 22:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/13 22:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/05/31 09:09:33 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/25 11:30:55 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/25 11:30:55 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/17 15:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/04/13 13:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/13 13:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 13:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 13:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2006/10/04 21:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/03/24 19:46:51 | 000,082,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2006/03/24 19:46:51 | 000,051,040 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2006/03/24 19:46:51 | 000,006,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/12/24 15:46:46 | 000,008,864 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2005/11/30 09:12:36 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/08/09 21:40:22 | 000,136,064 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ttv300x.sys -- (ttv300x)
DRV - [2005/05/19 15:48:24 | 000,070,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2005/05/10 19:50:00 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/04/15 19:31:00 | 003,152,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/03/05 07:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/02/25 02:33:26 | 000,102,320 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/01/14 03:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2005/01/14 03:05:00 | 000,099,098 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2005/01/14 03:05:00 | 000,087,706 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2005/01/14 03:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2005/01/14 03:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2005/01/14 03:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2005/01/14 03:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2005/01/14 03:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2005/01/14 03:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2005/01/12 03:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10N.sys -- (KR10N)
DRV - [2004/12/23 04:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/12/02 13:04:20 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/12/02 13:04:10 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/11/09 03:02:40 | 000,031,104 | R--- | M] (Sony) [Video Capture] [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\VRDVC20X.SYS -- (VRDVC20)
DRV - [2004/10/29 20:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/09/08 20:49:00 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALZ.SYS -- (TVALZ)
DRV - [2004/08/17 05:21:00 | 000,087,168 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/05/08 22:38:06 | 000,101,833 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/05 16:09:02 | 000,003,904 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS -- (MAPMEM)
DRV - [2004/03/05 16:09:00 | 000,003,744 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS -- (BCMNTIO)
DRV - [2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/09/19 17:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/09/11 01:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/01/30 18:55:44 | 000,050,800 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphid409.sys -- (Dot4 HPH09)
DRV - [2003/01/30 18:55:44 | 000,050,211 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphs2k09.sys -- (Dot4Storage HPH09) Storage Class Driver for IEEE-1284.4 (HPH09)
DRV - [2003/01/30 18:55:44 | 000,018,864 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphius09.sys -- (Dot4Usb HPH09)
DRV - [2003/01/30 18:55:44 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphipr09.sys -- (Dot4Print HPH09)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/13 10:19:26 | 000,249,344 | ---- | M] (Roxio) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/01/13 10:19:26 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/01/13 10:19:26 | 000,118,422 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/01/13 10:19:26 | 000,022,758 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/01/13 10:19:26 | 000,021,654 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2003/01/10 18:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/07/09 22:33:12 | 000,182,248 | ---- | M] (Matrox Electronic Systems Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\MtxDma0.sys -- (MtxDma0) Matrox Dma Manager (0)
DRV - [2001/10/28 16:34:46 | 000,153,760 | R--- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuvvid2.sys -- (NUVision)
DRV - [2001/10/03 02:00:00 | 000,013,325 | ---- | M] (SCM Microsystems Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\Stltrk2k.sys -- (Stltrk2k)
DRV - [2001/07/11 12:41:08 | 000,025,024 | R--- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuvaud2.sys -- (nuvaud2)

10 Re: System Tool 2011 removal on Thu Dec 16, 2010 7:24 pm

koobeyos


Member
Member
========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=10607&gct=&gc=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/12 19:21:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/12/14 00:34:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/11 11:02:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/11 11:02:20 | 000,000,000 | ---D | M]

[2010/01/12 16:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Extensions
[2010/01/12 16:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/12 15:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions
[2009/08/31 18:39:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/11 17:09:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/02/23 16:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions\firefox@tvunetworks.com
[2010/01/12 15:35:39 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\searchplugins\ask.xml
[2009/08/31 13:35:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll

O1 HOSTS File: ([2010/06/24 15:31:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101110093239.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Free TV Bar c3 Toolbar) - {3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [gKkLf06308] C:\Documents and Settings\All Users\Application Data\gKkLf06308\gKkLf06308.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Ed Cubillos\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159666397453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/14 15:20:39 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{f3831ec0-aa6f-11dd-a859-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{f3831ec0-aa6f-11dd-a859-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f3831ec0-aa6f-11dd-a859-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/16 18:36:44 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
[2010/12/16 13:34:14 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\TFC.exe
[2010/12/16 12:20:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/12/15 20:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\gKkLf06308
[2005/12/24 20:01:07 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\IMPLODE.DLL

========== Files - Modified Within 30 Days ==========

[2010/12/16 18:36:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
[2010/12/16 18:33:48 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/16 18:31:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/16 18:31:19 | 000,001,603 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/12/16 18:30:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/16 14:10:12 | 000,051,205 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Desktop\log one.docx
[2010/12/16 14:01:44 | 000,184,832 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Desktop\mss.exe
[2010/12/16 13:50:17 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/16 13:50:04 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2583217261-2098618498-503970053-1005.job
[2010/12/16 13:34:02 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\TFC.exe
[2010/12/16 12:44:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{42ABC565-E5F2-4260-A9F4-6204C42BEFC7}.job
[2010/12/16 12:27:48 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/16 12:27:48 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/15 22:45:23 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/12/15 22:00:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/15 21:50:52 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2010/12/15 20:45:34 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2583217261-2098618498-503970053-1005.job
[2010/12/15 03:32:06 | 000,796,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/15 03:12:53 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/10 23:32:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2010/12/10 20:10:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/20 08:01:30 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/11/20 08:01:29 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk

