Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dds.txt and attach.txt do not pop up after scan


  • This topic is locked This topic is locked
4 replies to this topic

#1 high55

high55

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:27 AM

Posted 16 February 2011 - 01:19 PM

I downloaded and ran DeFogger and disabled CD Emulation drivers.

I downloaded and ran DDS. I got the "Figure 5: DDS information screen." A row of what looked like ":" ran across the bottom of the screen and then the cursor froze. No dds.txt or attach.txt ever popped up. (Note: I can only use Task Manager to get to the Deskop and perform these operations.)

Here is my original post, the reply to which I was instructed to use DeFogger and DDS:

Hello. I have posted twice on the Malwarebytes forum and searched on the AVG forum - to no avail. Bleepingcomputer looks like a good alternative.

My computer was running a bit slow. AVG scan found no infections. Downloaded and scanned with Malwarebytes, which found and quarantined eight files. (I can list them here, if that is useful.)

While running Malwarebytes, AVG's Identity Protection box popped up and reported an infection in C:\Documents and Settings\Owner\ Local Settings\TEMP\RARSFXD\USERINIT.EXE which it said contained "Malware.gen" (a "downloader"), which didn't cause much concern, as I regularly clean the TEMP folder every few days. (AVG reported that Malware.gen sometimes masquerades as USERINIT.EXE .) AVG quarantined it. (In the AVG Vault, it appears with the name NIRCMD.EXE - not USERINIT.EXE .) This AVG Identity Protection activity was a surprise, as I had never seen it before.

Malwarebytes then said I must reboot to complete the process. Rebooting, Windows behaved normally through the splash screen/"welcome" screen, but after that only the Desktop wallpaper displayed without it's taskbar and icons. I am also unable to right-click on the Desktop.

I have tried the following without any change in the symptoms::

Booting in Safe Mode.

Restoring to the Last Know Good Configuration point/date. I was only able to do this in Safe Mode and went back to January 28. Now using Safe Mode, the calandar will not go back previous to February. Is this significant?

Did a repair install from my Dell XP Service Pack 2 Reinstallation CD.

Used chkdsk /p (although Windows fixed one error).

Used sfc /scannow.

I read in another forum that "If Desktop is not loading at Windows startup, that means that Explorer.exe is not loading..." I then noted that explorer.exe is not displayed under "Processes" in Windows Task Manager.

I have tried to open explorer.exe in Task Manager's "New Task" and, with each attempt, the taskbar appears for a second or so and disappears again. Explorer.exe continues to not display in "Processes."

My computer:
* Dell Inspiron 1300 laptop
* Windows XP Home Edition Service Pack 3 (Last Windows security updates the day before.) Reverted to SP 2 after recent CD repair install.
* AVG anti-virus (Last update and scan the night before using Malwarebytes and both update and scan again yesterday. No infections found.)
* ZoneAlarm fire wall (Latest update.)

Thanks for any assistance.

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:27 PM

Posted 23 February 2011 - 08:51 AM

Hello ,
And :welcome: to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Quick Scan button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note - if you get the following warning, just ignore: "Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"

Click on Cancel, then Accept.

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • RKU log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 high55

high55
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:27 AM

Posted 24 February 2011 - 02:00 PM

Thanks for your reply, Elise. Since my original post above, I have reinstalled XP Service Pack 3 (as my previous repair install from my Dell XP Service Pack 2 Reinstallation CD had replaced it). I have also reinstalled Internet Explorer 8 which had not been working. IE 8 will now open (it didn't before), but only says "connecting" and will not connect. (Firefox continues to work, as does Task Manager, so I can still connect to the Internet.

My Desktop tray/taskbar and icons are still missing. Explorer.exe stops running in Task Manager after just a few moments after booting

Here are the requested files from OTL and Rootkit Unhooker.


OTListIt.txt

OTL logfile created on: 2/24/2011 10:58:19 AM - Run 1
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Documents and Settings\Tom\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 53.00 Mb Available Physical Memory | 11.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): c:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.74 Gb Total Space | 5.18 Gb Free Space | 13.37% Space Free | Partition Type: NTFS
Drive D: | 13.70 Gb Total Space | 13.14 Gb Free Space | 95.85% Space Free | Partition Type: NTFS
Drive F: | 983.72 Mb Total Space | 631.63 Mb Free Space | 64.21% Space Free | Partition Type: FAT

Computer Name: D6RWN2B1 | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/24 10:52:26 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom\Desktop\OTL.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/06/23 12:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2006/04/06 12:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2005/12/07 14:05:12 | 000,053,248 | ---- | M] (GEAR Software) -- C:\WINDOWS\system32\gearsec.exe
PRC - [2004/12/13 13:30:10 | 000,165,488 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2004/12/13 13:30:04 | 000,198,256 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2002/06/17 14:26:34 | 000,167,936 | ---- | M] (Transaction Software, D 81737 Munich) -- C:\Program Files\EWA net\database\TransBase EPC\tbmux32.exe


========== Modules (SafeList) ==========

MOD - [2011/02/24 10:52:26 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (a2free)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/06/23 12:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/10/20 11:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/09/23 18:06:34 | 001,028,432 | ---- | M] (Lavasoft) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2006/05/31 20:50:36 | 000,822,424 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/04/06 12:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2005/12/07 14:05:34 | 002,066,072 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2005/12/07 14:05:12 | 000,053,248 | ---- | M] (GEAR Software) [Auto | Running] -- C:\WINDOWS\system32\gearsec.exe -- (GEARSecurity)
SRV - [2004/12/13 13:30:10 | 000,165,488 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2004/12/13 13:30:08 | 000,079,472 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2004/12/13 13:30:04 | 000,198,256 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2004/04/07 10:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2003/11/05 11:02:16 | 000,176,128 | ---- | M] (Transaction Software, D 81737 Munich) [Auto | Stopped] -- C:\Program Files\EWA net\database\TransBase WIS\tbmux32.exe -- (EWA net DB WIS)
SRV - [2003/11/05 11:02:16 | 000,176,128 | ---- | M] (Transaction Software, D 81737 Munich) [Auto | Stopped] -- C:\Program Files\EWA net\database\TransBase EWA\tbmux32.exe -- (EWA net DB Core)
SRV - [2003/07/31 18:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) [Auto | Stopped] -- C:\Program Files\EWA net\server\bin\tomcat.exe -- (EWA net Server)
SRV - [2002/06/17 14:26:34 | 000,167,936 | ---- | M] (Transaction Software, D 81737 Munich) [Auto | Running] -- C:\Program Files\EWA net\database\TransBase EPC\tbmux32.exe -- (EWA net DB EPC)


========== Driver Services (SafeList) ==========

DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/15 11:37:58 | 000,024,448 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fnetthjm_18A5.sys -- (FNETTHJM_18A5)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/07/15 07:44:20 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2010/07/15 07:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010/05/13 09:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009/10/20 11:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/07/03 07:49:08 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/04/01 16:51:04 | 000,215,872 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2008/04/14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\changer.sys -- (Changer)
DRV - [2008/04/14 00:10:28 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2008/04/14 00:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 00:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 09:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/05/31 20:50:36 | 000,004,608 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2005/12/07 14:05:26 | 000,144,880 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\SymSnap.sys -- (SymSnap)
DRV - [2005/12/07 14:05:24 | 000,056,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\V2iMount.sys -- (V2IMount)
DRV - [2005/11/29 02:36:56 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/11/02 17:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/09/09 21:15:32 | 001,032,472 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/08/12 15:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 01:32:16 | 000,045,312 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 01:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 01:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 01:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/05 23:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/05 23:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/05 23:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/05 23:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/05 23:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/05 23:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/05 23:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/05 23:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/05 23:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 01:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 00:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/08/04 03:00:00 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2004/08/04 03:00:00 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2004/08/04 03:00:00 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2004/08/04 03:00:00 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2004/08/04 03:00:00 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2004/08/04 03:00:00 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2004/08/04 03:00:00 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2004/08/04 03:00:00 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2004/08/04 03:00:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2004/08/04 03:00:00 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2004/08/04 03:00:00 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2004/08/04 03:00:00 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2004/08/04 03:00:00 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2004/08/04 03:00:00 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2004/08/04 03:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2004/08/03 20:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/14 09:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 09:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2003/01/10 14:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/12/16 18:09:06 | 000,030,970 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SQCaptur.sys -- (DCamUSBSQTECH) Dual-Mode DSC(2770)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
IE - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/?rd=nux
IE - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..\URLSearchHook: CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Scroogle SSL search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {99B98C2C-7274-45a3-A640-D9DF1A1C8460}:1.4
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/02/18 21:41:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/22 01:42:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/22 01:42:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/27 19:06:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/27 06:27:34 | 000,000,000 | ---D | M]

[2009/02/19 15:16:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tom\Application Data\Mozilla\Extensions
[2011/02/23 10:38:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\ag7evzeq.default\extensions
[2011/02/18 02:08:43 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\ag7evzeq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/01/16 12:25:05 | 000,000,000 | ---D | M] (CookieCuller) -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\ag7evzeq.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}
[2009/06/21 21:36:29 | 000,000,000 | ---D | M] (SignupShield) -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\ag7evzeq.default\extensions\{D02B1E87-A8C6-433f-9B5C-2CEC4A072736}
[2009/06/21 21:36:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\ag7evzeq.default\extensions\{D02B1E87-A8C6-433f-9B5C-2CEC4A072736}-trash
[2010/07/05 14:14:25 | 000,000,000 | ---D | M] (Torbutton) -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\ag7evzeq.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2010/05/16 08:09:32 | 000,002,492 | ---- | M] () -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\ag7evzeq.default\searchplugins\ixquick-https.xml
[2010/05/22 13:57:13 | 000,001,549 | ---- | M] () -- C:\Documents and Settings\Tom\Application Data\Mozilla\Firefox\Profiles\ag7evzeq.default\searchplugins\scroogle-ssl-search.xml
[2011/02/23 10:38:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/28 08:36:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/01/28 20:07:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2008/06/30 10:40:53 | 000,000,000 | ---D | M] ("Torbutton") -- C:\Program Files\Mozilla Firefox\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/02/18 21:41:00 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX
[2011/01/22 01:42:43 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011/01/22 01:42:44 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010/05/28 08:36:05 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/06/06 18:44:12 | 000,108,544 | ---- | M] (Headlight Software, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPGetRt.dll
[2008/02/18 22:42:26 | 000,024,673 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\NPZoneSB.dll

