Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Found unknown hidden processes in my computer


  • This topic is locked This topic is locked
12 replies to this topic

#1 Xireene

Xireene

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 21 April 2010 - 10:12 AM

First off, I'm going to be honest, I've already asked for help on another forum BUT they found nothing and said my HJL was clean. The topic there should be closed. And I already posted this on the web browsing issues section because when the other forum said my computer was clean, I figured it had to be an error on my laptop, I got no replies so I've asked for that topic to be closed. As crazy as it might sound, I know that there's something affecting my computer. This is the jist of what I posted on the other section:

"A few days ago I noticed that some of webpages weren't loading correctly. It was shortly after updating Java. Web pages that I visited like Yahoo, Adobe, and Facebook started to load plain text (no graphics of any sort). The Microsoft site wouldn't load at all until I read instructions somewhere on this forum about enabling secure sites. Most other sites loaded perfectly so I figured it had to be some sort of malware that was blocking me from certain sites. I ran a lot of scans using several anti-malware and anti-virus programs. I ended up finding about 3 trojans that were removed. That didn't solved my problem though. I got fed up and decided to reformat my computer hoping that whatever was wrong with it would get fixed, it didn't. Since I formatted my computer I tried updating Windows but I kept getting an error: "WindowsUpdate_8024402C". Wouldn't work in Normal mode even after I followed the instructions given to solve the error. Figured I'd give it a shot in Safe Mode with Networking, but it still doesn't work. Now I can't access the Microsoft website again. *sigh* I've tried pinging it but my requests keep getting timed out.

After reformatting I uninstalled all the bloatware, and reinstalled updated versions of Java, Adobe Flash Player, and Shockwave (thru majorgeeks as I couldn't download them directly from their sites). I've ran more scans but nothing comes up. I'm thinking maybe there's something wrong with my winsock2 but I'm not touching it O_o. I forgot to mention that it's happening on all browsers. IE7 (tried upgrading it but again, I can't access it), Google, and FireFox."

Since then, I've reformatted (again) and removed all the preinstalled software that I don't use. Windows Update started working for like a milisecond before something blocked it from installing all the updates. I've ran DDS (and before someone points out the two anti-virus programs, I have no idea why Norton is still running on my computer, I uninstalled it all as soon as the formatting was done and deleted every norton/symantec file I could find). I also ran GMER and it found several hidden processes (all red) and detected rookit activity. I'll post that log later if anyone decides to help.

Anyway, here's the DDS file:


DDS (Ver_10-03-17.01) - NTFSx86
Run by Carla at 9:51:51.00 on Wed 04/21/2010
Internet Explorer: 7.0.6000.16386
Microsoft® Windows Vista™ Business 6.0.6000.0.1252.1.1033.18.2045.1179 [GMT -4:00]

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: AntiVir Desktop *disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony\SmartWi Connection Utility\SmartWiToggletProxy.exe
C:\Program Files\Sony\SmartWi Connection Utility\SmartWiTogglet.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Sony\SmartWi Connection Utility\ActivationManager.exe
C:\Program Files\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files\Sony\SmartWi Connection Utility\SWGadgetServer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Carla\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
mDefault_Page_URL = hxxp://www.sony.com/vaiopeople
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0\bin\jusched.exe"
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [NapsterShell] c:\program files\napster\napster.exe /systray
mRun: [VAIOSecurity] "c:\program files\sony\vaio security center\VSC.exe" 1
mRun: [DRCU] "c:\program files\sony\drcu\DRCU.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [VAIOSurvey] c:\program files\sony corporation\vaio survey\Vista VAIO Survey.exe
mRun: [<NO NAME>]
mRun: [Cingular Communication Manager] "c:\program files\cingular\communication manager\CingularCCM.exe" -a
mRun: [SmartWiHelper] c:\program files\sony\smartwi connection utility\SmartWiHelper.exe /WindowsStartup
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
mPolicies-system: DisableCAD = 1 (0x1)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
TCP: {327ECB70-2C0A-4E66-B122-35916A4D1C0F} = 4.2.2.1,4.2.2.2
Notify: igfxcui - igfxdev.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
Notify: VESWinlogon - VESWinlogon.dll
LSA: Notification Packages = scecli psqlpwd

============= SERVICES / DRIVERS ===============

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2007-1-10 12416]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-4-21 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-4-21 267432]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-4-21 60936]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2006-12-1 28933976]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-1-10 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-1-10 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-1-10 30976]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2007-1-10 33792]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-1-10 227328]
S3 SEMWModem;Sony Ericsson SEMWModem;c:\windows\system32\drivers\EEXX.sys [2007-1-10 108928]
S3 SEMWWNIC;Sony Ericsson SEMWWNIC;c:\windows\system32\drivers\GCXXNet.sys [2007-1-10 52992]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2010-4-20 741376]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2010-4-20 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2010-4-20 1089536]

=============== Created Last 30 ================

2010-04-21 13:28:27 0 d-----w- c:\users\carla\appdata\roaming\Malwarebytes
2010-04-21 13:27:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-21 13:27:44 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-21 13:27:44 0 d-----w- c:\programdata\Malwarebytes
2010-04-21 13:27:44 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-21 12:39:44 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-04-21 12:39:42 0 d-----w- c:\programdata\Avira
2010-04-21 12:39:42 0 d-----w- c:\program files\Avira
2010-04-21 11:36:47 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-04-21 02:00:49 0 d-----w- c:\programdata\SmartWi Connection Utility
2010-04-21 02:00:01 18560 ----a-w- c:\windows\system32\drivers\PCASp50.sys
2010-04-21 02:00:01 0 d-----w- c:\windows\system32\drivers\_svn
2010-04-21 01:54:59 18432 ----a-w- c:\windows\system32\drivers\RimSerial.sys
2010-04-21 01:54:40 0 d-----w- c:\program files\common files\Research in Motion
2010-04-21 01:54:39 0 d-----w- c:\programdata\Cingular
2010-04-21 01:54:39 0 d-----w- c:\program files\Cingular
2010-04-21 01:52:46 0 d-----w- c:\program files\InterVideo
2010-04-21 01:51:38 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-04-21 01:50:05 0 d-----w- c:\program files\Sony Corporation
2010-04-21 01:47:39 0 d-----w- c:\programdata\VAIO Media Platform
2010-04-21 01:46:31 53248 ----a-w- c:\windows\system32\ipl.dll
2010-04-21 01:46:31 2981888 ----a-w- c:\windows\system32\iplw7.dll
2010-04-21 01:46:31 2973696 ----a-w- c:\windows\system32\ipla6.dll
2010-04-21 01:46:31 2785280 ----a-w- c:\windows\system32\iplm6.dll
2010-04-21 01:46:31 2686976 ----a-w- c:\windows\system32\iplm5.dll
2010-04-21 01:46:31 2531328 ----a-w- c:\windows\system32\iplp6.dll
2010-04-21 01:46:31 2502656 ----a-w- c:\windows\system32\iplpx.dll
2010-04-21 01:46:31 19968 ----a-w- c:\windows\system32\Cpuinf32.dll
2010-04-21 01:43:03 0 d-----w- c:\program files\Toshiba
2010-04-21 01:42:38 0 d-----w- C:\Infineon
2010-04-21 01:40:00 770048 ----a-w- c:\windows\system32\CDDBUISony.dll
2010-04-21 01:40:00 73728 ----a-w- c:\windows\system32\CddbLinkSony.dll
2010-04-21 01:40:00 585728 ----a-w- c:\windows\system32\CddbMusicIDSony.dll
2010-04-21 01:40:00 520192 ----a-w- c:\windows\system32\CddbPlaylist2Sony.dll
2010-04-21 01:39:59 643072 ----a-w- c:\windows\system32\CDDBControlSony.dll
2010-04-21 01:37:40 0 d-----w- c:\programdata\Sonic
2010-04-21 01:37:18 0 d-----w- c:\program files\Roxio
2010-04-21 01:37:18 0 d-----w- c:\program files\common files\Sonic Shared
2010-04-21 01:35:17 0 d-----w- c:\program files\common files\supportsoft
2010-04-21 01:35:15 1933312 ----a-w- c:\windows\system32\cdintf251.dll
2010-04-21 01:33:11 0 d-----w- c:\program files\common files\AnswerWorks 4.0
2010-04-21 01:32:55 0 d-----w- c:\programdata\Intuit
2010-04-21 01:32:55 0 d-----w- c:\program files\Intuit
2010-04-21 01:32:55 0 d-----w- c:\program files\common files\Intuit
2010-04-21 01:32:45 0 d-----w- c:\programdata\COMMON FILES
2010-04-21 01:32:33 0 d-----w- c:\program files\MSXML 4.0
2010-04-21 01:30:44 0 d-----w- c:\windows\system32\URTTEMP
2010-04-21 01:29:29 0 ---ha-r- c:\windows\system32\drivers\Sony_VGN-SZ430N.mrk
2010-04-21 01:29:07 1132112 ----a-w- c:\programdata\pswi_preloaded.exe
2010-04-21 01:28:40 0 d-----w- c:\programdata\Corel
2010-04-21 01:25:49 0 d-----w- c:\program files\Microsoft Small Business
2010-04-21 01:23:10 0 d-----w- c:\programdata\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2010-04-21 01:22:53 0 d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2010-04-21 01:19:23 0 d-----w- c:\programdata\Microsoft Help
2010-04-21 01:13:01 0 d-----w- c:\programdata\Symantec
2010-04-21 01:10:05 0 d-----w- c:\program files\Sony Picture Games
2010-04-21 01:09:47 0 d-----w- c:\program files\Protector Suite QL
2010-04-21 01:09:39 0 d-----w- c:\programdata\UIB
2010-04-21 01:06:58 345 ---ha-w- C:\IPH.PH
2010-04-21 01:06:52 0 d-----w- c:\program files\Online Services
2010-04-20 23:24:38 0 d-----w- c:\windows\system32\appmgmt
2010-04-20 22:32:30 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-04-20 22:31:38 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-04-20 22:31:38 171608 ----a-w- c:\windows\system32\wuwebv.dll