========== Files Created - No Company Name ==========

[2010/12/16 14:10:11 | 000,051,205 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Desktop\log one.docx
[2010/12/16 14:01:43 | 000,184,832 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Desktop\mss.exe
[2010/12/16 12:27:48 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/16 12:27:48 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/15 21:18:45 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2010/12/05 14:56:51 | 000,001,603 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/01/11 17:11:17 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Local Settings\Application Data\xobni_installer_updater.log
[2009/12/03 17:24:05 | 000,007,256 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\N360BUOptions.ini
[2009/03/06 15:54:01 | 000,007,669 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/01/30 21:09:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008/10/29 15:50:13 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\450C4DF75F.sys
[2008/10/29 15:50:12 | 000,000,952 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/10/29 15:49:45 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\ActUpdate.log
[2008/10/12 17:42:02 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\DSPlayer.dll
[2008/06/08 17:29:41 | 000,172,032 | R--- | C] () -- C:\WINDOWS\System32\mcs_cor2.dll
[2008/06/08 17:29:40 | 000,450,560 | R--- | C] () -- C:\WINDOWS\System32\mcs_cor1.dll
[2007/10/19 16:41:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\WGPUSB.dll
[2007/10/19 16:41:19 | 000,000,123 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2007/10/19 16:41:17 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2007/02/05 16:02:18 | 000,000,030 | ---- | C] () -- C:\WINDOWS\EZLEGAL.INI
[2007/02/02 12:42:55 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2007/01/03 10:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 10:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 10:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/05 12:38:55 | 000,070,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2006/10/27 17:34:23 | 000,087,040 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/01 14:10:18 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\$_hpcst$.hpc
[2006/09/22 21:46:09 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2006/06/17 14:28:08 | 000,122,880 | ---- | C] () -- C:\WINDOWS\iSYS_RED_EYE_Removal_1_1.dll
[2006/05/21 16:54:07 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\ViewerApp.dat
[2006/04/10 19:11:06 | 000,000,092 | ---- | C] () -- C:\WINDOWS\NogaTw.INI
[2006/03/31 19:09:54 | 000,002,931 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/02/14 11:56:54 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006/01/14 15:37:22 | 000,000,041 | ---- | C] () -- C:\WINDOWS\crw.ini
[2006/01/11 13:13:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/28 18:19:21 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/12/26 19:04:01 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\wklnhst.dat
[2005/12/24 20:31:04 | 000,068,608 | ---- | C] () -- C:\WINDOWS\System32\tbplib.dll
[2005/12/24 20:31:01 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\midilib.dll
[2005/12/24 20:31:01 | 000,011,424 | ---- | C] () -- C:\WINDOWS\System32\fprun300.dll
[2005/12/24 20:18:46 | 000,262,416 | ---- | C] () -- C:\WINDOWS\System32\ASFV2.DLL
[2005/12/24 20:17:11 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2005/12/24 20:05:03 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS71.DLL
[2005/12/24 20:01:15 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\U2LSAMP1.DLL
[2005/12/24 20:01:15 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\U2LFINRA.DLL
[2005/12/24 20:01:14 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\U2LESBSE.DLL
[2005/12/24 20:01:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\U25STORE.DLL
[2005/12/24 20:01:14 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\U25TOTAL.DLL
[2005/12/24 20:01:14 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\U25DTS.DLL
[2005/12/24 20:01:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\U2LBAR.DLL
[2005/12/24 20:01:14 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\U2LDTS.DLL
[2005/12/24 20:01:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\U2LEXCH.DLL
[2005/12/24 19:59:11 | 000,000,870 | ---- | C] () -- C:\WINDOWS\wnsetup.ini
[2005/12/24 19:44:08 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\FDUTL14.DLL
[2005/12/24 19:44:08 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Ivtrn13.dll
[2005/12/24 19:35:42 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2005/12/24 15:46:49 | 000,112,128 | RH-- | C] () -- C:\WINDOWS\CdaC14BA.DLL
[2005/12/24 15:46:46 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2005/12/24 12:17:46 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Local Settings\Application Data\fusioncache.dat
[2005/12/23 22:36:39 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2005/08/30 16:48:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/30 14:18:37 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/08/30 14:18:37 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/08/30 14:18:37 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/08/30 14:18:37 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/13 16:34:24 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2005/05/13 16:34:24 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005/05/10 12:40:40 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/05/10 12:30:13 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/05/10 12:30:13 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/05/10 12:30:13 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/05/10 12:30:13 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/05/10 12:30:13 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/05/10 12:30:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/05/10 12:24:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/05/10 12:23:43 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/05/10 11:46:38 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\Volume.dll
[2005/05/10 11:45:02 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/05/09 18:28:55 | 000,000,590 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/09 18:17:54 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/05/09 17:51:44 | 000,000,338 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/09 11:13:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/03/23 20:35:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/13 14:21:58 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/24 01:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2002/05/24 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2000/09/13 18:15:38 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pagesync.dll
[2000/05/22 14:28:08 | 000,161,280 | ---- | C] () -- C:\WINDOWS\System32\ltvid12n.dll
[2000/04/12 16:28:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2000/04/12 16:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll

========== LOP Check ==========

[2008/11/15 15:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2008/10/29 16:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACT
[2010/01/11 17:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2005/12/29 17:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/03/13 15:39:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/10/09 00:05:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2009/03/13 15:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2008/10/07 15:39:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2005/05/10 13:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/12/15 20:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\gKkLf06308
[2009/08/30 10:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\gra
[2005/08/30 12:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/01/27 17:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2005/12/29 18:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
[2008/06/08 17:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/11/27 22:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/08 18:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2009/03/20 23:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/03 06:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/18 19:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/10 19:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/11/15 15:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\acccore
[2008/10/29 15:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\ACT
[2010/02/20 10:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Azureus
[2008/10/07 15:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Canon
[2010/05/18 17:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2005/12/24 19:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\FileMaker
[2006/07/28 19:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Interact Commerce
[2005/05/10 12:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\InterTrust
[2005/08/30 16:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\InterVideo
[2008/10/29 15:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\IsolatedStorage
[2006/09/02 14:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Leadertech
[2010/12/15 03:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\LimeWire
[2008/09/03 10:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Nikon
[2010/12/15 20:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\PriceGong
[2009/12/13 12:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Software Informer
[2009/02/09 13:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Template
[2007/10/17 19:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\toshiba
[2008/06/08 20:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Ulead Systems
[2006/02/04 15:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\VERITAS
[2008/06/26 09:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Viewpoint
[2007/03/14 16:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Windows Desktop Search
[2010/12/15 22:45:23 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2010/12/10 23:32:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job
[2010/12/16 18:33:48 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/12/16 12:44:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{42ABC565-E5F2-4260-A9F4-6204C42BEFC7}.job

========== Purity Check ==========



========== Custom Scans ==========

11 Re: System Tool 2011 removal on Thu Dec 16, 2010 7:25 pm

koobeyos


Member
Member

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2005/05/09 11:12:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/05/09 11:12:36 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/05/09 11:12:36 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2004/08/10 07:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2004/08/10 07:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\GTNDIS5.sys
[2004/08/10 07:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/10 07:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/10 07:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2004/08/10 07:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/10 07:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/10 07:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/10 07:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/10 07:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/10 07:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/10 07:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/10 07:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/10 07:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/10 07:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/13 13:44:59 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/10/26 08:25:00 | 001,853,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys

< %systemroot%\system32\drivers\*.dll >
[2008/04/13 19:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/13 19:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/13 19:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/13 19:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/13 19:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/13 19:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/13 19:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008/04/13 19:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/13 19:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/13 19:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/13 19:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/13 19:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/13 19:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2007/01/26 15:49:28 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\DIFxAPI.dll
[2008/04/13 19:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2001/07/03 20:39:00 | 000,003,654 | ---- | M] () -- C:\WINDOWS\system32\drivers\Sonyhcp.dll
[2008/04/13 19:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2005/12/24 15:46:47 | 000,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE

< %SYSTEMDRIVE%\*.* >
[2009/09/05 15:46:34 | 000,001,034 | ---- | M] () -- C:\ASLog.txt
[2006/01/14 15:20:39 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/06/24 12:15:43 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2005/05/09 18:22:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/13 02:39:03 | 000,000,182 | ---- | M] () -- C:\drwtsn32.log
[2010/12/15 21:50:52 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2005/05/09 18:22:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/05/10 12:55:51 | 000,000,896 | -H-- | M] () -- C:\IPH.PH
[2005/12/24 20:15:48 | 000,000,017 | ---- | M] () -- C:\log.txt
[2005/05/09 18:22:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/10 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/16 10:57:41 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/12/16 18:30:10 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2010/11/01 13:52:20 | 000,598,368 | ---- | M] (RealNetworks, Inc.) -- C:\RealPlayer.exe
[2010/02/05 16:05:09 | 000,000,909 | ---- | M] () -- C:\updatedatfix.log