O1 HOSTS File: ([2008/09/19 05:03:13 | 000,264,688 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 9195 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IE to GetRight Helper) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll (Headlight Software, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (1-Click Answers) - {7754C418-F62E-44aa-B169-E719E718BCFD} - C:\Program Files\1-Click Answers\IEToolbar\AnswersToolbarU.dll (Answers Corporation)
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..\Toolbar\WebBrowser: (1-Click Answers) - {7754C418-F62E-44AA-B169-E719E718BCFD} - C:\Program Files\1-Click Answers\IEToolbar\AnswersToolbarU.dll (Answers Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006..\RunOnce: [TSClientAXDisabler] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006..\RunOnce: [TSClientMSIUninstaller] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 01 00 00 00 [binary data]
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0
O7 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O8 - Extra context menu item: Answers... - C:\Program Files\1-Click Answers\Html\atiemenu.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download web site with Free Download Manager - C:\Program Files\Free Download Manager\dlpage.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRDownload.htm ()
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRBrowse.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: download.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: fnismls.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: getmedianow.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: live.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: microsoft.com ([*.windowsupdate] http in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: showingtime.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: spellchecker.net ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: virtualearth.net ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1380718293-2035333900-2266590408-1006\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Tom/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg
O24 - Desktop Components:1 () - file:///C:/DOCUME~1/Tom/LOCALS~1/Temp/msoclip1/01/clip_image002.gif
O24 - Desktop Components:2 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Tom\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tom\Local Settings\Application Data\Microsoft\Wallpaper2.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/09 11:57:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{58cdc1b4-1e56-11de-8ebf-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{58cdc1b4-1e56-11de-8ebf-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{58cdc1b4-1e56-11de-8ebf-00038a000015}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/24 10:57:09 | 000,577,024 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tom\Desktop\OTL.exe
[2011/02/24 09:15:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Tom\Recent
[2011/02/23 18:28:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/02/23 17:37:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/02/23 16:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom\Start Menu\Programs\Accessories
[2011/02/23 12:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom\My Documents\Downloads
[2011/02/21 11:50:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom\Desktop\explorer.exe not running stuff
[2011/02/19 14:42:11 | 000,000,000 | ---D | C] -- C:\clueless
[2011/02/17 17:05:30 | 000,238,637 | ---- | C] ( ) -- C:\Documents and Settings\Tom\Desktop\setup_9.0.0.722_18.02.2011_02-21.exe
[2011/02/13 17:33:43 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2011/02/13 11:42:04 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/02/13 11:41:40 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/02/13 11:41:31 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/02/13 11:40:35 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011/02/13 11:40:30 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/02/13 11:40:08 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/02/13 11:39:32 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/02/13 11:39:12 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/02/13 11:39:07 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/02/13 11:39:02 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/02/13 11:38:51 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/02/13 11:38:45 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/02/13 11:38:40 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/02/13 11:38:34 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/02/13 11:38:12 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/02/13 11:37:49 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/02/13 11:37:45 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/02/13 11:37:41 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/02/13 11:37:28 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011/02/13 11:37:01 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2011/02/13 11:36:43 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/02/13 11:36:39 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/02/13 11:36:16 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/02/13 11:36:13 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/02/13 11:36:09 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/02/13 11:36:05 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/02/13 11:36:01 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/02/13 11:35:56 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/02/13 11:35:21 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/02/13 11:35:13 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/02/13 11:35:09 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/02/13 11:35:00 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/02/13 11:34:56 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/02/13 11:34:29 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/02/13 11:34:25 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/02/13 11:33:42 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/02/13 11:33:36 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/02/13 11:33:32 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/02/13 11:33:26 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/02/13 11:33:16 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/02/13 11:31:30 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/02/13 11:31:25 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/02/13 11:31:13 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/02/13 11:31:09 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/02/13 11:31:05 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/02/13 11:30:06 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011/02/13 11:30:02 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/02/13 11:29:57 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/02/13 11:29:48 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011/02/13 11:29:01 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/02/13 11:28:57 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/02/13 11:28:53 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/02/13 11:28:49 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/02/13 11:28:05 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/02/13 11:27:55 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/02/13 11:27:52 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/02/13 11:27:30 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/02/13 11:27:26 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/02/13 11:27:23 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/02/13 11:27:18 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/02/13 11:27:15 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/02/13 11:27:11 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/02/13 11:27:07 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/02/13 11:27:02 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/02/13 11:26:59 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/02/13 11:26:51 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/02/13 11:26:48 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/02/13 11:26:13 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/02/13 11:25:59 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/02/13 11:25:53 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/02/13 11:25:18 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/02/13 11:25:15 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/02/13 11:24:48 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/02/13 11:24:45 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/02/13 11:24:41 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/02/13 11:24:25 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/02/13 11:23:13 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/02/13 11:22:58 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/02/13 11:22:56 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011/02/13 11:22:51 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/02/13 11:21:58 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/02/13 11:21:54 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/02/13 11:21:50 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/02/13 11:21:46 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/02/13 11:21:15 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/02/13 11:20:48 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/02/13 11:20:45 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/02/13 11:20:35 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011/02/13 11:20:17 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/02/13 11:20:14 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/02/13 11:20:01 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/02/13 11:19:58 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/02/13 11:19:55 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/02/13 11:19:52 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/02/13 11:19:49 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/02/13 11:19:46 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/02/13 11:19:34 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/02/13 11:19:31 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/02/13 11:19:28 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/02/13 11:19:24 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/02/13 11:19:20 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/02/13 11:16:44 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/02/13 11:16:11 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/02/13 11:16:08 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/02/13 11:16:06 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011/02/13 11:16:03 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/02/13 11:16:02 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2011/02/13 11:15:59 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/02/13 11:15:46 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/02/13 11:15:43 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/02/13 11:15:40 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/02/13 11:15:36 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/02/13 11:15:30 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/02/13 11:15:26 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/02/13 11:14:07 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/02/13 11:12:54 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/02/13 11:10:10 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/02/13 11:09:59 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/02/13 11:09:09 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/02/13 11:09:07 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/02/13 11:08:46 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/02/13 11:08:33 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/02/13 11:08:31 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/02/13 11:08:24 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/02/13 11:08:21 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/02/13 11:08:19 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/02/13 11:08:15 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/02/13 11:07:45 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/02/13 11:07:38 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/02/13 11:07:36 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/02/13 11:05:49 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/02/13 11:05:38 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/02/13 11:05:24 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/02/13 11:05:20 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/02/13 11:05:19 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/02/13 11:05:14 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/02/13 11:05:13 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/02/13 11:05:12 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/02/13 11:05:11 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/02/13 11:05:07 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/02/13 11:04:42 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/02/13 11:04:41 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/02/13 11:04:34 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/02/13 11:03:59 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/02/13 11:03:58 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/02/13 11:03:57 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/02/13 11:03:56 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/02/13 11:03:55 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/02/13 11:03:54 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/02/13 11:03:53 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/02/13 11:03:39 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/02/13 11:03:15 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/02/13 11:03:02 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/02/13 11:02:50 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/02/13 11:02:50 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/02/13 11:02:49 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/02/13 11:02:47 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/02/13 11:02:46 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/02/13 11:02:42 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/02/13 11:02:42 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/02/13 11:02:41 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/02/13 11:02:40 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/02/13 11:02:37 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/02/13 11:02:35 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/02/13 11:01:53 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/02/13 11:01:52 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/02/13 11:01:51 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/02/13 11:01:51 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/02/13 11:01:50 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/02/13 11:01:50 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/02/13 11:01:49 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/02/13 11:01:48 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/02/13 11:01:46 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/02/13 11:01:46 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/02/13 11:01:45 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/02/13 11:01:44 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/02/13 11:01:43 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/02/13 11:01:43 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/02/13 11:01:42 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/02/13 11:01:42 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/02/13 11:01:41 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/02/13 11:01:41 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/02/13 11:01:29 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/02/13 11:01:25 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/02/13 11:01:24 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/02/13 11:01:23 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/02/13 11:01:23 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/02/13 11:01:22 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/02/13 11:01:21 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/02/13 11:01:20 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/02/13 11:00:55 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/02/13 11:00:49 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/02/13 11:00:25 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/02/13 11:00:24 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/02/13 11:00:24 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/02/13 11:00:24 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/02/13 11:00:23 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/02/13 11:00:19 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/02/13 11:00:15 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/02/13 11:00:15 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/02/13 11:00:12 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/02/13 11:00:12 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/02/13 11:00:11 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/02/11 09:57:50 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/02/11 09:57:50 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/02/11 09:54:21 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/02/08 17:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tom\Application Data\Malwarebytes
[2011/02/08 17:02:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/02/08 17:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/08 17:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/02/08 17:02:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/02/08 17:02:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/02/08 12:53:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[22 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/02/24 11:13:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{19F728DF-574F-445E-869D-4773BD08EE74}.job
[2011/02/24 10:56:34 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Tom\Desktop\RKUnhookerLE.EXE
[2011/02/24 10:52:26 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tom\Desktop\OTL.exe
[2011/02/24 10:48:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/24 10:48:06 | 527,892,480 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/23 19:11:03 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Tom\Desktop\Mozilla Firefox (2).lnk
[2011/02/23 18:32:34 | 000,383,694 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/02/23 18:32:33 | 000,054,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/02/23 18:30:22 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/02/23 18:28:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/23 18:27:49 | 000,388,000 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/23 17:01:19 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\Tom\Desktop\iexplore new shorcut.exe.lnk
[2011/02/23 16:30:09 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/23 14:27:36 | 106,972,990 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/02/23 11:00:30 | 000,652,800 | ---- | M] () -- C:\Documents and Settings\Tom\My Documents\MicrosoftFixit50362.msi
[2011/02/21 16:56:36 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/02/19 04:09:06 | 001,754,931 | ---- | M] () -- C:\Documents and Settings\Tom\My Documents\HousecallLauncher.exe
[2011/02/18 21:42:11 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/02/17 17:09:01 | 000,238,637 | ---- | M] ( ) -- C:\Documents and Settings\Tom\Desktop\setup_9.0.0.722_18.02.2011_02-21.exe
[2011/02/15 14:36:32 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Tom\Local Settings\Application Data\housecall.guid.cache
[2011/02/14 19:15:23 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\Tom\Desktop\avgui.exe.lnk
[2011/02/13 16:00:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/11 10:01:54 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/02/11 09:49:47 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/02/11 09:49:47 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/02/11 09:49:22 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/11 09:45:35 | 000,023,428 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/11 09:43:57 | 000,001,066 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/02/11 09:14:32 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2011/02/09 18:49:33 | 000,272,968 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2011/02/09 11:57:44 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/02/08 14:38:11 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/02/07 19:41:23 | 000,114,176 | ---- | M] () -- C:\Documents and Settings\Tom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/03 11:51:38 | 000,024,924 | ---- | M] () -- C:\Documents and Settings\Tom\Desktop\vehicle lengths.lwp
[2011/01/27 21:48:08 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\Tom\Desktop\vidalia^0.2.10.exe.lnk
[2011/01/27 18:44:45 | 000,015,152 | ---- | M] () -- C:\Documents and Settings\Tom\Desktop\Bill of Sale.lwp
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[22 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/24 10:56:41 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Tom\Desktop\RKUnhookerLE.EXE
[2011/02/23 19:11:03 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Tom\Desktop\Mozilla Firefox (2).lnk
[2011/02/23 17:01:19 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\Tom\Desktop\iexplore new shorcut.exe.lnk
[2011/02/23 16:30:09 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/23 16:30:09 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Tom\Start Menu\Programs\Internet Explorer.lnk
[2011/02/23 10:59:58 | 000,652,800 | ---- | C] () -- C:\Documents and Settings\Tom\My Documents\MicrosoftFixit50362.msi
[2011/02/19 04:00:34 | 001,754,931 | ---- | C] () -- C:\Documents and Settings\Tom\My Documents\HousecallLauncher.exe
[2011/02/18 21:42:11 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/02/18 14:55:33 | 527,892,480 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/16 09:59:02 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Tom\Desktop\dds.scr
[2011/02/15 14:36:32 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Tom\Local Settings\Application Data\housecall.guid.cache
[2011/02/14 19:15:22 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\Tom\Desktop\avgui.exe.lnk
[2011/02/13 11:41:55 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/02/13 11:10:08 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/02/13 11:10:02 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/02/13 11:09:57 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/02/13 11:09:52 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/02/13 11:09:44 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/02/13 11:05:18 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/02/13 11:05:17 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/02/13 11:05:16 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/02/13 11:01:10 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/02/13 11:01:09 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/02/13 11:01:08 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/02/13 11:01:07 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/02/13 11:01:07 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/02/13 11:01:07 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/02/13 11:01:06 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/02/13 11:01:06 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/02/13 11:01:04 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/02/13 11:01:00 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/02/11 09:56:19 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/02/11 09:55:55 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/02/11 09:55:51 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/02/11 09:55:34 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/02/11 09:55:23 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/02/11 09:54:27 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/02/11 09:06:43 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/02/11 09:06:43 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/02/11 09:06:43 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/02/11 09:06:43 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/02/11 09:06:43 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/02/11 09:06:43 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/02/11 09:06:42 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2011/02/09 12:13:44 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Tom\Start Menu\Programs\Windows Media Player.lnk
[2011/02/09 11:57:44 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011/02/08 17:02:40 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/08 14:38:11 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Tom\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/01/30 18:02:41 | 000,024,924 | ---- | C] () -- C:\Documents and Settings\Tom\Desktop\vehicle lengths.lwp
[2011/01/27 21:48:08 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\Tom\Desktop\vidalia^0.2.10.exe.lnk
[2011/01/27 18:32:57 | 000,015,152 | ---- | C] () -- C:\Documents and Settings\Tom\Desktop\Bill of Sale.lwp
[2010/09/18 09:50:05 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2010/09/18 09:50:03 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2010/09/18 09:50:03 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2010/03/14 20:22:08 | 000,001,078 | ---- | C] () -- C:\Documents and Settings\Tom\Application Data\QuickZip45.ini
[2009/12/02 18:11:20 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\3D251BD7E4.sys
[2009/10/20 11:19:30 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/03/30 07:35:13 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FileRecover.INI
[2008/06/25 12:59:34 | 001,490,989 | R--- | C] () -- C:\WINDOWS\System32\hp_nls.dll
[2008/06/25 11:32:11 | 000,004,535 | ---- | C] () -- C:\WINDOWS\Stfinder.ini
[2008/06/25 11:21:10 | 000,000,468 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008/05/17 13:32:08 | 000,000,754 | ---- | C] () -- C:\WINDOWS\wordpad.INI
[2008/01/15 10:31:01 | 000,000,020 | ---- | C] () -- C:\WINDOWS\gurunet.ini
[2007/07/09 15:59:10 | 000,796,312 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2007/06/21 17:12:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\winhelp.ini
[2007/06/20 19:34:20 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/04/24 19:17:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DXINFO.INI
[2007/01/22 05:51:21 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2006/11/03 08:44:50 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Tom\Local Settings\Application Data\fusioncache.dat
[2006/09/04 22:48:51 | 000,004,548 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/07/17 22:34:59 | 000,000,190 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/06/24 17:02:24 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\1C6CBC5E09.sys
[2006/06/07 06:21:43 | 000,114,176 | ---- | C] () -- C:\Documents and Settings\Tom\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/06/06 20:51:32 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\095EBC6C1C.sys
[2006/06/06 17:21:34 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Tom\Application Data\PFP120JPR.{PB
[2006/06/06 17:21:34 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Tom\Application Data\PFP120JCM.{PB
[2006/05/31 20:59:50 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/31 20:50:49 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/05/31 20:46:52 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/05/31 20:39:13 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/05/31 20:14:58 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/05/31 20:14:54 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/05/31 20:14:48 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/04/09 15:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 11:12:05 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 11:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 10:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 01:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2011/02/08 18:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/15 19:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/04/01 21:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cached Installations
[2011/02/12 11:04:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2006/06/07 12:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2007/05/31 11:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2007/09/21 07:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2010/12/15 19:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/04/01 22:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2007/06/24 12:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2009/04/04 03:28:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/03/01 15:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/04/11 20:29:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}
[2009/09/08 15:21:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
[2010/12/15 19:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\AVG10
[2011/02/05 22:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Free Download Manager
[2010/12/21 23:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\GetRight
[2009/11/10 19:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\gnupg
[2007/05/31 11:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\iolo
[2006/06/20 00:04:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Leadertech
[2011/01/22 01:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Local
[2010/05/28 20:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Opera
[2009/04/01 05:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\PandoraRecovery
[2009/09/05 18:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\TrueCrypt
[2010/03/21 02:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Uniblue
[2007/03/01 15:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Viewpoint
[2008/12/29 23:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\Windows Live Writer
[2009/11/10 19:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tom\Application Data\winpt
[2011/02/24 11:13:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{19F728DF-574F-445E-869D-4773BD08EE74}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:24051EFF

