Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win7x64 Will Not Start - Startup Repair - ci.dll


  • This topic is locked This topic is locked
42 replies to this topic

#1 James Brown

James Brown

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 27 May 2011 - 08:38 PM

http://www.bleepingcomputer.com/forums/topic395047.html/page__st__15

Hi there, i have recently contracted what im pretty sure is a trojan virus, via, highly regrettably, a P2P file....

After a lot of googling, i came across the above thread which seems an identical problem to mine.

My concern however is that the solution seems specific to that system / problem, and so im not sure what to do next?! Ive downloaded the Farbar Recovery Scan Tool x64 to a flash drive but havent yet initiated any scan.

Additionally, my McAfee antivirus is now turning itself off...

I likewise would be delighted to make a donation if my problems are able to be solved!

Any help will be extremely gratefully received....i have 6 months of baby photos riding on it and a wife who will undoubtedly never forgive me if i cant recover them :-/

thanks,

JB
---snip---
apologies for putting the topic description in the wrong dialogue box...im clearly rattled by this virus!!

Edited by Andrew, 27 May 2011 - 09:07 PM.
Mod Edit: Fixed title, merged self-reply to reset reply count - AA


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:59 PM

Posted 28 May 2011 - 10:20 AM

Hi James Brown,

Welcome to Bleeping computer. I will assist you.

Please run a scan with the tool and copy and paste the result here.

#3 James Brown

James Brown
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 28 May 2011 - 10:39 AM

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.0.8
Ran by SYSTEM at 2011-05-28 07:11:37
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)[186904 2009-10-13]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (Realtek Semiconductor)[11106408 2011-01-07]
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)[1825064 2009-11-11]
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)[171520 2010-03-06]
HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon (CANON INC.)[2184520 2009-07-27]
HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon (CANON INC.)[767312 2009-03-18]
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)[16397416 2010-01-11]
HKLM-x32\...\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" (Sony Corporation)[320880 2009-08-26]
HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)[599328 2010-03-24]
HKLM-x32\...\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)[26624 2010-03-06]
HKLM-x32\...\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)[136544 2009-05-19]
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey (McAfee, Inc.)[1486392 2011-04-05]
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)[47904 2010-10-08]
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime (Apple Inc.)[421888 2010-11-29]
HKLM-x32\...\Run: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe" (Apple Inc.)[771360 2009-11-11]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" (Sun Microsystems, Inc.)[249064 2010-10-29]
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" (Apple Inc.)[421160 2011-04-14]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)[35736 2011-01-30]
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" (Adobe Systems Incorporated)[932288 2010-11-10]
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Microsoft Corporation)[1475584 2010-11-20]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Microsoft Corporation)[1475584 2010-11-20]
HKU\Littlewood\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (Google Inc.)[39408 2010-03-06]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 199.172.192.3 198.207.23.58
Tcpip\..\Interfaces\{F080DE39-A95A-4ECD-9EF4-659C412F3AD6}: [NameServer]192.168.0.1


==================== Services ====================

3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation)
3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [70656 2010-11-20] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 2011-02-18] (Apple Inc.)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2010-11-20] (Microsoft Corporation)
2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2010-11-20] (Microsoft Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation)
3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation)
2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [349472 2011-04-06] (Apple Inc.)
3 Browser; C:\Windows\System32\browser.dll [136192 2010-11-20] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation)
2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [873248 2009-09-04] (Broadcom Corporation.)
3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [138576 2010-03-18] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-14] (Microsoft Corporation)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [177152 2010-11-20] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [162816 2010-11-20] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation)
2 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-14] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-14] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [402944 2009-07-14] (Microsoft Corporation)
3 Fax; C:\Windows\System32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation)
2 FDResPub; C:\Windows\System32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation)
2 FontCache; C:\Windows\System32\FntCache.dll [1139200 2011-02-19] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [1493352 2010-09-23] (Microsoft Corporation)
2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation)
2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [133104 2010-03-06] (Google Inc.)
3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc [133104 2010-03-06] (Google Inc.)
3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [182768 2010-03-06] (Google)
3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation)
2 IAANTMON; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840 2009-10-13] (Intel Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" [856400 2010-11-05] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [853504 2010-11-20] (Microsoft Corporation)
2 IPBusEnum; C:\Windows\System32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2010-11-20] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [934176 2011-04-14] (Apple Inc.)
2 IviRegMgr; "C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe" [112152 2007-01-04] (InterVideo)
3 KeyIso; C:\Windows\System32\lsass.exe [31232 2009-07-14] (Microsoft Corporation)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation)
2 LeapFrog Connect Device Service; "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe" [4916568 2010-11-19] (LeapFrog Enterprises, Inc.)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation)
2 McAfee SiteAdvisor Service; "C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe" [101048 2011-02-16] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [509416 2010-10-07] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [200056 2011-04-14] (McAfee, Inc.)
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [245352 2011-04-14] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [149032 2011-04-14] (McAfee, Inc.)
2 MMCSS; C:\Windows\System32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [128000 2010-11-20] (Microsoft Corporation)
2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-10] (McAfee, Inc.)
3 napagent; C:\Windows\System32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\lsass.exe [31232 2009-07-14] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation)
4 NetTcpPortSharing; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" [116560 2009-06-10] (Microsoft Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [303616 2010-11-20] (Microsoft Corporation)
2 nsi; C:\Windows\System32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation)
2 nvsvc; C:\Windows\system32\nvvsvc.exe [392296 2010-01-11] (NVIDIA Corporation)
3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [89136 2003-07-28] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation)
3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1389056 2010-11-20] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [404480 2010-11-20] (Microsoft Corporation)
2 PMBDeviceInfoProvider; "C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe" [360224 2009-10-24] (Sony Corporation)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [163840 2009-07-14] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [209920 2010-11-20] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [31232 2009-07-14] (Microsoft Corporation)
2 PSI_SVC_2; "C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [185632 2007-07-24] (Protexis Inc.)
3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation)
2 RapportMgmtService; "C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe" [821048 2010-12-06] (Trusteer Ltd.)
3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation)
3 Roxio UPnP Renderer 10; "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" [313840 2009-08-31] (Sonic Solutions)
2 Roxio Upnp Server 10; "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe" [362992 2009-08-31] (Sonic Solutions)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [10240 2009-07-14] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
2 SampleCollector; "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata" [259192 2011-01-29] (Sony Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [31232 2009-07-14] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation)
3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation)
3 SensrSvc; C:\Windows\System32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation)
3 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation)
3 SOHCImp; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe" [120104 2009-11-25] (Sony Corporation)
3 SOHDBSvr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe" [70952 2009-11-25] (Sony Corporation)
3 SOHDms; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe" [427304 2009-11-25] (Sony Corporation)
3 SOHDs; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe" [75048 2009-11-25] (Sony Corporation)
3 SOHPlMgr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe" [91432 2009-11-25] (Sony Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2010-11-20] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation)
2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation)
3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-20] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation)
2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation)
3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation)
3 VAIO Entertainment TV Device Arbitration Service; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe" [69632 2009-09-14] (Sony Corporation)
2 VAIO Event Service; "C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe" [205168 2010-05-28] (Sony Corporation)
3 VAIO Power Management; "C:\Program Files\Sony\VAIO Power Management\SPMService.exe" [571248 2009-11-30] (Sony Corporation)
3 VaultSvc; C:\Windows\System32\lsass.exe [31232 2009-07-14] (Microsoft Corporation)
2 VCFw; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe" [642416 2009-09-14] (Sony Corporation)
2 VcmIAlzMgr; "C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [529776 2010-02-19] (Sony Corporation)
3 VcmINSMgr; "C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe" [361840 2009-09-01] (Sony Corporation)
3 VcmXmlIfHelper; "C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe" [115568 2010-02-19] (Sony Corporation)
3 VCService; "C:\Program Files\Sony\VAIO Care\VCService.exe" [44736 2011-02-14] (Sony Corporation)
3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation)
2 VSNService; "C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" [845312 2010-08-10] (Sony Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation)
3 VUAgent; "C:\Program Files\Sony\VAIO Update 5\VUAgent.exe" [1223024 2010-04-09] (Sony Corporation)
2 VzCdbSvc; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe" [206336 2009-09-14] (Sony Corporation)
3 W32Time; C:\Windows\System32\w32time.dll [381952 2009-07-14] (Microsoft Corporation)
3 WatAdminSvc; C:\Windows\System32\Wat\WatAdminSvc.exe [1255736 2010-05-20] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1504256 2010-11-20] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [258560 2010-11-20] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation)
3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation)
3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [444416 2010-11-20] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [2018304 2010-11-20] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation)
2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [2286976 2010-09-21] (Microsoft Corp.)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1525248 2010-11-20] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [593408 2009-07-14] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [2420736 2010-11-20] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [78848 2010-11-20] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-14] (Microsoft Corporation)

part two....