==================== Find3M ====================

2010-04-21 01:58:30 86016 ----a-w- c:\windows\inf\infstor.dat
2010-04-21 01:58:30 86016 ----a-w- c:\windows\inf\infpub.dat
2010-04-21 01:58:29 143360 ----a-w- c:\windows\inf\infstrng.dat
2006-11-02 12:50:56 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:07 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:07 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:07 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:07 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:32:18 665600 ----a-w- c:\windows\inf\drvindex.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 9:52:01.36 ===============

Attached Files


Edited by Xireene, 21 April 2010 - 10:15 AM.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:33 PM

Posted 27 April 2010 - 08:34 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    nvraid.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

Please run the Norton Removal Tool and let me know if that fixes your internet connection:

Please click HERE and follow the instructions in STEP 3 to download and run the norton removal tool.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 Xireene

Xireene
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 27 April 2010 - 12:20 PM

Hello! Well actually, the internet connection somehow fixed itself one day. All of a sudden all the microsoft updates installed themselves when I turned off the computer, I don't know what happened. Afterward, I went to the microsoft site and used one of their repair tools for winsock. So far, I've managed to access every site and I'm not getting redirected anywhere anymore. Thanks for the link to remove Norton, hopefully it's not still running in the background.

Even though the internet connection is alright as far as I can tell, I really would appreciate it if you could give me the thumbs up on my computer. GMER had detected some red hidden processes and rookit activity so I've been too scared to access my bank account, etc. The only changes I remember are the windows updates being installed, and installing Firefox and Safari (because IE was using almost 100% CPU and RAM). *Prays laptop is clean*

Here's the logs you asked for:

OTL logfile created on: 4/27/2010 12:38:15 PM - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\Carla\Desktop
Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142.68 Gb Total Space | 102.56 Gb Free Space | 71.88% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CARLA-PC
Current User Name: Carla
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/27 12:30:37 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Carla\Desktop\OTL.exe
PRC - [2010/04/23 07:43:16 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2010/04/23 07:16:31 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2007/01/12 23:14:54 | 000,032,768 | ---- | M] () -- C:\Program Files\Sony\SmartWi Connection Utility\SWGadgetServer.exe
PRC - [2007/01/10 21:10:45 | 000,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0\bin\jusched.exe
PRC - [2007/01/08 20:42:56 | 000,024,576 | ---- | M] () -- C:\Program Files\Sony\SmartWi Connection Utility\CCP.exe
PRC - [2007/01/08 20:42:54 | 000,036,864 | ---- | M] () -- C:\Program Files\Sony\SmartWi Connection Utility\PowerManager.exe
PRC - [2007/01/08 20:42:54 | 000,032,768 | ---- | M] () -- C:\Program Files\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
PRC - [2007/01/08 20:42:48 | 000,024,576 | ---- | M] () -- C:\Program Files\Sony\SmartWi Connection Utility\ActivationManager.exe
PRC - [2007/01/08 20:42:40 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWiToggletProxy.exe
PRC - [2006/12/21 01:12:54 | 000,405,504 | ---- | M] (Sony Electronics Corporation) -- C:\Program Files\Sony\SmartWi Connection Utility\SmartWiTogglet.exe
PRC - [2006/12/01 16:11:22 | 028,933,976 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2006/11/29 20:01:28 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\upeksvr.exe
PRC - [2006/11/29 19:44:36 | 000,054,288 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\psqltray.exe
PRC - [2006/11/28 13:58:40 | 000,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2006/11/27 09:08:51 | 000,090,112 | R--- | M] (SigmaTel, Inc.) -- C:\Windows\System32\STACSV.EXE
PRC - [2006/11/25 11:29:44 | 002,134,016 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2006/11/24 21:58:38 | 000,919,672 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2006/11/24 14:36:54 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006/11/24 14:36:54 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2006/11/14 20:02:28 | 002,146,304 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2006/11/14 14:46:24 | 000,411,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
PRC - [2006/11/11 19:35:36 | 000,043,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2006/11/09 09:01:09 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2006/11/09 09:01:09 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2006/11/09 09:01:06 | 000,042,544 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2006/11/01 01:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006/10/27 23:13:48 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2006/09/29 00:08:46 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2006/09/26 18:48:36 | 000,172,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2006/09/26 18:46:58 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2006/09/13 18:29:46 | 000,274,432 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006/08/23 16:43:08 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2006/04/14 13:07:20 | 028,933,976 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
PRC - [2006/02/07 02:00:20 | 000,311,296 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2006/01/24 02:14:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe


========== Modules (SafeList) ==========

MOD - [2010/04/27 12:30:37 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Carla\Desktop\OTL.exe
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2010/04/23 07:43:16 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2006/12/01 16:11:22 | 028,933,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$VAIO_VEDB) SQL Server (VAIO_VEDB)
SRV - [2006/11/27 09:08:51 | 000,090,112 | R--- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\STACSV.EXE -- (STacSV)
SRV - [2006/11/24 14:36:54 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2006/11/01 01:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006/10/24 13:32:08 | 002,523,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2006/10/11 21:36:02 | 000,741,376 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2006/10/11 18:52:44 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP)
SRV - [2006/10/11 18:52:44 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2006/10/09 14:02:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP)
SRV - [2006/10/09 14:02:50 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2006/10/04 22:25:00 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/10/04 22:15:30 | 000,057,344 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/10/04 22:06:58 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/09/26 18:48:36 | 000,172,032 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2006/09/26 18:46:58 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2006/09/21 13:53:16 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2006/09/17 00:08:00 | 000,071,184 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2006/08/29 00:38:04 | 000,491,520 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2006/08/23 16:43:08 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2006/04/14 14:04:54 | 000,087,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2006/04/14 13:07:20 | 028,933,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2006/04/14 13:05:58 | 000,240,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2005/11/14 05:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/10/14 06:50:20 | 000,045,272 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)


========== Driver Services (SafeList) ==========

DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/01/10 09:01:31 | 000,030,976 | R--- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyImgF.sys -- (SonyImgF)
DRV - [2007/01/09 22:26:36 | 000,108,928 | R--- | M] (Sony Ericsson) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EEXX.sys -- (SEMWModem)
DRV - [2007/01/09 22:26:36 | 000,052,992 | R--- | M] (Sony Ericsson) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GCXXNet.sys -- (SEMWWNIC)
DRV - [2006/12/20 21:53:32 | 000,017,359 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2006/12/07 16:43:05 | 000,012,416 | R--- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\shpf.sys -- (shpf)
DRV - [2006/12/04 09:16:50 | 004,455,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006/12/01 09:07:58 | 000,039,056 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tcusb.sys -- (TcUsb)
DRV - [2006/11/30 22:13:46 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/11/30 22:13:46 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/11/30 09:06:09 | 000,227,328 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2006/11/30 09:01:05 | 000,195,072 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2006/11/30 09:00:38 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2006/11/30 09:00:38 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2006/11/27 09:09:09 | 000,645,120 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/11/21 17:57:36 | 000,113,792 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2006/11/20 20:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/11/17 15:30:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/17 15:30:21 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/17 15:30:18 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/17 15:30:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/10 17:43:38 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2006/11/09 09:01:09 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/06 04:09:26 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)
DRV - [2006/11/02 05:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 05:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 05:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 05:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 05:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 05:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 05:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 05:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:17 | 000,041,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2006/11/02 05:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 05:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 05:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 05:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 05:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 05:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 05:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 05:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/10/28 03:29:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2006/10/25 14:42:50 | 000,033,792 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyPI.sys -- (SPI)
DRV - [2006/10/18 15:56:30 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2006/10/18 14:43:18 | 000,124,256 | R--- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/10/10 22:33:22 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/10/05 19:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2005/08/01 19:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/01/06 16:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4134173596-2899084695-3051670213-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4134173596-2899084695-3051670213-1006\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4134173596-2899084695-3051670213-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/24 09:31:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/24 09:31:22 | 000,000,000 | ---D | M]

