Jump to content

mydomainadvisor


Recommended Posts

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Victor\AppData\Roaming\Mozilla\Firefox\Profiles\034wfyfp.default\

FF - prefs.js: browser.startup.homepage - www.asiafinest.com

FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7Bcb0ca02d-7115-4e6a-8ed3-4eb5babde760%7D&mid=863ffc3fce5847d0ab0cb1a22f153dfb-1f6330eb42dd8974cb1bd46fd9b683e109e7d073&ds=gf011&v=12.1.0.21〈=en&pr=sa&d=2012-07-27%2020%3A16%3A39&sap=ku&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.5\npsitesafety.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll

FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R1 avgtp;avgtp;\??\C:\windows\system32\drivers\avgtpx64.sys --> C:\windows\system32\drivers\avgtpx64.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-27 655944]

R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe [2012-7-27 115056]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe [2012-7-27 126392]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-27 2320920]

R2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe [2012-7-27 830048]

R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 Impcd;Impcd;C:\windows\system32\DRIVERS\Impcd.sys --> C:\windows\system32\DRIVERS\Impcd.sys [?]

R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;C:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys --> C:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]

R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]

R3 QIOMem;Generic IO & Memory Access;C:\windows\system32\DRIVERS\QIOMem.sys --> C:\windows\system32\DRIVERS\QIOMem.sys [?]

R3 rtl8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\system32\DRIVERS\rtl8192Ce.sys --> C:\windows\system32\DRIVERS\rtl8192Ce.sys [?]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-7-27 51512]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]

S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-27 113120]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

S3 SrvHsfHDA;SrvHsfHDA;C:\windows\system32\DRIVERS\VSTAZL6.SYS --> C:\windows\system32\DRIVERS\VSTAZL6.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\windows\system32\DRIVERS\VSTDPV6.SYS --> C:\windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1

VBEFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*

VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2012-08-20 12:07:40 -------- d-----w- C:\Program Files (x86)\ESET

2012-08-18 16:41:10 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-18 16:41:10 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2012-08-18 15:51:01 -------- d-sh--w- C:\$RECYCLE.BIN

2012-08-18 15:35:40 98816 ----a-w- C:\windows\sed.exe

2012-08-18 15:35:40 518144 ----a-w- C:\windows\SWREG.exe

2012-08-18 15:35:40 256000 ----a-w- C:\windows\PEV.exe

2012-08-18 15:35:40 208896 ----a-w- C:\windows\MBR.exe

2012-08-18 15:35:38 -------- d-----w- C:\ComboFix

2012-08-17 14:39:37 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E255035B-85AD-486D-AE2C-1D972030D7D4}\mpengine.dll

2012-08-17 02:27:08 503808 ----a-w- C:\windows\System32\srcore.dll

2012-08-17 02:27:08 43008 ----a-w- C:\windows\SysWow64\srclient.dll

2012-08-17 02:21:51 751104 ----a-w- C:\windows\System32\win32spl.dll

2012-08-17 02:21:51 67584 ----a-w- C:\windows\splwow64.exe

2012-08-17 02:21:51 559104 ----a-w- C:\windows\System32\spoolsv.exe

2012-08-17 02:21:51 492032 ----a-w- C:\windows\SysWow64\win32spl.dll

2012-08-17 02:16:22 58880 ----a-w- C:\windows\System32\browcli.dll

2012-08-17 02:16:22 41472 ----a-w- C:\windows\SysWow64\browcli.dll

2012-08-17 02:16:22 136704 ----a-w- C:\windows\System32\browser.dll

2012-08-17 02:16:14 3146752 ----a-w- C:\windows\System32\win32k.sys

2012-08-17 02:16:09 956416 ----a-w- C:\windows\System32\localspl.dll

2012-08-12 15:06:54 16200 ----a-w- C:\windows\stinger.sys

2012-08-12 15:06:03 -------- d-----w- C:\Program Files (x86)\stinger

2012-08-12 13:31:12 -------- d-----w- C:\TDSSKiller_Quarantine

2012-08-04 20:44:39 -------- d-----w- C:\Users\Victor\AppData\Roaming\Tific

2012-08-04 20:44:39 -------- d-----w- C:\Users\Victor\AppData\Local\Tific

2012-08-04 04:49:55 -------- d-----w- C:\Users\Victor\AppData\Local\Diagnostics

2012-07-31 12:11:29 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-07-30 15:23:29 82944 ----a-w- C:\windows\System32\Spool\prtprocs\x64\CNMPP9H.DLL

2012-07-30 15:23:29 27648 ----a-w- C:\windows\System32\Spool\prtprocs\x64\CNMPD9H.DLL

2012-07-30 15:22:58 279040 ----a-w- C:\windows\System32\CNMLM9H.DLL

2012-07-30 05:26:11 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared

2012-07-30 05:25:59 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll

2012-07-30 05:25:59 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll

2012-07-30 00:49:10 163048 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin

2012-07-28 23:53:46 -------- d-----w- C:\Users\Victor\AppData\Roaming\AnvSoft

2012-07-28 23:43:42 -------- d-----w- C:\Program Files (x86)\AnvSoft

2012-07-28 21:44:58 -------- d-----w- C:\Users\Victor\AppData\Roaming\Collaborate

2012-07-28 21:44:48 -------- d-----w- C:\Users\Victor\AppData\Roaming\Blackboard

2012-07-28 21:38:33 -------- d-----w- C:\Users\Victor\AppData\Local\Microsoft Games

2012-07-28 21:04:57 -------- d-----w- C:\Users\Victor\AppData\Local\Macromedia

2012-07-28 20:55:18 -------- d-----w- C:\Users\Victor\AppData\Local\Adobe

2012-07-28 06:41:29 -------- d-----w- C:\Program Files (x86)\VideoLAN

2012-07-28 06:41:10 -------- d-----w- C:\ProgramData\WeCareReminder

2012-07-28 06:40:55 -------- d-----w- C:\Program Files (x86)\Funmoods

2012-07-28 04:51:42 -------- d-----w- C:\Users\Victor\AppData\Roaming\.ZMatrix

2012-07-28 04:51:38 -------- d-----w- C:\Program Files (x86)\ZMatrix

2012-07-28 04:50:02 -------- d-----w- C:\ProgramData\blekko toolbars

2012-07-28 04:49:48 -------- d-----w- C:\Users\Victor\AppData\Local\blekkotb_031

2012-07-28 04:49:48 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor

2012-07-28 01:15:03 -------- d-----w- C:\Users\Victor\OPEN ENGLISH

2012-07-28 01:15:03 -------- d-----w- C:\Users\Victor\NEW stuff

2012-07-28 00:26:33 -------- d-----w- C:\Program Files (x86)\DVD Shrink

2012-07-28 00:26:22 -------- d-----w- C:\Program Files (x86)\Oracle

2012-07-28 00:25:25 772544 ----a-w- C:\windows\SysWow64\npDeployJava1.dll

2012-07-28 00:25:25 687544 ----a-w- C:\windows\SysWow64\deployJava1.dll

2012-07-28 00:19:54 -------- d-----w- C:\ProgramData\MagicSoftware

2012-07-28 00:19:46 -------- d-----w- C:\Users\Victor\AppData\Local\MagicSoftware

2012-07-28 00:19:45 -------- d-----w- C:\Program Files (x86)\MagicDVDRipper

2012-07-28 00:16:52 -------- d-----w- C:\Users\Victor\AppData\Local\AVG Secure Search

2012-07-28 00:16:46 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-07-28 00:16:46 -------- d-----w- C:\Program Files (x86)\BurnAware Free

2012-07-28 00:16:39 31080 ----a-w- C:\windows\System32\drivers\avgtpx64.sys

2012-07-28 00:16:37 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-07-28 00:16:37 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-07-28 00:15:21 -------- d--h--w- C:\ProgramData\Common Files

2012-07-28 00:14:15 -------- d-----w- C:\Program Files (x86)\Microsoft ActiveSync