==================== Drivers ====================

3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation)
0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\drivers\adp94xx.sys [491088 2009-07-14] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\drivers\adpahci.sys [339536 2009-07-14] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\drivers\adpu320.sys [182864 2009-07-14] (Adaptec, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [499712 2010-11-20] (Microsoft Corporation)
3 agp440; C:\Windows\System32\drivers\agp440.sys [61008 2009-07-14] (Microsoft Corporation)
3 aliide; C:\Windows\System32\drivers\aliide.sys [15440 2009-07-14] (Acer Laboratories Inc.)
3 amdide; C:\Windows\System32\drivers\amdide.sys [15440 2009-07-14] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\drivers\amdsata.sys [107904 2011-03-11] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [194128 2009-07-14] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
3 AppID; C:\Windows\System32\drivers\appid.sys [61440 2010-11-20] (Microsoft Corporation)
3 arc; C:\Windows\System32\drivers\arc.sys [87632 2009-07-14] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\drivers\arcsas.sys [97856 2009-07-14] (Adaptec, Inc.)
3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation)
0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1542656 2009-11-12] (Atheros Communications, Inc.)
3 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation)
1 blbdrive; C:\Windows\System32\drivers\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [41984 2009-07-14] (Microsoft Corporation)
3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation)
3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-14] (Microsoft Corporation)
3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552448 2010-11-20] (Microsoft Corporation)
3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2010-11-20] (Microsoft Corporation)
3 btusbflt; C:\Windows\System32\drivers\btusbflt.sys [52264 2009-11-18] (Broadcom Corporation.)
3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [98344 2009-11-18] (Broadcom Corporation.)
3 btwavdt; C:\Windows\System32\drivers\btwavdt.sys [132648 2009-11-18] (Broadcom Corporation.)
3 btwl2cap; C:\Windows\System32\DRIVERS\btwl2cap.sys [35104 2009-11-18] (Broadcom Corporation.)
3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [21160 2009-11-18] (Broadcom Corporation.)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\drivers\cdrom.sys [147456 2010-11-20] (Microsoft Corporation)
3 cfwids; C:\Windows\System32\drivers\cfwids.sys [63056 2011-04-14] (McAfee, Inc.)
3 circlass; C:\Windows\System32\drivers\circlass.sys [45568 2009-07-14] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\drivers\cmdide.sys [17488 2009-07-14] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [459248 2010-11-20] (Microsoft Corporation)
0 Compbatt; C:\Windows\System32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\drivers\crcdisk.sys [24144 2009-07-14] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982912 2010-11-20] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
3 elxstor; C:\Windows\System32\drivers\elxstor.sys [530496 2009-07-14] (Emulex)
3 ErrDev; C:\Windows\System32\drivers\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\drivers\fdc.sys [29696 2009-07-14] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation)
3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2008-04-01] (LeapFrog)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] (Microsoft Corporation)
3 fssfltr; C:\Windows\System32\DRIVERS\fssfltr.sys [48488 2010-09-23] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-14] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223248 2010-11-20] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65088 2009-07-14] (Microsoft Corporation)
3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [34152 2009-05-18] (GEAR Software Inc.)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation)
3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\drivers\hidbth.sys [100864 2009-07-14] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\drivers\hidir.sys [46592 2009-07-14] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [30208 2010-11-20] (Microsoft Corporation)
3 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [78720 2010-11-20] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
0 iaStor; C:\Windows\System32\drivers\iaStor.sys [409624 2009-10-13] (Intel Corporation)
3 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [410496 2011-03-11] (Intel Corporation)
3 iirsp; C:\Windows\System32\drivers\iirsp.sys [44112 2009-07-14] (Intel Corp./ICP vortex GmbH)
3 Impcd; C:\Windows\System32\drivers\Impcd.sys [151040 2009-10-27] (Intel Corporation)
3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [2447592 2011-01-07] (Realtek Semiconductor Corp.)
3 intelide; C:\Windows\System32\drivers\intelide.sys [16960 2009-07-14] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\drivers\isapnp.sys [20544 2009-07-14] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [273792 2010-11-20] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [50768 2009-07-14] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95616 2010-11-20] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [152960 2010-11-20] (Microsoft Corporation)
3 ksthunk; C:\Windows\System32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\drivers\lsi_fc.sys [114752 2009-07-14] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [106560 2009-07-14] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [65600 2009-07-14] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [115776 2009-07-14] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
3 megasas; C:\Windows\System32\drivers\megasas.sys [35392 2009-07-14] (LSI Corporation)
3 MegaSR; C:\Windows\System32\drivers\MegaSR.sys [284736 2009-07-14] (LSI Corporation, Inc.)
3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121376 2011-04-14] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190520 2011-04-14] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [441840 2011-04-14] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [530304 2011-04-14] (McAfee, Inc.)
1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75160 2011-04-14] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94992 2011-04-14] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [283744 2011-04-14] (McAfee, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
3 mouclass; C:\Windows\System32\drivers\mouclass.sys [49216 2009-07-14] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\drivers\mouhid.sys [31232 2009-07-14] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-20] (Microsoft Corporation)
3 mpio; C:\Windows\System32\drivers\mpio.sys [155008 2010-11-20] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [140800 2010-11-20] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-02-23] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [287744 2011-02-23] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-02-23] (Microsoft Corporation)
3 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\drivers\msdsm.sys [140672 2010-11-20] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [32320 2009-07-14] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation)
0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [951680 2010-11-20] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation)
3 nfrd960; C:\Windows\System32\drivers\nfrd960.sys [51264 2009-07-14] (IBM Corporation)
3 NPF; C:\Windows\SysWow64\drivers\aztech_npf64.sys [40208 2007-06-21] (CACE Technologies)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1659776 2011-03-11] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
3 NVHDA; C:\Windows\System32\drivers\nvhda64v.sys [84512 2009-11-12] (NVIDIA Corporation)
3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [11696616 2010-06-08] (NVIDIA Corporation)
3 nvraid; C:\Windows\System32\drivers\nvraid.sys [148352 2011-03-11] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\drivers\nvstor.sys [166272 2011-03-11] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [122960 2009-07-14] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation)
3 Parport; C:\Windows\System32\drivers\parport.sys [97280 2009-07-14] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75136 2010-11-20] (Microsoft Corporation)
0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] (Microsoft Corporation)
3 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
3 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [220752 2009-07-14] (Microsoft Corporation)
0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation)
3 Processor; C:\Windows\System32\drivers\processr.sys [60416 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation)
0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55856 2010-07-12] (Sonic Solutions)
3 ql2300; C:\Windows\System32\drivers\ql2300.sys [1524816 2009-07-14] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\drivers\ql40xx.sys [128592 2009-07-14] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation)
1 RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [50672 2010-12-06] (Trusteer Ltd.)
0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [62448 2010-12-06] (Trusteer Ltd.)
1 RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [58864 2010-12-06] (Trusteer Ltd.)
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2010-11-20] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] (Microsoft Corporation)
2 regi; \??\C:\Windows\system32\drivers\regi.sys [14112 2007-04-17] (InterVideo)
3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-14] (Microsoft Corporation)
2 rimspci; C:\Windows\System32\drivers\rimssne64.sys [93696 2009-11-06] (REDC)
3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
2 risdsnpe; C:\Windows\System32\drivers\risdsne64.sys [75776 2009-09-15] (REDC)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation)
3 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [103808 2010-11-20] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation)
3 sdbus; C:\Windows\System32\drivers\sdbus.sys [109056 2010-11-20] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\drivers\serenum.sys [23552 2009-07-14] (Microsoft Corporation)
3 Serial; C:\Windows\System32\drivers\serial.sys [94208 2009-07-14] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\drivers\sermouse.sys [26624 2009-07-14] (Microsoft Corporation)
3 SFEP; C:\Windows\System32\drivers\SFEP.sys [11392 2009-08-19] (Sony Corporation)
3 sffdisk; C:\Windows\System32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation)
3 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [43584 2009-07-14] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [80464 2009-07-14] (Silicon Integrated Systems)
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-02-23] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [411648 2011-02-23] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [167936 2011-02-23] (Microsoft Corporation)
3 stexstor; C:\Windows\System32\drivers\stexstor.sys [24656 2009-07-14] (Promise Technology)
3 swenum; C:\Windows\System32\drivers\swenum.sys [12496 2009-07-14] (Microsoft Corporation)
3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [292400 2009-11-11] (Synaptics Incorporated)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1924480 2010-11-20] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1924480 2010-11-20] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45056 2010-11-20] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-14] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\drivers\termdd.sys [63360 2010-11-20] (Microsoft Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39424 2010-11-20] (Microsoft Corporation)
3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation)
3 TVICHW64; \??\C:\Windows\system32\DRIVERS\TVICHW64.SYS [21200 2010-10-19] (EnTech Taiwan)
3 uagp35; C:\Windows\System32\drivers\uagp35.sys [64080 2009-07-14] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [64592 2009-07-14] (Microsoft Corporation)
3 umbus; C:\Windows\System32\drivers\umbus.sys [48640 2010-11-20] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation)
3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-02-18] (Apple, Inc.)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-25] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\drivers\usbcir.sys [100352 2009-07-14] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\drivers\usbehci.sys [52736 2011-03-25] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-25] (Microsoft Corporation)
3 usbohci; C:\Windows\System32\drivers\usbohci.sys [25600 2011-03-25] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation)
3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-14] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [30720 2011-03-25] (Microsoft Corporation)
3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184960 2010-11-20] (Microsoft Corporation)
0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [215936 2010-11-20] (Microsoft Corporation)
3 viaide; C:\Windows\System32\drivers\viaide.sys [17488 2009-07-14] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [161872 2009-07-14] (VIA Technologies Inc.,Ltd)
3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation)
1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [27776 2009-07-14] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
3 Wd; C:\Windows\System32\drivers\wd.sys [21056 2009-07-14] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-14] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2010-11-20] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2010-11-20] (Microsoft Corporation)
3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-11-12] ()
3 DFUBTUSB; C:\Windows\System32\Drivers\frmupgr.sys [x]

#4 James Brown

James Brown
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 28 May 2011 - 10:40 AM

part 3....


==================== Clutters ====================

3 mfeavfk01; [x]

========================= NetSvcs ============================

============ One Month Created Files and folders ============

2011-05-28 07:11 - 2011-05-28 07:11 - 0000000 ____D C:\FRST
2011-05-28 01:21 - 2011-05-28 01:21 - 1080427 ____A C:\Users\Littlewood\Downloads\FRST64.exe
2011-05-28 00:51 - 2011-04-22 22:15 - 0027520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-05-26 10:35 - 2011-05-26 10:35 - 0014127 ____A C:\Users\Littlewood\Downloads\[kat.ph]thor.2011.ts.readnfo.xvid.imagine.torrent
2011-05-26 10:33 - 2011-05-26 10:33 - 0014899 ____A C:\Users\Littlewood\Downloads\[kat.ph]the.lincoln.lawyer.2011.r5.line.xvid.extratorrentrg.torrent
2011-05-26 10:30 - 2011-05-26 10:30 - 0014250 ____A C:\Users\Littlewood\Downloads\[kat.ph]the.secret.in.their.eyes.english.subtitles.dvdrip.and.srt.rucu.torrent
2011-05-26 10:26 - 2011-05-26 10:26 - 0029332 ____A C:\Users\Littlewood\Downloads\[kat.ph]boy.2010.dvdrip.xvid.ac3.massive.torrent
2011-05-25 17:30 - 2011-05-27 21:26 - 0000000 ____D C:\Users\Littlewood\Downloads\The Ghost Writer [2010] DvDRiP XviD - ExtraTorrentRG
2011-05-24 17:33 - 2011-05-24 17:33 - 0015083 ____A C:\Users\Littlewood\Downloads\bridesmaids.-2011-.-eng-.dvdrip.-xvid-.excellent.quality.torrent
2011-05-24 05:35 - 2011-04-09 06:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-05-24 05:35 - 2011-04-09 05:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-05-23 21:24 - 2011-05-23 21:24 - 0114216 ____A C:\Users\Littlewood\Downloads\[kat.ph]source.code.2011.ts.xvid.imagine.torrent
2011-05-23 21:21 - 2011-05-23 21:22 - 0015261 ____A C:\Users\Littlewood\Downloads\[kat.ph]easy.a.2010.bdrip.xvid.imbt.torrent
2011-05-23 21:20 - 2011-05-23 21:20 - 0112278 ____A C:\Users\Littlewood\Downloads\[kat.ph]limitless-2011-r5-line-xvid-imagine.torrent
2011-05-23 21:11 - 2011-05-23 21:11 - 0256453 ____A C:\Users\Littlewood\Downloads\[kat.ph]kick.ass.2010.dvdrip.eng.fxg.torrent
2011-05-23 17:36 - 2011-05-23 17:36 - 0078897 ____A C:\Users\Littlewood\Desktop\Jobson's Bay, Bermuda.jpg
2011-05-23 16:35 - 2011-05-23 16:35 - 0018856 ____A C:\Users\Littlewood\Downloads\Should income transfers by targeted or universal. Insights from Public Pension Influences on Elderly in Canada, 1921-1966 MRL-1
2011-05-23 16:31 - 2011-05-23 16:31 - 0022016 ____A C:\Users\Littlewood\Downloads\NZCF Accountants Report 220511.xls
2011-05-22 12:58 - 2011-05-22 12:59 - 8506218 ____A C:\Users\Littlewood\Downloads\mobile.m4v
2011-05-22 01:16 - 2011-05-22 01:50 - 46048768 ____A C:\Users\Littlewood\Desktop\John, Michael and Christopher Littlewood family history.doc
2011-05-20 21:57 - 2011-05-20 21:57 - 0000000 ____D C:\Users\Littlewood\AppData\Local\ElevatedDiagnostics
2011-05-20 00:35 - 2011-05-20 00:36 - 0191586 ____A C:\Users\Littlewood\Downloads\KiwiSaver - 2011 budget poster.pdf
2011-05-19 20:36 - 2011-05-23 17:21 - 0000000 ____D C:\Users\Littlewood\Desktop\Grandma and Grandpa babysit 19-20 May 2011
2011-05-19 16:32 - 2011-05-19 16:32 - 0035328 ____A C:\Users\Littlewood\Downloads\Should income transfers by targeted or universal.doc
2011-05-19 16:27 - 2011-05-19 16:27 - 0269284 ____A C:\Users\Littlewood\Downloads\KiwiSaver - 2011 budget.pdf
2011-05-18 17:38 - 2011-05-18 17:38 - 0418073 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(g).pdf
2011-05-18 17:38 - 2011-05-18 17:38 - 0317440 ____A C:\Users\Littlewood\Downloads\Ltr to beneficiaries 5May2011Tedford.DOC
2011-05-18 17:37 - 2011-05-18 17:37 - 0292426 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(f).pdf
2011-05-18 17:36 - 2011-05-18 17:36 - 0598074 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4© (1).pdf
2011-05-18 17:36 - 2011-05-18 17:36 - 0432848 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(e).pdf
2011-05-18 17:35 - 2011-05-18 17:35 - 0598074 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4©.pdf
2011-05-18 17:35 - 2011-05-18 17:35 - 0423831 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(d).pdf
2011-05-18 17:33 - 2011-05-18 17:33 - 0237465 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(B).pdf
2011-05-18 17:31 - 2011-05-18 17:31 - 0366020 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(a).pdf
2011-05-18 17:29 - 2011-05-18 17:29 - 0348914 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3(f).pdf
2011-05-18 17:28 - 2011-05-18 17:28 - 0146399 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3(d).pdf
2011-05-18 17:28 - 2011-05-18 17:28 - 0117785 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3(e).pdf
2011-05-18 17:27 - 2011-05-18 17:27 - 0137449 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3©.pdf
2011-05-18 17:26 - 2011-05-18 17:26 - 0118662 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3(B).pdf
2011-05-18 17:24 - 2011-05-18 17:24 - 0086252 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3(a).pdf
2011-05-18 17:23 - 2011-05-18 17:23 - 0056832 ____A C:\Users\Littlewood\Downloads\A Littlewood Curriculum Vitae 2011 (word 2003 version) (1).doc
2011-05-18 16:53 - 2011-05-18 16:53 - 0046592 ____A C:\Users\Littlewood\Downloads\A Littlewood Curriculum Vitae 2011 (word 2003 version).doc
2011-05-18 15:17 - 2011-05-18 15:17 - 0094656 ____A C:\Users\Littlewood\Downloads\img-Z13165023-0001.pdf
2011-05-18 12:23 - 2011-05-18 12:23 - 0055808 ____A C:\Users\Littlewood\Downloads\PML CV Feb 11.doc
2011-05-18 11:59 - 2011-05-18 11:59 - 0052736 ____A C:\Users\Littlewood\Downloads\PML CV Nov 10.doc
2011-05-17 22:26 - 2011-05-17 22:26 - 0108628 ____A C:\Users\Littlewood\Downloads\Display Status.pdf
2011-05-16 00:32 - 2011-05-16 00:32 - 0000476 ____A C:\Users\Littlewood\Downloads\Local Disk © - Shortcut.lnk
2011-05-15 16:54 - 2011-05-15 16:54 - 0018657 ____A C:\Users\Littlewood\Downloads\[kat.ph]gang.gang.dance.eye.contact.2011.320kbps.torrent
2011-05-15 16:50 - 2011-05-15 16:50 - 0018619 ____A C:\Users\Littlewood\Downloads\[kat.ph]saigon-the-greatest-story-never-told.torrent
2011-05-15 16:41 - 2011-05-15 16:41 - 0015260 ____A C:\Users\Littlewood\Downloads\[kat.ph]last.train.home.2009.dvdrip.xvid.xtm.hard.eng.subs.torrent
2011-05-15 16:39 - 2011-05-15 16:39 - 0015191 ____A C:\Users\Littlewood\Downloads\[kat.ph]uncle.boonmee.who.can.recall.his.past.lives.dvdrip.horizon.artsu.torrent
2011-05-14 18:46 - 2011-05-14 18:46 - 0014300 ____A C:\Users\Littlewood\Downloads\[kat.ph]the-company-men-2011-dvdrip-xvid-ac3-t0xicink.torrent
2011-05-14 18:45 - 2011-05-14 18:45 - 0112775 ____A C:\Users\Littlewood\Downloads\[kat.ph]true.grit.2010.scr.xvid.imagine.torrent
2011-05-14 18:33 - 2011-05-14 18:33 - 0021111 ____A C:\Users\Littlewood\Downloads\[kat.ph]top.gear.season.16.episode.1.to.6.torrent
2011-05-13 17:35 - 2011-05-13 17:35 - 0057577 ____A C:\Users\Littlewood\Downloads\[kat.ph]muse.the.resistance.mp3.320.2009.torrent
2011-05-13 17:34 - 2011-05-13 17:34 - 0017753 ____A C:\Users\Littlewood\Downloads\[kat.ph]muse.2006.black.holes.and.revelations.torrent
2011-05-13 17:26 - 2011-05-13 17:26 - 0014805 ____A C:\Users\Littlewood\Downloads\[kat.ph]winter.s.bone.2010.dvdrip.eng.fxg.torrent
2011-05-13 17:22 - 2011-05-13 17:22 - 0011420 ____A C:\Users\Littlewood\Downloads\[kat.ph]carlos.2010.part.1.2.3.dvdrip.xvid.fragment.norar.torrent
2011-05-13 17:20 - 2011-05-13 17:20 - 0028371 ____A C:\Users\Littlewood\Downloads\[kat.ph]the.apprentice.s11e10.hdtv.xvid.2hd.cd1.eztv.torrent
2011-05-13 17:13 - 2011-05-13 17:13 - 0017685 ____A C:\Users\Littlewood\Downloads\[kat.ph]top.gear.the.complete.season.16.hdtv (1).torrent
2011-05-13 17:12 - 2011-05-13 17:12 - 0017685 ____A C:\Users\Littlewood\Downloads\[kat.ph]top.gear.the.complete.season.16.hdtv.torrent
2011-05-13 17:11 - 2011-05-13 17:11 - 0063131 ____A C:\Users\Littlewood\Downloads\Top Gear Season 16[1337x.org].torrent
2011-05-13 00:35 - 2011-05-13 16:23 - 0019456 ____A C:\Users\Littlewood\Desktop\RWC odds v2.xls
2011-05-12 17:22 - 2011-05-12 17:22 - 0062350 ____A C:\Users\Littlewood\Downloads\KiwiSaver changes.pdf
2011-05-11 11:43 - 2011-05-24 14:24 - 0000000 ____D C:\Users\All Users\Skype Extras
2011-05-11 11:43 - 2011-05-24 14:24 - 0000000 ____D C:\ProgramData\Skype Extras
2011-05-11 04:13 - 2011-04-09 07:02 - 5562240 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-05-11 04:13 - 2011-04-09 06:02 - 3967872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-05-11 04:13 - 2011-04-09 06:02 - 3912576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-05-11 04:13 - 2011-03-25 03:29 - 0343040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2011-05-11 04:13 - 2011-03-25 03:29 - 0325120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2011-05-11 04:13 - 2011-03-25 03:29 - 0098816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2011-05-11 04:13 - 2011-03-25 03:29 - 0052736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2011-05-11 04:13 - 2011-03-25 03:29 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2011-05-11 04:13 - 2011-03-25 03:29 - 0025600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2011-05-11 04:13 - 2011-03-25 03:28 - 0007936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2011-05-10 21:30 - 2011-05-10 21:30 - 0274591 ____A C:\Users\Littlewood\Downloads\The.Apprentice.S11E10.720p.HDTV.x264-2HD ---[www.realtorrentz.com]--- .torrent
2011-05-09 16:38 - 2011-05-09 16:38 - 0006589 ____A C:\Users\Littlewood\Downloads\accthist (3).csv
2011-05-06 17:25 - 2011-05-06 17:25 - 0107008 ____A C:\Users\Littlewood\Downloads\maac_membership_form_-_2010_v2 (1).doc
2011-05-06 17:01 - 2011-05-06 17:01 - 0107008 ____A C:\Users\Littlewood\Downloads\maac_membership_form_-_2010_v2.doc
2011-05-06 09:01 - 2011-05-06 09:01 - 0037888 ____A C:\Users\Littlewood\Downloads\LW_UK - a state pension 2011.doc
2011-05-05 20:34 - 2011-05-05 20:34 - 0016384 ____A C:\Users\Littlewood\Desktop\Belco summary.xls
2011-05-04 22:26 - 2011-05-04 22:28 - 17941857 ____A C:\Users\Littlewood\Downloads\rescooters.zip
2011-05-03 17:37 - 2011-05-13 00:28 - 0019456 ____A C:\Users\Littlewood\Desktop\RWC odds.xls
2011-04-29 17:04 - 2011-04-29 17:04 - 1525385 ____A C:\Users\Littlewood\Downloads\MR and V Littlewood itinerary 2011 (1).pdf