[2010/04/24 09:31:41 | 000,000,000 | ---D | M] -- C:\Users\Carla\AppData\Roaming\Mozilla\Extensions
[2010/04/27 12:24:44 | 000,000,000 | ---D | M] -- C:\Users\Carla\AppData\Roaming\Mozilla\Firefox\Profiles\7ywgavcf.default\extensions
[2010/04/24 09:35:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Carla\AppData\Roaming\Mozilla\Firefox\Profiles\7ywgavcf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/24 09:31:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cingular Communication Manager] C:\Program Files\Cingular\Communication Manager\CingularCCM.exe (Cingular Wireless)
O4 - HKLM..\Run: [DRCU] C:\Program Files\Sony\DRCU\DRCU.exe (Sony Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe File not found
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe File not found
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe File not found
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIOSecurity] C:\Program Files\Sony\VAIO Security Center\VSC.exe ()
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files\Sony Corporation\VAIO Survey\Vista VAIO Survey.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2006/11/02 07:18:47 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/04/27 12:30:35 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Users\Carla\Desktop\OTL.exe
[2010/04/26 18:17:11 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Roaming\Template
[2010/04/26 18:13:52 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Local\Microsoft Help
[2010/04/25 08:03:11 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/04/25 08:03:10 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/04/24 21:48:43 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Local\Adobe
[2010/04/24 09:41:08 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Roaming\Apple Computer
[2010/04/24 09:41:08 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Local\Apple Computer
[2010/04/24 09:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010/04/24 09:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/04/24 09:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/04/24 09:39:37 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Local\Apple
[2010/04/24 09:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/04/24 09:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/04/24 09:31:32 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Roaming\Mozilla
[2010/04/24 09:31:32 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Local\Mozilla
[2010/04/24 09:31:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/04/24 07:12:30 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/04/24 07:12:30 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/04/24 07:12:29 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/04/24 07:12:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/04/24 07:12:28 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/04/24 07:12:28 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/04/24 07:12:28 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/04/24 07:12:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/04/24 07:12:24 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/04/24 07:12:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/04/24 07:12:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/04/24 07:12:23 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/04/24 07:12:22 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/04/24 07:12:22 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/04/24 07:12:21 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/04/24 07:10:56 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/04/24 07:10:56 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/04/24 07:10:55 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/04/24 07:10:55 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010/04/24 07:10:55 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010/04/24 07:10:55 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010/04/24 07:10:55 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2010/04/24 07:10:54 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/04/24 07:10:54 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/04/24 07:10:53 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/04/24 07:10:53 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010/04/24 07:10:53 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010/04/24 07:10:52 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2010/04/24 07:10:52 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/04/24 07:10:52 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010/04/24 07:10:51 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/04/24 07:10:50 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/04/24 07:10:50 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010/04/24 07:10:48 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/04/24 07:10:48 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010/04/24 07:10:47 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010/04/24 07:10:47 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2010/04/24 07:10:47 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010/04/24 07:10:47 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010/04/23 14:00:19 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Roaming\Avira
[2010/04/23 12:47:48 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/04/23 12:47:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/04/23 12:47:48 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/04/23 12:47:48 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/04/23 12:47:48 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/04/23 12:47:47 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/04/23 12:47:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/04/23 12:47:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/04/23 12:47:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/04/23 08:01:41 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/04/23 08:01:40 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/04/23 08:01:40 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/04/23 08:01:40 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/04/23 08:01:40 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/04/23 08:00:28 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2010/04/23 08:00:28 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2010/04/23 08:00:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/04/23 07:59:23 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/04/23 07:59:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2010/04/23 07:59:20 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kmddsp.tsp
[2010/04/23 07:59:18 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2010/04/23 07:59:18 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/04/23 07:59:18 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ndptsp.tsp
[2010/04/23 07:59:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmxs.dll
[2010/04/23 07:59:18 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasser.dll
[2010/04/23 07:59:17 | 000,564,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/04/23 07:59:17 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2010/04/23 07:59:16 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2010/04/23 07:59:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\traffic.dll
[2010/04/23 07:59:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll
[2010/04/23 07:59:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/04/23 07:59:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2010/04/23 07:57:10 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/04/23 07:57:10 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/04/23 07:57:09 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/04/23 07:56:05 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2010/04/23 07:56:05 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2010/04/23 07:56:05 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll
[2010/04/23 07:53:55 | 000,704,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/04/23 07:53:51 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2010/04/23 07:53:49 | 000,028,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2010/04/23 07:51:51 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/04/23 07:51:50 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/04/23 07:51:49 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/04/23 07:51:49 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/04/23 07:51:49 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/04/23 07:50:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010/04/23 07:50:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010/04/23 07:49:11 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/04/23 07:47:14 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2010/04/23 07:47:13 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/04/23 07:46:22 | 002,855,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/04/23 07:46:21 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/04/23 07:46:21 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/04/23 07:46:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/04/23 07:46:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/04/23 07:46:19 | 002,433,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/04/23 07:45:11 | 003,502,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/04/23 07:45:11 | 003,468,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/04/23 07:36:00 | 000,374,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010/04/23 07:35:14 | 000,500,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/04/23 07:35:14 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/04/23 07:32:42 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/04/23 07:32:41 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/04/23 07:30:59 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/04/23 07:29:20 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/04/23 07:28:37 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/04/23 07:27:41 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/04/23 07:26:53 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2010/04/23 07:26:52 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2010/04/23 07:26:52 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2010/04/23 07:26:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2010/04/23 07:21:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/04/23 07:20:13 | 000,696,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/04/23 07:19:39 | 000,109,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/04/23 07:19:39 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/04/23 07:19:14 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2010/04/23 07:16:31 | 002,923,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/04/23 07:15:06 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2010/04/23 07:15:05 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2010/04/23 07:15:05 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2010/04/23 07:15:05 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2010/04/23 07:15:04 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2010/04/23 07:15:04 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2010/04/23 07:15:04 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2010/04/23 07:15:03 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2010/04/23 07:15:02 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2010/04/23 07:15:00 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2010/04/23 07:14:58 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2010/04/23 07:14:57 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2010/04/23 07:14:57 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2010/04/23 07:14:56 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2010/04/23 07:14:55 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2010/04/23 07:14:54 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2010/04/23 07:14:51 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2010/04/23 07:14:51 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2010/04/23 07:14:50 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2010/04/23 07:14:48 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/04/23 07:14:47 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/04/23 07:14:46 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2010/04/23 07:14:45 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2010/04/23 07:14:45 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2010/04/23 07:14:44 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2010/04/23 07:14:43 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2010/04/23 07:14:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2010/04/23 07:14:41 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2010/04/23 07:14:38 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2010/04/23 07:14:36 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2010/04/23 07:14:33 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2010/04/23 07:14:31 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2010/04/23 07:14:30 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2010/04/23 07:14:29 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2010/04/23 07:14:26 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2010/04/23 07:14:24 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2010/04/23 07:14:23 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2010/04/23 07:14:20 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2010/04/23 07:14:18 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2010/04/22 08:33:04 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2010/04/22 08:32:05 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2010/04/22 08:32:05 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2010/04/22 08:32:05 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2010/04/22 08:32:05 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2010/04/22 08:32:04 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2010/04/22 08:32:04 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2010/04/22 08:32:03 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2010/04/22 08:32:03 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2010/04/22 08:32:03 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2010/04/22 08:32:03 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2010/04/22 08:32:02 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2010/04/22 08:32:02 | 002,655,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2010/04/22 08:32:02 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2010/04/22 08:32:01 | 003,464,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2010/04/22 08:32:01 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2010/04/22 08:32:00 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2010/04/22 08:32:00 | 002,597,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2010/04/22 08:32:00 | 001,523,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2010/04/22 08:31:59 | 002,241,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2010/04/22 08:31:59 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2010/04/22 08:31:59 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2010/04/22 08:31:58 | 004,874,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2010/04/22 08:31:58 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2010/04/22 08:31:58 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2010/04/22 08:31:57 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2010/04/22 08:31:57 | 003,102,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2010/04/22 08:31:56 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2010/04/22 08:31:56 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2010/04/22 08:31:56 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2010/04/22 08:31:55 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2010/04/22 08:31:55 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2010/04/22 08:31:54 | 009,845,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2010/04/22 08:31:54 | 002,641,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2010/04/22 08:31:53 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2010/04/22 08:31:53 | 002,340,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2010/04/22 08:31:53 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2010/04/22 08:31:52 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2010/04/22 08:31:52 | 000,797,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/04/22 08:31:51 | 004,493,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2010/04/22 08:31:51 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2010/04/22 08:31:50 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2010/04/22 08:31:50 | 001,963,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2010/04/22 08:26:40 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/04/22 08:26:40 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2010/04/22 08:26:40 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2010/04/22 08:26:39 | 000,905,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/04/22 08:26:39 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/04/22 08:26:39 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/04/22 08:26:38 | 000,944,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/04/22 08:26:38 | 000,620,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/04/22 08:26:37 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/04/22 08:26:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