< End of report >


Extra.txt

r . e x e

" C : \ P r o g r a m F i l e s \ G r i s o f t \ A V G F r e e \ a v g c c . e x e " = C : \ P r o g r a m F i l e s \ G r i s o f t \ A V G F r e e \ a v g c c . e x e : * : E n a b l e d : a v g c c . e x e

" c : \ 1 B B . t m p " = c : \ 1 B B . t m p : * : E n a b l e d : 7 6 7 4 6 3 0 3 2 6 4 B D 3 7 5

" C : \ P r o g r a m F i l e s \ A m e r i c a O n l i n e 9 . 0 \ w a o l . e x e " = C : \ P r o g r a m F i l e s \ A m e r i c a O n l i n e 9 . 0 \ w a o l . e x e : * : D i s a b l e d : A m e r i c a O n l i n e 9 . 0 - - ( A m e r i c a O n l i n e , I n c . )

" C : \ P r o g r a m F i l e s \ C o m m o n F i l e s \ A O L \ A C S \ A O L D i a l . e x e " = C : \ P r o g r a m F i l e s \ C o m m o n F i l e s \ A O L \ A C S \ A O L D i a l . e x e : * : D i s a b l e d : A O L - - ( A m e r i c a O n l i n e , I n c )

" C : \ P r o g r a m F i l e s \ C o m m o n F i l e s \ A O L \ A C S \ A O L a c s d . e x e " = C : \ P r o g r a m F i l e s \ C o m m o n F i l e s \ A O L \ A C S \ A O L a c s d . e x e : * : D i s a b l e d : A O L - - ( A m e r i c a O n l i n e , I n c . )

" C : \ W I N D O W S \ s y s t e m 3 2 \ f x s c l n t . e x e " = C : \ W I N D O W S \ s y s t e m 3 2 \ f x s c l n t . e x e : * : D i s a b l e d : M i c r o s o f t F a x C o n s o l e - - ( M i c r o s o f t C o r p o r a t i o n )

" C : \ P r o g r a m F i l e s \ A V G \ A V G 8 \ a v g u p d . e x e " = C : \ P r o g r a m F i l e s \ A V G \ A V G 8 \ a v g u p d . e x e : * : E n a b l e d : a v g u p d . e x e

" C : \ P r o g r a m F i l e s \ A V G \ A V G 8 \ a v g e m c . e x e " = C : \ P r o g r a m F i l e s \ A V G \ A V G 8 \ a v g e m c . e x e : * : E n a b l e d : a v g e m c . e x e

" C : \ P r o g r a m F i l e s \ i T u n e s \ i T u n e s . e x e " = C : \ P r o g r a m F i l e s \ i T u n e s \ i T u n e s . e x e : * : E n a b l e d : i T u n e s

" C : \ P r o g r a m F i l e s \ O p e r a \ o p e r a . e x e " = C : \ P r o g r a m F i l e s \ O p e r a \ o p e r a . e x e : * : E n a b l e d : O p e r a I n t e r n e t B r o w s e r - - ( O p e r a S o f t w a r e )

" C : \ P r o g r a m F i l e s \ A V G \ A V G 1 0 \ a v g m f a p x . e x e " = C : \ P r o g r a m F i l e s \ A V G \ A V G 1 0 \ a v g m f a p x . e x e : * : E n a b l e d : A V G I n s t a l l e r - - ( A V G T e c h n o l o g i e s C Z , s . r . o . )

" C : \ P r o g r a m F i l e s \ A V G \ A V G 1 0 \ a v g d i a g e x . e x e " = C : \ P r o g r a m F i l e s \ A V G \ A V G 1 0 \ a v g d i a g e x . e x e : * : E n a b l e d : A V G D i a g n o s t i c s 2 0 1 1 - - ( A V G T e c h n o l o g i e s C Z , s . r . o . )

" C : \ P r o g r a m F i l e s \ A V G \ A V G 1 0 \ a v g n s x . e x e " = C : \ P r o g r a m F i l e s \ A V G \ A V G 1 0 \ a v g n s x . e x e : * : E n a b l e d : O n l i n e S h i e l d - - ( A V G T e c h n o l o g i e s C Z , s . r . o . )

" C : \ P r o g r a m F i l e s \ A V G \ A V G 1 0 \ a v g e m c x . e x e " = C : \ P r o g r a m F i l e s \ A V G \ A V G 1 0 \ a v g e m c x . e x e : * : E n a b l e d : P e r s o n a l E - m a i l S c a n n e r - - ( A V G T e c h n o l o g i e s C Z , s . r . o . )





[ c o l o r = # E 5 6 7 1 7 ] = = = = = = = = = = H K E Y _ L O C A L _ M A C H I N E U n i n s t a l l L i s t = = = = = = = = = = [ / c o l o r ]



[ H K E Y _ L O C A L _ M A C H I N E \ S O F T W A R E \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ U n i n s t a l l ]

" { 0 0 0 3 0 4 0 9 - 7 8 E 1 - 1 1 D 2 - B 6 0 F - 0 0 6 0 9 7 C 9 9 8 E 7 } " = M i c r o s o f t O f f i c e 2 0 0 0 S m a l l B u s i n e s s

" { 0 0 0 4 0 4 0 9 - 7 8 E 1 - 1 1 D 2 - B 6 0 F - 0 0 6 0 9 7 C 9 9 8 E 7 } " = M i c r o s o f t O f f i c e 2 0 0 0 D i s c 2

" { 0 2 E 8 9 E F C - 7 B 0 7 - 4 D 5 A - A A 0 3 - 9 E C 0 9 0 2 9 1 4 E E } " = V C 9 . 0 R u n t i m e

" { 0 4 5 6 e b d 7 - 5 f 6 7 - 4 a b 6 - 8 5 2 e - 6 3 7 8 1 e 3 f 3 8 9 c } " = M a c r o m e d i a F l a s h P l a y e r

" { 0 7 5 4 7 3 F 5 - 8 4 6 A - 4 4 8 B - B C B 3 - 1 0 4 A A 1 7 6 0 2 0 5 } " = S o n i c R e c o r d N o w D a t a

" { 0 D D 1 4 0 D 3 - 9 5 6 3 - 4 8 1 E - A A 7 5 - B A 4 5 7 C B D A E F 2 } " = P C I n s p e c t o r F i l e R e c o v e r y

" { 0 E B 5 D 9 B 7 - 8 E 6 C - 4 A 9 E - B 7 4 F - 1 6 B 7 E E 8 9 A 6 7 B } " = M i c r o s o f t P l u s ! P h o t o S t o r y 2 L E

" { 1 2 0 6 E F 9 2 - 2 E 8 3 - 4 8 5 9 - A C C B - 2 0 4 8 C 3 C B 7 D A 6 } " = S o n i c D L A

" { 1 3 F 3 9 1 7 B 5 6 C D 4 C 2 5 8 4 8 B D C 6 9 9 1 6 9 7 1 B B } " = D i v X C o n v e r t e r

" { 1 4 3 7 4 6 1 9 - 0 9 0 0 - 4 0 5 6 - B A 0 6 - C 8 7 C 9 0 0 A F 9 E 6 } " = Q u i c k B o o k s S i m p l e S t a r t S p e c i a l E d i t i o n

" { 1 8 4 E 7 1 1 8 - 0 2 9 5 - 4 3 C 4 - B 7 2 C - 1 D 5 4 A A 7 5 A A F 7 } " = W i n d o w s L i v e M a i l

" { 1 E E 8 8 B 8 4 - 7 B E 5 - 4 F B 5 - 8 D E A - B 8 1 D 5 4 0 9 D 6 2 E } " = O p e r a 1 1 . 0 0

" { 1 F 1 C 2 D F C - 2 D 2 4 - 3 E 0 6 - B C B 8 - 7 2 5 1 3 4 A D F 9 8 9 } " = M i c r o s o f t V i s u a l C + + 2 0 0 8 R e d i s t r i b u t a b l e - x 8 6 9 . 0 . 3 0 7 2 9 . 4 1 4 8

" { 2 0 5 C 6 B D D - 7 B 7 3 - 4 2 D E - 8 5 0 5 - 9 A 0 9 3 F 3 5 A 2 3 8 } " = W i n d o w s L i v e U p l o a d T o o l

" { 2 1 6 5 7 5 7 4 - B D 5 4 - 4 8 A 2 - 9 4 5 0 - E B 0 3 B 2 C 7 F C 2 9 } " = S o n i c M y D V D L E

" { 2 2 5 A F 9 A 1 - B 5 5 6 - 8 8 D 5 - 9 4 A A - 0 0 1 0 B 5 4 2 6 4 1 9 } " = M y D S C

" { 2 2 B 7 7 5 E 7 - 6 C 4 2 - 4 F C 5 - 8 E 1 0 - 9 A 5 E 3 2 5 7 B D 9 4 } " = M S V C R T

" { 2 6 A 2 4 A E 4 - 0 3 9 D - 4 C A 4 - 8 7 B 4 - 2 F 8 3 2 1 6 0 2 0 F F } " = J a v a ( T M ) 6 U p d a t e 2 0

" { 2 6 E 1 B F B 0 - E 8 7 E - 4 6 9 6 - 9 F 8 9 - B 4 6 7 F 0 1 F 8 1 E 5 } " = B r o a d c o m M a n a g e m e n t P r o g r a m s