#5 James Brown

James Brown
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 28 May 2011 - 10:44 AM

============ Known DLLs ============

[2009-07-14 00:41] - [2009-07-14 01:40] - 0877056 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2011-04-02 01:19] - [2010-11-20 12:18] - 0640512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2009-07-14 00:00] - [2009-07-14 01:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 23:44] - [2009-07-14 01:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2011-04-02 01:20] - [2010-11-20 13:25] - 0594432 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2011-04-02 01:19] - [2010-11-20 12:18] - 0485888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2011-04-02 01:19] - [2010-11-20 13:26] - 0403968 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2011-04-02 01:19] - [2010-11-20 12:08] - 0311296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2011-03-21 17:38] - [2011-03-21 17:38] - 2136064 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-03-21 17:38] - [2011-03-21 17:38] - 1785344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2011-04-02 01:17] - [2010-11-20 13:26] - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2011-04-02 01:17] - [2010-11-20 12:19] - 0155136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-13 23:38] - [2009-07-14 01:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2011-04-02 01:17] - [2010-11-20 12:08] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2011-04-02 01:20] - [2010-11-20 13:26] - 1161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2011-04-02 01:19] - [2010-11-20 12:08] - 0837632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2009-07-13 23:38] - [2009-07-14 01:41] - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 23:25] - [2009-07-14 01:11] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2009-07-13 23:40] - [2009-07-14 01:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-13 23:28] - [2009-07-14 01:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2009-07-13 23:19] - [2009-07-14 01:41] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 23:12] - [2009-07-14 01:15] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-13 23:26] - [2009-07-14 01:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 23:15] - [2009-07-14 01:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-13 23:21] - [2009-07-14 01:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-13 23:12] - [2009-07-14 01:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2011-04-02 01:20] - [2010-11-20 13:27] - 2086912 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2011-04-02 01:20] - [2010-11-20 12:20] - 1414144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2011-04-02 01:20] - [2010-11-20 13:27] - 0861696 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2011-04-02 01:19] - [2010-11-20 12:20] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
[2009-07-13 23:26] - [2009-07-14 01:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-13 23:15] - [2009-07-14 01:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2011-04-02 01:20] - [2010-11-20 13:27] - 1219584 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2011-04-02 01:18] - [2010-11-20 12:08] - 0663040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2009-07-13 23:20] - [2009-07-14 01:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2009-07-13 23:11] - [2009-07-14 01:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2011-04-02 01:20] - [2010-11-20 13:27] - 1900544 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2011-04-02 01:20] - [2010-11-20 12:21] - 1667584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2011-04-02 01:20] - [2010-11-20 13:27] - 14174208 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2011-04-02 01:20] - [2010-11-20 12:21] - 12872192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
[2011-04-02 01:20] - [2010-11-20 13:27] - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2011-04-02 01:19] - [2010-11-20 12:21] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2011-03-21 17:38] - [2011-03-21 17:38] - 1344000 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2011-03-21 17:38] - [2011-03-21 17:38] - 1102336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
[2011-04-02 01:20] - [2010-11-20 13:27] - 1008128 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2011-04-02 01:19] - [2010-11-20 12:08] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2011-04-02 01:20] - [2010-11-20 13:27] - 0800256 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2011-04-02 01:19] - [2010-11-20 12:21] - 0626176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2009-07-13 23:57] - [2009-07-14 01:41] - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2009-07-13 23:41] - [2009-07-14 01:16] - 0021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\version.dll
[2011-03-21 17:38] - [2011-03-21 17:38] - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2011-03-21 17:38] - [2011-03-21 17:38] - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
[2011-04-02 01:19] - [2010-11-20 13:27] - 0312832 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2011-04-02 01:19] - [2010-11-20 12:21] - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wldap32.dll
[2011-04-02 01:20] - [2010-11-20 13:27] - 0297984 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2011-04-02 01:19] - [2010-11-20 12:21] - 0206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll

======================= Bamital Check ========================

C:\Windows\System32\winlogon.exe
[2011-04-02 01:20] - [2010-11-20 13:25] - 0390656 ____A (Microsoft Corporation) 1151B1BAA6F350B1DB6598E0FEA7C457

C:\Windows\System32\wininit.exe
[2009-07-13 23:52] - [2009-07-14 01:39] - 0129024 ____A (Microsoft Corporation) 94355C28C1970635A31B3FE52EB7CEBA

C:\Windows\explorer.exe
[2011-04-27 10:02] - [2011-02-25 06:19] - 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3


========================= Memory info ========================

Percentage of memory in use: 15%
Total physical RAM: 4014.09 MB
Available physical RAM: 3409.7 MB
Total Pagefile: 4012.24 MB
Available Pagefile: 3404.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions ===========================

1 Drive c: () (Fixed) (Total:457.16 GB) (Free:65.89 GB) NTFS
2 Drive e: (Recovery) (Fixed) (Total:8.5 GB) (Free:0.82 GB) NTFS
4 Drive g: () (Removable) (Total:0.12 GB) (Free:0.12 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

#6 James Brown

James Brown
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 28 May 2011 - 10:50 AM

This is the error message i receive when i try to even post the last 24 hours of files which have been modified...

Error 101 (net::ERR_CONNECTION_RESET): The connection was reset.

Perhaps i can email you the txt output file? Where would be best?

thanks a million again!

JB

#7 James Brown

James Brown
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 28 May 2011 - 12:16 PM

I should maybe add, just in case it relevant, that under my wifi list i have both my normal wifi and one or two others, titled "Virus4You" and Virus4You_EXT"

not sure if this prevents me from posting that component of the output - would be pretty sophisticated if so!!?