[2010/04/22 08:26:36 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2010/04/22 08:26:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/04/22 08:26:35 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2010/04/22 08:26:35 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2010/04/22 08:26:35 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2010/04/22 08:26:35 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2010/04/22 08:26:33 | 000,035,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010/04/22 08:26:33 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/04/22 08:26:32 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2010/04/22 08:26:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2010/04/22 08:24:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/04/22 08:24:36 | 000,654,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/04/22 08:24:34 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/04/22 08:24:34 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/04/22 08:24:34 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/04/22 08:24:34 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/04/22 08:23:15 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/04/22 08:23:15 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/04/22 08:20:50 | 000,213,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/04/22 08:20:49 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/04/22 08:20:49 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/04/22 08:17:22 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2010/04/22 08:17:22 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LAPRXY.DLL
[2010/04/22 08:17:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asferror.dll
[2010/04/22 08:16:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/04/22 08:16:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/04/22 08:14:59 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2010/04/22 08:14:59 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/04/22 08:14:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/04/22 08:14:58 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/04/22 08:14:57 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/04/22 08:14:57 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/04/22 08:14:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/04/22 08:13:39 | 000,712,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/04/22 08:13:39 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/04/22 08:13:38 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/04/22 08:10:27 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2010/04/22 08:10:22 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/04/22 08:10:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.exe
[2010/04/22 08:10:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll
[2010/04/22 08:10:19 | 001,984,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/04/22 08:10:19 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/04/22 08:10:15 | 008,138,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2010/04/22 08:09:06 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/04/22 08:09:06 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2010/04/22 08:08:09 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/04/22 08:06:11 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/04/22 08:06:11 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2010/04/22 08:05:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/04/22 08:05:03 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/04/22 08:03:40 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/04/22 08:03:39 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/04/22 08:03:39 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/04/22 08:03:39 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/04/22 08:03:39 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/04/22 08:03:38 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/04/22 08:03:38 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/04/22 08:03:38 | 000,473,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/04/22 08:03:38 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/04/22 08:02:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2010/04/22 08:00:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2010/04/22 07:53:37 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/04/22 07:53:37 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/04/22 07:53:37 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/04/22 07:53:37 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/04/22 07:53:32 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/04/22 07:53:23 | 000,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/04/22 07:53:22 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/04/22 07:53:22 | 000,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/04/22 07:38:56 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/04/22 07:38:54 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/04/22 07:38:54 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/04/22 07:23:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/04/22 07:23:54 | 004,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/04/22 07:23:54 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/04/22 07:23:09 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/04/22 07:23:09 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/04/22 07:22:27 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/04/22 07:21:58 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2010/04/22 07:21:11 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/04/22 07:20:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmi.dll
[2010/04/22 07:19:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/04/22 07:19:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/04/22 07:16:27 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/04/22 07:16:26 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/04/22 07:16:03 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/04/22 07:14:26 | 001,327,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/04/22 07:14:25 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/04/22 07:14:25 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/04/22 07:14:25 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/04/22 07:14:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/04/22 07:13:17 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/04/22 07:12:43 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/04/22 07:12:42 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/04/22 07:12:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/04/22 07:12:40 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/04/22 07:12:37 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/04/21 09:28:27 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Roaming\Malwarebytes
[2010/04/21 09:27:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/21 09:27:44 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/21 09:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/21 09:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/21 08:39:48 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/04/21 08:39:44 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/04/21 08:39:44 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/04/21 08:39:44 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/04/21 08:39:44 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/04/21 08:39:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/04/21 08:39:42 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/04/21 07:36:47 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/04/20 22:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartWi Connection Utility
[2010/04/20 22:00:01 | 000,018,560 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\System32\drivers\PCASp50.sys
[2010/04/20 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\_svn\wcprops
[2010/04/20 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\_svn\tmp\wcprops
[2010/04/20 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\_svn\tmp
[2010/04/20 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\_svn\tmp\text-base
[2010/04/20 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\_svn\text-base
[2010/04/20 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\_svn\tmp\props
[2010/04/20 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\_svn\props
[2010/04/20 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\_svn\tmp\prop-base
[2010/04/20 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\_svn\prop-base
[2010/04/20 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\_svn
[2010/04/20 21:54:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research in Motion
[2010/04/20 21:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Cingular
[2010/04/20 21:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\Cingular
[2010/04/20 21:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo
[2010/04/20 21:51:54 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010/04/20 21:51:54 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010/04/20 21:51:44 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010/04/20 21:51:43 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010/04/20 21:51:40 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010/04/20 21:51:38 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010/04/20 21:51:36 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010/04/20 21:51:34 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010/04/20 21:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Corporation
[2010/04/20 21:47:39 | 000,000,000 | ---D | C] -- C:\ProgramData\VAIO Media Platform
[2010/04/20 21:46:31 | 002,981,888 | ---- | C] (Intel Corporation.) -- C:\Windows\System32\iplw7.dll
[2010/04/20 21:46:31 | 002,973,696 | ---- | C] (Intel Corporation.) -- C:\Windows\System32\ipla6.dll
[2010/04/20 21:46:31 | 002,785,280 | ---- | C] (Intel Corporation.) -- C:\Windows\System32\iplm6.dll
[2010/04/20 21:46:31 | 002,686,976 | ---- | C] (Intel Corporation.) -- C:\Windows\System32\iplm5.dll
[2010/04/20 21:46:31 | 002,531,328 | ---- | C] (Intel Corporation.) -- C:\Windows\System32\iplp6.dll
[2010/04/20 21:46:31 | 002,502,656 | ---- | C] (Intel Corporation.) -- C:\Windows\System32\iplpx.dll
[2010/04/20 21:46:31 | 000,053,248 | ---- | C] (Intel Corporation.) -- C:\Windows\System32\ipl.dll
[2010/04/20 21:43:03 | 000,000,000 | ---D | C] -- C:\Program Files\Toshiba
[2010/04/20 21:42:38 | 000,000,000 | ---D | C] -- C:\Infineon
[2010/04/20 21:40:00 | 000,770,048 | ---- | C] (Gracenote) -- C:\Windows\System32\CDDBUISony.dll
[2010/04/20 21:40:00 | 000,585,728 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbMusicIDSony.dll
[2010/04/20 21:40:00 | 000,073,728 | ---- | C] (Gracenote) -- C:\Windows\System32\CddbLinkSony.dll
[2010/04/20 21:39:59 | 000,643,072 | ---- | C] (Gracenote, Inc.) -- C:\Windows\System32\CDDBControlSony.dll
[2010/04/20 21:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2010/04/20 21:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2010/04/20 21:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2010/04/20 21:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2010/04/20 21:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\supportsoft
[2010/04/20 21:35:15 | 001,933,312 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\Windows\System32\cdintf251.dll
[2010/04/20 21:33:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AnswerWorks 4.0
[2010/04/20 21:32:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Intuit
[2010/04/20 21:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2010/04/20 21:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Intuit
[2010/04/20 21:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2010/04/20 21:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\COMMON FILES
[2010/04/20 21:32:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/04/20 21:30:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2010/04/20 21:28:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2010/04/20 21:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Small Business
[2010/04/20 21:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[2010/04/20 21:22:53 | 000,000,000 | ---D | C] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2010/04/20 21:21:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/04/20 21:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/04/20 21:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/04/20 21:18:12 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/04/20 21:13:05 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capicom.dll
[2010/04/20 21:13:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010/04/20 21:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/04/20 21:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/04/20 21:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Picture Games
[2010/04/20 21:09:47 | 000,000,000 | ---D | C] -- C:\Program Files\Protector Suite QL
[2010/04/20 21:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\UIB
[2010/04/20 21:06:52 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2010/04/20 20:51:47 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/04/20 20:49:26 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010/04/20 20:47:37 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/04/20 19:24:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010/04/20 19:18:30 | 000,000,000 | ---D | C] -- C:\Users\Carla\Documents\Bluetooth
[2010/04/20 19:17:54 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Local\Toshiba
[2010/04/20 19:16:43 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Roaming\Adobe
[2010/04/20 19:16:28 | 000,000,000 | R--D | C] -- C:\Users\Carla\Searches
[2010/04/20 19:16:23 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Roaming\Identities
[2010/04/20 19:16:21 | 000,000,000 | R--D | C] -- C:\Users\Carla\Contacts
[2010/04/20 19:16:19 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Local\VirtualStore
[2010/04/20 19:15:57 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Roaming\Sony Corporation
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\AppData\Local\Temporary Internet Files
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\Templates
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\Start Menu
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\SendTo
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\Recent
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\PrintHood
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\NetHood
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\Documents\My Videos
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\Documents\My Pictures
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\Documents\My Music
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\My Documents
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\Local Settings
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\AppData\Local\History
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\Cookies
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\Application Data
[2010/04/20 19:15:50 | 000,000,000 | -HSD | C] -- C:\Users\Carla\AppData\Local\Application Data
[2010/04/20 19:15:49 | 000,000,000 | --SD | C] -- C:\Users\Carla\AppData\Roaming\Microsoft
[2010/04/20 19:15:49 | 000,000,000 | R--D | C] -- C:\Users\Carla\Videos
[2010/04/20 19:15:49 | 000,000,000 | R--D | C] -- C:\Users\Carla\Saved Games
[2010/04/20 19:15:49 | 000,000,000 | R--D | C] -- C:\Users\Carla\Pictures
[2010/04/20 19:15:49 | 000,000,000 | R--D | C] -- C:\Users\Carla\Music
[2010/04/20 19:15:49 | 000,000,000 | R--D | C] -- C:\Users\Carla\Links
[2010/04/20 19:15:49 | 000,000,000 | R--D | C] -- C:\Users\Carla\Favorites
[2010/04/20 19:15:49 | 000,000,000 | R--D | C] -- C:\Users\Carla\Downloads
[2010/04/20 19:15:49 | 000,000,000 | R--D | C] -- C:\Users\Carla\Documents
[2010/04/20 19:15:49 | 000,000,000 | R--D | C] -- C:\Users\Carla\Desktop
[2010/04/20 19:15:49 | 000,000,000 | -H-D | C] -- C:\Users\Carla\AppData
[2010/04/20 19:15:49 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Local\Temp
[2010/04/20 19:15:49 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Local\Microsoft
[2010/04/20 18:32:30 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/04/20 18:32:30 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/04/20 18:31:59 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/04/20 18:31:59 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/04/20 18:31:59 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/04/20 18:31:38 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/04/20 18:31:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/04/20 18:23:56 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Roaming\Macromedia
[2010/04/20 18:20:29 | 000,000,000 | ---D | C] -- C:\Users\Carla\AppData\Local\AOL