" { 3 0 4 6 5 B 6 C - B 5 3 F - 4 9 A 1 - 9 E B A - A 3 F 1 8 7 A D 5 0 2 E } " = S o n i c U p d a t e M a n a g e r

" { 3 2 4 8 F 0 A 8 - 6 8 1 3 - 1 1 D 6 - A 7 7 B - 0 0 B 0 D 0 1 6 0 0 3 0 } " = J a v a ( T M ) 6 U p d a t e 3

" { 3 2 F 7 2 0 F 5 - 2 D 0 D - 4 2 4 5 - A 2 B 0 - 9 E B 3 C E C F 8 1 0 1 } " = N o r t o n G h o s t 1 0 . 0

" { 3 3 B B 4 9 8 2 - D C 5 2 - 4 8 8 6 - A 0 3 B - F 4 C 5 C 8 0 B E E 8 9 } " = W i n d o w s M e d i a P l a y e r 1 0

" { 3 4 0 D 6 1 B B - 3 5 0 A - 4 0 F 4 - 8 C F D - 4 F 8 6 0 E 1 2 0 6 6 E } " = S S A B e n e f i t C a l c u l a t o r

" { 3 5 0 C 9 7 B 0 - 3 D 7 C - 4 E E 8 - B A A 9 - 0 0 B C B 3 D 5 4 2 2 7 } " = W e b F l d r s X P

" { 3 5 2 3 1 0 C 3 - E 4 6 B - 4 2 D 3 - 8 F 3 2 - 5 4 7 2 1 F D D 7 2 D 9 } " = N e t Z e r o I n s t a l l e r s

" { 3 B 4 E 6 3 6 E - 9 D 6 5 - 4 D 6 7 - B A 6 1 - 1 8 9 8 0 0 8 2 3 F 5 2 } " = W i n d o w s L i v e C o m m u n i c a t i o n s P l a t f o r m

" { 3 D E 5 E 7 D 4 - 7 B 8 8 - 4 0 3 C - A 3 F D - 2 0 1 7 A 8 2 4 0 C 5 B } " = G o o g l e E a r t h

" { 3 E E 3 3 9 5 8 - 7 3 8 1 - 4 E 7 B - A 4 F 3 - 6 E 4 3 0 9 8 E 9 E 9 C } " = U R L A s s i s t a n t

" { 3 F 9 2 A B B B - 6 B B F - 1 1 D 5 - B 2 2 9 - 0 0 2 0 7 8 0 1 7 F B F } " = N e t W a i t i n g

" { 3 F C 7 C B B C 4 C 1 E 1 1 D C A 1 A 7 5 2 E A 5 5 D 8 9 5 9 3 } " = D i v X V e r s i o n C h e c k e r

" { 4 4 7 3 4 1 7 9 - 8 A 7 9 - 4 D E E - B B 0 8 - 7 3 0 3 7 F 0 6 5 5 4 3 } " = A p p l e M o b i l e D e v i c e S u p p o r t

" { 4 5 3 3 8 B 0 7 - A 2 3 6 - 4 2 7 0 - 9 A 7 7 - E B B 4 1 1 5 5 1 7 B 5 } " = W i n d o w s L i v e S i g n - i n A s s i s t a n t

" { 4 A 0 3 7 0 6 F - 6 6 6 A - 4 0 3 7 - 7 7 7 7 - 5 F 2 7 4 8 7 6 4 D 1 0 } " = J a v a A u t o U p d a t e r

" { 5 2 D 5 6 C 4 2 - 8 C 6 9 - 4 8 8 2 - A 6 6 1 - 3 9 6 9 5 5 3 7 C 9 C F } " = D e l l C o n n e c t

" { 5 4 8 E E A 8 E - 8 2 9 9 - 4 9 7 F - 8 0 5 7 - 8 1 1 D 2 D 7 0 9 7 D C } " = D e l l S u p p o r t 3 . 1

" { 5 9 0 5 F 4 2 D - 3 F 5 F - 4 9 1 6 - A D A 6 - 9 4 A 3 6 4 6 A E E 7 6 } " = D e l l D r i v e r R e s e t T o o l

" { 5 A D 9 6 C F 5 - 2 6 2 7 - 4 F 2 9 - 9 D 2 D - 7 2 F C D 8 5 F 6 3 5 5 } " = A V G 2 0 1 1

" { 5 E E 7 D 2 5 9 - D 1 3 7 - 4 4 3 8 - 9 A 5 F - 4 2 F 4 3 2 E C 0 4 2 1 } " = V C 8 0 C R T R e d i s t - 8 . 0 . 5 0 7 2 7 . 4 0 5 3

" { 6 4 1 2 C E C E - 8 1 7 2 - 4 B E 5 - 9 3 5 B - 6 C E C A C D 2 C A 8 7 } " = W i n d o w s L i v e M a i l

" { 6 8 1 1 C A A 0 - B F 1 2 - 1 1 D 4 - 9 E A 1 - 0 0 5 0 B A E 3 1 7 E 1 } " = P o w e r D V D 5 . 5

" { 6 9 5 6 8 5 6 F - B 6 B 3 - 4 B E 0 - B A 0 B - 8 F 4 9 5 B E 3 2 0 3 3 } " = A p p l e S o f t w a r e U p d a t e

" { 6 E 4 5 B A 4 7 - 3 8 3 C - 4 C 1 E - 8 E D 0 - 0 D 4 8 4 5 C 2 9 3 D 7 } " = M i c r o s o f t P l u s ! D i g i t a l M e d i a E d i t i o n I n s t a l l e r

" { 7 0 4 F 6 6 E A - 8 4 F 4 - 4 2 9 2 - 9 F B B - A 5 A F 9 3 5 4 3 D 8 9 } " = M a i l R e c o v e r y f o r O u t l o o k E x p r e s s

" { 7 2 8 2 7 8 A 1 - 0 B B 7 - 4 5 E 4 - A C 5 E - 9 1 D 7 C 0 F D 1 E D E } " = E a r t h L i n k s e t u p f i l e s

" { 7 4 F 7 6 6 2 C - B 1 D B - 4 8 9 E - A 8 A C - 0 7 A 0 6 B 2 4 9 7 8 B } " = D e l l S y s t e m R e s t o r e

" { 7 7 0 6 5 7 D 0 - A 1 2 3 - 3 C 0 7 - 8 E 4 4 - 1 C 8 3 E C 8 9 5 1 1 8 } " = M i c r o s o f t V i s u a l C + + 2 0 0 5 A T L U p d a t e k b 9 7 3 9 2 3 - x 8 6 8 . 0 . 5 0 7 2 7 . 4 0 5 3

" { 7 A 9 9 7 C 0 2 - 8 1 D 4 - 4 F E C - 9 C 1 C - F 9 1 6 6 1 1 F 8 3 6 0 } " = E W A _ n e t _ E P C

" { 7 F 1 4 2 D 5 6 - 3 3 2 6 - 1 1 D 5 - B 2 2 9 - 0 0 2 0 7 8 0 1 7 F B F } " = M o d e m H e l p e r

" { 8 1 1 2 8 E E 8 - 8 E A D - 4 D B 0 - 8 5 C 6 - 1 7 C 2 C E 5 0 F F 7 1 } " = W i n d o w s L i v e E s s e n t i a l s

" { 8 3 7 b 3 4 e 3 - 7 c 3 0 - 4 9 3 c - 8 f 6 a - 2 b 0 f 0 4 e 2 9 1 2 c } " = M i c r o s o f t V i s u a l C + + 2 0 0 5 R e d i s t r i b u t a b l e

" { 8 5 D 3 C C 3 0 - 8 8 5 9 - 4 8 1 A - 9 6 5 4 - F D 9 B 7 4 3 1 0 B E F } " = M u s i c m a t c h J u k e b o x

" { 8 6 5 A 8 9 5 1 - 8 D 9 A - 4 6 C B - 8 4 A 2 - 3 D 6 7 B A 3 8 B 9 2 3 } " = E A S E U S D e l e t e d F i l e R e c o v e r y 2 . 1 . 1

" { 8 A 7 0 8 D D 8 - A 5 E 6 - 1 1 D 4 - A 7 0 6 - 0 0 0 6 2 9 E 9 5 E 2 0 } " = I n t e l ( R ) G r a p h i c s M e d i a A c c e l e r a t o r D r i v e r f o r M o b i l e

" { 8 A 9 B 8 1 4 8 - D D D 7 - 4 4 8 F - B D 6 C - 3 5 8 3 8 6 D 3 2 3 5 4 } " = C o r e l P h o t o A l b u m 6

" { 9 0 1 2 0 0 0 0 - 0 0 2 0 - 0 4 0 9 - 0 0 0 0 - 0 0 0 0 0 0 0 F F 1 C E } " = C o m p a t i b i l i t y P a c k f o r t h e 2 0 0 7 O f f i c e s y s t e m

" { 9 0 8 5 0 4 0 9 - 6 0 0 0 - 1 1 D 3 - 8 C F E - 0 1 5 0 0 4 8 3 8 3 C 9 } " = M i c r o s o f t O f f i c e W o r d V i e w e r 2 0 0 3

" { 9 5 1 2 0 0 0 0 - 0 0 A F - 0 4 0 9 - 0 0 0 0 - 0 0 0 0 0 0 0 F F 1 C E } " = M i c r o s o f t O f f i c e P o w e r P o i n t V i e w e r 2 0 0 7 ( E n g l i s h )

" { 9 5 1 2 0 0 0 0 - 0 0 B 9 - 0 4 0 9 - 0 0 0 0 - 0 0 0 0 0 0 0 F F 1 C E } " = M i c r o s o f t A p p l i c a t i o n E r r o r R e p o r t i n g

" { A 0 4 0 A C 7 7 - C 1 A A - 4 C C 9 - 8 9 3 1 - 9 F 6 4 8 A F 1 7 8 F 6 } " = V C 9 . 0 R u n t i m e

" { A 1 F 6 6 F C 9 - 1 1 E E - 4 F 2 F - 9 8 C 9 - 1 6 F 8 D 1 E 6 9 F B 7 } " = S e g o e U I

" { A 2 7 6 5 0 2 A - 8 9 7 9 - 4 4 F B - 8 0 9 0 - 9 0 C F 7 2 F 2 2 A B C } " = A V G 2 0 1 1

" { A 6 8 3 A 2 C 0 - 8 2 1 C - 4 8 6 F - 8 5 8 C - F A 6 3 4 D B 5 E 8 6 4 } " = E d u c a t e U

" { A B 7 0 8 C 9 B - 9 7 C 8 - 4 A C 9 - 8 9 9 B - D B F 2 2 6 A C 9 3 8 2 } " = S o n i c R e c o r d N o w A u d i o

" { A C 7 6 B A 8 6 - 7 A D 7 - 1 0 3 3 - 7 B 4 4 - A 7 1 0 0 0 0 0 0 0 0 2 } " = A d o b e R e a d e r 7 . 1 . 0

" { A F 1 9 F 2 9 1 - F 2 2 F - 4 7 9 8 - 9 6 6 2 - 5 2 5 3 0 5 A E 9 E 4 8 } " = W o r d P e r f e c t O f f i c e 1 2

" { B 1 2 6 6 5 F 4 - 4 E 9 3 - 4 A B 4 - B 7 F C - 3 7 0 5 3 B 5 2 4 6 2 9 } " = S o n i c R e c o r d N o w C o p y

" { B 1 3 A 7 C 4 1 5 8 1 B 4 1 1 2 9 0 F B C 0 3 9 5 6 9 4 E 2 A 9 } " = D i v X C o n v e r t e r

" { B 4 0 9 2 C 6 D - E 8 8 6 - 4 C B 2 - B A 6 8 - F E 5 A 8 8 D 3 1 D E 6 } _ i s 1 " = S p y b o t - S e a r c h & D e s t r o y

" { B 7 0 2 C C C E - 3 1 7 6 - 4 D B F - B 9 3 2 - D 1 B 8 F 4 0 2 F 3 3 0 } " = D i g i t a l C o n t e n t P o r t a l

" { C 0 F 1 D 6 9 7 - 0 C 8 F - 4 5 6 3 - A 4 0 6 - 8 3 0 A E 5 2 B C E 6 5 } " = E W A _ n e t _ W I S

" { C 5 0 7 4 C C 4 - 0 E 2 6 - 4 7 1 6 - A 3 0 7 - 9 6 0 2 7 2 A 9 0 0 4 0 } " = Q u i c k S e t