2012-07-28 00:10:32 -------- d-----w- C:\Users\Victor\AppData\Roaming\Malwarebytes

2012-07-28 00:10:24 -------- d-----w- C:\ProgramData\Malwarebytes

2012-07-28 00:10:23 24904 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-07-28 00:10:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-07-28 00:00:22 -------- d-----r- C:\Program Files (x86)\Skype

2012-07-27 23:53:16 -------- d-----w- C:\Users\Victor\AppData\Local\Mozilla

2012-07-27 21:37:28 -------- d-----w- C:\ProgramData\WildTangent

2012-07-27 21:37:28 -------- d-----w- C:\Program Files (x86)\TOSHIBA Games

2012-07-27 21:31:04 35008 ----a-w- C:\windows\System32\drivers\PGEffect.sys

2012-07-27 21:27:30 24576 ----a-w- C:\windows\SysWow64\TSCI.dll

2012-07-27 21:27:30 24576 ----a-w- C:\windows\SysWow64\THCI.dll

2012-07-27 21:26:06 -------- d-----w- C:\Program Files (x86)\Realtek WLAN Driver

2012-07-27 21:25:58 -------- d-----w- C:\Program Files (x86)\Cisco

2012-07-27 21:24:50 -------- d-----w- C:\windows\SysWow64\Atheros_L1e

2012-07-27 21:24:34 -------- d-----w- C:\Program Files\Synaptics

2012-07-27 21:24:18 8038944 ----a-w- C:\windows\System32\RTSUSTORicon.dll

2012-07-27 21:24:10 8038944 ----a-w- C:\windows\SysWow64\RtsUStoricon.dll

2012-07-27 21:24:10 422432 ----a-w- C:\windows\System32\RtsUStor.dll

2012-07-27 21:24:10 239136 ----a-w- C:\windows\System32\drivers\RtsUStor.sys

2012-07-27 21:24:10 -------- d-----w- C:\Program Files (x86)\Realtek

2012-07-27 21:22:04 -------- d-----w- C:\Program Files\CONEXANT

2012-07-27 21:19:54 540696 ----a-w- C:\windows\System32\drivers\iaStor.sys

2012-07-27 21:16:43 -------- d-----w- C:\Intel

2012-07-27 21:16:13 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent

2012-07-27 18:46:48 279656 ------w- C:\windows\System32\MpSigStub.exe

2012-07-27 18:44:30 -------- d--h--w- C:\windows\msdownld.tmp

2012-07-27 18:41:50 -------- d-----w- C:\windows\System32\drivers\NortonPCCheckupx64\0200050.03C

2012-07-27 18:41:50 -------- d-----w- C:\windows\System32\drivers\NortonPCCheckupx64

2012-07-27 18:41:49 -------- d-----w- C:\ProgramData\Norton

2012-07-27 18:41:49 -------- d-----w- C:\Program Files (x86)\Norton PC Checkup

2012-07-27 18:41:46 -------- d-----w- C:\ProgramData\NortonInstaller

2012-07-27 18:41:46 -------- d-----w- C:\Program Files (x86)\NortonInstaller

2012-07-27 18:41:39 -------- d-----w- C:\Program Files (x86)\Toshiba Online Backup

2012-07-27 18:41:19 -------- d-----w- C:\Program Files (x86)\TOSHIBA Corporation

2012-07-27 17:19:44 -------- d-----w- C:\bb09752b29c2c2eb4dcd8ecb

2012-07-27 17:11:53 -------- d-----w- C:\a80f1e2482abe34001

2012-07-27 17:09:42 -------- d-----w- C:\Users\Victor\AppData\Local\WindowsUpdate

2012-07-27 17:08:54 -------- d-----w- C:\Users\Victor\AppData\Local\Google

2012-07-27 17:01:55 -------- d-----w- C:\windows\SysWow64\Wat

2012-07-27 17:01:55 -------- d-----w- C:\windows\System32\Wat

2012-07-27 16:55:34 367104 ----a-w- C:\windows\System32\wcncsvc.dll

2012-07-27 16:55:34 276992 ----a-w- C:\windows\SysWow64\wcncsvc.dll

2012-07-27 16:32:22 99176 ----a-w- C:\windows\SysWow64\PresentationHostProxy.dll

2012-07-27 16:32:22 49472 ----a-w- C:\windows\SysWow64\netfxperf.dll

2012-07-27 16:32:22 48960 ----a-w- C:\windows\System32\netfxperf.dll

2012-07-27 16:32:22 444752 ----a-w- C:\windows\System32\mscoree.dll

2012-07-27 16:32:22 320352 ----a-w- C:\windows\System32\PresentationHost.exe

2012-07-27 16:32:22 297808 ----a-w- C:\windows\SysWow64\mscoree.dll

2012-07-27 16:32:22 295264 ----a-w- C:\windows\SysWow64\PresentationHost.exe

2012-07-27 16:32:22 1942856 ----a-w- C:\windows\System32\dfshim.dll

2012-07-27 16:32:22 1130824 ----a-w- C:\windows\SysWow64\dfshim.dll

2012-07-27 16:32:22 109912 ----a-w- C:\windows\System32\PresentationHostProxy.dll

2012-07-27 16:24:38 80896 ----a-w- C:\windows\System32\imagehlp.dll

2012-07-27 16:24:38 5120 ----a-w- C:\windows\SysWow64\wmi.dll

2012-07-27 16:24:38 5120 ----a-w- C:\windows\System32\wmi.dll

2012-07-27 16:24:38 22896 ----a-w- C:\windows\System32\drivers\fs_rec.sys

2012-07-27 16:24:38 220672 ----a-w- C:\windows\System32\wintrust.dll

2012-07-27 16:24:38 172544 ----a-w- C:\windows\SysWow64\wintrust.dll

2012-07-27 16:24:38 158720 ----a-w- C:\windows\SysWow64\imagehlp.dll

2012-07-27 16:21:57 509952 ----a-w- C:\windows\System32\ntshrui.dll

2012-07-27 16:20:02 264192 ----a-w- C:\windows\System32\upnp.dll

2012-07-27 16:20:01 442880 ----a-w- C:\windows\System32\winhttp.dll

2012-07-27 16:20:01 204288 ----a-w- C:\windows\SysWow64\upnp.dll

2012-07-27 16:18:59 3213824 ----a-w- C:\windows\System32\msi.dll

2012-07-27 16:02:23 -------- d-----w- C:\Users\Victor\AppData\Local\TOSHIBA_Corporation

2012-07-27 16:00:17 826368 ----a-w- C:\windows\SysWow64\rdpcore.dll

2012-07-27 16:00:17 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys

2012-07-27 16:00:17 1031680 ----a-w- C:\windows\System32\rdpcore.dll

2012-07-27 15:58:37 -------- d-----w- C:\Users\Victor\AppData\Local\Toshiba

2012-07-27 15:57:44 -------- d-----w- C:\Users\Victor\AppData\Local\VirtualStore

2012-07-27 15:57:20 13 --sh--r- C:\windows\System32\drivers\fbd.sys

2012-07-27 15:56:41 2622464 ----a-w- C:\windows\System32\wucltux.dll

2012-07-27 15:56:41 -------- d-----w- C:\Users\Victor\AppData\Roaming\WinBatch

2012-07-27 15:56:20 99840 ----a-w- C:\windows\System32\wudriver.dll

2012-07-27 15:56:00 36864 ----a-w- C:\windows\System32\wuapp.exe

2012-07-27 15:56:00 186752 ----a-w- C:\windows\System32\wuwebv.dll

.

==================== Find3M ====================

.