========== Files - Modified Within 30 Days ==========

[2010/04/27 12:32:06 | 001,048,576 | -HS- | M] () -- C:\Users\Carla\NTUSER.DAT
[2010/04/27 12:30:37 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Carla\Desktop\OTL.exe
[2010/04/27 12:29:58 | 000,860,866 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/27 12:29:58 | 000,720,392 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/27 12:29:58 | 000,142,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/27 12:11:36 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/27 12:11:36 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/27 12:11:32 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/27 12:11:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/27 12:11:09 | 2145,443,840 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/26 21:25:17 | 002,690,282 | -H-- | M] () -- C:\Users\Carla\AppData\Local\IconCache.db
[2010/04/26 18:17:09 | 000,000,000 | ---- | M] () -- C:\Users\Carla\AppData\Roaming\wklnhst.dat
[2010/04/24 09:41:25 | 000,181,360 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2010/04/24 09:40:40 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/04/24 09:31:26 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/23 12:47:48 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2010/04/23 12:47:48 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/04/23 12:47:48 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2010/04/23 12:47:48 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2010/04/23 12:47:48 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2010/04/23 12:47:47 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2010/04/23 12:47:47 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2010/04/23 12:47:47 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2010/04/23 12:47:47 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2010/04/23 11:02:52 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2010/04/23 08:09:25 | 000,397,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/23 08:01:41 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/04/23 08:01:40 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/04/23 08:01:40 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/04/23 08:01:40 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/04/23 08:01:40 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2010/04/23 08:00:28 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2010/04/23 08:00:28 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2010/04/23 08:00:28 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/04/23 07:59:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/04/23 07:59:22 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2010/04/23 07:59:20 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kmddsp.tsp
[2010/04/23 07:59:18 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll
[2010/04/23 07:59:18 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/04/23 07:59:18 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ndptsp.tsp
[2010/04/23 07:59:18 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasmxs.dll
[2010/04/23 07:59:18 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasser.dll
[2010/04/23 07:59:18 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h
[2010/04/23 07:59:17 | 000,564,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/04/23 07:59:17 | 000,384,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2010/04/23 07:59:16 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe
[2010/04/23 07:59:14 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\traffic.dll
[2010/04/23 07:59:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll
[2010/04/23 07:59:13 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/04/23 07:59:13 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2010/04/23 07:57:10 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/04/23 07:57:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/04/23 07:57:09 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/04/23 07:56:05 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
[2010/04/23 07:56:05 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
[2010/04/23 07:56:05 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll
[2010/04/23 07:53:55 | 000,704,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/04/23 07:53:51 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2010/04/23 07:53:49 | 000,028,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2010/04/23 07:51:51 | 001,657,350 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2010/04/23 07:51:51 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2010/04/23 07:51:50 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2010/04/23 07:51:49 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2010/04/23 07:51:49 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2010/04/23 07:51:49 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2010/04/23 07:50:30 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2010/04/23 07:50:29 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2010/04/23 07:49:12 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/04/23 07:47:14 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2010/04/23 07:47:13 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/04/23 07:46:22 | 002,855,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/04/23 07:46:21 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2010/04/23 07:46:21 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2010/04/23 07:46:21 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2010/04/23 07:46:21 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2010/04/23 07:46:19 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2010/04/23 07:45:11 | 003,502,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/04/23 07:45:11 | 003,468,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/04/23 07:36:00 | 000,374,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010/04/23 07:35:14 | 000,500,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/04/23 07:35:14 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2010/04/23 07:32:42 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2010/04/23 07:32:41 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2010/04/23 07:30:59 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/04/23 07:29:20 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/04/23 07:28:37 | 000,713,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2010/04/23 07:27:41 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/04/23 07:26:53 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2010/04/23 07:26:52 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2010/04/23 07:26:52 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2010/04/23 07:26:52 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2010/04/23 07:21:15 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/04/23 07:20:13 | 000,696,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2010/04/23 07:19:39 | 000,109,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/04/23 07:19:39 | 000,045,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/04/23 07:19:14 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2010/04/23 07:16:31 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/04/23 07:15:06 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
[2010/04/23 07:15:05 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
[2010/04/23 07:15:05 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
[2010/04/23 07:15:05 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
[2010/04/23 07:15:05 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
[2010/04/23 07:15:04 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
[2010/04/23 07:15:04 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
[2010/04/23 07:15:03 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
[2010/04/23 07:15:03 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
[2010/04/23 07:15:02 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
[2010/04/23 07:14:59 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
[2010/04/23 07:14:58 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
[2010/04/23 07:14:57 | 004,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
[2010/04/23 07:14:57 | 002,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
[2010/04/23 07:14:56 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
[2010/04/23 07:14:55 | 006,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
[2010/04/23 07:14:54 | 011,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
[2010/04/23 07:14:51 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
[2010/04/23 07:14:51 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
[2010/04/23 07:14:49 | 012,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/04/23 07:14:48 | 002,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/04/23 07:14:47 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
[2010/04/23 07:14:46 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
[2010/04/23 07:14:45 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
[2010/04/23 07:14:44 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
[2010/04/23 07:14:44 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
[2010/04/23 07:14:43 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
[2010/04/23 07:14:43 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
[2010/04/23 07:14:41 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
[2010/04/23 07:14:38 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
[2010/04/23 07:14:36 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
[2010/04/23 07:14:32 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
[2010/04/23 07:14:30 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
[2010/04/23 07:14:30 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
[2010/04/23 07:14:28 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
[2010/04/23 07:14:25 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
[2010/04/23 07:14:24 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
[2010/04/23 07:14:23 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
[2010/04/23 07:14:20 | 005,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
[2010/04/22 12:03:52 | 000,107,568 | ---- | M] () -- C:\Users\Carla\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/22 08:33:04 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2010/04/22 08:32:05 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
[2010/04/22 08:32:05 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
[2010/04/22 08:32:05 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
[2010/04/22 08:32:05 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
[2010/04/22 08:32:04 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
[2010/04/22 08:32:04 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
[2010/04/22 08:32:04 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
[2010/04/22 08:32:03 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
[2010/04/22 08:32:03 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
[2010/04/22 08:32:03 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
[2010/04/22 08:32:03 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
[2010/04/22 08:32:02 | 004,493,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
[2010/04/22 08:32:02 | 002,655,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
[2010/04/22 08:32:01 | 003,464,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
[2010/04/22 08:32:01 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
[2010/04/22 08:32:01 | 001,523,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
[2010/04/22 08:32:00 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
[2010/04/22 08:32:00 | 002,597,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
[2010/04/22 08:32:00 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
[2010/04/22 08:31:59 | 002,241,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
[2010/04/22 08:31:59 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
[2010/04/22 08:31:58 | 004,874,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
[2010/04/22 08:31:58 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
[2010/04/22 08:31:58 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
[2010/04/22 08:31:57 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
[2010/04/22 08:31:57 | 003,102,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
[2010/04/22 08:31:56 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
[2010/04/22 08:31:56 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
[2010/04/22 08:31:56 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
[2010/04/22 08:31:55 | 004,493,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
[2010/04/22 08:31:55 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
[2010/04/22 08:31:54 | 009,845,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
[2010/04/22 08:31:54 | 002,641,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
[2010/04/22 08:31:53 | 004,493,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
[2010/04/22 08:31:53 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
[2010/04/22 08:31:53 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
[2010/04/22 08:31:52 | 004,493,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
[2010/04/22 08:31:52 | 000,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/04/22 08:31:51 | 004,493,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
[2010/04/22 08:31:51 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
[2010/04/22 08:31:50 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
[2010/04/22 08:31:50 | 001,963,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
[2010/04/22 08:26:43 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\i8042prt.sys.mui
[2010/04/22 08:26:43 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\sermouse.sys.mui
[2010/04/22 08:26:43 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\mouclass.sys.mui
[2010/04/22 08:26:43 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
[2010/04/22 08:26:43 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\mouhid.sys.mui