" { C 7 8 E A C 6 F - 7 A 7 3 - 4 5 2 E - 8 1 3 4 - D B B 2 1 6 5 C 5 A 6 8 } " = Q u i c k T i m e

" { C B 2 F 7 E D D - 9 D 1 F - 4 3 C 1 - 9 0 F C - 4 F 5 2 E A E 1 7 2 A 1 } " = M i c r o s o f t . N E T F r a m e w o r k 1 . 1

" { D 2 9 8 8 E 9 B - C 7 3 F - 4 2 2 C - A D 4 B - A 6 6 E B E 2 5 7 1 2 0 } " = M C U

" { D 7 8 A 1 4 6 8 - 8 4 F D - 4 2 2 6 - B B 3 3 - 7 1 3 A 7 E B E 3 0 2 8 } " = D o c u m e n t _ I n s t a l l e r

" { D D 0 D D C 9 E - 2 E D 4 - 4 4 D D - B 4 6 1 - 0 E F C 1 2 6 8 1 3 A 0 } " = O n 2 V P 7 P e r s o n a l E d i t i o n

" { D E D 5 3 B 0 B - B 6 7 C - 4 2 4 4 - A E 6 A - D 6 F D 3 C 2 8 D 1 E F } " = A d - A w a r e

" { D F 6 A 5 8 9 A - 7 A 1 A - 4 3 0 C - 9 F F 2 - A 0 B D B 4 2 6 6 9 D C } " = S e a r c h A s s i s t

" { E 2 D F E 0 6 9 - 0 8 3 E - 4 6 3 1 - 9 B 6 C - 4 3 C 4 8 E 9 9 1 D E 5 } " = J u n k M a i l f i l t e r u p d a t e

" { E 6 4 6 D C F 0 - 5 A 6 8 - 1 1 D 5 - B 2 2 9 - 0 0 2 0 7 8 0 1 7 F B F } " = D i g i t a l L i n e D e t e c t

" { E 6 8 C 5 7 8 3 - A 1 E 6 - 4 D 4 C - 8 3 D 4 - 9 9 D D 4 7 0 F 3 D 9 4 } " = E W A _ n e t _ S e r v e r

" { E 9 3 E 5 E F 6 - D 3 6 1 - 4 8 1 E - 8 4 9 D - F 1 6 E F 5 C 7 8 E B C } " = M u s i c m a t c h f o r W i n d o w s M e d i a P l a y e r

" { F 0 B 4 3 0 D 1 - B 6 A A - 4 7 3 D - 9 B 0 6 - A A 3 D D 0 1 F D 0 B 8 } " = M i c r o s o f t S Q L S e r v e r 2 0 0 5 C o m p a c t E d i t i o n [ E N U ]

" { F 0 E 1 2 B B A - A D 6 6 - 4 0 2 2 - A 4 5 3 - A 1 C 8 A 0 C 4 D 5 7 0 } " = M i c r o s o f t C h o i c e G u a r d

" { F 3 3 3 A 3 3 D - 1 2 5 C - 3 2 A 2 - 8 D C E - 5 C 5 D 1 4 2 3 1 E 2 7 } " = V i s u a l C + + 2 0 0 8 x 8 6 R u n t i m e - ( v 9 . 0 . 3 0 7 2 9 )

" { F 3 3 3 A 3 3 D - 1 2 5 C - 3 2 A 2 - 8 D C E - 5 C 5 D 1 4 2 3 1 E 2 7 } . v c _ x 8 6 r u n t i m e _ 3 0 7 2 9 _ 0 1 " = V i s u a l C + + 2 0 0 8 x 8 6 R u n t i m e - v 9 . 0 . 3 0 7 2 9 . 0 1

" { F 4 1 8 5 2 C 7 - 9 3 9 E - 4 9 A 3 - A 5 A 7 - 5 E 3 A 8 1 C 3 2 A 8 B } " = E W A _ n e t _ C o r e

" { F 4 9 A F E 1 E - A 8 F 1 - 4 7 6 4 - 9 1 3 8 - C 8 2 C 8 E 6 1 7 E 2 B } " = E W A _ n e t _ A d m i n

" { F 4 C 6 8 8 9 8 - E B A 5 - 4 6 A 9 - 8 2 B 3 - 2 D 3 0 4 2 6 0 8 6 B F } " = A V G 2 0 1 1

" { F 5 3 4 6 6 1 4 - B 7 C 4 - 4 E 9 4 - 8 2 6 A - E 2 3 6 3 1 5 5 2 3 3 D } " = E a s y C l e a n e r

" { F 8 5 0 7 0 7 C - B 6 A 0 - 4 B 5 6 - 8 7 0 9 - F 8 9 C F 8 F 9 A C 6 D } " = E r a s e r

" 1 - C l i c k A n s w e r s " = 1 - C l i c k A n s w e r s

" 1 s t P a g e 2 0 0 0 2 . 0 0 F r e e " = 1 s t P a g e 2 0 0 0 2 . 0 0 F r e e

" 7 - Z i p " = 7 - Z i p 4 . 6 5

" A d - A w a r e " = A d - A w a r e

" A d o b e F l a s h P l a y e r A c t i v e X " = A d o b e F l a s h P l a y e r 1 0 A c t i v e X

" A d o b e F l a s h P l a y e r P l u g i n " = A d o b e F l a s h P l a y e r 1 0 P l u g i n

" A d o b e P h o t o s h o p 6 . 0 " = A d o b e P h o t o s h o p 6 . 0

" A d o b e S h o c k w a v e P l a y e r " = A d o b e S h o c k w a v e P l a y e r

" A m e r i c a O n l i n e u s " = A m e r i c a O n l i n e ( C h o o s e w h i c h v e r s i o n t o r e m o v e )

" A O L C o n n e c t i v i t y S e r v i c e s " = A O L C o n n e c t i v i t y S e r v i c e s

" A O L C o a c h " = A O L C o a c h V e r s i o n 1 . 0 ( B u i l d : 2 0 0 4 0 2 2 9 . 1 e n )

" A V G " = A V G 2 0 1 1

" B r o a d c o m 8 0 2 . 1 1 b N e t w o r k A d a p t e r " = D e l l W i r e l e s s W L A N C a r d

" C C l e a n e r " = C C l e a n e r

" C N X T _ M O D E M _ H D A U D I O _ V E N _ 1 4 F 1 & D E V _ 2 B F A & S U B S Y S _ 1 4 F 1 0 0 C 3 " = C o n e x a n t H D A D 1 1 0 M D C V . 9 2 M o d e m

" C o d I n s t l " = I n t e l A / V C o d e c s V 2 . 0

" D e l l D i g i t a l J u k e b o x D r i v e r " = D e l l D i g i t a l J u k e b o x D r i v e r

" D i v X P l u s D i r e c t S h o w F i l t e r s " = D i v X P l u s D i r e c t S h o w F i l t e r s

" D i v X S e t u p . d i v x . c o m " = D i v X S e t u p

" E A S E U S P a r t i t i o n M a s t e r H o m e E d i t i o n _ i s 1 " = E A S E U S P a r t i t i o n M a s t e r 6 . 1 . 1 H o m e E d i t i o n

" e M u s i c P r o m o t i o n " = e M u s i c - 5 0 F r e e M P 3 o f f e r

" E r a s e r " = E r a s e r

" E W A n e t " = E W A n e t

" F i l e M e n u T o o l s _ i s 1 " = F i l e M e n u T o o l s

" F i n a l D a t a P r e m i u m 2 . 0 D e m o " = F i n a l D a t a P r e m i u m 2 . 0 D e m o

" F i n a l D a t a S t a n d a r d 2 . 0 D e m o " = F i n a l D a t a S t a n d a r d 2 . 0 D e m o

" F L V P l a y e r " = F L V P l a y e r 2 . 0 ( b u i l d 2 5 )

" F r e e D o w n l o a d M a n a g e r _ i s 1 " = F r e e D o w n l o a d M a n a g e r 2 . 0

" g e t P l u s ( R ) _ o c x " = g e t P l u s ( R ) _ o c x

" G e t R i g h t _ i s 1 " = G e t R i g h t

" G n u P G " = G N U P r i v a c y G u a r d

" G u r u N e t " = G u r u N e t

" h p d e s k j e t 9 3 0 c s e r i e s " = h p d e s k j e t 9 3 0 c s e r i e s ( R e m o v e o n l y )

" i e 8 " = W i n d o w s I n t e r n e t E x p l o r e r 8

" I n t e r A c t u a l P l a y e r " = I n t e r A c t u a l P l a y e r

" I r f a n V i e w " = I r f a n V i e w ( r e m o v e o n l y )

" K r e m l i n 2 . 2 1 " = K r e m l i n 2 . 2 1

" L i v e R e g " = L i v e R e g ( S y m a n t e c C o r p o r a t i o n )

" L i v e U p d a t e " = L i v e U p d a t e 2 . 6 ( S y m a n t e c C o r p o r a t i o n )

" M a l w a r e b y t e s ' A n t i - M a l w a r e _ i s 1 " = M a l w a r e b y t e s ' A n t i - M a l w a r e

" M i c r o s o f t . N E T F r a m e w o r k 1 . 1 ( 1 0 3 3 ) " = M i c r o s o f t . N E T F r a m e w o r k 1 . 1

" M o z i l l a F i r e f o x ( 3 . 6 . 1 3 ) " = M o z i l l a F i r e f o x ( 3 . 6 . 1 3 )

" P a n d o r a R e c o v e r y " = P a n d o r a R e c o v e r y ( R e m o v e O n l y )

" P o l i p o " = P o l i p o 1 . 0 . 4 . 1

" P r i v o x y " = P r i v o x y 3 . 0 . 6

" P u n c h ! H o m e D e s i g n - P l a t i n u m " = P u n c h ! H o m e D e s i g n - P l a t i n u m

" R e a l P l a y e r 6 . 0 " = R e a l P l a y e r B a s i c

" S m a r t S u i t e V 9 8 . 0 " = L o t u s S m a r t S u i t e R e l e a s e 9

" S p y b o t - S e a r c h & D e s t r o y _ i s 1 " = S p y b o t - S e a r c h & D e s t r o y 1 . 5 . 2 . 2 0

" S T 6 U N S T # 1 " = K a r e n ' s R e c y c l e r

" S t a r F i n d e r " = S t a r F i n d e r

" S t r e e t P l u g i n " = L e a r n 2 P l a y e r ( U n i n s t a l l O n l y )

" S y n T P D e i n s t K e y " = S y n a p t i c s P o i n t i n g D e v i c e D r i v e r

" T o r " = T o r 0 . 2 . 1 . 2 9

" T r u e C r y p t " = T r u e C r y p t

" T w e a k U I 2 . 1 0 " = T w e a k U I

" V e r b a t i m T u r b o U S B 2 . 0 _ i s 1 " = V e r b a t i m T u r b o U S B 2 . 0

" V i d a l i a " = V i d a l i a 0 . 2 . 1 0

" V i e w p o i n t M e d i a P l a y e r " = V i e w p o i n t M e d i a P l a y e r

" V L C m e d i a p l a y e r " = V L C m e d i a p l a y e r 1 . 0 . 3

" W e b C y b e r C o a c h _ w t r b " = W e b C y b e r C o a c h 3 . 2 D e l l

" W i n a m p " = W i n a m p ( r e m o v e o n l y )

" W i n d o w W a s h e r " = W i n d o w W a s h e r

" W i n d o w s M e d i a F o r m a t R u n t i m e " = W i n d o w s M e d i a F o r m a t R u n t i m e

" W i n d o w s M e d i a P l a y e r " = W i n d o w s M e d i a P l a y e r 1 0

" W i n d o w s X P S e r v i c e P a c k " = W i n d o w s X P S e r v i c e P a c k 3

" W i n L i v e S u i t e _ W a v e 3 " = W i n d o w s L i v e E s s e n t i a l s

" W i n P c a p I n s t " = W i n P c a p 4 . 1 . 1

" W i n R A R a r c h i v e r " = W i n R A R a r c h i v e r

" W M F D i s t 1 1 " = W i n d o w s M e d i a F o r m a t 1 1 r u n t i m e

" w m p 1 1 " = W i n d o w s M e d i a P l a y e r 1 1

" Z o n e A l a r m " = Z o n e A l a r m

" Z o n e A l a r m S B U n i n s t a l l " = Z o n e A l a r m S p y B l o c k e r



[ c o l o r = # E 5 6 7 1 7 ] = = = = = = = = = = L a s t 1 0 E v e n t L o g E r r o r s = = = = = = = = = = [ / c o l o r ]



[ A p p l i c a t i o n E v e n t s ]

E r r o r - 2 / 2 4 / 2 0 1 1 1 2 : 4 4 : 3 8 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = A p p l i c a t i o n E r r o r | I D = 1 0 0 0

D e s c r i p t i o n = F a u l t i n g a p p l i c a t i o n t b m u x 3 2 . e x e , v e r s i o n 5 . 3 . 1 . 4 7 , f a u l t i n g m o d u l e

u n k n o w n , v e r s i o n 0 . 0 . 0 . 0 , f a u l t a d d r e s s 0 x 0 0 1 2 e 6 2 0 .