#8 James Brown

James Brown
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 28 May 2011 - 06:28 PM

hi Farbar,

I'd be really grateful if you could let me know if you need that missing part of the output...im desperate to get it sorted asap as its our only computer!

many many thanks,

JB

#9 James Brown

James Brown
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 28 May 2011 - 06:29 PM

2011-05-28 03:08 - 2010-10-19 20:34 - 3295884 ___AH C:\Users\Littlewood\AppData\Local\IconCache.db

2011-05-28 02:59 - 2010-03-06 23:48 - 0000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2011-05-28 01:23 - 2009-07-14 05:13 - 0726316 ____A C:\Windows\System32\PerfStringBackup.INI

2011-05-28 01:23 - 2009-07-14 02:36 - 0628460 ____A C:\Windows\System32\perfh009.dat

2011-05-28 01:23 - 2009-07-14 02:36 - 0110612 ____A C:\Windows\System32\perfc009.dat

2011-05-28 01:21 - 2011-05-28 01:21 - 1080427 ____A C:\Users\Littlewood\Downloads\FRST64.exe

2011-05-28 01:20 - 2009-07-14 04:51 - 0071634 ____A C:\Windows\setupact.log

2011-05-28 01:01 - 2009-07-14 04:45 - 0014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2011-05-28 01:01 - 2009-07-14 04:45 - 0014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2011-05-28 00:43 - 2010-03-17 13:03 - 0000000 ____D C:\users\Littlewood

2011-05-28 00:43 - 2010-03-06 23:48 - 0000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2011-05-28 00:43 - 2009-07-14 05:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT

2011-05-28 00:42 - 2010-03-17 13:55 - 3156807680 __ASH C:\hiberfil.sys

2011-05-27 21:26 - 2011-05-25 17:30 - 0000000 ____D C:\Users\Littlewood\Downloads\The Ghost Writer [2010] DvDRiP XviD - ExtraTorrentRG

2011-05-27 21:26 - 2011-03-01 15:33 - 0000000 ____D C:\Users\Littlewood\AppData\Roaming\ICAClient

2011-05-27 21:26 - 2010-03-30 20:52 - 0000000 ____D C:\Users\Littlewood\AppData\Roaming\uTorrent

2011-05-27 21:26 - 2010-03-18 07:04 - 0000000 ____D C:\Users\Littlewood\AppData\Roaming\ArcSoft

2011-05-27 21:26 - 2010-03-17 14:04 - 0000000 ____D C:\Users\Littlewood\AppData\Roaming\Skype

2011-05-27 21:26 - 2010-03-17 13:05 - 0000000 ____D C:\Users\Littlewood\AppData\Local\Sony_Corporation

2011-05-27 21:26 - 2010-03-06 23:48 - 0000000 ____D C:\Program Files (x86)\Google

2011-05-27 21:26 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\wfp

2011-05-27 21:26 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\DriverStore

2011-05-27 21:26 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\registration

2011-05-27 21:26 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\AppCompat

2011-05-27 20:43 - 2009-11-20 00:27 - 0000000 ___RD C:\Users\Public\Recorded TV

2011-05-27 20:40 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\LogFiles

2011-05-27 20:16 - 2010-03-18 06:49 - 0000000 ____D C:\Users\Littlewood\AppData\Roaming\skypePM

2011-05-27 17:24 - 2010-04-04 16:09 - 0002016 ___AH C:\Users\Littlewood\Documents\Default.rdp

2011-05-26 10:35 - 2011-05-26 10:35 - 0014127 ____A C:\Users\Littlewood\Downloads\[kat.ph]thor.2011.ts.readnfo.xvid.imagine.torrent

2011-05-26 10:33 - 2011-05-26 10:33 - 0014899 ____A C:\Users\Littlewood\Downloads\[kat.ph]the.lincoln.lawyer.2011.r5.line.xvid.extratorrentrg.torrent

2011-05-26 10:30 - 2011-05-26 10:30 - 0014250 ____A C:\Users\Littlewood\Downloads\[kat.ph]the.secret.in.their.eyes.english.subtitles.dvdrip.and.srt.rucu.torrent

2011-05-26 10:26 - 2011-05-26 10:26 - 0029332 ____A C:\Users\Littlewood\Downloads\[kat.ph]boy.2010.dvdrip.xvid.ac3.massive.torrent

2011-05-25 17:09 - 2011-05-25 17:09 - 0016875 ____A C:\Users\Littlewood\Downloads\[kat.ph]the.ghost.writer.2010.dvdrip.xvid.extratorrentrg.torrent

2011-05-25 17:08 - 2011-05-25 17:08 - 0592614 ____A C:\Users\Littlewood\Downloads\[kat.ph]the.ghost.writer.2010.brrip.720p.x264.mitzep.torrent

2011-05-25 17:03 - 2011-05-25 17:03 - 0015038 ____A C:\Users\Littlewood\Downloads\[kat.ph]toy.story.2.1999.dvdrip.v3ndetta.torrent

2011-05-25 17:03 - 2011-05-25 17:03 - 0014862 ____A C:\Users\Littlewood\Downloads\[kat.ph]toy.story.3.dvd.rip.eod.torrent

2011-05-25 17:02 - 2011-05-25 17:02 - 0015220 ____A C:\Users\Littlewood\Downloads\[kat.ph]toy.story.1.1995.avi.torrent

2011-05-24 17:33 - 2011-05-24 17:33 - 0015083 ____A C:\Users\Littlewood\Downloads\bridesmaids.-2011-.-eng-.dvdrip.-xvid-.excellent.quality.torrent

2011-05-24 14:24 - 2011-05-11 11:43 - 0000000 ____D C:\Users\All Users\Skype Extras

2011-05-24 14:24 - 2011-05-11 11:43 - 0000000 ____D C:\ProgramData\Skype Extras

2011-05-23 21:24 - 2011-05-23 21:24 - 0114216 ____A C:\Users\Littlewood\Downloads\[kat.ph]source.code.2011.ts.xvid.imagine.torrent

2011-05-23 21:22 - 2011-05-23 21:21 - 0015261 ____A C:\Users\Littlewood\Downloads\[kat.ph]easy.a.2010.bdrip.xvid.imbt.torrent

2011-05-23 21:20 - 2011-05-23 21:20 - 0112278 ____A C:\Users\Littlewood\Downloads\[kat.ph]limitless-2011-r5-line-xvid-imagine.torrent

2011-05-23 21:11 - 2011-05-23 21:11 - 0256453 ____A C:\Users\Littlewood\Downloads\[kat.ph]kick.ass.2010.dvdrip.eng.fxg.torrent

2011-05-23 17:36 - 2011-05-23 17:36 - 0078897 ____A C:\Users\Littlewood\Desktop\Jobson's Bay, Bermuda.jpg

2011-05-23 17:21 - 2011-05-19 20:36 - 0000000 ____D C:\Users\Littlewood\Desktop\Grandma and Grandpa babysit 19-20 May 2011

2011-05-23 16:35 - 2011-05-23 16:35 - 0018856 ____A C:\Users\Littlewood\Downloads\Should income transfers by targeted or universal. Insights from Public Pension Influences on Elderly in Canada, 1921-1966 MRL-1

2011-05-23 16:31 - 2011-05-23 16:31 - 0022016 ____A C:\Users\Littlewood\Downloads\NZCF Accountants Report 220511.xls

2011-05-22 12:59 - 2011-05-22 12:58 - 8506218 ____A C:\Users\Littlewood\Downloads\mobile.m4v

2011-05-22 01:50 - 2011-05-22 01:16 - 46048768 ____A C:\Users\Littlewood\Desktop\John, Michael and Christopher Littlewood family history.doc

2011-05-20 21:58 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\NDF

2011-05-20 21:57 - 2011-05-20 21:57 - 0000000 ____D C:\Users\Littlewood\AppData\Local\ElevatedDiagnostics

2011-05-20 00:36 - 2011-05-20 00:35 - 0191586 ____A C:\Users\Littlewood\Downloads\KiwiSaver - 2011 budget poster.pdf

2011-05-19 16:32 - 2011-05-19 16:32 - 0035328 ____A C:\Users\Littlewood\Downloads\Should income transfers by targeted or universal.doc

2011-05-19 16:27 - 2011-05-19 16:27 - 0269284 ____A C:\Users\Littlewood\Downloads\KiwiSaver - 2011 budget.pdf

2011-05-18 17:38 - 2011-05-18 17:38 - 0418073 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(g).pdf

2011-05-18 17:38 - 2011-05-18 17:38 - 0317440 ____A C:\Users\Littlewood\Downloads\Ltr to beneficiaries 5May2011Tedford.DOC

2011-05-18 17:37 - 2011-05-18 17:37 - 0292426 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(f).pdf

2011-05-18 17:36 - 2011-05-18 17:36 - 0598074 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4© (1).pdf

2011-05-18 17:36 - 2011-05-18 17:36 - 0432848 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(e).pdf

2011-05-18 17:35 - 2011-05-18 17:35 - 0598074 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4©.pdf

2011-05-18 17:35 - 2011-05-18 17:35 - 0423831 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(d).pdf

2011-05-18 17:33 - 2011-05-18 17:33 - 0237465 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(B).pdf

2011-05-18 17:31 - 2011-05-18 17:31 - 0366020 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 4(a).pdf

2011-05-18 17:29 - 2011-05-18 17:29 - 0348914 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3(f).pdf

2011-05-18 17:28 - 2011-05-18 17:28 - 0146399 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3(d).pdf

2011-05-18 17:28 - 2011-05-18 17:28 - 0117785 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3(e).pdf

2011-05-18 17:27 - 2011-05-18 17:27 - 0137449 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3©.pdf

2011-05-18 17:26 - 2011-05-18 17:26 - 0118662 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3(B).pdf

2011-05-18 17:24 - 2011-05-18 17:24 - 0086252 ____A C:\Users\Littlewood\Downloads\Attachment to letter to Fund beneficiaries - supporting document 3(a).pdf

2011-05-18 17:23 - 2011-05-18 17:23 - 0056832 ____A C:\Users\Littlewood\Downloads\A Littlewood Curriculum Vitae 2011 (word 2003 version) (1).doc

2011-05-18 16:53 - 2011-05-18 16:53 - 0046592 ____A C:\Users\Littlewood\Downloads\A Littlewood Curriculum Vitae 2011 (word 2003 version).doc

2011-05-18 15:17 - 2011-05-18 15:17 - 0094656 ____A C:\Users\Littlewood\Downloads\img-Z13165023-0001.pdf

2011-05-18 12:23 - 2011-05-18 12:23 - 0055808 ____A C:\Users\Littlewood\Downloads\PML CV Feb 11.doc

2011-05-18 11:59 - 2011-05-18 11:59 - 0052736 ____A C:\Users\Littlewood\Downloads\PML CV Nov 10.doc

2011-05-17 22:26 - 2011-05-17 22:26 - 0108628 ____A C:\Users\Littlewood\Downloads\Display Status.pdf

2011-05-16 00:32 - 2011-05-16 00:32 - 0000476 ____A C:\Users\Littlewood\Downloads\Local Disk © - Shortcut.lnk

2011-05-15 16:54 - 2011-05-15 16:54 - 0018657 ____A C:\Users\Littlewood\Downloads\[kat.ph]gang.gang.dance.eye.contact.2011.320kbps.torrent

2011-05-15 16:50 - 2011-05-15 16:50 - 0018619 ____A C:\Users\Littlewood\Downloads\[kat.ph]saigon-the-greatest-story-never-told.torrent

2011-05-15 16:41 - 2011-05-15 16:41 - 0015260 ____A C:\Users\Littlewood\Downloads\[kat.ph]last.train.home.2009.dvdrip.xvid.xtm.hard.eng.subs.torrent

2011-05-15 16:39 - 2011-05-15 16:39 - 0015191 ____A C:\Users\Littlewood\Downloads\[kat.ph]uncle.boonmee.who.can.recall.his.past.lives.dvdrip.horizon.artsu.torrent

2011-05-14 18:46 - 2011-05-14 18:46 - 0014300 ____A C:\Users\Littlewood\Downloads\[kat.ph]the-company-men-2011-dvdrip-xvid-ac3-t0xicink.torrent

2011-05-14 18:45 - 2011-05-14 18:45 - 0112775 ____A C:\Users\Littlewood\Downloads\[kat.ph]true.grit.2010.scr.xvid.imagine.torrent

2011-05-14 18:33 - 2011-05-14 18:33 - 0021111 ____A C:\Users\Littlewood\Downloads\[kat.ph]top.gear.season.16.episode.1.to.6.torrent

2011-05-13 17:35 - 2011-05-13 17:35 - 0057577 ____A C:\Users\Littlewood\Downloads\[kat.ph]muse.the.resistance.mp3.320.2009.torrent

2011-05-13 17:34 - 2011-05-13 17:34 - 0017753 ____A C:\Users\Littlewood\Downloads\[kat.ph]muse.2006.black.holes.and.revelations.torrent

2011-05-13 17:26 - 2011-05-13 17:26 - 0014805 ____A C:\Users\Littlewood\Downloads\[kat.ph]winter.s.bone.2010.dvdrip.eng.fxg.torrent

2011-05-13 17:22 - 2011-05-13 17:22 - 0011420 ____A C:\Users\Littlewood\Downloads\[kat.ph]carlos.2010.part.1.2.3.dvdrip.xvid.fragment.norar.torrent

2011-05-13 17:20 - 2011-05-13 17:20 - 0028371 ____A C:\Users\Littlewood\Downloads\[kat.ph]the.apprentice.s11e10.hdtv.xvid.2hd.cd1.eztv.torrent

2011-05-13 17:13 - 2011-05-13 17:13 - 0017685 ____A C:\Users\Littlewood\Downloads\[kat.ph]top.gear.the.complete.season.16.hdtv (1).torrent

2011-05-13 17:12 - 2011-05-13 17:12 - 0017685 ____A C:\Users\Littlewood\Downloads\[kat.ph]top.gear.the.complete.season.16.hdtv.torrent