< %PROGRAMFILES%\*. >
[2008/11/27 22:15:11 | 000,000,000 | ---D | M] -- C:\Program Files\ACT
[2010/05/18 17:49:26 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2005/12/24 19:49:29 | 000,000,000 | ---D | M] -- C:\Program Files\AEC Software
[2006/01/13 18:52:24 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
[2005/05/10 12:55:50 | 000,000,000 | ---D | M] -- C:\Program Files\America Online 9.0
[2005/05/10 11:30:47 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2005/05/10 12:55:47 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Companion
[2005/08/30 13:28:20 | 000,000,000 | ---D | M] -- C:\Program Files\Apoint2K
[2008/08/08 05:32:42 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2008/10/07 15:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2010/01/11 17:09:10 | 000,000,000 | ---D | M] -- C:\Program Files\AskBarDis
[2005/05/10 12:54:17 | 000,000,000 | ---D | M] -- C:\Program Files\AT&T
[2005/12/23 23:41:02 | 000,000,000 | ---D | M] -- C:\Program Files\AvantGo Connect
[2010/09/25 07:08:51 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2006/01/01 13:56:56 | 000,000,000 | ---D | M] -- C:\Program Files\Broderbund
[2009/03/23 16:59:16 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2009/03/23 16:39:19 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2010/06/24 12:20:57 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2007/07/18 15:27:31 | 000,000,000 | ---D | M] -- C:\Program Files\CheckIt
[2009/05/14 17:11:07 | 000,000,000 | ---D | M] -- C:\Program Files\Cleaning
[2010/11/12 19:21:15 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2005/05/09 18:19:11 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/10/08 20:21:16 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2010/10/29 14:35:35 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2006/02/04 15:21:05 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2005/05/10 11:59:37 | 000,000,000 | ---D | M] -- C:\Program Files\DataLode
[2008/11/09 12:54:03 | 000,000,000 | ---D | M] -- C:\Program Files\DAZZLE
[2008/06/08 17:28:07 | 000,000,000 | ---D | M] -- C:\Program Files\DevGuru
[2008/02/01 04:33:30 | 000,000,000 | ---D | M] -- C:\Program Files\DIGStream
[2005/12/24 15:58:30 | 000,000,000 | ---D | M] -- C:\Program Files\directx
[2009/10/11 23:25:32 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2008/11/23 16:27:15 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Complete
[2005/05/10 12:27:11 | 000,000,000 | ---D | M] -- C:\Program Files\DVD-RAM
[2007/10/19 16:41:53 | 000,000,000 | ---D | M] -- C:\Program Files\Dynex Wireless G Enhanced Adapter
[2005/12/24 19:59:02 | 000,000,000 | ---D | M] -- C:\Program Files\E-Z Legal Software
[2005/05/10 13:02:00 | 000,000,000 | ---D | M] -- C:\Program Files\EnglishOtto
[2005/05/10 13:02:09 | 000,000,000 | ---D | M] -- C:\Program Files\ESPNMotion
[2009/05/14 17:37:13 | 000,000,000 | ---D | M] -- C:\Program Files\Executive ToolKit 5
[2005/12/24 19:40:38 | 000,000,000 | ---D | M] -- C:\Program Files\FileMaker
[2006/11/11 20:34:07 | 000,000,000 | ---D | M] -- C:\Program Files\Financial Tools 2nd Edition
[2010/10/29 14:35:35 | 000,000,000 | ---D | M] -- C:\Program Files\Free_TV_Bar_c3
[2005/05/10 13:02:03 | 000,000,000 | ---D | M] -- C:\Program Files\GemMaster
[2010/11/12 21:37:20 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/02/05 16:05:16 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2005/12/23 22:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\hp photosmart
[2005/08/30 16:18:16 | 000,000,000 | ---D | M] -- C:\Program Files\illiminable
[2006/11/11 20:43:32 | 000,000,000 | ---D | M] -- C:\Program Files\IMSI
[2010/09/28 16:27:12 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/03/02 10:36:27 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/12/15 03:32:02 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2005/05/13 16:35:06 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2009/09/18 19:41:43 | 000,000,000 | ---D | M] -- C:\Program Files\iPhone Configuration Utility
[2010/11/12 21:45:59 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2007/08/22 12:11:52 | 000,000,000 | ---D | M] -- C:\Program Files\iPod(2)
[2008/11/27 22:20:47 | 000,000,000 | ---D | M] -- C:\Program Files\iPod(3)
[2010/11/12 21:48:02 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2007/08/22 12:11:52 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes(2)
[2008/11/27 22:20:48 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes(3)
[2009/10/05 17:58:10 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2005/05/10 12:55:41 | 000,000,000 | ---D | M] -- C:\Program Files\Learn2.com
[2010/07/24 21:19:03 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2005/08/30 14:18:37 | 000,000,000 | ---D | M] -- C:\Program Files\ltmoh
[2010/12/16 12:42:56 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2006/06/17 14:28:23 | 000,000,000 | ---D | M] -- C:\Program Files\Matrox Imaging
[2010/07/23 17:24:10 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2010/05/18 17:51:23 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2010/07/23 17:22:43 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2008/09/16 12:30:22 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2007/08/21 18:00:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Access Runtime
[2009/10/14 18:21:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/03/23 15:14:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft AntiSpyware
[2005/05/09 18:23:11 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2007/03/14 15:39:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2005/12/24 16:00:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Picture It! 2002
[2006/02/21 14:49:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Producer 2
[2010/10/01 21:10:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/10/15 02:11:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2007/03/14 15:39:01 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2007/03/24 19:42:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
[2009/05/27 10:36:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/06/25 08:37:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/13 02:07:01 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/07/12 14:55:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/02/22 11:34:55 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2006/01/31 19:00:25 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2005/05/09 18:18:00 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2006/10/14 02:02:10 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2008/10/29 15:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2007/02/02 12:53:07 | 000,000,000 | ---D | M] -- C:\Program Files\MTV Networks
[2008/09/16 11:01:03 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2005/12/25 13:54:29 | 000,000,000 | ---D | M] -- C:\Program Files\Nikon
[2005/12/29 17:00:13 | 000,000,000 | ---D | M] -- C:\Program Files\Notebook Maximizer
[2006/02/17 15:14:08 | 000,000,000 | ---D | M] -- C:\Program Files\Office-Kit.com
[2006/07/17 19:42:59 | 000,000,000 | ---D | M] -- C:\Program Files\OfficeUpdate11
[2005/05/09 18:18:53 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/15 03:03:21 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2009/01/27 17:46:00 | 000,000,000 | ---D | M] -- C:\Program Files\PC Drivers HeadQuarters
[2006/02/13 15:50:57 | 000,000,000 | ---D | M] -- C:\Program Files\Photo Story 3 for Windows
[2008/09/22 18:06:51 | 000,000,000 | ---D | M] -- C:\Program Files\Picasa2
[2009/02/28 10:15:09 | 000,000,000 | ---D | M] -- C:\Program Files\Pure Networks
[2005/12/29 15:53:52 | 000,000,000 | ---D | M] -- C:\Program Files\Quicken
[2008/02/27 11:02:57 | 000,000,000 | ---D | M] -- C:\Program Files\Quicken Legal Business Pro 2005
[2010/12/11 11:02:19 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/11/12 19:21:25 | 000,000,000 | ---D | M] -- C:\Program Files\real
[2009/02/22 11:34:45 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2005/05/10 13:04:36 | 000,000,000 | ---D | M] -- C:\Program Files\RGB
[2005/12/28 18:48:52 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/11/20 08:01:27 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2006/03/24 19:59:10 | 000,000,000 | ---D | M] -- C:\Program Files\SAMSUNG
[2005/12/28 19:09:14 | 000,000,000 | ---D | M] -- C:\Program Files\SCM Microsystems
[2009/12/13 11:00:37 | 000,000,000 | ---D | M] -- C:\Program Files\Software Informer
[2006/02/04 15:11:41 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2006/06/17 14:32:53 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2005/12/24 19:35:28 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Corporation
[2010/11/27 11:06:31 | 000,000,000 | ---D | M] -- C:\Program Files\SUPERAntiSpyware
[2005/12/29 18:09:45 | 000,000,000 | ---D | M] -- C:\Program Files\The Print Shop 20
[2005/05/13 17:10:15 | 000,000,000 | ---D | M] -- C:\Program Files\Toshiba
[2005/05/10 12:05:45 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA Corporation
[2008/06/08 17:32:17 | 000,000,000 | ---D | M] -- C:\Program Files\Ulead Systems
[2005/05/09 18:26:57 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2006/02/04 15:09:31 | 000,000,000 | ---D | M] -- C:\Program Files\VERITAS Software
[2008/11/27 22:21:37 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2010/01/11 17:09:31 | 000,000,000 | ---D | M] -- C:\Program Files\Vuze
[2005/12/30 10:32:01 | 000,000,000 | ---D | M] -- C:\Program Files\Web Publish
[2008/08/22 14:14:45 | 000,000,000 | ---D | M] -- C:\Program Files\Western Digital
[2009/10/15 10:39:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2007/03/14 16:04:26 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2007/05/15 15:40:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Favorites
[2007/12/01 03:01:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2008/06/08 17:33:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2007/02/02 12:35:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2007/02/02 12:35:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/09/16 11:00:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/05/09 18:18:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Plus
[2005/05/09 18:21:02 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2008/11/09 20:41:45 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2010/09/28 16:27:15 | 000,000,000 | ---D | M] -- C:\Program Files\WordSmart
[2005/12/24 19:59:14 | 000,000,000 | ---D | M] -- C:\Program Files\WorldNet
[2006/01/09 16:46:21 | 000,000,000 | ---D | M] -- C:\Program Files\WWL
[2005/05/09 18:23:12 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2006/06/11 09:14:09 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!