2012-06-29 03:56:34 2312704 ----a-w- C:\windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2012-06-06 05:50:50 2003968 ----a-w- C:\windows\System32\msxml6.dll

2012-06-06 05:50:50 1880064 ----a-w- C:\windows\System32\msxml3.dll

2012-06-06 05:09:46 1389568 ----a-w- C:\windows\SysWow64\msxml6.dll

2012-06-06 05:09:46 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll

2012-06-02 05:38:26 95088 ----a-w- C:\windows\System32\drivers\ksecdd.sys

2012-06-02 05:38:24 152432 ----a-w- C:\windows\System32\drivers\ksecpkg.sys

2012-06-02 05:37:45 459216 ----a-w- C:\windows\System32\drivers\cng.sys

2012-06-02 05:27:02 340992 ----a-w- C:\windows\System32\schannel.dll

2012-06-02 05:27:00 307200 ----a-w- C:\windows\System32\ncrypt.dll

2012-06-02 04:48:39 22016 ----a-w- C:\windows\SysWow64\secur32.dll

2012-06-02 04:48:35 225280 ----a-w- C:\windows\SysWow64\schannel.dll

2012-06-02 04:47:31 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll

2012-06-02 04:42:51 96768 ----a-w- C:\windows\SysWow64\sspicli.dll

.

============= FINISH: 9:31:35.98 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 7/27/2012 11:55:34 AM

System Uptime: 8/19/2012 12:10:20 PM (21 hours ago)

.

Motherboard: Intel Corp. | | Base Board Product Name

Processor: Intel® Pentium® CPU P6200 @ 2.13GHz | CPU | 2133/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 453 GiB total, 287.631 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP20: 8/12/2012 9:07:36 AM - Windows Update

RP21: 8/16/2012 10:21:58 PM - Windows Update

RP22: 8/17/2012 10:26:53 AM - Windows Update

RP23: 8/18/2012 11:07:28 AM - Removed Java 6 Update 17

RP24: 8/18/2012 11:10:38 AM - Removed Adobe Reader X (10.1.3).

.

==== Installed Programs ======================

.

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

Amazon Links

Anti-phishing Domain Advisor

Any Video Converter 3.4.0

ASPCA Reminder by We-Care.com v4.1.17.1

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

AVG Security Toolbar

Bejeweled 2 Deluxe

BurnAware Free 5.0.1

Cake Mania - Lights, Camera, Action!

Chuzzle Deluxe

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

D3DX10

DVD Shrink 3.2

ERUNT 1.1j

ESET Online Scanner v3

FATE - The Traitor Soul

Funmoods Web Search

Google Talk (remove only)

Google Update Helper

Governor of Poker 2 Premium Edition

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java Auto Updater

Java 7 Update 5

JavaFX 2.1.1

Jewel Quest - Heritage

Junk Mail filter update

Label@Once 1.0

Magic DVD Ripper V7.0.0

Malwarebytes Anti-Malware version 1.62.0.1300

Mesh Runtime

Microsoft Office Professional Edition 2003

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

Mystery P.I. - The London Caper

Opera 12.00

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime x86

Polar Bowler

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

RealUpgrade 1.1

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Skype™ 5.10

Slingo Supreme

Toshiba App Place

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA Quality Application

TOSHIBA ReelTime

TOSHIBA Service Station

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

ToshibaRegistration

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

VLC media player 2.0.0

WildTangent Games

WildTangent ORB Game Console

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.20 (32-bit)

ZMatrix 1.4.8

.

==== Event Viewer Messages From Past Week ========

.

8/19/2012 11:45:23 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR9.

8/18/2012 11:50:53 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.

8/18/2012 11:46:22 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

8/18/2012 11:43:51 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

.

==== End Of File ===========================

Link to post
Share on other sites

How long has this system been without an installed antivirus ? I do not see one here.

If cost is an issue, there are good free antivirus programs for non-commercial home use are Avira Free Antivirus and Microsoft Security Essentials

Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

I would suggest you get either MSE or Avira.

The sequence to use when switching antivirus is this:

1) Download AND SAVE the setup program of the new antivirus. (Have it handy).

2) Disconnect pc from internet

3) De-install the old antivirus (in your case with XP, use the Add-or-Remove program & then locate it & un-install (remove)

4) Make sure to Logoff and Restart Windows fresh.

5) Run setup of new antivirus

6) Logoff and Restart fresh

7) Reconnect to internet

7) start the new A-V, and do an Update run (to make sure it is all current)

Let me know about the antivirus in you next reply.

NEXT:

You already have the FSS tool:

If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Admisnitrator.

If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste contents of FSS.txt into your reply.

Link to post
Share on other sites

I was told by several computer experts NOT to have both an antivirus program as well as an antispyware program -such as Malwarebytes on my system- at the same time. I used to use McAfee and Malwarebytes, but I was told to uninstall one (and McAfee being the more expensive and less reliable program was the recommended uninstall). At any rate, that was only a few months ago (less than 4 months) that I uninstalled McAfee.

Link to post
Share on other sites

Various people I talked to. A couple months ago I was having problems with blue screens, so I took it in to a local computer shop and they were the first to suggest I avoid having McAfee and Malwarebytes simultaneously on my system. A few weeks later, I had someone reinstall the operating system (Windows 7) from scratch because the problem persisted. He suggested I only reinstall Malwarebytes. After that, I never had any problems until the domainadvisor issue.

Anyway, I downloaded MSE as you suggested, and have already run a scan.

This is from the FSS log:

Farbar Service Scanner Version: 06-08-2012

Ran by Victor (administrator) on 20-08-2012 at 11:55:31

Running from "C:\Users\Victor\Desktop"

Microsoft Windows 7 Home Premium (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is OK.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys

[2012-07-27 12:18] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys

[2012-07-27 12:18] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll

[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll

[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll

[2012-07-27 12:18] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Link to post
Share on other sites

Now, that you have installed MSE, never again be without an antivirus. The so-called expert is not such a one. He did you a disservice.

Every pc must have an antivirus program (and again, MBAM has no such component).

At some point soon, review section I of the MBAM F.A.Q. http://forums.malwarebytes.org/index.php?act=findpost&pid=181018

Set trust settings in MBAM and also in MSE as per the directions in that section.

There are 5 windows services we need to check up on.

Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

Please close any of your open windows/programs and exit; saving any open work you have.

Go slow and careful. This is a Custom scan. Have infinite patience while it runs.

Temporarily turn OFF your antivirus program so that it does not interfere. Leave the firewall on

For a how-to-reference, see this How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

I'd like to have you do a special run of OTL to generate some searches & a new log-report.

  • Please double-click OTL.exe otlDesktopIcon.png to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  • Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    *****************************************************************
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %ALLUSERSPROFILE%\Application Data\*.dll /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    c:|Fun4IM;true;true;true; /FP
    c:|Bandoo;true;true;true; /FP
    c:|Searchn;true;true;true; /FP
    c:|Searchq;true;true;true; /FP
    c:|datamngr;true;true;true; /FP
    c:|iLivid;true;true;true; /FP
    c:|whitesmoke;true;true;true; /FP
    c:|services;true;true;true; /FP
    c:|mydomain;true;true;true; /FP
    c:|afd;true;true;true; /FP
    c:|tcpip;true;true;true; /FP
    c:|mpssvc;true;true;true; /FP
    c:|sdrsvc;true;true;true; /FP
    c:|cryptsvc;true;true;true; /FP
    %USERPROFILE%\..|smtmp;true;true;true /FP
    %systemroot%\*. /mp /s
    CLEARALLRESTOREPOINTS
    *****************************************************************
  • Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
  • :excl: Close any browser(s) windows that may be open.
  • Using your mouse, click on Run Scan.
  • The scan won't take long. Have inifinite patience. OTL may appear to stall but it will finish.
    When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    These are saved in the same location as OTL.
  • Please Copy and Paste the OTL log(s) . Do not enclose in Code or Quote.

When all done, Re-Enable your antivirus program.