2011-05-13 17:11 - 2011-05-13 17:11 - 0063131 ____A C:\Users\Littlewood\Downloads\Top Gear Season 16[1337x.org].torrent

2011-05-13 16:23 - 2011-05-13 00:35 - 0019456 ____A C:\Users\Littlewood\Desktop\RWC odds v2.xls

2011-05-13 00:28 - 2011-05-03 17:37 - 0019456 ____A C:\Users\Littlewood\Desktop\RWC odds.xls

2011-05-12 22:58 - 2009-11-19 20:14 - 0492800 ____A C:\Windows\PFRO.log

2011-05-12 17:22 - 2011-05-12 17:22 - 0062350 ____A C:\Users\Littlewood\Downloads\KiwiSaver changes.pdf

2011-05-11 15:53 - 2011-02-23 23:06 - 0000000 ____D C:\Program Files (x86)\DivX

2011-05-11 15:53 - 2011-02-23 23:05 - 0000000 ____D C:\Users\All Users\DivX

2011-05-11 15:53 - 2011-02-23 23:05 - 0000000 ____D C:\ProgramData\DivX

2011-05-11 15:52 - 2011-02-23 23:10 - 0000000 ____D C:\Program Files\DivX

2011-05-11 11:43 - 2010-03-17 14:03 - 0000000 ___RD C:\Program Files (x86)\Skype

2011-05-11 11:43 - 2010-03-17 14:03 - 0000000 ____D C:\Users\All Users\Skype

2011-05-11 11:43 - 2010-03-17 14:03 - 0000000 ____D C:\ProgramData\Skype

2011-05-11 06:01 - 2010-03-21 06:42 - 44548040 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2011-05-10 21:30 - 2011-05-10 21:30 - 0274591 ____A C:\Users\Littlewood\Downloads\The.Apprentice.S11E10.720p.HDTV.x264-2HD ---[www.realtorrentz.com]--- .torrent

2011-05-09 16:48 - 2010-12-28 00:01 - 0000000 ____D C:\Users\Littlewood\Desktop\Desk top Docs

2011-05-09 16:38 - 2011-05-09 16:38 - 0006589 ____A C:\Users\Littlewood\Downloads\accthist (3).csv

2011-05-06 17:25 - 2011-05-06 17:25 - 0107008 ____A C:\Users\Littlewood\Downloads\maac_membership_form_-_2010_v2 (1).doc

2011-05-06 17:01 - 2011-05-06 17:01 - 0107008 ____A C:\Users\Littlewood\Downloads\maac_membership_form_-_2010_v2.doc

2011-05-06 09:01 - 2011-05-06 09:01 - 0037888 ____A C:\Users\Littlewood\Downloads\LW_UK - a state pension 2011.doc

2011-05-05 20:34 - 2011-05-05 20:34 - 0016384 ____A C:\Users\Littlewood\Desktop\Belco summary.xls

2011-05-04 22:28 - 2011-05-04 22:26 - 17941857 ____A C:\Users\Littlewood\Downloads\rescooters.zip

2011-05-01 00:23 - 2011-03-14 23:44 - 0000000 ____D C:\Users\Littlewood\Desktop\ENGLAND ALBUM

2011-04-30 21:44 - 2010-03-17 13:09 - 0000000 ____D C:\Users\Littlewood\AppData\Local\Google

2011-04-29 17:05 - 2010-03-06 23:47 - 0000000 ____D C:\Users\All Users\Adobe

2011-04-29 17:05 - 2010-03-06 23:47 - 0000000 ____D C:\ProgramData\Adobe

2011-04-29 17:04 - 2011-04-29 17:04 - 1525385 ____A C:\Users\Littlewood\Downloads\MR and V Littlewood itinerary 2011 (1).pdf

2011-04-29 17:04 - 2010-03-17 13:10 - 0000000 ____D C:\Users\Littlewood\AppData\Roaming\Adobe

2011-04-28 06:59 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\rescache

2011-04-27 11:43 - 2011-03-02 01:41 - 0000000 ____D C:\Users\Littlewood\Documents\Sony PMB

2011-04-26 22:11 - 2010-04-02 07:01 - 0000000 ____D C:\Program Files (x86)\Adobe

2011-04-26 22:10 - 2010-03-18 12:35 - 0000000 ____D C:\Users\Littlewood\AppData\Local\Adobe

2011-04-26 22:08 - 2011-04-26 22:06 - 48536984 ____A (Adobe Systems Incorporated) C:\Users\Littlewood\Downloads\AdbeRdr1001_en_US.exe

2011-04-26 16:57 - 2011-04-26 16:57 - 0038770 ____A C:\Users\Littlewood\AppData\Roaming\Microsoft Excel.ADR

2011-04-26 16:56 - 2011-04-26 16:56 - 0517120 ____A C:\Users\Littlewood\Downloads\Contacts (2).xls

2011-04-26 01:55 - 2011-04-26 01:44 - 36841784 ____A C:\Users\Littlewood\Downloads\GraboidVideoSetup-2.05-Complete.exe

2011-04-25 22:20 - 2011-04-25 22:20 - 0000331 ____A C:\Users\Littlewood\Downloads\load.vcf

2011-04-25 21:50 - 2011-04-25 21:50 - 1525385 ____A C:\Users\Littlewood\Downloads\MR and V Littlewood itinerary 2011.pdf

2011-04-25 17:01 - 2011-04-25 17:01 - 20082543 ____A C:\Users\Littlewood\Downloads\The_Essential_Guide_to_Reinsurance_EN.pdf

2011-04-25 16:48 - 2011-04-25 16:48 - 0005774 ____A C:\Users\Littlewood\Downloads\accthist (2).csv

2011-04-23 18:50 - 2011-04-23 18:50 - 0000950 ____A C:\Users\Public\Desktop\LeapFrog Connect.lnk

2011-04-23 18:50 - 2011-04-23 18:50 - 0000000 ____D C:\Windows\A055FB62CF734839AD83122ABCB92418.TMP

2011-04-23 18:50 - 2011-04-23 18:43 - 0000000 ____D C:\Program Files (x86)\LeapFrog

2011-04-23 18:50 - 2009-11-19 20:17 - 0044296 ____A C:\Windows\DPINST.LOG

2011-04-23 18:50 - 2009-11-19 20:17 - 0000000 ____D C:\Program Files\DIFX

2011-04-23 18:43 - 2011-04-23 18:43 - 0000000 ____D C:\Users\All Users\Leapfrog

2011-04-23 18:43 - 2011-04-23 18:43 - 0000000 ____D C:\ProgramData\Leapfrog

2011-04-23 18:43 - 2009-07-14 03:20 - 0000000 ___RD C:\Program Files (x86)

2011-04-23 18:42 - 2011-04-23 18:41 - 8660312 ____A (LeapFrog Enterprises, Inc.) C:\Users\Littlewood\Downloads\LeapFrogConnectSetup_TagJunior.exe

2011-04-23 14:39 - 2011-04-23 14:38 - 0000000 ____D C:\Program Files\iTunes

2011-04-23 14:39 - 2011-04-23 14:38 - 0000000 ____D C:\Program Files (x86)\iTunes

2011-04-23 14:38 - 2011-04-23 14:38 - 0000000 ____D C:\Program Files\iPod

2011-04-23 14:35 - 2011-04-23 14:35 - 0000000 ____D C:\Program Files\Bonjour

2011-04-23 14:35 - 2011-04-23 14:35 - 0000000 ____D C:\Program Files (x86)\Bonjour

2011-04-22 22:15 - 2011-05-28 00:51 - 0027520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys

2011-04-22 21:45 - 2011-04-22 21:45 - 0000000 ____D C:\Users\Littlewood\AppData\Local\Trusteer

2011-04-22 21:43 - 2010-03-27 21:38 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2011-04-19 16:33 - 2011-04-19 16:33 - 0114968 ____A C:\Users\Littlewood\Downloads\IMG_2907.JPG

2011-04-19 16:33 - 2011-04-19 16:33 - 0107400 ____A C:\Users\Littlewood\Downloads\IMG_2906.JPG

2011-04-19 16:08 - 2011-04-19 16:08 - 0089017 ____A C:\Users\Littlewood\Downloads\IMG_2098.JPG

2011-04-19 01:02 - 2011-04-19 01:02 - 0079611 ____A C:\Users\Littlewood\Downloads\Laura's confirmation.pdf

2011-04-18 01:06 - 2011-04-18 01:06 - 0032401 ____A C:\Users\Littlewood\Downloads\itinerary.doc.pdf

2011-04-18 01:01 - 2011-03-28 16:27 - 0016896 ____A C:\Users\Littlewood\Desktop\Party.xls

2011-04-17 13:58 - 2011-04-17 13:58 - 0318735 ____A C:\Users\Littlewood\Desktop\Arrrrrr.jpg

2011-04-14 17:01 - 2010-09-22 17:06 - 0530304 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys

2011-04-14 17:01 - 2010-09-22 17:06 - 0441840 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfefirek.sys

2011-04-14 17:01 - 2010-09-22 17:06 - 0283744 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys

2011-04-14 17:01 - 2010-09-22 17:06 - 0190520 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys

2011-04-14 17:01 - 2010-09-22 17:06 - 0149032 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe

2011-04-14 17:01 - 2010-09-22 17:06 - 0121376 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys

2011-04-14 17:01 - 2010-09-22 17:06 - 0094992 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys

2011-04-14 17:01 - 2010-09-22 17:06 - 0075160 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfenlfk.sys

2011-04-14 17:01 - 2010-09-22 17:06 - 0063056 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\cfwids.sys

2011-04-14 17:01 - 2010-09-22 17:06 - 0009984 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys

2011-04-14 10:23 - 2011-04-14 10:23 - 0841418 ____A C:\Users\Littlewood\Downloads\Laura NZ Passport 31.3.11.pdf

2011-04-14 06:45 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\Microsoft.NET

2011-04-14 06:31 - 2009-07-14 04:45 - 0388912 ____A C:\Windows\System32\FNTCACHE.DAT

2011-04-14 06:13 - 2009-07-14 02:34 - 0000531 ____A C:\Windows\win.ini

2011-04-13 23:34 - 2011-04-13 23:34 - 0514048 ____A C:\Users\Littlewood\Downloads\MX-2300N_20110210_143256 (1).pdf

2011-04-13 22:40 - 2011-04-13 22:40 - 4284416 ____A (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr

2011-04-13 21:26 - 2010-04-07 20:17 - 0000000 ____D C:\Update

2011-04-12 16:55 - 2011-04-12 16:55 - 0010095 ____A C:\Users\Littlewood\Downloads\accthist (1).csv

2011-04-12 16:55 - 2011-04-12 16:55 - 0001137 ____A C:\Users\Littlewood\Downloads\accthist.csv

2011-04-10 21:59 - 2010-06-04 19:23 - 0039118 ____A C:\test.xml

2011-04-09 07:02 - 2011-05-11 04:13 - 5562240 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2011-04-09 06:58 - 2011-05-24 05:35 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe

2011-04-09 06:02 - 2011-05-11 04:13 - 3967872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2011-04-09 06:02 - 2011-05-11 04:13 - 3912576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2011-04-09 05:56 - 2011-05-24 05:35 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe

2011-04-06 19:26 - 2011-04-06 19:26 - 0119584 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe

2011-04-06 19:26 - 2011-04-06 19:26 - 0096544 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll

2011-04-06 19:20 - 2011-04-06 19:20 - 0107808 ____A (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe

2011-04-06 19:20 - 2011-04-06 19:20 - 0091424 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssd.dll

2011-04-06 10:55 - 2011-04-06 10:55 - 0062338 ____A C:\Users\Littlewood\Downloads\0000000316-00000654608-001-001852047-20110401_0.pdf

2011-04-06 10:51 - 2011-04-06 10:50 - 2341686 ____A C:\Users\Littlewood\Downloads\ATT00029.wmv_3.WMV

2011-04-04 11:18 - 2011-04-04 11:18 - 0514048 ____A C:\Users\Littlewood\Downloads\MX-2300N_20110210_143256.pdf

2011-04-03 18:10 - 2011-03-16 02:24 - 0025600 ____A C:\Users\Littlewood\Desktop\ENGLAND ALBUM.doc

2011-04-03 14:36 - 2011-04-03 14:36 - 0601434 ____A C:\Users\Littlewood\Downloads\WSComparison_#90461396v46_EULEGAL_ - Weather - Loan Note Instrument-#90461396v51_EULEGAL_ - Weather - Loan Note Instrument.pdf

2011-04-02 23:13 - 2011-04-02 23:12 - 5017596 ____A C:\Users\Littlewood\Downloads\Bermuda pledge.PDF

2011-04-02 12:04 - 2011-04-02 12:04 - 2130440 ____A C:\Users\Littlewood\Downloads\leakinroof.zip