[2010/04/22 08:26:43 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\kbdhid.sys.mui
[2010/04/22 08:26:40 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/04/22 08:26:40 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2010/04/22 08:26:40 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2010/04/22 08:26:39 | 000,905,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/04/22 08:26:39 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/04/22 08:26:39 | 000,019,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/04/22 08:26:38 | 000,944,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/04/22 08:26:38 | 000,620,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/04/22 08:26:37 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/04/22 08:26:37 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
[2010/04/22 08:26:36 | 000,260,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2010/04/22 08:26:36 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2010/04/22 08:26:35 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\loadperf.dll
[2010/04/22 08:26:35 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lodctr.exe
[2010/04/22 08:26:35 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2010/04/22 08:26:35 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prflbmsg.dll
[2010/04/22 08:26:33 | 000,035,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010/04/22 08:26:33 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/04/22 08:26:32 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dispci.dll
[2010/04/22 08:26:32 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batt.dll
[2010/04/22 08:24:37 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/04/22 08:24:36 | 000,654,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/04/22 08:24:34 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/04/22 08:24:34 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/04/22 08:24:34 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/04/22 08:24:34 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/04/22 08:23:15 | 000,220,672 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/04/22 08:23:15 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/04/22 08:20:50 | 000,213,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/04/22 08:20:49 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/04/22 08:20:49 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2010/04/22 08:17:22 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
[2010/04/22 08:17:22 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\LAPRXY.DLL
[2010/04/22 08:17:22 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\asferror.dll
[2010/04/22 08:16:14 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2010/04/22 08:16:14 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2010/04/22 08:14:59 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2010/04/22 08:14:59 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/04/22 08:14:59 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/04/22 08:14:58 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/04/22 08:14:57 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/04/22 08:14:57 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/04/22 08:14:56 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/04/22 08:13:39 | 000,712,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/04/22 08:13:39 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/04/22 08:13:38 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/04/22 08:10:27 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2010/04/22 08:10:22 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/04/22 08:10:22 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntprint.exe
[2010/04/22 08:10:20 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll
[2010/04/22 08:10:19 | 001,984,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/04/22 08:10:19 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/04/22 08:10:15 | 008,138,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr
[2010/04/22 08:09:06 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/04/22 08:09:06 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2010/04/22 08:08:09 | 002,031,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/04/22 08:06:11 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/04/22 08:06:11 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
[2010/04/22 08:05:03 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2010/04/22 08:05:03 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2010/04/22 08:03:40 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/04/22 08:03:39 | 000,435,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/04/22 08:03:39 | 000,431,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/04/22 08:03:39 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/04/22 08:03:39 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/04/22 08:03:38 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/04/22 08:03:38 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/04/22 08:03:38 | 000,473,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/04/22 08:03:38 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/04/22 08:02:25 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sbunattend.exe
[2010/04/22 08:00:17 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2010/04/22 07:53:37 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/04/22 07:53:37 | 000,097,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/04/22 07:53:37 | 000,037,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/04/22 07:53:37 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/04/22 07:53:32 | 000,105,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/04/22 07:53:23 | 000,326,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/04/22 07:53:22 | 000,781,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/04/22 07:53:22 | 000,043,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/04/22 07:47:31 | 031,391,744 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010/04/22 07:47:30 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010/04/22 07:47:30 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010/04/22 07:38:56 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/04/22 07:38:54 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/04/22 07:38:54 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/04/22 07:23:57 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/04/22 07:23:54 | 004,247,552 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/04/22 07:23:54 | 001,686,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/04/22 07:23:09 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/04/22 07:23:09 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/04/22 07:22:27 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/04/22 07:21:58 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2010/04/22 07:21:11 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/04/22 07:20:50 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmi.dll
[2010/04/22 07:19:46 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010/04/22 07:19:46 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010/04/22 07:16:27 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/04/22 07:16:26 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2010/04/22 07:16:03 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2010/04/22 07:14:26 | 001,327,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/04/22 07:14:25 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/04/22 07:14:25 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/04/22 07:14:25 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/04/22 07:14:25 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2010/04/22 07:13:17 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010/04/22 07:12:44 | 008,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/04/22 07:12:42 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2010/04/22 07:12:41 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2010/04/22 07:12:40 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2010/04/22 07:12:37 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2010/04/21 11:15:00 | 000,015,471 | ---- | M] () -- C:\Users\Carla\Desktop\Attach.zip
[2010/04/21 10:01:12 | 000,293,376 | ---- | M] () -- C:\Users\Carla\Desktop\0q9kse06.exe
[2010/04/21 09:41:36 | 000,525,824 | ---- | M] () -- C:\Users\Carla\Desktop\dds.scr
[2010/04/21 09:27:49 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/21 08:40:03 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/04/20 21:35:09 | 000,002,291 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2010/04/20 21:29:29 | 000,000,000 | RH-- | M] () -- C:\Windows\System32\drivers\Sony_VGN-SZ430N.mrk
[2010/04/20 21:29:07 | 001,132,112 | ---- | M] () -- C:\ProgramData\pswi_preloaded.exe
[2010/04/20 21:26:25 | 000,000,953 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2010/04/20 21:19:52 | 000,000,219 | ---- | M] () -- C:\Windows\win.ini
[2010/04/20 21:07:04 | 000,000,345 | -H-- | M] () -- C:\IPH.PH
[2010/04/20 19:17:57 | 000,000,821 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2010/04/20 19:15:50 | 000,000,020 | -HS- | M] () -- C:\Users\Carla\ntuser.ini
[2010/04/20 19:04:48 | 000,065,536 | -HS- | M] () -- C:\Users\Carla\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf
[2010/04/20 19:04:47 | 000,524,288 | -HS- | M] () -- C:\Users\Carla\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000002.regtrans-ms
[2010/04/20 19:04:46 | 000,524,288 | -HS- | M] () -- C:\Users\Carla\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms
[2010/04/20 18:32:30 | 002,421,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2010/04/20 18:32:30 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2010/04/20 18:31:59 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2010/04/20 18:31:59 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2010/04/20 18:31:59 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2010/04/20 18:31:38 | 000,171,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2010/04/20 18:31:38 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2010/03/29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2010/04/26 18:17:09 | 000,000,000 | ---- | C] () -- C:\Users\Carla\AppData\Roaming\wklnhst.dat
[2010/04/24 09:41:25 | 000,181,360 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/04/24 09:40:40 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/04/24 09:31:26 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/24 07:12:24 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/04/23 07:59:18 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2010/04/23 07:51:50 | 001,657,350 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/04/22 07:41:51 | 031,391,744 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010/04/22 07:41:51 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010/04/22 07:41:51 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010/04/21 11:15:00 | 000,015,471 | ---- | C] () -- C:\Users\Carla\Desktop\Attach.zip
[2010/04/21 10:00:43 | 000,293,376 | ---- | C] () -- C:\Users\Carla\Desktop\0q9kse06.exe
[2010/04/21 09:41:33 | 000,525,824 | ---- | C] () -- C:\Users\Carla\Desktop\dds.scr
[2010/04/21 09:27:49 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/21 08:40:03 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/04/20 21:46:31 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2010/04/20 21:45:44 | 000,000,821 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2010/04/20 21:40:00 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2010/04/20 21:35:09 | 000,002,291 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2010/04/20 21:29:29 | 000,000,000 | RH-- | C] () -- C:\Windows\System32\drivers\Sony_VGN-SZ430N.mrk
[2010/04/20 21:29:07 | 001,132,112 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe
[2010/04/20 21:06:58 | 000,000,345 | -H-- | C] () -- C:\IPH.PH
[2010/04/20 20:47:39 | 2145,443,840 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/20 19:15:50 | 000,524,288 | -HS- | C] () -- C:\Users\Carla\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000002.regtrans-ms
[2010/04/20 19:15:50 | 000,524,288 | -HS- | C] () -- C:\Users\Carla\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms
[2010/04/20 19:15:50 | 000,262,144 | -H-- | C] () -- C:\Users\Carla\ntuser.dat.LOG1
[2010/04/20 19:15:50 | 000,065,536 | -HS- | C] () -- C:\Users\Carla\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf
[2010/04/20 19:15:50 | 000,000,020 | -HS- | C] () -- C:\Users\Carla\ntuser.ini
[2010/04/20 19:15:50 | 000,000,000 | -H-- | C] () -- C:\Users\Carla\ntuser.dat.LOG2
[2010/04/20 19:15:49 | 001,048,576 | -HS- | C] () -- C:\Users\Carla\NTUSER.DAT
[2007/01/10 22:01:38 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2007/01/10 21:01:17 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1129.dll
[2006/11/30 22:13:32 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/11/30 22:13:32 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/30 22:12:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/31 20:37:00 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/08/10 18:00:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
[2005/07/23 00:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/01/19 01:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\SoftwareDistribution\Download\c0a17eb89d8e2d806cdee4a2d05890b4\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2010/04/23 07:19:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2010/04/23 07:19:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2010/04/23 07:19:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/01/19 00:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\SoftwareDistribution\Download\c0a17eb89d8e2d806cdee4a2d05890b4\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
[2010/04/23 07:19:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2006/11/29 20:02:58 | 000,033,280 | ---- | M] (UPEK Inc.) MD5=32A84C3B46D7B777D43DBA6008F520D2 -- C:\Program Files\Protector Suite QL\eventlog.dll