< %appdata%\*.* >
[2006/10/01 14:10:18 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\$_hpcst$.hpc
[2008/10/29 15:49:45 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\ActUpdate.log
[2005/05/09 11:13:35 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\desktop.ini
[2006/06/26 14:14:39 | 000,000,560 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\ViewerApp.dat
[2009/02/09 13:03:09 | 000,000,240 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\wklnhst.dat


< MD5 for: AGP440.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/10 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/10 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/10 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: KR10N.SYS >
[2005/01/12 03:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) MD5=00C1EA8DECF810B8ECCB5C5A8186A96E -- C:\WINDOWS\OemDir\KR10N.sys
[2005/01/12 03:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) MD5=00C1EA8DECF810B8ECCB5C5A8186A96E -- C:\WINDOWS\system32\drivers\KR10N.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/10 07:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:usbstor.sys
[2008/09/16 10:50:52 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/04 01:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 13:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-12-15 08:14:17

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Ed Cubillos\Desktop\wddu.exe:SummaryInformation

< End of report >

12 Re: System Tool 2011 removal on Thu Dec 16, 2010 7:25 pm

koobeyos


Member
Member
ok that was the first one, heres the next one

13 Re: System Tool 2011 removal on Thu Dec 16, 2010 7:26 pm

koobeyos


Member
Member
OTL logfile created on: 12/16/2010 6:42:45 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ed Cubillos\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 707.00 Mb Available Physical Memory | 69.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.07 Gb Total Space | 52.05 Gb Free Space | 55.93% Space Free | Partition Type: NTFS

Computer Name: EDUARDO | User Name: Ed Cubillos | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/16 18:36:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
PRC - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2010/09/30 13:10:36 | 001,193,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe


========== Modules (SafeList) ==========

MOD - [2010/12/16 18:36:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\TEMP\023384~1.EXE -- (0233841290566423mcinstcleanup) McAfee Application Installer Cleanup (0233841290566423)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/10/13 22:28:54 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/10/13 22:28:54 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 21:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/08/24 13:57:38 | 000,171,168 | ---- | M] () [Unknown | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/03/10 09:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/02/10 14:16:11 | 000,030,192 | ---- | M] (Google) [Disabled | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/04/02 12:47:04 | 000,234,888 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/04/02 12:47:02 | 000,464,264 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008/07/31 20:02:10 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files\ACT\Act for Windows\Act.Scheduler.exe -- (ACT! Scheduler)
SRV - [2008/02/08 06:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/12/24 15:46:47 | 000,039,936 | ---- | M] (C-Dilla Ltd) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2005/05/19 15:48:34 | 000,053,248 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\System32\LxrSII1s.exe -- (LxrSII1s)
SRV - [2005/01/31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/27 17:33:32 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Disabled | Stopped] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2004/05/13 15:46:02 | 000,053,248 | ---- | M] () [Disabled | Stopped] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2004/04/07 14:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/03/29 15:08:16 | 000,049,152 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Dynex Wireless G Enhanced Adapter\WLService.exe -- (Dynex DX-WGPUSB WLService)
SRV - [2003/01/30 18:55:44 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm09.exe -- (Pml Driver)
SRV - [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Stopped] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
SRV - [2002/07/23 05:45:12 | 000,065,536 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\vvrgs.sys -- (ewun)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\EDCUBI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/10/13 22:28:54 | 000,386,840 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/10/13 22:28:54 | 000,313,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/10/13 22:28:54 | 000,152,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/10/13 22:28:54 | 000,095,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/10/13 22:28:54 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/10/13 22:28:54 | 000,084,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/10/13 22:28:54 | 000,084,072 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/10/13 22:28:54 | 000,055,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/10/13 22:28:54 | 000,052,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/05/31 09:09:33 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/25 11:30:55 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/25 11:30:55 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/17 15:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2008/04/13 13:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/13 13:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 13:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 13:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2006/10/04 21:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/03/24 19:46:51 | 000,082,576 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2006/03/24 19:46:51 | 000,051,040 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2006/03/24 19:46:51 | 000,006,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/12/24 15:46:46 | 000,008,864 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2005/11/30 09:12:36 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/08/09 21:40:22 | 000,136,064 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ttv300x.sys -- (ttv300x)
DRV - [2005/05/19 15:48:24 | 000,070,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV - [2005/05/10 19:50:00 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/04/15 19:31:00 | 003,152,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/03/05 07:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/02/25 02:33:26 | 000,102,320 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/01/14 03:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2005/01/14 03:05:00 | 000,099,098 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2005/01/14 03:05:00 | 000,087,706 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2005/01/14 03:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2005/01/14 03:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2005/01/14 03:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2005/01/14 03:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2005/01/14 03:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2005/01/14 03:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2005/01/12 03:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10N.sys -- (KR10N)
DRV - [2004/12/23 04:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/12/02 13:04:20 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/12/02 13:04:10 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/11/09 03:02:40 | 000,031,104 | R--- | M] (Sony) [Video Capture] [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\VRDVC20X.SYS -- (VRDVC20)
DRV - [2004/10/29 20:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/09/08 20:49:00 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALZ.SYS -- (TVALZ)
DRV - [2004/08/17 05:21:00 | 000,087,168 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/05/08 22:38:06 | 000,101,833 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/05 16:09:02 | 000,003,904 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS -- (MAPMEM)
DRV - [2004/03/05 16:09:00 | 000,003,744 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS -- (BCMNTIO)
DRV - [2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/09/19 17:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/09/11 01:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/01/30 18:55:44 | 000,050,800 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphid409.sys -- (Dot4 HPH09)
DRV - [2003/01/30 18:55:44 | 000,050,211 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphs2k09.sys -- (Dot4Storage HPH09) Storage Class Driver for IEEE-1284.4 (HPH09)
DRV - [2003/01/30 18:55:44 | 000,018,864 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphius09.sys -- (Dot4Usb HPH09)
DRV - [2003/01/30 18:55:44 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphipr09.sys -- (Dot4Print HPH09)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/13 10:19:26 | 000,249,344 | ---- | M] (Roxio) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/01/13 10:19:26 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/01/13 10:19:26 | 000,118,422 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/01/13 10:19:26 | 000,022,758 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/01/13 10:19:26 | 000,021,654 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2003/01/10 18:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/07/09 22:33:12 | 000,182,248 | ---- | M] (Matrox Electronic Systems Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\MtxDma0.sys -- (MtxDma0) Matrox Dma Manager (0)
DRV - [2001/10/28 16:34:46 | 000,153,760 | R--- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuvvid2.sys -- (NUVision)
DRV - [2001/10/03 02:00:00 | 000,013,325 | ---- | M] (SCM Microsystems Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\Stltrk2k.sys -- (Stltrk2k)
DRV - [2001/07/11 12:41:08 | 000,025,024 | R--- | M] (Zoran Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuvaud2.sys -- (nuvaud2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

14 Re: System Tool 2011 removal on Thu Dec 16, 2010 7:27 pm

koobeyos


Member
Member
========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=10607&gct=&gc=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/12 19:21:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/12/14 00:34:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/11 11:02:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/11 11:02:20 | 000,000,000 | ---D | M]

[2010/01/12 16:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Extensions
[2010/01/12 16:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/12 15:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions
[2009/08/31 18:39:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/11 17:09:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/02/23 16:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\extensions\firefox@tvunetworks.com
[2010/01/12 15:35:39 | 000,000,687 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Mozilla\Firefox\Profiles\uphjslrc.default\searchplugins\ask.xml
[2009/08/31 13:35:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll

O1 HOSTS File: ([2010/06/24 15:31:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101110093239.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Free TV Bar c3 Toolbar) - {3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3} - C:\Program Files\Free_TV_Bar_c3\tbFre1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [gKkLf06308] C:\Documents and Settings\All Users\Application Data\gKkLf06308\gKkLf06308.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Ed Cubillos\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159666397453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/14 15:20:39 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{f3831ec0-aa6f-11dd-a859-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{f3831ec0-aa6f-11dd-a859-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f3831ec0-aa6f-11dd-a859-00038a000015}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/16 18:36:44 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
[2010/12/16 13:34:14 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\TFC.exe
[2010/12/16 12:20:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/12/15 20:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\gKkLf06308
[2005/12/24 20:01:07 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\IMPLODE.DLL