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 4 8 : 4 2 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = E W A n e t D B C o r e | I D = 4 0 9 7

D e s c r i p t i o n = T r a n s B a s e M u l t i p l e x e r e r r o r r e p o r t : D a m a g e d f i l e < C : \ P r o g r a m F i l e s \ E W A

n e t \ d a t a b a s e \ T r a n s B a s e E W A \ f . d b > , w i l l r e s t o r e i t f r o m < C : \ P r o g r a m F i l e s \ E W A n e t \ d a t a b a s e \ T r a n s B a s e

E W A \ f . b a k >



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 4 8 : 4 2 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = E W A n e t D B C o r e | I D = 4 0 9 7

D e s c r i p t i o n = T r a n s B a s e M u l t i p l e x e r e r r o r r e p o r t : D a m a g e d f i l e < C : \ P r o g r a m F i l e s \ E W A

n e t \ d a t a b a s e \ T r a n s B a s e E W A \ f . d b > , w i l l r e s t o r e i t f r o m < C : \ P r o g r a m F i l e s \ E W A n e t \ d a t a b a s e \ T r a n s B a s e

E W A \ f . b a k >



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 4 8 : 4 2 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = E W A n e t S e r v e r | I D = 4 0 9 7

D e s c r i p t i o n = T h e L o a d L i b r a r y f u n c t i o n f a i l e d f o r t h e f o l l o w i n g r e a s o n : T h e s p e c i f i e d

m o d u l e c o u l d n o t b e f o u n d . .



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 4 8 : 4 2 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = E W A n e t S e r v e r | I D = 4 0 9 6

D e s c r i p t i o n = C o u l d n o t l o a d t h e J a v a V i r t u a l M a c h i n e .



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 4 8 : 4 2 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = E W A n e t S e r v e r | I D = 4 0 9 8

D e s c r i p t i o n = T h e E W A n e t S e r v e r s e r v i c e f a i l e d t o s t a r t .



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 4 8 : 4 3 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = E W A n e t D B W I S | I D = 4 0 9 7

D e s c r i p t i o n = T r a n s B a s e M u l t i p l e x e r e r r o r r e p o r t : D a m a g e d f i l e < C : \ P r o g r a m F i l e s \ E W A

n e t \ d a t a b a s e \ T r a n s B a s e W I S \ f . d b > , w i l l r e s t o r e i t f r o m < C : \ P r o g r a m F i l e s \ E W A n e t \ d a t a b a s e \ T r a n s B a s e

W I S \ f . b a k >



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 4 8 : 4 3 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = E W A n e t D B W I S | I D = 4 0 9 7

D e s c r i p t i o n = T r a n s B a s e M u l t i p l e x e r e r r o r r e p o r t : D a m a g e d f i l e < C : \ P r o g r a m F i l e s \ E W A

n e t \ d a t a b a s e \ T r a n s B a s e W I S \ f . d b > , w i l l r e s t o r e i t f r o m < C : \ P r o g r a m F i l e s \ E W A n e t \ d a t a b a s e \ T r a n s B a s e

W I S \ f . b a k >



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 4 9 : 3 1 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = A p p l i c a t i o n E r r o r | I D = 1 0 0 0

D e s c r i p t i o n = F a u l t i n g a p p l i c a t i o n t b m u x 3 2 . e x e , v e r s i o n 5 . 3 . 1 . 4 7 , f a u l t i n g m o d u l e

u n k n o w n , v e r s i o n 0 . 0 . 0 . 0 , f a u l t a d d r e s s 0 x 0 0 1 2 e 6 2 0 .



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 5 0 : 1 7 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = A p p l i c a t i o n E r r o r | I D = 1 0 0 0

D e s c r i p t i o n = F a u l t i n g a p p l i c a t i o n t b m u x 3 2 . e x e , v e r s i o n 5 . 3 . 1 . 4 7 , f a u l t i n g m o d u l e

u n k n o w n , v e r s i o n 0 . 0 . 0 . 0 , f a u l t a d d r e s s 0 x 0 0 1 2 e 6 2 0 .



[ S y s t e m E v e n t s ]

E r r o r - 2 / 2 4 / 2 0 1 1 1 1 : 5 0 : 5 8 A M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = S e r v i c e C o n t r o l M a n a g e r | I D = 7 0 2 6

D e s c r i p t i o n = T h e f o l l o w i n g b o o t - s t a r t o r s y s t e m - s t a r t d r i v e r ( s ) f a i l e d t o l o a d :

o r e a n s 3 2



E r r o r - 2 / 2 4 / 2 0 1 1 1 2 : 1 0 : 0 9 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = S e r v i c e C o n t r o l M a n a g e r | I D = 7 0 0 0

D e s c r i p t i o n = T h e a - s q u a r e d F r e e S e r v i c e s e r v i c e f a i l e d t o s t a r t d u e t o t h e f o l l o w i n g

e r r o r : % % 2



E r r o r - 2 / 2 4 / 2 0 1 1 1 2 : 1 0 : 0 9 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = S e r v i c e C o n t r o l M a n a g e r | I D = 7 0 0 0

D e s c r i p t i o n = T h e A S C T R M s e r v i c e f a i l e d t o s t a r t d u e t o t h e f o l l o w i n g e r r o r : % % 2



E r r o r - 2 / 2 4 / 2 0 1 1 1 2 : 1 1 : 1 8 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = S e r v i c e C o n t r o l M a n a g e r | I D = 7 0 2 6

D e s c r i p t i o n = T h e f o l l o w i n g b o o t - s t a r t o r s y s t e m - s t a r t d r i v e r ( s ) f a i l e d t o l o a d :

o r e a n s 3 2



E r r o r - 2 / 2 4 / 2 0 1 1 1 2 : 4 3 : 4 3 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = S e r v i c e C o n t r o l M a n a g e r | I D = 7 0 0 0

D e s c r i p t i o n = T h e a - s q u a r e d F r e e S e r v i c e s e r v i c e f a i l e d t o s t a r t d u e t o t h e f o l l o w i n g

e r r o r : % % 2



E r r o r - 2 / 2 4 / 2 0 1 1 1 2 : 4 3 : 4 3 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = S e r v i c e C o n t r o l M a n a g e r | I D = 7 0 0 0

D e s c r i p t i o n = T h e A S C T R M s e r v i c e f a i l e d t o s t a r t d u e t o t h e f o l l o w i n g e r r o r : % % 2



E r r o r - 2 / 2 4 / 2 0 1 1 1 2 : 4 4 : 5 4 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = S e r v i c e C o n t r o l M a n a g e r | I D = 7 0 2 6

D e s c r i p t i o n = T h e f o l l o w i n g b o o t - s t a r t o r s y s t e m - s t a r t d r i v e r ( s ) f a i l e d t o l o a d :

o r e a n s 3 2



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 4 9 : 1 5 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = S e r v i c e C o n t r o l M a n a g e r | I D = 7 0 0 0

D e s c r i p t i o n = T h e a - s q u a r e d F r e e S e r v i c e s e r v i c e f a i l e d t o s t a r t d u e t o t h e f o l l o w i n g

e r r o r : % % 2



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 4 9 : 1 5 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = S e r v i c e C o n t r o l M a n a g e r | I D = 7 0 0 0

D e s c r i p t i o n = T h e A S C T R M s e r v i c e f a i l e d t o s t a r t d u e t o t h e f o l l o w i n g e r r o r : % % 2



E r r o r - 2 / 2 4 / 2 0 1 1 1 : 5 0 : 3 1 P M | C o m p u t e r N a m e = D 6 R W N 2 B 1 | S o u r c e = S e r v i c e C o n t r o l M a n a g e r | I D = 7 0 2 6

D e s c r i p t i o n = T h e f o l l o w i n g b o o t - s t a r t o r s y s t e m - s t a r t d r i v e r ( s ) f a i l e d t o l o a d :

o r e a n s 3 2





< E n d o f r e p o r t >


Report.txt (Rookit Unhooker)

R k U V e r s i o n : 3 . 8 . 3 8 8 . 5 9 0 , T y p e L E ( S R 2 )

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

O S N a m e : W i n d o w s X P

V e r s i o n 5 . 1 . 2 6 0 0 ( S e r v i c e P a c k 3 )

N u m b e r o f p r o c e s s o r s # 1

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

> D r i v e r s

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

0 x 8 0 4 D 7 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ n t k r n l p a . e x e 2 0 6 5 7 9 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , N T K e r n e l & S y s t e m )

0 x 8 0 4 D 7 0 0 0 P n p M a n a g e r 2 0 6 5 7 9 2 b y t e s

0 x 8 0 4 D 7 0 0 0 R A W 2 0 6 5 7 9 2 b y t e s

0 x 8 0 4 D 7 0 0 0 W M I x W D M 2 0 6 5 7 9 2 b y t e s

0 x B F 8 0 0 0 0 0 W i n 3 2 k 1 8 4 7 2 9 6 b y t e s

0 x B F 8 0 0 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ w i n 3 2 k . s y s 1 8 4 7 2 9 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M u l t i - U s e r W i n 3 2 D r i v e r )

0 x F 8 1 8 3 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ i a l m n t 5 . s y s 1 3 0 6 6 2 4 b y t e s ( I n t e l C o r p o r a t i o n , I n t e l G r a p h i c s M i n i p o r t D r i v e r )

0 x A A 5 7 8 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ H S F _ D P V . s y s 1 0 3 6 2 8 8 b y t e s ( C o n e x a n t S y s t e m s , I n c . , H S F _ D P d r i v e r )

0 x A A 6 C B 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d r i v e r s \ s t h d a . s y s 1 0 0 3 5 2 0 b y t e s ( S i g m a T e l , I n c . , N D R C )

0 x B F 0 7 7 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ i a l m d d 5 . D L L 9 2 9 7 9 2 b y t e s ( I n t e l C o r p o r a t i o n , D i r e c t D r a w ( R ) D r i v e r f o r I n t e l ( R ) G r a p h i c s T e c h n o l o g y )

0 x A A 4 C 8 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ H S F _ C N X T . s y s 7 2 0 8 9 6 b y t e s ( C o n e x a n t S y s t e m s , I n c . , H S F _ C N X T d r i v e r )

0 x F 8 3 6 2 0 0 0 N t f s . s y s 5 7 7 5 3 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , N T F i l e S y s t e m D r i v e r )

0 x A A 2 F D 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ v s d a t a n t . s y s 5 2 8 3 8 4 b y t e s ( C h e c k P o i n t S o f t w a r e T e c h n o l o g i e s L T D , Z o n e A l a r m F i r e w a l l i n g D r i v e r )

0 x A A 1 9 5 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ m r x s m b . s y s 4 5 8 7 5 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , W i n d o w s N T S M B M i n i r d r )

0 x F 8 0 B B 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ b c m w l 5 . s y s 4 2 5 9 8 4 b y t e s ( B r o a d c o m C o r p o r a t i o n , B r o a d c o m 8 0 2 . 1 1 N e t w o r k A d a p t e r w i r e l e s s d r i v e r )

0 x F 7 F B B 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ u p d a t e . s y s 3 8 5 0 2 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , U p d a t e D r i v e r )