< MD5 for: IASTORV.SYS >
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

< MD5 for: NVRAID.SYS >
[2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

< MD5 for: SCECLI.DLL >
[2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2006/11/02 05:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2010/04/22 08:14:59 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 06:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\drivers\*.sys /90 >
[2010/04/23 07:53:50 | 000,258,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\acpi.sys
[2010/04/23 07:19:39 | 000,021,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\atapi.sys
[2010/04/23 07:19:39 | 000,109,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/04/23 07:53:49 | 000,028,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys
[2010/04/23 07:53:50 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\CmBatt.sys
[2010/04/23 07:53:50 | 000,020,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\compbatt.sys
[2010/04/22 08:10:27 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\csc.sys
[2010/04/23 07:59:13 | 000,619,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys
[2010/04/22 07:20:50 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fs_rec.sys
[2010/04/22 07:59:23 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys
[2010/04/22 07:19:46 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys
[2010/04/22 08:26:32 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\i8042prt.sys
[2010/04/23 07:19:39 | 000,017,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\intelide.sys
[2010/04/22 08:26:32 | 000,035,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdclass.sys
[2010/04/22 07:22:27 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/04/23 07:49:12 | 000,408,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2010/03/29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/23 07:38:10 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys
[2010/04/22 08:26:32 | 000,034,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mouclass.sys
[2010/04/23 07:26:53 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys
[2010/04/23 07:52:46 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxdav.sys
[2010/04/23 07:48:07 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys
[2010/04/23 07:48:07 | 000,211,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[2010/04/23 07:48:07 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys
[2010/04/23 07:59:20 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndistapi.sys
[2010/04/23 07:59:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndproxy.sys
[2010/04/22 08:20:50 | 000,213,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/04/23 07:38:11 | 001,060,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ntfs.sys
[2010/04/23 07:19:38 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys
[2010/04/23 07:59:14 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys
[2010/04/23 07:19:39 | 000,045,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2010/04/22 08:06:11 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/04/22 08:26:32 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys
[2010/04/23 07:58:12 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys
[2010/04/22 07:17:28 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2010/04/23 07:58:12 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys
[2010/04/22 08:20:49 | 000,815,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2010/04/22 08:20:50 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS
[2010/04/22 08:20:50 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys
[2010/04/23 07:39:54 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBSTOR.SYS
[2010/04/23 07:19:38 | 000,211,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volsnap.sys
[2010/04/23 07:59:18 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wanarp.sys
[2010/04/22 08:26:33 | 000,495,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys
[2010/04/22 08:26:33 | 000,035,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
< End of report >

and the extras:

OTL Extras logfile created on: 4/27/2010 12:38:15 PM - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\Carla\Desktop
Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142.68 Gb Total Space | 102.56 Gb Free Space | 71.88% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CARLA-PC
Current User Name: Carla
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4134173596-2899084695-3051670213-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{106B2C2C-DD16-40A6-8883-7E7067D9E49F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0312BD0D-A1FE-4E1A-9208-D436F566D867}" = VAIO Azure Float Wallpaper
"{054C3038-FFAC-446D-9682-E25891DC2E05}" = QuickBooks Product Listing Service
"{10113A44-CBFF-4FF7-8A13-BD1EC4180C56}" = Protector Suite QL 5.6
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO Camera Utility
"{17C7703E-0B2A-4593-9CB7-E2FE14B6F8EA}" = Sony Snymsico for Vista
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{235915A8-1C0D-4920-95EA-FE8B773E5F57}" = VAIO Teal Whisper Wallpaper
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01
"{478D1ABC-A334-497E-904A-DDA98F087699}" = VAIO Video & Photo Utilities
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4E993095-28F2-4060-9101-99C1FD1195C0}" = VAIO Central
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{500C3FDC-5E5F-485F-BDF5-2C445839CBE0}" =
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = VAIO Video & Photo Utilities
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.0
"{7D716354-2C08-48DC-9AC5-957348048817}" = VAIO Help And Support
"{7E545666-F419-45FD-B3DF-C0B99A1A579F}" = QuickBooks Simple Start Free Starter Edition
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.05 Menu Data
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A87CF139-0B79-4DFB-B3FD-1766F0D5006C}" = Cingular Communication Manager
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007
"{B59B3DA8-06F8-4B4C-AE94-5180753EF108}" = VAIO Floral Dusk Wallpaper
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer
"{C518C7BF-A345-4019-815B-FFDF32EBCAD9}" = VAIO HDD Protection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CFED0AE3-6D93-4745-B8A0-F3410B493CC4}" = VAIO Security Center
"{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524}" = Apple Application Support
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Business Contact Manager for Outlook 2007" = Business Contact Manager for Outlook 2007
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NVIDIA Drivers" = NVIDIA Drivers
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"Sony Ericsson Wireless Modem" = Sony Ericsson Wireless Modem

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/23/2010 12:00:21 PM | Computer Name = Carla-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17037, time stamp
0x4b9658a0, faulting module Flash9b.ocx, version 9.0.28.0, time stamp 0x4553afb6,
exception code 0xc0000005, fault offset 0x0004c0ef, process id 0xcd88, application
start time 0x01cae2fd3cfa7290.

Error - 4/23/2010 12:44:55 PM | Computer Name = Carla-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17037, time stamp
0x4b9658a0, faulting module Flash9b.ocx, version 9.0.28.0, time stamp 0x4553afb6,
exception code 0xc0000005, fault offset 0x00036204, process id 0x1acc, application
start time 0x01cae303c045d1fd.

Error - 4/23/2010 1:31:58 PM | Computer Name = Carla-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17037, time stamp
0x4b9658a0, faulting module Flash9b.ocx, version 9.0.28.0, time stamp 0x4553afb6,
exception code 0xc0000005, fault offset 0x00036204, process id 0x83a4, application
start time 0x01cae30a213b40b5.

Error - 4/23/2010 10:30:05 PM | Computer Name = Carla-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17037, time stamp
0x4b9658a0, faulting module Flash9b.ocx, version 9.0.28.0, time stamp 0x4553afb6,
exception code 0xc0000005, fault offset 0x000650c6, process id 0x1b94, application
start time 0x01cae3549db5e7ed.