2011-04-02 01:50 - 2010-03-17 13:04 - 0000174 ___SH C:\Users\Littlewood\Start Menu\Programs\Startup\desktop.ini

2011-04-02 01:50 - 2010-03-17 13:04 - 0000174 ___SH C:\Users\Littlewood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

2011-04-02 01:45 - 2010-03-30 20:52 - 0000000 ____D C:\Program Files (x86)\uTorrent

2011-04-02 01:42 - 2010-03-07 07:39 - 0000000 ____D C:\Windows\SysWOW64\en

2011-04-02 01:42 - 2009-11-20 00:27 - 0000000 ____D C:\Program Files\Windows Journal

2011-04-02 01:42 - 2009-07-14 05:32 - 0000000 ____D C:\Program Files\Windows Sidebar

2011-04-02 01:42 - 2009-07-14 05:32 - 0000000 ____D C:\Program Files\Windows Portable Devices

2011-04-02 01:42 - 2009-07-14 05:32 - 0000000 ____D C:\Program Files\Windows Photo Viewer

2011-04-02 01:42 - 2009-07-14 05:32 - 0000000 ____D C:\Program Files\Windows Defender

2011-04-02 01:42 - 2009-07-14 05:32 - 0000000 ____D C:\Program Files\DVD Maker

2011-04-02 01:42 - 2009-07-14 05:32 - 0000000 ____D C:\Program Files (x86)\Windows Sidebar

2011-04-02 01:42 - 2009-07-14 05:32 - 0000000 ____D C:\Program Files (x86)\Windows Portable Devices

2011-04-02 01:42 - 2009-07-14 05:32 - 0000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\wbem

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\sppui

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\Setup

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\oobe

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\migwiz

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\manifeststore

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\es-ES

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\Dism

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\da-DK

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\cs-CZ

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\SysWOW64\AdvancedInstallers

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\wbem

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\sppui

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\Setup

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\oobe

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\migwiz

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\manifeststore

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\es-ES

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\Dism

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\da-DK

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\cs-CZ

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\AdvancedInstallers

2011-04-02 01:42 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\servicing

2011-04-02 01:32 - 2009-07-14 02:36 - 0175616 ____A (Microsoft Corporation) C:\Windows\System32\msclmd.dll

2011-04-02 01:32 - 2009-07-14 02:36 - 0152576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll

2011-04-02 01:26 - 2011-04-02 01:26 - 0000000 ____D C:\Windows\System32\SPReview

2011-04-02 00:43 - 2011-04-02 00:43 - 0000000 ____D C:\Windows\System32\EventProviders

2011-04-01 06:02 - 2010-03-07 00:10 - 0000000 ____D C:\Program Files (x86)\Windows Live

2011-03-31 21:50 - 2011-03-31 21:50 - 0017234 ____A C:\Users\Littlewood\Downloads\pirate's mate.jpg

2011-03-30 01:08 - 2010-04-11 21:08 - 0000900 __ASH C:\Users\All Users\KGyGaAvL.sys

2011-03-30 01:08 - 2010-04-11 21:08 - 0000900 __ASH C:\ProgramData\KGyGaAvL.sys

2011-03-29 17:04 - 2011-03-29 17:04 - 0125738 ____A C:\Users\Littlewood\Downloads\1713 - Philip Littlewood.pdf

2011-03-29 16:04 - 2011-03-29 16:04 - 0031232 ____A C:\Users\Littlewood\Downloads\Membership Form.doc

2011-03-29 16:02 - 2011-03-29 16:02 - 0067584 ____A C:\Users\Littlewood\Downloads\AOW.doc

2011-03-28 15:41 - 2011-03-28 15:41 - 0013204 ____A C:\Users\Littlewood\Downloads\[isoHunt] Adele - 19 (2008) (with covers).torrent

2011-03-28 15:40 - 2011-03-28 15:40 - 0017292 ____A C:\Users\Littlewood\Downloads\8F8D94E8128007364C19D826671E348BC2215FFF.torrent

2011-03-27 17:17 - 2009-07-14 05:32 - 0000000 ____D C:\Windows\System32\FxsTmp

2011-03-26 12:10 - 2011-03-26 12:10 - 0993835 ____A C:\Users\Littlewood\Downloads\arrival status.pdf

2011-03-26 12:08 - 2011-03-26 12:08 - 0000000 ____A C:\Users\Littlewood\Downloads\Goods of Customs interest.txt

2011-03-25 03:29 - 2011-05-11 04:13 - 0343040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys

2011-03-25 03:29 - 2011-05-11 04:13 - 0325120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys

2011-03-25 03:29 - 2011-05-11 04:13 - 0098816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys

2011-03-25 03:29 - 2011-05-11 04:13 - 0052736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys

2011-03-25 03:29 - 2011-05-11 04:13 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys

2011-03-25 03:29 - 2011-05-11 04:13 - 0025600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys

2011-03-25 03:28 - 2011-05-11 04:13 - 0007936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys

2011-03-25 00:11 - 2011-03-25 00:10 - 1058134 ____A C:\Users\Littlewood\Downloads\McKenzie Road.pdf

2011-03-24 22:41 - 2011-03-24 22:41 - 0452117 ____A C:\Users\Littlewood\Downloads\fwxlexecutionversionsofagreements (2).zip

2011-03-24 22:40 - 2011-03-24 22:40 - 0452117 ____A C:\Users\Littlewood\Downloads\fwxlexecutionversionsofagreements.zip

2011-03-24 22:40 - 2011-03-24 22:40 - 0452117 ____A C:\Users\Littlewood\Downloads\fwxlexecutionversionsofagreements (1).zip

2011-03-24 21:16 - 2011-03-24 17:03 - 0019456 ____A C:\Users\Littlewood\Desktop\Day Care Simple Static CF.xls

2011-03-24 21:11 - 2011-03-24 21:11 - 0969928 ____A C:\Users\Littlewood\Downloads\Unaccompanied Personal Baggage.pdf

2011-03-24 11:11 - 2009-11-19 20:25 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2011-03-24 11:10 - 2010-03-06 23:46 - 0000000 ____D C:\Program Files (x86)\SONY

2011-03-24 11:10 - 2009-11-19 22:03 - 0000000 ____D C:\Users\All Users\Sony Corporation

2011-03-24 11:10 - 2009-11-19 22:03 - 0000000 ____D C:\ProgramData\Sony Corporation

2011-03-24 02:27 - 2011-03-24 02:27 - 2935011 ____A C:\Users\Littlewood\Downloads\Sound racer.wmv

2011-03-23 14:32 - 2010-03-06 23:57 - 0000000 ____D C:\Program Files\Sony

2011-03-23 12:29 - 2011-03-23 12:29 - 0517120 ____A C:\Users\Littlewood\Downloads\Contacts (1).xls

2011-03-23 01:11 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\PolicyDefinitions

2011-03-21 17:39 - 2011-03-21 17:34 - 0004131 ____A C:\Windows\IE9_main.log

2011-03-21 17:38 - 2011-03-21 17:38 - 9702400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2011-03-21 17:38 - 2011-03-21 17:38 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2011-03-21 17:38 - 2011-03-21 17:38 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2011-03-21 17:38 - 2011-03-21 17:38 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2011-03-21 17:38 - 2011-03-21 17:38 - 2303488 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 2136064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 1797632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 1785344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 17773056 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 1492992 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2011-03-21 17:38 - 2011-03-21 17:38 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2011-03-21 17:38 - 2011-03-21 17:38 - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 1344000 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 12268544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 1102336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 10884096 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0818176 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2011-03-21 17:38 - 2011-03-21 17:38 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2011-03-21 17:38 - 2011-03-21 17:38 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0236544 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2011-03-21 17:38 - 2011-03-21 17:38 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf

2011-03-21 17:38 - 2011-03-21 17:38 - 0072822 ____A C:\Windows\System32\ieuinit.inf

2011-03-21 17:38 - 2011-03-21 17:38 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2011-03-21 17:38 - 2011-03-21 17:38 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2011-03-21 17:38 - 2011-03-21 17:38 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2011-03-21 17:38 - 2011-03-21 17:38 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2011-03-21 17:35 - 2011-03-21 17:35 - 0517120 ____A C:\Users\Littlewood\Downloads\Contacts.xls

2011-03-21 17:34 - 2011-03-21 17:34 - 0543024 ____A (Microsoft Corporation) C:\Users\Littlewood\Downloads\IE9-Windows7-x64-enu.exe

2011-03-20 12:18 - 2011-03-01 18:20 - 0009216 ____A C:\Users\Littlewood\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2011-03-19 23:06 - 2011-03-19 23:06 - 0119296 ____A C:\Users\Littlewood\Downloads\Top100BabyNamesNewZealand.xls

2011-03-17 16:41 - 2011-03-17 16:41 - 0002923 ____A C:\Users\Littlewood\Desktop\PADI Computer Diving Simulator.lnk

2011-03-17 16:41 - 2011-03-17 16:41 - 0000000 ____D C:\Program Files (x86)\PADI

2011-03-17 11:43 - 2011-03-17 11:43 - 0055808 ____A C:\Users\Littlewood\Downloads\ANZ and Alquod (2).doc

2011-03-16 17:44 - 2011-03-16 17:44 - 0245954 ____A C:\Users\Littlewood\Downloads\2011 offer letter - Littlewood (4).pdf

2011-03-16 17:44 - 2011-03-16 17:44 - 0245954 ____A C:\Users\Littlewood\Downloads\2011 offer letter - Littlewood (3).pdf

2011-03-16 17:43 - 2011-03-16 17:43 - 0258740 ____A C:\Users\Littlewood\Downloads\Sweet Pea Nursery - 2011 - 2012 fees (1).pdf

2011-03-16 11:56 - 2011-03-16 11:55 - 2405993 ____A C:\Users\Littlewood\Downloads\pl.pdf

2011-03-16 01:23 - 2011-03-16 01:23 - 0101376 ____A C:\Users\Littlewood\Downloads\ANZ and Alquod (1).doc

2011-03-15 22:47 - 2011-03-15 22:47 - 0051200 ____A C:\Users\Littlewood\Downloads\ANZ and Alquod.doc

2011-03-14 22:43 - 2011-03-14 22:43 - 0000000 ____D C:\Users\Littlewood\AppData\Roaming\com.Shutterfly.ExpressUploader

2011-03-14 22:43 - 2011-03-14 22:43 - 0000000 ____D C:\Users\Default\AppData\Roaming\Macromedia

2011-03-14 22:43 - 2011-03-14 22:43 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia

2011-03-14 22:43 - 2011-03-14 22:43 - 0000000 ____D C:\Program Files (x86)\Shutterfly

2011-03-14 22:41 - 2011-03-14 22:41 - 1660744 ____A C:\Users\Littlewood\Downloads\DesktopUploader1.0.0.4.exe

2011-03-12 12:08 - 2011-04-27 10:02 - 1465344 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll

2011-03-12 11:23 - 2011-04-27 10:02 - 0870912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2011-03-11 19:25 - 2011-03-11 19:25 - 0004887 ____A C:\Users\Littlewood\Downloads\LIT100 - 2010 - Calculation (1).pdf

2011-03-11 19:23 - 2011-03-11 19:23 - 0109122 ____A C:\Users\Littlewood\Downloads\Propinvest Asset Management LLP - 2010 Final Tax Return.pdf

2011-03-11 19:20 - 2011-03-11 19:20 - 0519719 ____A C:\Users\Littlewood\Downloads\Signed Propinvest Accounts 2010.pdf

2011-03-11 18:19 - 2011-03-11 18:19 - 0004887 ____A C:\Users\Littlewood\Downloads\LIT100 - 2010 - Calculation.pdf

2011-03-11 18:18 - 2011-03-11 18:17 - 1255104 ____A C:\Users\Littlewood\Downloads\LIT100 - 2010 - SA100.pdf

2011-03-11 18:16 - 2011-03-11 18:16 - 0018846 ____A C:\Users\Littlewood\Downloads\LIT100 - 2010 - All Schedules.pdf

2011-03-11 06:41 - 2011-04-27 10:02 - 1659776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2011-03-11 06:41 - 2011-04-27 10:02 - 0410496 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys

2011-03-11 06:41 - 2011-04-27 10:02 - 0189824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys

2011-03-11 06:41 - 2011-04-27 10:02 - 0166272 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys

2011-03-11 06:41 - 2011-04-27 10:02 - 0148352 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys

2011-03-11 06:41 - 2011-04-27 10:02 - 0107904 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys

2011-03-11 06:41 - 2011-04-27 10:02 - 0027008 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys

2011-03-11 06:34 - 2011-04-14 01:06 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll

2011-03-11 06:34 - 2011-04-14 01:06 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll

2011-03-11 06:33 - 2011-04-27 10:02 - 2565632 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll

2011-03-11 06:30 - 2011-04-27 10:02 - 0096768 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe

2011-03-11 05:33 - 2011-04-27 10:02 - 1699328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll

2011-03-11 05:33 - 2011-04-14 01:06 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll

2011-03-11 05:33 - 2011-04-14 01:06 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll

2011-03-11 05:31 - 2011-04-27 10:02 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe

2011-03-11 04:37 - 2011-04-27 10:02 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS

2011-03-10 22:34 - 2010-03-30 20:49 - 0000000 ____D C:\Users\Littlewood\Incomplete

2011-03-10 22:30 - 2010-03-30 20:49 - 0000000 ____D C:\Users\Littlewood\Shared

2011-03-10 18:18 - 2011-03-10 18:18 - 0045568 ____A C:\Users\Littlewood\Downloads\info OW and SD course (1).doc

2011-03-10 18:18 - 2011-03-10 18:18 - 0031232 ____A C:\Users\Littlewood\Downloads\Members email 2011 (1).doc

2011-03-10 17:46 - 2011-03-10 17:46 - 0045568 ____A C:\Users\Littlewood\Downloads\info OW and SD course.doc

2011-03-10 17:46 - 2011-03-10 17:46 - 0031232 ____A C:\Users\Littlewood\Downloads\Members email 2011.doc

2011-03-10 07:01 - 2009-07-14 04:45 - 0000000 ____D C:\Windows\debug

2011-03-09 23:14 - 2011-03-09 23:14 - 0000000 ____D C:\Users\Littlewood\AppData\Roaming\Media Player Classic

2011-03-09 17:39 - 2011-03-09 17:38 - 2958225 ____A C:\Users\Littlewood\Downloads\phil (3).pdf

2011-03-08 18:45 - 2011-03-08 17:56 - 0000000 ____D C:\Users\Littlewood\Desktop\2011-03-08

2011-03-08 11:31 - 2011-03-08 11:29 - 2958225 ____A C:\Users\Littlewood\Downloads\phil (2).pdf

2011-03-08 06:29 - 2011-04-14 01:06 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll

2011-03-08 05:28 - 2011-04-14 01:06 - 0741376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2011-03-06 11:06 - 2011-03-06 11:06 - 0808381 ____A C:\Users\Littlewood\Downloads\IMG_3982.JPG

2011-03-06 11:06 - 2011-03-06 11:06 - 0808381 ____A C:\Users\Littlewood\Downloads\IMG_3982 (1).JPG

2011-03-04 18:08 - 2011-03-04 18:08 - 0258740 ____A C:\Users\Littlewood\Downloads\Sweet Pea Nursery - 2011 - 2012 fees.pdf

2011-03-03 22:35 - 2011-03-03 22:35 - 0012772 ____A C:\Users\Littlewood\Downloads\Diary of Travel.xlsx

2011-03-03 06:24 - 2011-04-14 01:06 - 0357888 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll

2011-03-03 06:24 - 2011-04-14 01:06 - 0183296 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll

2011-03-03 06:21 - 2011-04-14 01:06 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe

2011-03-03 05:38 - 2011-04-14 01:06 - 0270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll

2011-03-03 05:36 - 2011-04-14 01:06 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe

2011-03-03 03:52 - 2011-04-14 01:06 - 3135488 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2011-03-02 20:20 - 2011-03-02 20:20 - 0245954 ____A C:\Users\Littlewood\Downloads\2011 offer letter - Littlewood (2).pdf

2011-03-02 20:18 - 2011-03-02 20:18 - 0115838 ____A C:\Users\Littlewood\Downloads\Medical PADI form.pdf

2011-03-02 17:53 - 2011-03-02 17:53 - 0020992 ____A C:\Windows\jestertb.dll

2011-03-02 17:53 - 2011-03-02 17:53 - 0000000 ____D C:\Program Files (x86)\Western Digital

2011-03-02 17:52 - 2011-03-02 17:52 - 0000000 ____D C:\Users\Littlewood\Documents\WDC

2011-03-02 13:18 - 2011-03-02 13:18 - 0023040 ____A C:\Users\Littlewood\Downloads\Apple Cake.doc

2011-03-02 13:17 - 2011-03-02 13:17 - 0021504 ____A C:\Users\Littlewood\Downloads\Bircher Meusli.doc

2011-03-02 12:10 - 2011-03-02 12:10 - 0290264 ____A C:\Windows\Minidump\030211-35973-01.dmp

2011-03-02 12:10 - 2011-02-13 13:31 - 422776471 ____A C:\Windows\MEMORY.DMP

2011-03-02 12:10 - 2010-11-11 07:45 - 0000000 ____D C:\Windows\Minidump

2011-03-02 00:54 - 2011-03-02 00:54 - 0245954 ____A C:\Users\Littlewood\Downloads\2011 offer letter - Littlewood (1).pdf

2011-03-01 18:50 - 2010-03-07 00:04 - 0072655 ____A C:\Windows\DirectX.log

2011-03-01 18:45 - 2010-03-17 13:03 - 0000000 ____D C:\Users\Littlewood\AppData\Roaming\Sony Corporation

2011-03-01 18:11 - 2011-03-01 18:10 - 0000000 ____D C:\Program Files (x86)\K-Lite Codec Pack

2011-03-01 18:10 - 2011-02-28 02:13 - 0000000 ____D C:\Program Files (x86)\DScaler5

2011-03-01 18:08 - 2011-02-28 02:14 - 0000000 ____D C:\Program Files (x86)\SHOUTcast Source

2011-03-01 18:07 - 2011-03-01 18:07 - 14744456 ____A ( ) C:\Users\Littlewood\Downloads\K-Lite_Codec_Pack_700_Full.exe

2011-03-01 15:34 - 2011-03-01 15:34 - 0000000 ____D C:\Users\Littlewood\pnlinks

2011-03-01 15:32 - 2011-03-01 15:32 - 0000000 ____D C:\Program Files (x86)\Citrix

2011-02-28 19:38 - 2011-02-28 19:38 - 3234135 ____A C:\Users\Littlewood\Downloads\March_Stroller_2011.pdf

2011-02-28 18:05 - 2011-02-28 18:05 - 0176769 ____A C:\Users\Littlewood\Downloads\IMG_2046.JPG

2011-02-28 08:00 - 2011-03-01 18:10 - 0080896 ____A C:\Windows\SysWOW64\ff_vfw.dll

2011-02-28 08:00 - 2011-03-01 18:10 - 0000038 ____A C:\Windows\avisplitter.ini

2011-02-28 03:13 - 2011-02-28 03:13 - 0251247 ____A C:\Users\Littlewood\Downloads\THE_WIRE_S01-S02-S03-S04-S05_COMPLETE_High_Quality.5348981.TPB (2).torrent

2011-02-28 03:12 - 2011-02-28 03:12 - 0251247 ____A C:\Users\Littlewood\Downloads\THE_WIRE_S01-S02-S03-S04-S05_COMPLETE_High_Quality.5348981.TPB.torrent

2011-02-28 03:12 - 2011-02-28 03:12 - 0251247 ____A C:\Users\Littlewood\Downloads\THE_WIRE_S01-S02-S03-S04-S05_COMPLETE_High_Quality.5348981.TPB (1).torrent

2011-02-28 02:16 - 2011-02-28 02:16 - 0000000 ____D C:\Program Files (x86)\DCoder Image Source

2011-02-28 02:16 - 2011-02-28 02:16 - 0000000 ____D C:\Program Files (x86)\7-Zip

2011-02-28 02:15 - 2011-02-28 02:15 - 0000000 ____D C:\Program Files (x86)\FFMPEG Core Files

2011-02-28 02:14 - 2011-02-28 02:14 - 0000000 ____D C:\Program Files (x86)\OpenSource AVI Splitter

2011-02-28 02:14 - 2011-02-28 02:14 - 0000000 ____D C:\Program Files (x86)\MONOGRAM AMR SplitterDecoder

2011-02-28 02:14 - 2011-02-28 02:14 - 0000000 ____D C:\Program Files (x86)\CD Audio Reader Filter

2011-02-28 02:13 - 2011-02-28 02:13 - 0000000 ____D C:\Program Files (x86)\OpenSource DTSAC3DD+ Source Filter

2011-02-28 02:13 - 2011-02-28 02:13 - 0000000 ____D C:\Program Files (x86)\Gabest MPEG Splitter

2011-02-28 02:13 - 2011-02-28 02:13 - 0000000 ____D C:\Program Files (x86)\Bass Audio Decoder

2011-02-28 02:13 - 2011-02-28 02:12 - 0000000 ____D C:\Program Files (x86)\Zoom Player

2011-02-28 02:12 - 2011-02-28 02:12 - 1521904 ____A C:\Users\Littlewood\Downloads\zp502std.exe

2011-02-28 01:00 - 2011-02-28 01:00 - 0272417 ____A C:\Users\Littlewood\Downloads\3693_001 (1).pdf

2011-02-28 00:59 - 2011-02-28 00:59 - 0308270 ____A C:\Users\Littlewood\Downloads\3503_001.pdf

2011-02-28 00:59 - 2011-02-28 00:58 - 0272417 ____A C:\Users\Littlewood\Downloads\3693_001.pdf

#10 James Brown

James Brown
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 28 May 2011 - 06:32 PM

wow - its worked! i had to delete the following part from the beginning of the section of the output which contained 2 log entries, as follows:


"07:11 - 0000000 ____D C : \ FRST "
and...
"23:48 - 1083320 ____A C : \ Windows \ Windows Update . log "

#11 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:59 PM

Posted 29 May 2011 - 06:22 AM

Seems you have gone through a lot of trouble to post the log. I could have made it easier for you if I was on line earlier. But is all history now.

Your log(s) show that you are using so called peer-to-peer or file-sharing programs. These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."


Removal Instructions
Open notepad. Please copy the contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

cmd: bootrec /FixMbr
cmd: bcdedit /set {default} winpe no

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also reboot normally and tell me how it went.

#12 James Brown

James Brown
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 29 May 2011 - 07:05 AM

hi farbar,

Thanks a million. I feel like such an idiot for using the P2P sites....this has scared me enough to steer way clear of them in the future!!!

I ran the fix and have rebooted successfully. Excellent!!

However, i still think i have a virus, since under my wireless connections list i can see my home wireless connection, and then another one, called "Virus4You_EXT"

My anti-malware software Rapport also picked something up yesterday.

I'd be very grateful for your suggestions to clear these?

Please find the output log below. Also, id be grateful if you could direct me as to where to make a donation for your help. Its been very very gratefully received!!


Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.0.8)
Ran by SYSTEM at 2011-05-29 08:56:54 R:1
Running from G:\

==============================================


========= bootrec /FixMbr =========

˙ţT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========


========= bcdedit /set {default} winpe no =========

The operation completed successfully.

========= End of CMD: =========

#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:59 PM

Posted 29 May 2011 - 09:02 AM

Great. :thumbsup:

We will make sure everything is clean before we round off.

Please download OTL by OldTimer.
  • Save it to your desktop.
  • Double click on the OTL icon on your desktop.
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Click Run Scan button.
  • Two reports will open, copy and paste them to your reply:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

*******
To answer your question about the donation: This is a voluntary free service. However, if you would like to donate to my account click on Posted Image

#14 James Brown

James Brown
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:59 PM

Posted 29 May 2011 - 10:44 AM

Thanks Farbar!

Please find the output results below.

I actually jumped ahead a little and ran the ESET Online Scanner which you recommended to a previous user who had a similar problem to me. That scan found 14 infected files and ran for about 1hr 40min, before hanging at 92%. After waiting for about 15mins at that point, i stopped the scan, deleted the quarantined files. The list of the quarantined files are below.

Shall i re-scan using ESET to get through to 100%?