0 x A A 4 1 4 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ t c p i p . s y s 3 6 4 5 4 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , T C P / I P P r o t o c o l D r i v e r )

0 x A 9 8 1 7 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ s r v . s y s 3 3 5 8 7 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , S e r v e r d r i v e r )

0 x A A 3 C C 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ a v g t d i x . s y s 2 9 4 9 1 2 b y t e s ( A V G T e c h n o l o g i e s C Z , s . r . o . , A V G N e t w o r k c o n n e c t i o n w a t c h e r )

0 x A 9 1 B E 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ H T T P . s y s 2 6 6 2 4 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , H T T P P r o t o c o l S t a c k )

0 x A A 1 5 9 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ a v g l d x 8 6 . s y s 2 4 5 7 6 0 b y t e s ( A V G T e c h n o l o g i e s C Z , s . r . o . , A V G A V I L o a d e r D r i v e r )

0 x B F 0 4 2 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ i a l m d e v 5 . D L L 2 1 7 0 8 8 b y t e s ( I n t e l C o r p o r a t i o n , C o m p o n e n t G H A L D r i v e r )

0 x A A 2 5 8 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ d r i v e r s \ t r u e c r y p t . s y s 2 0 8 8 9 6 b y t e s ( T r u e C r y p t F o u n d a t i o n , T r u e C r y p t D r i v e r )

0 x A A 6 7 5 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ H S F H W A Z L . s y s 2 0 4 8 0 0 b y t e s ( C o n e x a n t S y s t e m s , I n c . , H S F _ H W A Z L W D M d r i v e r )

0 x F 8 0 8 C 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ S y n T P . s y s 1 9 2 5 1 2 b y t e s ( S y n a p t i c s , I n c . , S y n a p t i c s T o u c h p a d D r i v e r )

0 x F 8 4 C 3 0 0 0 A C P I . s y s 1 8 8 4 1 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , A C P I D r i v e r f o r N T )

0 x A 9 B 5 4 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ m r x d a v . s y s 1 8 4 3 2 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , W i n d o w s N T W e b D a v M i n i r d r )

0 x F 8 3 3 5 0 0 0 N D I S . s y s 1 8 4 3 2 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , N D I S 5 . 1 w r a p p e r d r i v e r )

0 x A 9 0 2 F 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d r i v e r s \ k m i x e r . s y s 1 7 6 1 2 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , K e r n e l M o d e A u d i o M i x e r )

0 x A A 2 2 D 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ r d b s s . s y s 1 7 6 1 2 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , R e d i r e c t e d D r i v e B u f f e r i n g S u b S y s t e m D r i v e r )

0 x A 9 6 D 7 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ A V G I D S D r i v e r . S y s 1 6 3 8 4 0 b y t e s ( A V G T e c h n o l o g i e s C Z , s . r . o . , I D S A p p l i c a t i o n A c t i v i t y M o n i t o r D r i v e r . )

0 x F 8 1 4 7 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ H D A u d B u s . s y s 1 6 3 8 4 0 b y t e s ( W i n d o w s ( R ) S e r v e r 2 0 0 3 D D K p r o v i d e r , H i g h D e f i n i t i o n A u d i o B u s D r i v e r v 1 . 0 a )

0 x A A 3 7 E 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ n e t b t . s y s 1 6 3 8 4 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M B T T r a n s p o r t d r i v e r )

0 x A A 3 A 6 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ i p n a t . s y s 1 5 5 6 4 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , I P N e t w o r k A d d r e s s T r a n s l a t o r )

0 x A 9 0 A A 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ F a s t f a t . S Y S 1 4 7 4 5 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , F a s t F A T F i l e S y s t e m D r i v e r )

0 x A A 6 A 7 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d r i v e r s \ p o r t c l s . s y s 1 4 7 4 5 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , P o r t C l a s s ( C l a s s D r i v e r f o r P o r t / M i n i p o r t D e v i c e s ) )

0 x F 8 1 2 3 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ U S B P O R T . S Y S 1 4 7 4 5 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , U S B 1 . 1 & 2 . 0 P o r t D r i v e r )

0 x F 8 0 6 9 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ k s . s y s 1 4 3 3 6 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , K e r n e l C S A L i b r a r y )

0 x A A 2 D B 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ d r i v e r s \ a f d . s y s 1 3 9 2 6 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , A n c i l l a r y F u n c t i o n D r i v e r f o r W i n S o c k )

0 x B F 0 2 0 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ i a l m d n t 5 . d l l 1 3 9 2 6 4 b y t e s ( I n t e l C o r p o r a t i o n , C o n t r o l l e r H u b f o r I n t e l G r a p h i c s D r i v e r )

0 x 8 0 6 D 0 0 0 0 A C P I _ H A L 1 3 1 8 4 0 b y t e s

0 x 8 0 6 D 0 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ h a l . d l l 1 3 1 8 4 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , H a r d w a r e A b s t r a c t i o n L a y e r D L L )

0 x F 8 4 4 3 0 0 0 f l t m g r . s y s 1 3 1 0 7 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M i c r o s o f t F i l e s y s t e m F i l t e r M a n a g e r )

0 x F 8 4 9 3 0 0 0 f t d i s k . s y s 1 2 6 9 7 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , F T D i s k D r i v e r )

0 x F 8 3 1 B 0 0 0 M u p . s y s 1 0 6 4 9 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M u l t i p l e U N C P r o v i d e r d r i v e r )

0 x A 9 F 5 A 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d l a \ t f s n u d f . s y s 1 0 2 4 0 0 b y t e s ( S o n i c S o l u t i o n s , D r i v e L e t t e r A c c e s s C o m p o n e n t )

0 x A 9 F 4 1 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d l a \ t f s n u d f a . s y s 1 0 2 4 0 0 b y t e s ( S o n i c S o l u t i o n s , D r i v e L e t t e r A c c e s s C o m p o n e n t )

0 x F 8 4 7 B 0 0 0 a t a p i . s y s 9 8 3 0 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , I D E / A T A P I P o r t D r i v e r )

0 x A A 0 C 9 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ d u m p _ a t a p i . s y s 9 8 3 0 4 b y t e s

0 x F 8 4 6 3 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ S C S I P O R T . S Y S 9 8 3 0 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , S C S I P o r t D r i v e r )

0 x F 8 3 E F 0 0 0 K S e c D D . s y s 9 4 2 0 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , K e r n e l S e c u r i t y S u p p o r t P r o v i d e r I n t e r f a c e )

0 x F 8 0 5 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ n d i s w a n . s y s 9 4 2 0 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M S P P P F r a m i n g D r i v e r ( S t r o n g E n c r y p t i o n ) )

0 x F 8 4 0 6 0 0 0 S y m S n a p . s y s 9 0 1 1 2 b y t e s ( S t o r a g e C r a f t , S t o r a g e C r a f t V o l u m e S n a p - S h o t )

0 x A 9 F 7 3 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d l a \ t f s n i f s . s y s 9 0 1 1 2 b y t e s ( S o n i c S o l u t i o n s , D r i v e L e t t e r A c c e s s C o m p o n e n t )

0 x F 8 4 1 C 0 0 0 d r v m c d b . s y s 8 6 0 1 6 b y t e s ( S o n i c S o l u t i o n s , D e v i c e D r i v e r )

0 x A 9 A 7 7 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d r i v e r s \ w d m a u d . s y s 8 6 0 1 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M M S Y S T E M W a v e / M i d i A P I m a p p e r )

0 x F 8 1 6 F 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ V I D E O P R T . S Y S 8 1 9 2 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , V i d e o P o r t D r i v e r )

0 x A A 4 6 D 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ i p s e c . s y s 7 7 8 2 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , I P S e c D r i v e r )

0 x B F 0 0 0 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ d r i v e r s \ d x g . s y s 7 3 7 2 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , D i r e c t X G r a p h i c s D r i v e r )

0 x F 8 4 3 1 0 0 0 s r . s y s 7 3 7 2 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , S y s t e m R e s t o r e F i l e s y s t e m F i l t e r D r i v e r )

0 x F 8 4 B 2 0 0 0 p c i . s y s 6 9 6 3 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , N T P l u g a n d P l a y P C I E n u m e r a t o r )

0 x F 8 0 4 1 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ p s c h e d . s y s 6 9 6 3 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M S Q o S P a c k e t S c h e d u l e r )

0 x F 7 F A B 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ C d f s . S Y S 6 5 5 3 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , C D - R O M F i l e S y s t e m D r i v e r )

0 x F 8 6 E 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ c d r o m . s y s 6 5 5 3 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , S C S I C D - R O M D r i v e r )

0 x F 8 7 6 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d r i v e r s \ d r m k . s y s 6 1 4 4 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M i c r o s o f t K e r n e l D R M D e s c r a m b l e r F i l t e r )

0 x F 8 6 4 2 0 0 0 L b d . s y s 6 1 4 4 0 b y t e s ( L a v a s o f t A B , B o o t D r i v e r )

0 x F 8 6 F 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ r e d b o o k . s y s 6 1 4 4 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , R e d b o o k A u d i o F i l t e r D r i v e r )

0 x A 9 E D 9 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d r i v e r s \ s y s a u d i o . s y s 6 1 4 4 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , S y s t e m A u d i o W D M F i l t e r )

0 x F 8 7 7 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ u s b h u b . s y s 6 1 4 4 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , D e f a u l t H u b D r i v e r f o r U S B )

0 x B F 0 1 2 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ i a l m r n t 5 . d l l 5 7 3 4 4 b y t e s ( I n t e l C o r p o r a t i o n , C o n t r o l l e r H u b f o r I n t e l G r a p h i c s D r i v e r )

0 x F 8 6 3 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ C L A S S P N P . S Y S 5 3 2 4 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , S C S I C l a s s S y s t e m D l l )

0 x F 8 6 C 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ i 8 0 4 2 p r t . s y s 5 3 2 4 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , i 8 0 4 2 P o r t D r i v e r )

0 x F 8 7 0 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ r a s l 2 t p . s y s 5 3 2 4 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , R A S L 2 T P m i n i - p o r t / c a l l - m a n a g e r d r i v e r )

0 x F 8 6 1 2 0 0 0 V o l S n a p . s y s 5 3 2 4 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , V o l u m e S h a d o w C o p y D r i v e r )

0 x F 8 7 A 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ a v g m f x 8 6 . s y s 4 9 1 5 2 b y t e s ( A V G T e c h n o l o g i e s C Z , s . r . o . , A V G R e s i d e n t S h i e l d M i n i f i l t e r D r i v e r )

0 x F 8 6 B 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ b c m 4 s b x p . s y s 4 9 1 5 2 b y t e s ( B r o a d c o m C o r p o r a t i o n , B r o a d c o m C o r p o r a t i o n N D I S 5 . 1 e t h e r n e t d r i v e r )

0 x F 8 7 2 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ r a s p p t p . s y s 4 9 1 5 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , P e e r - t o - P e e r T u n n e l i n g P r o t o c o l )

0 x F 8 7 F 2 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ F i p s . S Y S 4 5 0 5 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , F I P S C r y p t o D r i v e r )

0 x F 8 6 D 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ i m a p i . s y s 4 5 0 5 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , I M A P I K e r n e l D r i v e r )

0 x F 8 6 0 2 0 0 0 M o u n t M g r . s y s 4 5 0 5 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M o u n t M a n a g e r )

0 x F 8 7 1 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ r a s p p p o e . s y s 4 5 0 5 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , R A S P P P o E m i n i - p o r t / c a l l - m a n a g e r d r i v e r )

0 x A 9 A 8 C 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ A V G I D S F i l t e r . S y s 4 0 9 6 0 b y t e s ( A V G T e c h n o l o g i e s C Z , s . r . o . , I D S A p p l i c a t i o n A c t i v i t y M o n i t o r F i l t e r D r i v e r . )

0 x A 9 D 8 1 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ A V G I D S S h i m . S y s 4 0 9 6 0 b y t e s ( A V G T e c h n o l o g i e s C Z , s . r . o . , I D S A p p l i c a t i o n A c t i v i t y M o n i t o r L o a d e r D r i v e r . )

0 x F 8 6 9 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d r i v e r s \ d r v n d d m . s y s 4 0 9 6 0 b y t e s ( S o n i c S o l u t i o n s , D e v i c e D r i v e r M a n a g e r )