Error - 4/24/2010 8:01:37 AM | Computer Name = Carla-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18904, time stamp
0x4b835fec, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,
exception code 0xc0000005, fault offset 0x00042e7b, process id 0x2418, application
start time 0x01cae3a1bcec0126.

Error - 4/25/2010 8:24:20 AM | Computer Name = Carla-PC | Source = Application Error | ID = 1000
Description = Faulting application Safari.exe, version 5.31.22.7, time stamp 0x4b8f94fa,
faulting module NPSWF32.dll, version 10.0.45.2, time stamp 0x4b5f91c2, exception
code 0xc0000005, fault offset 0x0000eb18, process id 0x1c78, application start time
0x01cae46df70083e9.

Error - 4/27/2010 7:06:41 AM | Computer Name = Carla-PC | Source = Application Error | ID = 1000
Description = Faulting application Safari.exe, version 5.31.22.7, time stamp 0x4b8f94fa,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x00000005, process id 0xaa8, application start time 0x01cae5f5f60f4eab.

Error - 4/27/2010 7:23:17 AM | Computer Name = Carla-PC | Source = Application Error | ID = 1000
Description = Faulting application Safari.exe, version 5.31.22.7, time stamp 0x4b8f94fa,
faulting module NPSWF32.dll, version 10.0.45.2, time stamp 0x4b5f91c2, exception
code 0xc0000005, fault offset 0x0000eb18, process id 0x1364, application start time
0x01cae5f9bcaac8cb.

Error - 4/27/2010 7:55:55 AM | Computer Name = Carla-PC | Source = Application Error | ID = 1000
Description = Faulting application Safari.exe, version 5.31.22.7, time stamp 0x4b8f94fa,
faulting module JavaScriptCore.dll, version 5.31.22.5, time stamp 0x4b8cb88c, exception
code 0xc0000005, fault offset 0x00045c82, process id 0x1624, application start time
0x01cae5fc0d25a66b.

Error - 4/27/2010 7:56:34 AM | Computer Name = Carla-PC | Source = Application Error | ID = 1000
Description = Faulting application Safari.exe, version 5.31.22.7, time stamp 0x4b8f94fa,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x00000001, process id 0x8f4, application start time 0x01cae6009cd0c6bb.

[ System Events ]
Error - 4/25/2010 8:01:25 AM | Computer Name = Carla-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/25/2010 8:01:25 AM | Computer Name = Carla-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/25/2010 8:01:25 AM | Computer Name = Carla-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/25/2010 8:23:28 AM | Computer Name = Carla-PC | Source = Application Popup | ID = 1801
Description = The hardware has reported an uncorrectable memory error.

Error - 4/25/2010 9:21:44 AM | Computer Name = Carla-PC | Source = Application Popup | ID = 1801
Description = The hardware has reported an uncorrectable memory error.

Error - 4/25/2010 11:55:18 AM | Computer Name = Carla-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.3 for the Network Card with network
address 0019D2BA8441 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 4/25/2010 7:57:26 PM | Computer Name = Carla-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 0019D2BA8441 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 4/25/2010 8:18:21 PM | Computer Name = Carla-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:07:02 PM on 4/25/2010 was unexpected.

Error - 4/25/2010 8:19:27 PM | Computer Name = Carla-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/26/2010 3:00:32 AM | Computer Name = Carla-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.3 for the Network Card with network
address 0019D2BA8441 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).


< End of report >


#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:33 PM

Posted 28 April 2010 - 09:21 AM

Hi,

could you please run a new scan with gmer and post the log here:
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

We're going to check your PC thouroughly and move from there, but the OTL log is looking good so far. (And yes lots of updates seem to have been installed recently. laugh.gif)

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 Xireene

Xireene
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 28 April 2010 - 11:33 AM

Sorry if it was a lot to look it.

Here's the GMER log:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-28 12:30:26
Windows 6.0.6000
Running: cosd56jy.exe; Driver: C:\Users\Carla\AppData\Local\Temp\ugroqpod.sys


---- System - GMER 1.0.15 ----

SSDT 96BD4908 ZwOpenProcess
SSDT 96BD490D ZwOpenThread

---- Kernel code sections - GMER 1.0.15 ----

.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8B3C0340, 0x292427, 0xE8000020]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\system32\SearchProtocolHost.exe[282376] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] [69AAD6EF] C:\Windows\AppPatch\AcSpecfc.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Windows\system32\SearchProtocolHost.exe[282376] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [69AAD6EF] C:\Windows\AppPatch\AcSpecfc.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Windows\system32\SearchProtocolHost.exe[282376] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DialogBoxParamW] [69AAD6EF] C:\Windows\AppPatch\AcSpecfc.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Windows\system32\SearchProtocolHost.exe[282376] @ C:\Windows\system32\WININET.dll [USER32.dll!DialogBoxParamW] [69AAD6EF] C:\Windows\AppPatch\AcSpecfc.DLL (Windows Compatibility DLL/Microsoft Corporation)

---- Processes - GMER 1.0.15 ----

Process hidden process (*** hidden *** ) 20196
Process hidden process (*** hidden *** ) 20232
Process hidden process (*** hidden *** ) 20396
Process hidden process (*** hidden *** ) 22244

---- EOF - GMER 1.0.15 ----


#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:33 PM

Posted 29 April 2010 - 04:45 AM

Hi,

gmer sometimes is mistaken. Your OTL log is looking good. We'll have to make some checks regarding the things gmer is finding.

Could you please run gmer in safe mode for once and let me know if the log is different.

Please also run a scan with RootRepeal:
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract the contents of RootRepeal.zip, to your desktop.
  • Double click on your desktop.
  • Click on the report tab, then click scan
  • Check all seven boxes:
    Drivers
    Files
    Processes
    SSDT
    Stealth Objects
    Hidden Services
    Shadow SSDT
  • Click Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, Click the Save Report button. Save the log as RootRepeal.txt and post it in your next reply.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 Xireene

Xireene
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 29 April 2010 - 08:26 AM

Okay, ran GMER in safe mode, nothing came up! Good or bad? O_o. Um, tried running RootRepel (in normal mode, safe mode, and compatibility) but kept getting this error:

09:07:32: FOPS - DeviceIoControl Error! Error Code = 0xc0000024 Extended Info (0x000000d8)
09:07:32: DeviceIoControl Error! Error Code = 0x1e7
09:07:32: FOPS - DeviceIoControl Error! Error Code = 0xc0000024 Extended Info (0x000000d8)


#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:33 PM

Posted 29 April 2010 - 12:54 PM

Hi,

there may be some interference from other programs. Please try RootRepeal again, but before the scan do the following:
Please start RootRepeal, and, before doing anything else, try changing the "Disk Access Level" in the Settings->Options dialog. Try moving it to the "Special" or "High" level. Also, click on the Files tab, and uncheck "Use lowest level for MBR check". Please let me know if this fixes the problem.

Just to make sure: Besides the hidden processes there is no sign of malware on your system? You're not getting redirected, you don't have popups, you can access all security sites you want?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 Xireene

Xireene
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 29 April 2010 - 04:19 PM

No signs of malware. Tried making those changes but the same thing happened.

ROOTREPEAL CRASH REPORT
-------------------------
Windows Version: Windows Vista SP0
Exception Code: 0xc0000005
Exception Address: 0x00422bf2
Attempt to read from address: 0x00000004


#10 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:33 PM

Posted 30 April 2010 - 08:20 AM

Hi,

ok, could you please boot into clean boot mode: Tutorial and run another gmer scan.

Please also run a scan with Eset in clean boot mode:
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the button.
  13. Push

If the entries disappear in clean boot mode, it probably means that the entries are created by one of your programs and aren't malicious.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#11 Xireene

Xireene
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:33 PM

Posted 01 May 2010 - 12:10 PM

Hey, I ran ESET but it didn't find anything. Looks like my computer is clean. Tried running GMER again but the CPU kept shooting to 100% and freezed my computer.

#12 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:33 PM

Posted 10 May 2010 - 09:47 AM

Hi,

gmer is not always compatible with all programs. The crash doesn't necessarily mean that you are still infected. In fact I do believe that you logs show you to be clean.

I would like you to update your software before we get to the final step of removing the software we used.
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 20 (JDK or JRE)"
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u20-windows-i586.exe to install the newest version.
-- If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
-- The uninstaller incorporated in this release removes previous Updates 10 and above, but does not remove older versions, so they still need to be removed manually.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

Your Adobe Reader is also out of date. Please uninstall it and download the latest version from Adobe: Download
Please untick all proposed toolbars unless you really want them.

Let me know if you run into any problems.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#13 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:33 PM

Posted 15 May 2010 - 11:04 AM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users