========== Files - Modified Within 30 Days ==========

[2010/12/16 18:36:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\OTL.exe
[2010/12/16 18:33:48 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/16 18:31:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/16 18:31:19 | 000,001,603 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/12/16 18:30:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/16 14:10:12 | 000,051,205 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Desktop\log one.docx
[2010/12/16 14:01:44 | 000,184,832 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Desktop\mss.exe
[2010/12/16 13:50:17 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/16 13:50:04 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2583217261-2098618498-503970053-1005.job
[2010/12/16 13:34:02 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ed Cubillos\Desktop\TFC.exe
[2010/12/16 12:44:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{42ABC565-E5F2-4260-A9F4-6204C42BEFC7}.job
[2010/12/16 12:27:48 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/16 12:27:48 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/15 22:45:23 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2010/12/15 22:00:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/15 21:50:52 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2010/12/15 20:45:34 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2583217261-2098618498-503970053-1005.job
[2010/12/15 03:32:06 | 000,796,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/15 03:12:53 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/10 23:32:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\Disk Cleanup.job
[2010/12/10 20:10:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/20 08:01:30 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/11/20 08:01:29 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk

========== Files Created - No Company Name ==========

15 Re: System Tool 2011 removal on Thu Dec 16, 2010 7:28 pm

koobeyos


Member
Member
[2010/12/16 14:10:11 | 000,051,205 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Desktop\log one.docx
[2010/12/16 14:01:43 | 000,184,832 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Desktop\mss.exe
[2010/12/16 12:27:48 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/16 12:27:48 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/15 21:18:45 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2010/12/05 14:56:51 | 000,001,603 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/01/11 17:11:17 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Local Settings\Application Data\xobni_installer_updater.log
[2009/12/03 17:24:05 | 000,007,256 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\N360BUOptions.ini
[2009/03/06 15:54:01 | 000,007,669 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/01/30 21:09:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008/10/29 15:50:13 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\450C4DF75F.sys
[2008/10/29 15:50:12 | 000,000,952 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/10/29 15:49:45 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\ActUpdate.log
[2008/10/12 17:42:02 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\DSPlayer.dll
[2008/06/08 17:29:41 | 000,172,032 | R--- | C] () -- C:\WINDOWS\System32\mcs_cor2.dll
[2008/06/08 17:29:40 | 000,450,560 | R--- | C] () -- C:\WINDOWS\System32\mcs_cor1.dll
[2007/10/19 16:41:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\WGPUSB.dll
[2007/10/19 16:41:19 | 000,000,123 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2007/10/19 16:41:17 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2007/02/05 16:02:18 | 000,000,030 | ---- | C] () -- C:\WINDOWS\EZLEGAL.INI
[2007/02/02 12:42:55 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2007/01/03 10:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 10:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 10:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/05 12:38:55 | 000,070,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrSII1d.sys
[2006/10/27 17:34:23 | 000,087,040 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/01 14:10:18 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\$_hpcst$.hpc
[2006/09/22 21:46:09 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2006/06/17 14:28:08 | 000,122,880 | ---- | C] () -- C:\WINDOWS\iSYS_RED_EYE_Removal_1_1.dll
[2006/05/21 16:54:07 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\ViewerApp.dat
[2006/04/10 19:11:06 | 000,000,092 | ---- | C] () -- C:\WINDOWS\NogaTw.INI
[2006/03/31 19:09:54 | 000,002,931 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/02/14 11:56:54 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006/01/14 15:37:22 | 000,000,041 | ---- | C] () -- C:\WINDOWS\crw.ini
[2006/01/11 13:13:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/28 18:19:21 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/12/26 19:04:01 | 000,000,240 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Application Data\wklnhst.dat
[2005/12/24 20:31:04 | 000,068,608 | ---- | C] () -- C:\WINDOWS\System32\tbplib.dll
[2005/12/24 20:31:01 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\midilib.dll
[2005/12/24 20:31:01 | 000,011,424 | ---- | C] () -- C:\WINDOWS\System32\fprun300.dll
[2005/12/24 20:18:46 | 000,262,416 | ---- | C] () -- C:\WINDOWS\System32\ASFV2.DLL
[2005/12/24 20:17:11 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2005/12/24 20:05:03 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS71.DLL
[2005/12/24 20:01:15 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\U2LSAMP1.DLL
[2005/12/24 20:01:15 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\U2LFINRA.DLL
[2005/12/24 20:01:14 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\U2LESBSE.DLL
[2005/12/24 20:01:14 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\U25STORE.DLL
[2005/12/24 20:01:14 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\U25TOTAL.DLL
[2005/12/24 20:01:14 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\U25DTS.DLL
[2005/12/24 20:01:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\U2LBAR.DLL
[2005/12/24 20:01:14 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\U2LDTS.DLL
[2005/12/24 20:01:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\U2LEXCH.DLL
[2005/12/24 19:59:11 | 000,000,870 | ---- | C] () -- C:\WINDOWS\wnsetup.ini
[2005/12/24 19:44:08 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\FDUTL14.DLL
[2005/12/24 19:44:08 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Ivtrn13.dll
[2005/12/24 19:35:42 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2005/12/24 15:46:49 | 000,112,128 | RH-- | C] () -- C:\WINDOWS\CdaC14BA.DLL
[2005/12/24 15:46:46 | 000,008,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2005/12/24 12:17:46 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Ed Cubillos\Local Settings\Application Data\fusioncache.dat
[2005/12/23 22:36:39 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2005/08/30 16:48:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/30 14:18:37 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/08/30 14:18:37 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/08/30 14:18:37 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/08/30 14:18:37 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/13 16:34:24 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2005/05/13 16:34:24 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005/05/10 12:40:40 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/05/10 12:30:13 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/05/10 12:30:13 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/05/10 12:30:13 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/05/10 12:30:13 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/05/10 12:30:13 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/05/10 12:30:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/05/10 12:24:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/05/10 12:23:43 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/05/10 11:46:38 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\Volume.dll
[2005/05/10 11:45:02 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/05/09 18:28:55 | 000,000,590 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/09 18:17:54 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/05/09 17:51:44 | 000,000,338 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/09 11:13:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/03/23 20:35:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/13 14:21:58 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/24 01:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2002/05/24 01:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2000/09/13 18:15:38 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pagesync.dll
[2000/05/22 14:28:08 | 000,161,280 | ---- | C] () -- C:\WINDOWS\System32\ltvid12n.dll
[2000/04/12 16:28:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2000/04/12 16:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll

========== LOP Check ==========

[2008/11/15 15:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2008/10/29 16:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACT
[2010/01/11 17:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2005/12/29 17:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/03/13 15:39:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/10/09 00:05:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2009/03/13 15:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2008/10/07 15:39:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2005/05/10 13:02:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/12/15 20:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\gKkLf06308
[2009/08/30 10:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\gra
[2005/08/30 12:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/01/27 17:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2005/12/29 18:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
[2008/06/08 17:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2008/11/27 22:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/08 18:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2009/03/20 23:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/03 06:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/18 19:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/10 19:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/11/15 15:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\acccore
[2008/10/29 15:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\ACT
[2010/02/20 10:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Azureus
[2008/10/07 15:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Canon
[2010/05/18 17:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2005/12/24 19:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\FileMaker
[2006/07/28 19:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Interact Commerce
[2005/05/10 12:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\InterTrust
[2005/08/30 16:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\InterVideo
[2008/10/29 15:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\IsolatedStorage
[2006/09/02 14:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Leadertech
[2010/12/15 03:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\LimeWire
[2008/09/03 10:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Nikon
[2010/12/15 20:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\PriceGong
[2009/12/13 12:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Software Informer
[2009/02/09 13:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Template
[2007/10/17 19:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\toshiba
[2008/06/08 20:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Ulead Systems
[2006/02/04 15:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\VERITAS
[2008/06/26 09:27:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Viewpoint
[2007/03/14 16:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ed Cubillos\Application Data\Windows Desktop Search
[2010/12/15 22:45:23 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2010/12/10 23:32:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\Disk Cleanup.job
[2010/12/16 18:33:48 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/12/16 12:44:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{42ABC565-E5F2-4260-A9F4-6204C42BEFC7}.job

========== Purity Check ==========



========== Custom Scans ==========


< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2005/05/09 11:12:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/05/09 11:12:36 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/05/09 11:12:36 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2004/08/10 07:00:00 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2004/08/10 07:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\GTNDIS5.sys
[2004/08/10 07:00:00 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/10 07:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/10 07:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2004/08/10 07:00:00 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/10 07:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/10 07:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/10 07:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/10 07:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/10 07:00:00 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/10 07:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/10 07:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/10 07:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/10 07:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/13 13:44:59 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/10/26 08:25:00 | 001,853,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys

< %systemroot%\system32\drivers\*.dll >
[2008/04/13 19:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/13 19:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/13 19:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/13 19:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/13 19:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/13 19:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/13 19:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008/04/13 19:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/13 19:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/13 19:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/13 19:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/13 19:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/13 19:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2007/01/26 15:49:28 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\DIFxAPI.dll
[2008/04/13 19:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2001/07/03 20:39:00 | 000,003,654 | ---- | M] () -- C:\WINDOWS\system32\drivers\Sonyhcp.dll
[2008/04/13 19:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >
[2005/12/24 15:46:47 | 000,039,936 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE

< %SYSTEMDRIVE%\*.* >
[2009/09/05 15:46:34 | 000,001,034 | ---- | M] () -- C:\ASLog.txt
[2006/01/14 15:20:39 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/06/24 12:15:43 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2005/05/09 18:22:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/13 02:39:03 | 000,000,182 | ---- | M] () -- C:\drwtsn32.log
[2010/12/15 21:50:52 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2005/05/09 18:22:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/05/10 12:55:51 | 000,000,896 | -H-- | M] () -- C:\IPH.PH
[2005/12/24 20:15:48 | 000,000,017 | ---- | M] () -- C:\log.txt
[2005/05/09 18:22:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/10 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/16 10:57:41 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/12/16 18:30:10 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2010/11/01 13:52:20 | 000,598,368 | ---- | M] (RealNetworks, Inc.) -- C:\RealPlayer.exe
[2010/02/05 16:05:09 | 000,000,909 | ---- | M] () -- C:\updatedatfix.log

Ad Bot

View previous topic View next topic Back to top  Message [Page 1 of 2]

Goto page : 1, 2  Next

SecuraGeek Forums » Malware/Threat Removal » System Tool 2011 removal

Permissions in this forum:
You cannot reply to topics in this forum