Edited by Maurice Naggar
Link to post
Share on other sites

Hi Maurice,

During the week I'm not on my computer as much. Things have been working well though :)

Here are the OTL Logs, starting with OTL.Txt:

OTL logfile created on: 8/22/2012 8:14:55 PM - Run 1

OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Victor\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 71.10% Memory free

7.60 Gb Paging File | 5.95 Gb Available in Paging File | 78.25% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 452.58 Gb Total Space | 283.07 Gb Free Space | 62.55% Space Free | Partition Type: NTFS

Computer Name: VICTOR-PC | User Name: Victor | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/22 20:11:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Victor\Desktop\OTL.exe

PRC - [2012/08/21 18:44:02 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2012/07/27 20:16:38 | 000,830,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe

PRC - [2012/07/27 20:16:37 | 001,147,488 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2010/09/03 19:58:23 | 000,115,056 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe

PRC - [2010/09/01 00:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

PRC - [2010/03/18 15:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2010/03/18 15:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2010/02/24 04:54:48 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

PRC - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe

PRC - [2003/02/03 20:14:46 | 000,106,496 | ---- | M] (Happy Dude) -- C:\Program Files (x86)\ZMatrix\matrix.exe

========== Modules (No Company Name) ==========

MOD - [2012/07/27 20:16:39 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.5\SiteSafety.dll

MOD - [2012/07/27 20:16:37 | 001,147,488 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2010/09/28 15:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)

SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010/02/23 20:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)

SRV:64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)

SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)

SRV - [2012/07/27 20:16:38 | 000,830,048 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe -- (vToolbarUpdater12.1.5)

SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012/07/13 20:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2010/09/03 19:58:23 | 000,115,056 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)

SRV - [2010/07/28 17:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)

SRV - [2010/03/18 15:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2010/03/18 15:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)

SRV - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe -- (PCCUJobMgr)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/27 20:16:39 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)

DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/04/20 09:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)

DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/07/29 08:10:42 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010/06/21 20:45:56 | 000,287,232 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [2010/06/19 00:36:04 | 000,017,920 | ---- | M] (Siliten) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\InputFilter_FlexDef2b.sys -- (InputFilter_Hid_FlexDef2b)

DRV:64bit: - [2010/04/28 03:32:20 | 000,932,384 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192Ce.sys -- (rtl8192Ce)

DRV:64bit: - [2010/03/31 02:50:16 | 000,724,536 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)

DRV:64bit: - [2010/03/24 16:55:56 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/03/10 21:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010/02/27 10:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010/02/09 00:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2009/09/17 16:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)

DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)

DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)

DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)

DRV:64bit: - [2009/06/15 16:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)

DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {66CCB4B7-7863-4577-B33D-239DF31FC2A1}

IE:64bit: - HKLM\..\SearchScopes\{66CCB4B7-7863-4577-B33D-239DF31FC2A1}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {965659D8-9442-4E19-BEA6-9B8C812FBB5B}

IE - HKLM\..\SearchScopes\{965659D8-9442-4E19-BEA6-9B8C812FBB5B}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/g/

IE - HKCU\..\SearchScopes,DefaultScope = {197DDC21-4E16-4928-8399-0EC22DF768F0}

IE - HKCU\..\SearchScopes\{197DDC21-4E16-4928-8399-0EC22DF768F0}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_enUS494

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={BA404D61-593E-49A5-BCAD-5BD968E0AAEE}&mid=863ffc3fce5847d0ab0cb1a22f153dfb-1f6330eb42dd8974cb1bd46fd9b683e109e7d073〈=en&ds=gf011&pr=sa&d=2012-07-27 20:16:39&v=12.1.0.21&sap=dsp&q={searchTerms}

IE - HKCU\..\SearchScopes\{965659D8-9442-4E19-BEA6-9B8C812FBB5B}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.asiafinest.com"

FF - prefs.js..keyword.URL: "https://isearch.avg.com/search?cid=%7Bcb0ca02d-7115-4e6a-8ed3-4eb5babde760%7D&mid=863ffc3fce5847d0ab0cb1a22f153dfb-1f6330eb42dd8974cb1bd46fd9b683e109e7d073&ds=gf011&v=12.1.0.21〈=en&pr=sa&d=2012-07-27%2020%3A16%3A39&sap=ku&q="

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.1.5\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.1.0.21\ [2012/07/27 20:16:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/21 18:44:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/28 02:17:28 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/07/27 19:53:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\Extensions

[2012/08/17 10:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\Firefox\Profiles\034wfyfp.default\extensions

[2012/08/17 10:36:18 | 000,000,000 | ---D | M] ("Default Theme Engine - Personas Interactive") -- C:\Users\Victor\AppData\Roaming\mozilla\Firefox\Profiles\034wfyfp.default\extensions\btpersonas@brandthunder.com

[2012/07/28 02:22:25 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Victor\AppData\Roaming\mozilla\Firefox\Profiles\034wfyfp.default\extensions\m3ffxtbr@mywebsearch.com

[2012/08/21 08:41:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\Firefox\Profiles\s1jamnsh.default-1345552746220\extensions

[2012/08/16 22:13:05 | 000,001,088 | ---- | M] () -- C:\Users\Victor\AppData\Roaming\Mozilla\Firefox\Profiles\034wfyfp.default\searchplugins\dictionarycom.xml

[2012/07/27 19:52:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2012/07/27 20:16:46 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\12.1.0.21

[2012/08/21 18:44:25 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2012/07/30 14:52:39 | 000,046,747 | ---- | M] () (No name found) -- C:\USERS\VICTOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\034WFYFP.DEFAULT\EXTENSIONS\{65E41D20-F092-41B7-BB83-C6E8A9AB0F57}.XPI

[2012/07/28 18:02:38 | 000,013,069 | ---- | M] () (No name found) -- C:\USERS\VICTOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\034WFYFP.DEFAULT\EXTENSIONS\DICTIONARY@COELHONAREDE.COM.XPI

[2012/07/13 20:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012/07/27 20:16:36 | 000,003,752 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

[2012/07/13 20:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012/07/13 20:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://start.toshiba.com/g/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}

CHR - homepage: http://start.toshiba.com/g/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll

CHR - plugin: Java Platform SE 6 U17 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

CHR - Extension: YouTube = C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Search = C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Gmail = C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/18 11:47:25 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll ()

O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)

O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll ()

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

O4:64bit: - HKLM..\Run: [] File not found

O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()

O4:64bit: - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)

O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe (Toshiba)

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre7\bin\jusched.exe" File not found

O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)

O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)

O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()

O4 - HKCU..\Run: [googletalk] C:\Users\Victor\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)

O4 - Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZMatrix.lnk = C:\Program Files (x86)\ZMatrix\matrix.exe (Happy Dude)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O1364bit: - gopher Prefix: missing

O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0)

O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14EABF20-F0D0-4C39-AEE4-8011AC8DBA70}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19B60485-C4A3-4538-94A8-EA2FA468DC7C}: DhcpNameServer = 209.18.47.61 209.18.47.62

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll ()

Link to post
Share on other sites

O18:64bit: - Protocol\Filter\text/xml - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

SafeBootMin:64bit: 51789203.sys - Driver

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PEVSystemStart - Service

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: procexp90.Sys - Driver

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: 51789203.sys - Driver

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PEVSystemStart - Service

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: procexp90.Sys - Driver

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: 51789203.sys - Driver

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PEVSystemStart - Service

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: procexp90.Sys - Driver

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WRkrn - Driver

SafeBootNet:64bit: WRSVC - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: 51789203.sys - Driver

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PEVSystemStart - Service

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: procexp90.Sys - Driver

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WRkrn - Driver

SafeBootNet: WRSVC - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{4260FD8B-EB85-4A91-93B1-7EFD1CB5204D} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

CLEARALLRESTOREPOINTS

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/22 20:10:58 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Victor\Desktop\OTL.exe

[2012/08/21 18:44:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared

[2012/08/20 11:12:18 | 009,826,504 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Victor\Desktop\install_flash_player.exe

[2012/08/20 11:05:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client

[2012/08/20 11:05:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2012/08/20 11:05:38 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys

[2012/08/20 10:00:11 | 012,621,696 | ---- | C] (Microsoft Corporation) -- C:\Users\Victor\Desktop\mseinstall.exe

[2012/08/20 08:07:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012/08/18 12:41:10 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe

[2012/08/18 12:41:10 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

[2012/08/18 12:38:34 | 000,999,840 | ---- | C] (Solid State Networks) -- C:\Users\Victor\Desktop\install_flashplayer11x32_mssd_aih.exe.part

[2012/08/18 12:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2012/08/18 12:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe

[2012/08/18 11:51:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2012/08/18 11:46:05 | 000,000,000 | ---D | C] -- C:\windows\temp

[2012/08/18 11:35:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe

[2012/08/18 11:35:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe

[2012/08/18 11:35:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe

[2012/08/18 11:35:38 | 000,000,000 | ---D | C] -- C:\ComboFix

[2012/08/18 11:35:35 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012/08/18 11:14:10 | 004,733,838 | R--- | C] (Swearware) -- C:\Users\Victor\Desktop\ComboFix.exe

[2012/08/17 10:30:46 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll

[2012/08/17 10:30:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll

[2012/08/17 10:30:45 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll

[2012/08/17 10:30:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll

[2012/08/17 10:30:44 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll

[2012/08/17 10:30:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll

[2012/08/17 10:30:44 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe

[2012/08/17 10:30:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe

[2012/08/17 10:30:43 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll

[2012/08/17 10:30:43 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl

[2012/08/17 10:30:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl

[2012/08/17 10:30:41 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll

[2012/08/17 10:30:41 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll

[2012/08/16 22:27:08 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll

[2012/08/16 22:21:51 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll

[2012/08/16 22:21:51 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll

[2012/08/16 22:21:51 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe

[2012/08/16 22:18:55 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Victor\Desktop\dds.scr

[2012/08/16 22:16:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll

[2012/08/16 22:16:22 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll

[2012/08/16 22:16:22 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll

[2012/08/16 22:16:09 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll

[2012/08/16 22:14:29 | 000,693,235 | ---- | C] (Farbar) -- C:\Users\Victor\Desktop\FSS.exe

[2012/08/12 11:06:54 | 000,016,200 | ---- | C] (McAfee, Inc.) -- C:\windows\stinger.sys

[2012/08/12 11:06:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger

[2012/08/12 11:03:29 | 009,781,352 | ---- | C] (McAfee Inc.) -- C:\Users\Victor\Desktop\stinger.exe

[2012/08/12 09:32:45 | 000,000,000 | ---D | C] -- C:\Users\Victor\Desktop\RK_Quarantine

[2012/08/12 09:31:12 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2012/08/12 09:21:20 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Victor\Desktop\tdsskiller.exe

[2012/08/12 09:20:31 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Victor\Desktop\aswMBR.exe

[2012/08/12 09:15:52 | 000,000,000 | ---D | C] -- C:\windows\ERDNT

[2012/08/12 09:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

[2012/08/12 09:15:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT

[2012/08/12 09:09:21 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Victor\Desktop\erunt-setup.exe

[2012/08/06 14:45:29 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\vlc

[2012/08/06 13:16:49 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\PORTFOLIO

[2012/08/06 13:13:52 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\ENG 260 class

[2012/08/04 16:44:39 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Tific

[2012/08/04 16:44:39 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Tific

[2012/08/04 00:49:55 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Diagnostics

[2012/07/30 11:23:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ

[2012/07/30 11:22:58 | 000,279,040 | ---- | C] (CANON INC.) -- C:\windows\SysNative\CNMLM9H.DLL

[2012/07/30 01:26:05 | 000,198,864 | ---- | C] (RealNetworks, Inc.) -- C:\windows\SysWow64\rmoc3260.dll

[2012/07/30 01:26:01 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5016.dll

[2012/07/30 01:26:01 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5032.dll

[2012/07/30 01:26:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks

[2012/07/30 01:26:00 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\windows\SysWow64\pncrt.dll

[2012/07/28 19:53:47 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\Any Video Converter

[2012/07/28 19:53:46 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\AnvSoft

[2012/07/28 19:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft

[2012/07/28 19:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft

[2012/07/28 17:44:58 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Collaborate

[2012/07/28 17:44:48 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Blackboard

[2012/07/28 17:38:33 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Microsoft Games

[2012/07/28 17:37:39 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk

[2012/07/28 17:37:37 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Google

[2012/07/28 17:04:57 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Macromedia

[2012/07/28 17:01:11 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed

[2012/07/28 16:55:18 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Adobe

[2012/07/28 02:41:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2012/07/28 02:41:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN

[2012/07/28 02:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\WeCareReminder

[2012/07/28 02:40:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Funmoods

[2012/07/28 00:51:42 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\.ZMatrix

[2012/07/28 00:51:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZMatrix

[2012/07/28 00:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZMatrix

[2012/07/28 00:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars

[2012/07/28 00:49:48 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\blekkotb_031

[2012/07/28 00:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Anti-phishing Domain Advisor

[2012/07/27 21:21:24 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\YANG; THE GIRL WHO SLEPT A THOUSAND YEARS

[2012/07/27 21:21:21 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\UNARMD

[2012/07/27 21:21:21 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\THE SUICIDE MEETINGS

[2012/07/27 21:21:21 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\OUR NEW LIVES

[2012/07/27 21:21:07 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\TEACHING MATERIAL

[2012/07/27 21:21:07 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\SILENT WITNESS

[2012/07/27 21:21:07 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\SIGHT UNSEEN stuff

[2012/07/27 21:21:06 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\RAMPANT TUESDAY AND RT RELATED

[2012/07/27 21:21:06 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\MY SF CHARACTERS

[2012/07/27 21:21:05 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\MODUS OPERANDI stuff

[2012/07/27 21:21:05 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\ENG 465 class

[2012/07/27 21:20:44 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\COMIC SCRIPTS

[2012/07/27 21:17:20 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\COMIC BOOKS

[2012/07/27 21:17:20 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\ARTIST AD

[2012/07/27 21:17:20 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\ANGEL FALLS

[2012/07/27 21:15:03 | 000,000,000 | ---D | C] -- C:\Users\Victor\OPEN ENGLISH

[2012/07/27 21:15:03 | 000,000,000 | ---D | C] -- C:\Users\Victor\NEW stuff

[2012/07/27 20:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2012/07/27 20:27:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2012/07/27 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink

[2012/07/27 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink

[2012/07/27 20:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Shrink

[2012/07/27 20:26:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle

[2012/07/27 20:25:25 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll

[2012/07/27 20:25:25 | 000,687,544 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll

[2012/07/27 20:25:25 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe

[2012/07/27 20:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

[2012/07/27 20:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\MagicSoftware

[2012/07/27 20:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic DVD Ripper

[2012/07/27 20:19:46 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\MagicSoftware

[2012/07/27 20:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDVDRipper

[2012/07/27 20:16:52 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\AVG Secure Search

[2012/07/27 20:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free

[2012/07/27 20:16:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BurnAware Free

[2012/07/27 20:16:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search

[2012/07/27 20:16:39 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys

[2012/07/27 20:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search

[2012/07/27 20:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search

[2012/07/27 20:15:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files

[2012/07/27 20:14:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

[2012/07/27 20:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ActiveSync

[2012/07/27 20:14:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER

[2012/07/27 20:13:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET

[2012/07/27 20:13:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office

[2012/07/27 20:11:48 | 000,000,000 | R--D | C] -- C:\MSOCache

[2012/07/27 20:10:32 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Malwarebytes

[2012/07/27 20:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/07/27 20:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012/07/27 20:10:23 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2012/07/27 20:10:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012/07/27 20:07:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real

[2012/07/27 20:07:13 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Real

[2012/07/27 20:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Real

[2012/07/27 20:05:03 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\WinRAR

[2012/07/27 20:05:03 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2012/07/27 20:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2012/07/27 20:05:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR

[2012/07/27 20:00:26 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Skype

[2012/07/27 20:00:22 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype

[2012/07/27 20:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2012/07/27 20:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2012/07/27 19:53:16 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Mozilla

[2012/07/27 19:53:16 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Mozilla

[2012/07/27 19:52:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012/07/27 19:52:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2012/07/27 19:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012/07/27 19:52:13 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Opera

[2012/07/27 19:52:13 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Opera

[2012/07/27 19:52:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera

[2012/07/27 18:23:27 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Macromedia

[2012/07/27 18:23:26 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Adobe

[2012/07/27 18:10:43 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2012/07/27 17:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent

[2012/07/27 17:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TOSHIBA Games

[2012/07/27 17:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once

[2012/07/27 17:35:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ulead Systems

[2012/07/27 17:35:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel

[2012/07/27 17:35:39 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll

[2012/07/27 17:35:39 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll

[2012/07/27 17:35:39 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll

[2012/07/27 17:35:39 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll

[2012/07/27 17:35:39 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll

[2012/07/27 17:35:39 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll

[2012/07/27 17:35:39 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll

[2012/07/27 17:35:39 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll

[2012/07/27 17:35:38 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll

[2012/07/27 17:35:38 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll

[2012/07/27 17:35:38 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll

[2012/07/27 17:35:38 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll

[2012/07/27 17:35:38 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll

[2012/07/27 17:35:38 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll

[2012/07/27 17:35:38 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll

[2012/07/27 17:35:38 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll

[2012/07/27 17:35:38 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll

[2012/07/27 17:35:38 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll

[2012/07/27 17:35:38 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll

[2012/07/27 17:35:38 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll

[2012/07/27 17:35:38 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll

[2012/07/27 17:35:38 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll

[2012/07/27 17:35:38 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll

[2012/07/27 17:35:38 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll

[2012/07/27 17:35:37 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll

[2012/07/27 17:35:37 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll

[2012/07/27 17:35:37 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll

[2012/07/27 17:35:37 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll

[2012/07/27 17:35:37 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll

[2012/07/27 17:35:37 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll

[2012/07/27 17:35:37 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll

[2012/07/27 17:35:37 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll

[2012/07/27 17:35:37 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll

[2012/07/27 17:35:37 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll

Link to post
Share on other sites

[2012/07/27 17:35:37 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll

[2012/07/27 17:35:37 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll

[2012/07/27 17:35:36 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll

[2012/07/27 17:35:36 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll

[2012/07/27 17:35:36 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll

[2012/07/27 17:35:36 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll

[2012/07/27 17:35:36 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll

[2012/07/27 17:35:36 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll

[2012/07/27 17:35:35 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll

[2012/07/27 17:35:35 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll

[2012/07/27 17:35:35 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll

[2012/07/27 17:35:35 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll

[2012/07/27 17:35:35 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll

[2012/07/27 17:35:35 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll

[2012/07/27 17:35:35 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll

[2012/07/27 17:35:35 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll

[2012/07/27 17:35:35 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll

[2012/07/27 17:35:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll

[2012/07/27 17:35:35 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll

[2012/07/27 17:35:35 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll

[2012/07/27 17:35:35 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll

[2012/07/27 17:35:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll

[2012/07/27 17:35:35 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll

[2012/07/27 17:35:35 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll

[2012/07/27 17:35:33 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll

[2012/07/27 17:35:33 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll

[2012/07/27 17:35:33 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll

[2012/07/27 17:35:33 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll

[2012/07/27 17:35:33 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll

[2012/07/27 17:35:33 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll

[2012/07/27 17:35:33 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll

[2012/07/27 17:35:33 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll

[2012/07/27 17:35:32 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll

[2012/07/27 17:35:32 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll

[2012/07/27 17:35:32 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll

[2012/07/27 17:35:32 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll

[2012/07/27 17:35:32 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll

[2012/07/27 17:35:32 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll

[2012/07/27 17:35:32 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll

[2012/07/27 17:35:32 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll

[2012/07/27 17:35:31 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll

[2012/07/27 17:35:31 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll

[2012/07/27 17:31:04 | 000,035,008 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\drivers\PGEffect.sys

[2012/07/27 17:27:30 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\TSCI.dll

[2012/07/27 17:27:30 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\THCI.dll

[2012/07/27 17:26:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek WLAN Driver

[2012/07/27 17:25:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco

[2012/07/27 17:24:50 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Atheros_L1e

[2012/07/27 17:24:34 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics

[2012/07/27 17:24:18 | 008,038,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RTSUSTORicon.dll

[2012/07/27 17:24:10 | 008,038,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysWow64\RtsUStoricon.dll

[2012/07/27 17:24:10 | 000,422,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtsUStor.dll

[2012/07/27 17:24:10 | 000,239,136 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\drivers\RtsUStor.sys

[2012/07/27 17:24:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek

[2012/07/27 17:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT

[2012/07/27 17:19:54 | 000,540,696 | ---- | C] (Intel Corporation) -- C:\windows\SysNative\drivers\iaStor.sys

[2012/07/27 17:17:00 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution

[2012/07/27 17:16:43 | 000,000,000 | ---D | C] -- C:\Intel

[2012/07/27 17:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent

[2012/07/27 14:58:22 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys

[2012/07/27 14:58:22 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys

[2012/07/27 14:58:17 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll

[2012/07/27 14:58:17 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll

[2012/07/27 14:58:17 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys

[2012/07/27 14:58:17 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys

[2012/07/27 14:58:17 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsutil.exe

[2012/07/27 14:58:17 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fsutil.exe

[2012/07/27 14:58:17 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys

[2012/07/27 14:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero

[2012/07/27 14:41:50 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NortonPCCheckupx64

[2012/07/27 14:41:50 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NortonPCCheckupx64\0200050.03C

[2012/07/27 14:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Laptop Checkup

[2012/07/27 14:41:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup

[2012/07/27 14:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2012/07/27 14:41:46 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2012/07/27 14:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

[2012/07/27 14:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Online Backup

[2012/07/27 14:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toshiba Online Backup

[2012/07/27 14:41:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2012/07/27 14:41:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TOSHIBA Corporation

[2012/07/27 14:41:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com

[2012/07/27 13:19:44 | 000,000,000 | ---D | C] -- C:\bb09752b29c2c2eb4dcd8ecb

[2012/07/27 13:11:53 | 000,000,000 | ---D | C] -- C:\a80f1e2482abe34001

[2012/07/27 13:09:42 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\WindowsUpdate