0 x F 8 5 F 2 0 0 0 i s a p n p . s y s 4 0 9 6 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , P N P I S A B u s D r i v e r )

0 x F 8 7 5 2 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ N D P r o x y . S Y S 4 0 9 6 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , N D I S P r o x y )

0 x F 8 6 5 2 0 0 0 P x H e l p 2 0 . s y s 4 0 9 6 0 b y t e s ( S o n i c S o l u t i o n s , P x E n g i n e D e v i c e D r i v e r f o r W i n d o w s 2 0 0 0 / X P )

0 x F 8 7 4 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ t e r m d d . s y s 4 0 9 6 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , T e r m i n a l S e r v e r D r i v e r )

0 x F 8 7 E 2 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ V 2 I M o u n t . S Y S 4 0 9 6 0 b y t e s ( S y m a n t e c C o r p o r a t i o n , V 2 i M o u n t . s y s - I m a g e M o u n t i n g D e v i c e D r i v e r )

0 x F 8 6 6 2 0 0 0 A V G I D S E H . S y s 3 6 8 6 4 b y t e s ( A V G T e c h n o l o g i e s C Z , s . r . o . , I D S A p p l i c a t i o n A c t i v i t y M o n i t o r H e l p e r D r i v e r . )

0 x F 8 6 2 2 0 0 0 d i s k . s y s 3 6 8 6 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , P n P D i s k D r i v e r )

0 x F 8 6 A 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ i n t e l p p m . s y s 3 6 8 6 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , P r o c e s s o r D e v i c e D r i v e r )

0 x F 8 7 3 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ m s g p c . s y s 3 6 8 6 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M S G e n e r a l P a c k e t C l a s s i f i e r )

0 x F 8 7 C 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ n e t b i o s . s y s 3 6 8 6 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , N e t B I O S i n t e r f a c e d r i v e r )

0 x A A 0 7 1 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ N o r m a n d y . S Y S 3 6 8 6 4 b y t e s ( R K U D r i v e r )

0 x A A 0 9 1 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d l a \ t f s n c o f s . s y s 3 6 8 6 4 b y t e s ( S o n i c S o l u t i o n s , D r i v e L e t t e r A c c e s s C o m p o n e n t )

0 x F 8 7 B 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ w a n a r p . s y s 3 6 8 6 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M S R e m o t e A c c e s s a n d R o u t i n g A R P D r i v e r )

0 x F 8 8 8 2 0 0 0 c e r c s r 6 . s y s 3 2 7 6 8 b y t e s ( A d a p t e c , I n c . , D E L L C E R C S A T A 1 . 5 / 6 c h M i n i p o r t D r i v e r )

0 x F 8 9 3 A 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ M o d e m . S Y S 3 2 7 6 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M o d e m D e v i c e D r i v e r )

0 x F 8 9 7 2 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ N p f s . S Y S 3 2 7 6 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , N P F S D r i v e r )

0 x F 8 8 F A 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ u s b e h c i . s y s 3 2 7 6 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , E H C I e U S B M i n i p o r t D r i v e r )

0 x F 8 9 5 A 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ H I D P A R S E . S Y S 2 8 6 7 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , H i d P a r s i n g L i b r a r y )

0 x F 8 8 7 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ P C I I D E X . S Y S 2 8 6 7 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , P C I I D E B u s D r i v e r E x t e n s i o n )

0 x F 8 8 D A 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d l a \ t f s n b o i o . s y s 2 8 6 7 2 b y t e s ( S o n i c S o l u t i o n s , D r i v e L e t t e r A c c e s s C o m p o n e n t )

0 x F 8 9 E 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ U S B S T O R . S Y S 2 8 6 7 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , U S B M a s s S t o r a g e C l a s s D r i v e r )

0 x F 8 9 0 A 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ k b d c l a s s . s y s 2 4 5 7 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , K e y b o a r d C l a s s D r i v e r )

0 x F 8 9 0 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ m o u c l a s s . s y s 2 4 5 7 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M o u s e C l a s s D r i v e r )

0 x F 8 9 5 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d r i v e r s \ s s r t l n . s y s 2 4 5 7 6 b y t e s ( S o n i c S o l u t i o n s , S h a r e d D r i v e r C o m p o n e n t )

0 x F 8 9 8 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d r i v e r s \ s y m l c b r d . s y s 2 4 5 7 6 b y t e s ( S y m a n t e c C o r p o r a t i o n , S y m a n t e c C o r e C o m p o n e n t )

0 x F 8 8 F 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ u s b u h c i . s y s 2 4 5 7 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , U H C I U S B M i n i p o r t D r i v e r )

0 x F 8 9 6 2 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ d r i v e r s \ v g a . s y s 2 4 5 7 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , V G A / S u p e r V G A V i d e o D r i v e r )

0 x F 8 9 3 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ w a n a t w 4 . s y s 2 4 5 7 6 b y t e s ( A m e r i c a O n l i n e , I n c . , W a n M i n i p o r t ( A T W ) )

0 x F 8 8 8 A 0 0 0 a v g r k x 8 6 . s y s 2 0 4 8 0 b y t e s ( A V G T e c h n o l o g i e s C Z , s . r . o . , A V G A n t i - R o o t k i t D r i v e r )

0 x F 8 9 6 A 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ M s f s . S Y S 2 0 4 8 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , M a i l s l o t d r i v e r )

0 x F 8 8 7 A 0 0 0 P a r t M g r . s y s 2 0 4 8 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , P a r t i t i o n M a n a g e r )

0 x F 8 9 2 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ p t i l i n k . s y s 2 0 4 8 0 b y t e s ( P a r a l l e l T e c h n o l o g i e s , I n c . , P a r a l l e l T e c h n o l o g i e s D i r e c t P a r a l l e l I O L i b r a r y )

0 x F 8 9 2 A 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ r a s p t i . s y s 2 0 4 8 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , P T I D i r e c t P a r a l l e l ( R ) m i n i - p o r t / c a l l - m a n a g e r d r i v e r )

0 x F 8 9 1 A 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ T D I . S Y S 2 0 4 8 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , T D I W r a p p e r )

0 x F 8 8 B 2 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ w a t c h d o g . s y s 2 0 4 8 0 b y t e s ( M i c r o s o f t C o r p o r a t i o n , W a t c h d o g D r i v e r )

0 x A A 2 9 B 0 0 0 C : \ W I N D O W S \ S Y S T E M 3 2 \ D R I V E R S \ A P P D R V . S Y S 1 6 3 8 4 b y t e s ( D e l l I n c , A p p S u p p o r t D r i v e r )

0 x F 8 A 0 A 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ B A T T C . S Y S 1 6 3 8 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , B a t t e r y C l a s s D r i v e r )

0 x F 8 A E 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ C m B a t t . s y s 1 6 3 8 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , C o n t r o l M e t h o d B a t t e r y D r i v e r )

0 x F 8 2 D A 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ m s s m b i o s . s y s 1 6 3 8 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , S y s t e m M a n a g e m e n t B I O S D r i v e r )

0 x A 9 F A 1 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ n d i s u i o . s y s 1 6 3 8 4 b y t e s ( M i c r o s o f t C o r p o r a t i o n , N D I S U s e r m o d e I / O D r i v e r )

0 x A 9 F F D 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d l a \ t f s n o p i o . s y s 1 6 3 8 4 b y t e s ( S o n i c S o l u t i o n s , D r i v e L e t t e r A c c e s s C o m p o n e n t )

0 x F 8 A 0 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ B O O T V I D . d l l 1 2 2 8 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , V G A B o o t D r i v e r )

0 x F 8 A 0 6 0 0 0 c o m p b a t t . s y s 1 2 2 8 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , C o m p o s i t e B a t t e r y D r i v e r )

0 x A A 1 4 9 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ d r i v e r s \ D x a p i . s y s 1 2 2 8 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , D i r e c t X A P I D r i v e r )

0 x F 8 A E 6 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ G e a r A s p i W D M . S Y S 1 2 2 8 8 b y t e s ( G E A R S o f t w a r e I n c . , C D D V D F i l t e r )

0 x F 8 A 9 6 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ i 2 o m g m t . S Y S 1 2 2 8 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , I 2 O U t i l i t y F i l t e r )

0 x A 9 B 4 0 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ m d m x s d k . s y s 1 2 2 8 8 b y t e s ( C o n e x a n t , D i a g n o s t i c I n t e r f a c e D R I V E R )

0 x F 8 A E E 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ n d i s t a p i . s y s 1 2 2 8 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , N D I S 3 . 0 c o n n e c t i o n w r a p p e r d r i v e r )

0 x F 8 A A 6 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ r a s a c d . s y s 1 2 2 8 8 b y t e s ( M i c r o s o f t C o r p o r a t i o n , R A S A u t o m a t i c C o n n e c t i o n D r i v e r )

0 x F 8 B 3 C 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ B e e p . S Y S 8 1 9 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , B E E P D r i v e r )

0 x F 8 B A C 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ d u m p _ W M I L I B . S Y S 8 1 9 2 b y t e s

0 x F 8 B 3 A 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ F s _ R e c . S Y S 8 1 9 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , F i l e S y s t e m R e c o g n i z e r D r i v e r )

0 x F 8 A F 6 0 0 0 i n t e l i d e . s y s 8 1 9 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , I n t e l P C I I D E D r i v e r )

0 x F 8 A F 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ K D C O M . D L L 8 1 9 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , K e r n e l D e b u g g e r H W E x t e n s i o n D L L )

0 x F 8 B 3 E 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ m n m d d . S Y S 8 1 9 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , F r a m e b u f f e r s i m u l a t o r )

0 x F 8 B 4 0 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D R I V E R S \ R D P C D D . s y s 8 1 9 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , R D P M i n i p o r t )

0 x F 8 B 2 4 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d r i v e r s \ s s c d b h k 5 . s y s 8 1 9 2 b y t e s ( S o n i c S o l u t i o n s , S h a r e d D r i v e r C o m p o n e n t )

0 x F 8 B 2 8 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ s w e n u m . s y s 8 1 9 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , P l u g a n d P l a y S o f t w a r e D e v i c e E n u m e r a t o r )

0 x F 8 B 1 8 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d l a \ t f s n p o o l . s y s 8 1 9 2 b y t e s ( S o n i c S o l u t i o n s , D r i v e L e t t e r A c c e s s C o m p o n e n t )

0 x F 8 B 2 2 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ U S B D . S Y S 8 1 9 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , U n i v e r s a l S e r i a l B u s D r i v e r )

0 x F 8 A F 4 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ W M I L I B . S Y S 8 1 9 2 b y t e s ( M i c r o s o f t C o r p o r a t i o n , W M I L I B W M I s u p p o r t l i b r a r y D l l )

0 x F 8 C 8 C 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ D R I V E R S \ a u d s t u b . s y s 4 0 9 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , A u d S t u b D r i v e r )

0 x F 8 C 7 9 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ d r i v e r s \ d x g t h k . s y s 4 0 9 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , D i r e c t X G r a p h i c s D r i v e r T h u n k )

0 x F 8 B F 2 0 0 0 C : \ W I N D O W S \ S y s t e m 3 2 \ D r i v e r s \ N u l l . S Y S 4 0 9 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , N U L L D r i v e r )

0 x F 8 B B A 0 0 0 p c i i d e . s y s 4 0 9 6 b y t e s ( M i c r o s o f t C o r p o r a t i o n , G e n e r i c P C I I D E B u s D r i v e r )

0 x F 8 B D 9 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d l a \ t f s n d r c t . s y s 4 0 9 6 b y t e s ( S o n i c S o l u t i o n s , D r i v e L e t t e r A c c e s s C o m p o n e n t )

0 x F 8 B D 8 0 0 0 C : \ W I N D O W S \ s y s t e m 3 2 \ d l a \ t f s n d r e s . s y s 4 0 9 6 b y t e s ( S o n i c S o l u t i o n s , D r i v e L e t t e r A c c e s s C o m p o n e n t )

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

> S t e a l t h

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =




Thanks so much for your help.

#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:27 PM

Posted 24 February 2011 - 02:23 PM

Hi again,

COMBOFIX
---------------
Please download ComboFix from one of these locations:
Bleepingcomputer
ForoSpyware
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,316 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:27 PM

Posted 16 March 2011 - 12:53 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users