C:\Users\Littlewood\AppData\Local\Temp\69A1.tmp Win32/AutoRun.Agent.ABK worm cleaned by deleting - quarantined
C:\Users\Littlewood\AppData\Local\Temp\srv1050.tmp Win32/AutoRun.Agent.ABK worm cleaned by deleting - quarantined
C:\Users\Littlewood\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\19e4c9d4-761c9e69 probably a variant of Java/Agent.BR trojan deleted - quarantined
C:\Users\Littlewood\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\77ca675a-4c190af4 a variant of Java/Agent.BR trojan deleted - quarantined
C:\Users\Littlewood\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\5974e79e-54b55fc9 probably a variant of Java/Agent.BR trojan deleted - quarantined
C:\Users\Littlewood\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\6ccf05e7-12a9517a probably a variant of Java/Agent.BR trojan deleted - quarantined
C:\Users\Littlewood\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\52614f75-32760f67 probably a variant of Java/Agent.BR trojan deleted - quarantined
C:\Users\Littlewood\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\30c92f3c-25cb4679 a variant of Java/Agent.BR trojan deleted - quarantined
C:\Users\Littlewood\Music\iTunes\!!!\Excalibur - O Fortuna from Carmina Burana - best track ever.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined
C:\Users\Littlewood\Music\iTunes\!!!\james brown ruled the world (320k stereo).mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined
C:\Users\Littlewood\Music\iTunes\!!!\ruled the world james brown - greatest hits.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined
C:\Users\Littlewood\Music\iTunes\!!!\Juno Soundtrack\09-Superstar.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined
C:\Users\Littlewood\Music\iTunes\!!!\Nas-Untitled-2008-[NoFS]\07-nas-sly_fox.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined
C:\Users\Littlewood\Music\iTunes\!!!\Rihanna - Good Girl Gone Bad (Reloaded) (2008)\05 - Shut Up & Drive.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined


OTL:
OTL logfile created on: 29/05/2011 12:32:40 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Littlewood\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.92 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 61.28% Memory free
7.84 Gb Paging File | 5.81 Gb Available in Paging File | 74.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.16 Gb Total Space | 71.73 Gb Free Space | 15.69% Space Free | Partition Type: NTFS
Drive D: | 125.83 Mb Total Space | 124.68 Mb Free Space | 99.09% Space Free | Partition Type: FAT

Computer Name: LITTLEWOOD-VAIO | User Name: Littlewood | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/29 12:32:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Littlewood\Downloads\OTL.exe
PRC - [2011/05/20 02:54:14 | 001,010,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2011/01/29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2010/12/06 08:17:00 | 000,821,048 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2010/12/06 08:16:46 | 001,505,080 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2010/11/19 13:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2010/05/28 07:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2010/03/24 16:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
PRC - [2010/03/06 20:55:23 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
PRC - [2010/02/19 15:19:24 | 000,529,776 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2009/11/30 16:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009/11/11 00:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\AirPort\APAgent.exe
PRC - [2009/10/24 00:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/10/13 16:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/10/13 16:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/09/14 16:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/09/14 15:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009/09/04 18:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/08/26 16:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
PRC - [2009/05/19 13:11:52 | 000,136,544 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2008/09/18 07:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007/07/24 08:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/01/04 16:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (SafeList) ==========

MOD - [2011/05/29 12:32:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Littlewood\Downloads\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/12/06 08:17:04 | 000,513,848 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\rooksbas.dll
MOD - [2010/11/20 09:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010/11/20 09:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010/11/20 08:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011/01/29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010/10/07 18:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/08/10 16:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2010/04/09 09:37:36 | 001,223,024 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2010/03/10 06:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 06:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 06:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 06:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 06:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 06:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/02/19 15:19:28 | 000,115,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2010/02/19 15:19:24 | 000,529,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2009/11/30 16:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009/09/04 18:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/09/01 18:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2009/07/13 22:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/12/06 08:17:00 | 000,821,048 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/11/19 13:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2010/05/28 07:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010/03/18 09:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 07:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/11/25 12:28:34 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/11/25 12:28:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/11/25 12:28:34 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/11/25 12:28:34 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/11/25 12:28:32 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/10/24 00:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/10/13 16:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009/09/14 16:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/09/14 16:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/09/14 15:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/08/30 22:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/08/30 22:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 07:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/07/24 08:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 16:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/12/06 08:17:18 | 000,062,448 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/10/19 05:34:59 | 000,021,200 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TVicHW64.sys -- (TVICHW64)
DRV:64bit: - [2010/09/22 21:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/12 15:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/11/18 17:07:14 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/11/18 17:07:13 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/11/18 17:07:13 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/11/18 17:07:12 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009/11/18 17:06:44 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/11/12 17:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/11/12 17:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/12 17:05:01 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/11/11 17:05:13 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/11/06 17:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009/10/27 17:06:59 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/13 16:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/15 17:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009/08/19 17:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 17:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 11:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/18 11:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/04/01 13:33:16 | 000,024,576 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FlyUsb.sys -- (FlyUsb)
DRV:64bit: - [2007/05/14 12:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/04/17 08:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2010/12/06 08:17:18 | 000,058,864 | ---- | M] (Trusteer Ltd.) [Kernel | System | Stopped] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2010/12/06 08:17:18 | 000,050,672 | ---- | M] (Trusteer Ltd.) [Kernel | System | Stopped] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2007/04/17 17:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\regi.sys -- (regi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/25 16:28:06 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 18:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110512182609.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110512182609.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-3466206404-1037346733-4115873997-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 199.172.192.3 198.207.23.58
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/29 12:25:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/05/29 10:23:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/05/28 07:31:06 | 000,000,000 | ---D | C] -- C:\Windows\WinUpdaterstd
[2011/05/28 04:11:32 | 000,000,000 | ---D | C] -- C:\FRST
[2011/05/27 21:51:06 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011/05/24 02:35:52 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/05/24 02:35:52 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/05/20 18:57:58 | 000,000,000 | ---D | C] -- C:\Users\Littlewood\AppData\Local\ElevatedDiagnostics
[2011/05/19 17:36:58 | 000,000,000 | ---D | C] -- C:\Users\Littlewood\Desktop\Grandma and Grandpa babysit 19-20 May 2011
[2011/05/11 08:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/05/11 08:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/05/11 08:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011/05/11 01:13:46 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/05/11 01:13:45 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/05/11 01:13:45 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/05/11 01:13:42 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011/05/11 01:13:42 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/29 12:34:22 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/29 12:34:22 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/29 12:32:09 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/29 12:32:09 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/29 12:32:09 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/29 12:25:12 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/29 12:24:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/29 12:24:50 | 3156,807,680 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/29 11:59:43 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/27 14:24:33 | 000,002,016 | -H-- | M] () -- C:\Users\Littlewood\Documents\Default.rdp
[2011/05/23 14:36:19 | 000,078,897 | ---- | M] () -- C:\Users\Littlewood\Desktop\Jobson's Bay, Bermuda.jpg
[2011/05/11 06:54:25 | 000,001,137 | ---- | M] () -- C:\Users\Littlewood\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/23 14:36:19 | 000,078,897 | ---- | C] () -- C:\Users\Littlewood\Desktop\Jobson's Bay, Bermuda.jpg
[2011/04/26 13:57:38 | 000,038,770 | ---- | C] () -- C:\Users\Littlewood\AppData\Roaming\Microsoft Excel.ADR
[2011/03/02 14:53:00 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll
[2011/03/01 15:20:11 | 000,009,216 | ---- | C] () -- C:\Users\Littlewood\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/01 15:10:34 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/03/01 15:10:33 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/03/01 15:10:33 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/03/01 15:10:33 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/03/01 15:10:33 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/06/01 16:40:02 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/04/11 18:08:49 | 000,000,900 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/03/18 03:49:14 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/06 20:49:23 | 000,001,607 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
[2009/07/14 02:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 23:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 21:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 20:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 18:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003/01/07 11:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

< End of report >


Extras:
OTL Extras logfile created on: 29/05/2011 12:32:40 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Littlewood\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.92 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 61.28% Memory free
7.84 Gb Paging File | 5.81 Gb Available in Paging File | 74.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.16 Gb Total Space | 71.73 Gb Free Space | 15.69% Space Free | Partition Type: NTFS
Drive D: | 125.83 Mb Total Space | 124.68 Mb Free Space | 99.09% Space Free | Partition Type: FAT

Computer Name: LITTLEWOOD-VAIO | User Name: Littlewood | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3466206404-1037346733-4115873997-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java™ 6 Update 16 (64-bit)
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play with PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Monitoring Settings
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C0F8A40-2273-43E1-8C61-40D7F0573EDE}" = AirPort
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote Keyboard with PlayStation 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Power Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91989CE7-EE83-4A53-8E06-D97887928119}" = VAIO Care
"{91E30409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{9CCA7C1A-6308-4F12-AEDD-D230CAAF847E}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{A055FB62-CF73-4839-AD83-122ABCB92418}" = LeapFrog Tag Junior Plugin
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A3F72157-89C2-46E3-A05F-8643A6BD3545}" = Sony Home Network Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Settings
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{C197FA91-3563-4B76-A408-A8529222AE2F}" = PADI Computer Diving Simulator
"{C6359569-E03E-4CDC-98E8-CDD080C6EEB5}" = LeapFrog Connect
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C8192B14-5B56-2E27-6652-8AA650091D6E}" = Shutterfly Express Uploader
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E89956F9-5B89-470E-818D-BD46102D0A01}" = Citrix Presentation Server Client
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F46C88AD-6239-474A-8690-F9329BD36D7F}" = Remote Play with PlayStation 3
"{F48A53B8-7806-443A-A5A5-A07DF808B745}" = Media Gallery
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{FB4F9000-04FC-11E0-85D2-001AA037B01E}" = Google Earth Plug-in
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FF1FC66F-536F-46BD-98E3-D8DA127A810E}" = PMB VAIO Edition Guide
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"Canon MP560 series User Registration" = Canon MP560 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader
"conduitEngine" = Conduit Engine
"DCoder Image Source" = DCoder Image Source (remove only)
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{9CCA7C1A-6308-4F12-AEDD-D230CAAF847E}" = VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"InstallShield_{FF1FC66F-536F-46BD-98E3-D8DA127A810E}" = VAIO - PMB VAIO Edition Guide
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketingTools" = VAIO Marketing Tools
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MP3 Rocket" = MP3 Rocket
"MSC" = McAfee Internet Security
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"Picasa 3" = Picasa 3
"Rapport_msi" = Rapport
"TagJuniorPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
"UPCShell" = LeapFrog Connect
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"Vaio Application Uninstaller2.0" = Vaio Application Uninstaller
"VAIO CW screensaver" = VAIO CW screensaver
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"WinLiveSuite" = Windows Live Essentials
"ZoomPlayer" = Zoom Player (remove only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28/11/2010 07:42:07 | Computer Name = Littlewood-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 28/11/2010 07:42:07 | Computer Name = Littlewood-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2013

Error - 28/11/2010 07:42:07 | Computer Name = Littlewood-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2013

Error - 28/11/2010 07:42:08 | Computer Name = Littlewood-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 28/11/2010 07:42:08 | Computer Name = Littlewood-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3027

Error - 28/11/2010 07:42:08 | Computer Name = Littlewood-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3027

Error - 28/11/2010 07:42:09 | Computer Name = Littlewood-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 28/11/2010 07:42:09 | Computer Name = Littlewood-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4025

Error - 28/11/2010 07:42:09 | Computer Name = Littlewood-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4025

Error - 28/11/2010 07:42:10 | Computer Name = Littlewood-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ System Events ]
Error - 28/05/2011 15:36:22 | Computer Name = Littlewood-VAIO | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 28/05/2011 15:36:22 | Computer Name = Littlewood-VAIO | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 28/05/2011 15:36:22 | Computer Name = Littlewood-VAIO | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 28/05/2011 15:36:22 | Computer Name = Littlewood-VAIO | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 28/05/2011 15:36:22 | Computer Name = Littlewood-VAIO | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 28/05/2011 15:36:53 | Computer Name = Littlewood-VAIO | Source = volsnap | ID = 393230
Description = The shadow copies of volume C: were aborted because of an IO failure
on volume C:.

Error - 28/05/2011 15:53:11 | Computer Name = Littlewood-VAIO | Source = volsnap | ID = 393230
Description = The shadow copies of volume C: were aborted because of an IO failure
on volume C:.

Error - 29/05/2011 07:41:54 | Computer Name = Littlewood-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Upnp Server 10 service to connect.

Error - 29/05/2011 07:57:52 | Computer Name = Littlewood-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Upnp Server 10 service to connect.

Error - 29/05/2011 11:25:09 | Computer Name = Littlewood-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Upnp Server 10 service to connect.


< End of report >

#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:07:59 PM

Posted 29 May 2011 - 11:00 AM

Normally I might recommend ESET online scanner at the end of the fixes.

  • I see a DNS set to Bermuda. Is that you ISP and have you set it up yourself?
  • I see Conduit Engine is installed on your computer. Some sources relate this to adware stuff. You may go to Programs and Features on Control Panel and uninstall it.

  • Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
    • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
    • Look for "JDK 6 Update 25 (JDK or JRE)".
    • Click the "Download JRE" button to the right.
    • Select your Platform: "Windows".
    • Select your Language: "Multi-language".
    • Read the License Agreement, and then check the box that says: "I agree to the Java SE...License Agreement".
    • Click Continue and the page will refresh.
    • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
    • Close any programs you may have running - especially your web browser.
    Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
    • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
    • Repeat as many times as necessary to remove each Java versions.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on jre-6u25-windows-i586.exe to install the newest version.
    • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
    • When the Java Setup - Welcome window opens, click the Install > button.
    • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
    -- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
    -- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


    Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
    To disable the JQS service if you don't want to use it:
    • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
    • Click Ok and reboot your computer.
  • Open your Malwarebytes' Anti-Malware.
    • First update it, to do that under the Update tab press "Check for Updates".
    • Under Scanner tab select "Perform Quick Scan", then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the MBAM log.

    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users