[2012/07/27 13:08:54 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Google

[2012/07/27 13:01:55 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat

[2012/07/27 13:01:55 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat

[2012/07/27 12:32:22 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll

[2012/07/27 12:32:22 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll

[2012/07/27 12:32:22 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe

[2012/07/27 12:32:22 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe

[2012/07/27 12:32:22 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll

[2012/07/27 12:32:22 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll

[2012/07/27 12:32:22 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll

[2012/07/27 12:32:22 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll

[2012/07/27 12:31:07 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll

[2012/07/27 12:31:07 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll

[2012/07/27 12:31:07 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll

[2012/07/27 12:31:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll

[2012/07/27 12:31:07 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll

[2012/07/27 12:31:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe

[2012/07/27 12:31:07 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe

[2012/07/27 12:31:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll

[2012/07/27 12:31:07 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe

[2012/07/27 12:31:06 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat

[2012/07/27 12:31:06 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll

[2012/07/27 12:31:06 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec

[2012/07/27 12:31:06 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll

[2012/07/27 12:31:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll

[2012/07/27 12:31:06 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe

[2012/07/27 12:31:06 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe

[2012/07/27 12:31:06 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll

[2012/07/27 12:31:06 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll

[2012/07/27 12:31:06 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll

[2012/07/27 12:31:06 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll

[2012/07/27 12:31:06 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe

[2012/07/27 12:31:06 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll

[2012/07/27 12:31:06 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx

[2012/07/27 12:31:06 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll

[2012/07/27 12:31:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll

[2012/07/27 12:31:06 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll

[2012/07/27 12:31:05 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll

[2012/07/27 12:31:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll

[2012/07/27 12:31:05 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe

[2012/07/27 12:31:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat

[2012/07/27 12:31:04 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll

[2012/07/27 12:31:04 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll

[2012/07/27 12:31:04 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec

[2012/07/27 12:31:04 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll

[2012/07/27 12:31:04 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll

[2012/07/27 12:31:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll

[2012/07/27 12:31:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll

[2012/07/27 12:31:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll

[2012/07/27 12:31:04 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll

[2012/07/27 12:31:04 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll

[2012/07/27 12:31:04 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll

[2012/07/27 12:31:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll

[2012/07/27 12:31:04 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll

[2012/07/27 12:31:04 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe

[2012/07/27 12:31:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe

[2012/07/27 12:31:04 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll

[2012/07/27 12:31:04 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll

[2012/07/27 12:31:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx

[2012/07/27 12:31:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll

[2012/07/27 12:31:04 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll

[2012/07/27 12:31:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll

[2012/07/27 12:31:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll

[2012/07/27 12:31:04 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll

[2012/07/27 12:31:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe

[2012/07/27 12:31:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe

[2012/07/27 12:31:03 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll

[2012/07/27 12:31:03 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll

[2012/07/27 12:31:03 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe

[2012/07/27 12:31:03 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe

[2012/07/27 12:24:38 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll

[2012/07/27 12:24:38 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll

[2012/07/27 12:24:38 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys

[2012/07/27 12:22:23 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll

[2012/07/27 12:22:19 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll

[2012/07/27 12:22:19 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll

[2012/07/27 12:22:19 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll

[2012/07/27 12:22:19 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll

[2012/07/27 12:22:19 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe

[2012/07/27 12:22:19 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll

[2012/07/27 12:22:19 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe

[2012/07/27 12:22:18 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe

[2012/07/27 12:22:02 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll

[2012/07/27 12:22:01 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll

[2012/07/27 12:22:01 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll

[2012/07/27 12:22:01 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll

[2012/07/27 12:22:01 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll

[2012/07/27 12:22:00 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll

[2012/07/27 12:22:00 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll

[2012/07/27 12:22:00 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll

[2012/07/27 12:22:00 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll

[2012/07/27 12:22:00 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe

[2012/07/27 12:22:00 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe

[2012/07/27 12:22:00 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll

[2012/07/27 12:22:00 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll

[2012/07/27 12:21:57 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll

[2012/07/27 12:21:57 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll

[2012/07/27 12:21:56 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll

[2012/07/27 12:21:56 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll

[2012/07/27 12:21:56 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll

[2012/07/27 12:21:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll

[2012/07/27 12:21:52 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe

[2012/07/27 12:21:52 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe

[2012/07/27 12:21:51 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sbe.dll

[2012/07/27 12:21:51 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CPFilters.dll

[2012/07/27 12:21:51 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sbe.dll

[2012/07/27 12:21:51 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CPFilters.dll

[2012/07/27 12:21:51 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mpg2splt.ax

[2012/07/27 12:21:51 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mpg2splt.ax

[2012/07/27 12:21:49 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll

[2012/07/27 12:21:49 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll

[2012/07/27 12:21:49 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll

[2012/07/27 12:21:49 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll

[2012/07/27 12:21:48 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll

[2012/07/27 12:21:48 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll

[2012/07/27 12:21:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll

[2012/07/27 12:21:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll

[2012/07/27 12:21:48 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll

[2012/07/27 12:21:48 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccu32.dll

[2012/07/27 12:21:48 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccr32.dll

[2012/07/27 12:21:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccu32.dll

[2012/07/27 12:21:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccr32.dll

[2012/07/27 12:21:47 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll

[2012/07/27 12:21:47 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll

[2012/07/27 12:21:46 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe

[2012/07/27 12:21:46 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe

[2012/07/27 12:21:45 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll

[2012/07/27 12:21:44 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xmllite.dll

[2012/07/27 12:21:41 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll

[2012/07/27 12:21:41 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll

[2012/07/27 12:20:02 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\upnp.dll

[2012/07/27 12:20:01 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll

[2012/07/27 12:19:59 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll

[2012/07/27 12:19:59 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wscapi.dll

[2012/07/27 12:19:58 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll

[2012/07/27 12:19:58 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\slwga.dll

[2012/07/27 12:19:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\slwga.dll

[2012/07/27 12:19:55 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe

[2012/07/27 12:19:54 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe

[2012/07/27 12:19:54 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe

[2012/07/27 12:19:47 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll

[2012/07/27 12:19:47 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll

[2012/07/27 12:19:47 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys

[2012/07/27 12:19:47 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll

[2012/07/27 12:19:47 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll

[2012/07/27 12:19:47 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll

[2012/07/27 12:19:35 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll

[2012/07/27 12:19:35 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll

[2012/07/27 12:19:35 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll

[2012/07/27 12:19:35 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll

[2012/07/27 12:19:35 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll

[2012/07/27 12:19:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll

[2012/07/27 12:19:35 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll

[2012/07/27 12:19:33 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll

[2012/07/27 12:19:29 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll

[2012/07/27 12:19:25 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl

[2012/07/27 12:19:25 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl

[2012/07/27 12:19:24 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42.dll

[2012/07/27 12:19:24 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42u.dll

[2012/07/27 12:19:24 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42.dll

[2012/07/27 12:19:23 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42u.dll

[2012/07/27 12:19:23 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll

[2012/07/27 12:19:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscacheugc.exe

[2012/07/27 12:19:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscacheugc.exe

[2012/07/27 12:19:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll

[2012/07/27 12:19:21 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll

[2012/07/27 12:19:21 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll

[2012/07/27 12:19:21 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll

[2012/07/27 12:19:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll

[2012/07/27 12:19:20 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll

[2012/07/27 12:19:20 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll

[2012/07/27 12:19:19 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll

[2012/07/27 12:19:19 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmpmde.dll

[2012/07/27 12:19:19 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys

[2012/07/27 12:19:15 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi

[2012/07/27 12:19:15 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe

[2012/07/27 12:19:15 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe

[2012/07/27 12:19:15 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll

[2012/07/27 12:19:15 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll

[2012/07/27 12:19:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe

[2012/07/27 12:19:14 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi

[2012/07/27 12:19:14 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdusb.dll

[2012/07/27 12:19:14 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kd1394.dll

[2012/07/27 12:19:14 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdcom.dll

[2012/07/27 12:19:13 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll

[2012/07/27 12:19:13 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll

[2012/07/27 12:19:12 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll

[2012/07/27 12:19:12 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe

[2012/07/27 12:19:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll

[2012/07/27 12:19:12 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll

[2012/07/27 12:19:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe

[2012/07/27 12:19:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll

[2012/07/27 12:19:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll

[2012/07/27 12:19:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll

[2012/07/27 12:19:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe

[2012/07/27 12:19:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2012/07/27 12:19:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2012/07/27 12:19:12 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2012/07/27 12:19:12 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2012/07/27 12:19:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll

[2012/07/27 12:19:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2012/07/27 12:19:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2012/07/27 12:19:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2012/07/27 12:19:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe

[2012/07/27 12:19:08 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll

[2012/07/27 12:19:08 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll

[2012/07/27 12:19:05 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll

[2012/07/27 12:19:01 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL

[2012/07/27 12:19:01 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll

[2012/07/27 12:19:00 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL

[2012/07/27 12:18:59 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll

[2012/07/27 12:18:58 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisdecd.dll

[2012/07/27 12:18:58 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisdecd.dll

[2012/07/27 12:18:58 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax

[2012/07/27 12:18:58 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax

[2012/07/27 12:18:58 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax

[2012/07/27 12:18:58 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Mpeg2Data.ax

[2012/07/27 12:18:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax

[2012/07/27 12:18:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSDvbNP.ax

[2012/07/27 12:18:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mpeg2Data.ax

[2012/07/27 12:18:58 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSDvbNP.ax

[2012/07/27 12:18:50 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll

[2012/07/27 12:18:50 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll

[2012/07/27 12:18:43 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll

[2012/07/27 12:18:43 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll

[2012/07/27 12:18:43 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe

[2012/07/27 12:18:43 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe

[2012/07/27 12:18:42 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe

[2012/07/27 12:18:42 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll

[2012/07/27 12:18:35 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll

[2012/07/27 12:18:35 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll

[2012/07/27 12:18:31 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll

[2012/07/27 12:18:30 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll

[2012/07/27 12:18:30 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleacc.dll

[2012/07/27 12:18:30 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSCOVER.exe

[2012/07/27 12:18:30 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe

[2012/07/27 12:18:30 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe

[2012/07/27 12:18:29 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe

[2012/07/27 12:18:15 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll

[2012/07/27 12:18:14 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll

[2012/07/27 12:18:14 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll

[2012/07/27 12:18:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sscore.dll

Link to post
Share on other sites

[2012/07/27 12:18:09 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll

[2012/07/27 12:18:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll

[2012/07/27 12:02:24 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Toshiba

[2012/07/27 12:02:23 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\TOSHIBA_Corporation

[2012/07/27 12:00:17 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll

[2012/07/27 12:00:17 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll

[2012/07/27 11:58:37 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Toshiba

[2012/07/27 11:57:58 | 000,000,000 | R--D | C] -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012/07/27 11:57:58 | 000,000,000 | R--D | C] -- C:\Users\Victor\Searches

[2012/07/27 11:57:58 | 000,000,000 | R--D | C] -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012/07/27 11:57:58 | 000,000,000 | -H-D | C] -- C:\Users\Victor\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2012/07/27 11:57:48 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Identities

[2012/07/27 11:57:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\Contacts

[2012/07/27 11:57:44 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\VirtualStore

[2012/07/27 11:56:41 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll

[2012/07/27 11:56:41 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe

[2012/07/27 11:56:41 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll

[2012/07/27 11:56:41 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\WinBatch

[2012/07/27 11:56:20 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll

[2012/07/27 11:56:20 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll

[2012/07/27 11:56:20 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll

[2012/07/27 11:56:00 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll

[2012/07/27 11:56:00 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\AppData\Local\Temporary Internet Files

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\Templates

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\Start Menu

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\SendTo

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\Recent

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\PrintHood

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\NetHood

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\Documents\My Videos

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\Documents\My Pictures

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\Documents\My Music

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\My Documents

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\Local Settings

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\AppData\Local\History

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\Cookies

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\Application Data

[2012/07/27 11:55:47 | 000,000,000 | -HSD | C] -- C:\Users\Victor\AppData\Local\Application Data

[2012/07/27 11:55:46 | 000,000,000 | --SD | C] -- C:\Users\Victor\AppData\Roaming\Microsoft

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\Videos

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\Saved Games

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\Pictures

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\Music

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\Links

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\Favorites

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\Downloads

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\Documents

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\Desktop

[2012/07/27 11:55:46 | 000,000,000 | R--D | C] -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012/07/27 11:55:46 | 000,000,000 | -H-D | C] -- C:\Users\Victor\AppData

[2012/07/27 11:55:46 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Temp

[2012/07/27 11:55:46 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Local\Microsoft

[2012/07/27 11:55:46 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Media Center Programs

[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/22 20:11:24 | 000,735,882 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2012/08/22 20:11:24 | 000,630,420 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2012/08/22 20:11:24 | 000,109,466 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2012/08/22 20:11:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Victor\Desktop\OTL.exe

[2012/08/22 20:08:40 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/08/22 20:08:17 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2012/08/22 14:40:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/08/21 18:44:17 | 000,198,864 | ---- | M] (RealNetworks, Inc.) -- C:\windows\SysWow64\rmoc3260.dll

[2012/08/21 18:44:07 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5016.dll

[2012/08/21 18:44:07 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\windows\SysWow64\pndx5032.dll

[2012/08/21 18:44:06 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\windows\SysWow64\pncrt.dll

[2012/08/20 14:40:23 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe

[2012/08/20 14:40:23 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

[2012/08/20 11:16:38 | 009,826,504 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Victor\Desktop\install_flash_player.exe

[2012/08/20 11:15:20 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/08/20 11:15:20 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/08/20 11:07:24 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys

[2012/08/20 11:06:15 | 000,002,154 | ---- | M] () -- C:\windows\epplauncher.mif

[2012/08/20 11:06:01 | 000,749,728 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2012/08/20 10:01:24 | 012,621,696 | ---- | M] (Microsoft Corporation) -- C:\Users\Victor\Desktop\mseinstall.exe

[2012/08/18 12:38:39 | 000,999,840 | ---- | M] (Solid State Networks) -- C:\Users\Victor\Desktop\install_flashplayer11x32_mssd_aih.exe.part

[2012/08/18 11:47:25 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts

[2012/08/18 11:16:19 | 004,733,838 | R--- | M] (Swearware) -- C:\Users\Victor\Desktop\ComboFix.exe

[2012/08/18 09:39:13 | 000,000,971 | ---- | M] () -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZMatrix.lnk

[2012/08/17 11:12:08 | 000,364,448 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

[2012/08/16 22:19:04 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Victor\Desktop\dds.scr

[2012/08/16 22:14:39 | 000,693,235 | ---- | M] (Farbar) -- C:\Users\Victor\Desktop\FSS.exe

[2012/08/16 22:14:24 | 000,881,521 | ---- | M] () -- C:\Users\Victor\Desktop\SecurityCheck.exe

[2012/08/12 21:15:13 | 000,139,264 | ---- | M] () -- C:\Users\Victor\Desktop\SystemLook.exe

[2012/08/12 11:13:20 | 000,000,040 | RH-- | M] () -- C:\Users\Victor\Desktop\stinger.opt

[2012/08/12 11:06:54 | 000,016,200 | ---- | M] (McAfee, Inc.) -- C:\windows\stinger.sys

[2012/08/12 11:04:24 | 009,781,352 | ---- | M] (McAfee Inc.) -- C:\Users\Victor\Desktop\stinger.exe

[2012/08/12 09:24:06 | 000,000,512 | ---- | M] () -- C:\Users\Victor\Desktop\MBR.dat

[2012/08/12 09:21:38 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Victor\Desktop\tdsskiller.exe

[2012/08/12 09:21:34 | 001,558,528 | ---- | M] () -- C:\Users\Victor\Desktop\RogueKiller.exe

[2012/08/12 09:21:07 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Victor\Desktop\aswMBR.exe

[2012/08/12 09:15:25 | 000,000,935 | ---- | M] () -- C:\Users\Victor\Desktop\NTREGOPT.lnk

[2012/08/12 09:15:25 | 000,000,916 | ---- | M] () -- C:\Users\Victor\Desktop\ERUNT.lnk

[2012/08/12 09:10:11 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Victor\Desktop\erunt-setup.exe

[2012/08/06 18:51:10 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2012/07/31 00:51:20 | 000,000,376 | ---- | M] () -- C:\windows\ODBC.INI

[2012/07/29 08:29:45 | 000,000,198 | ---- | M] () -- C:\Users\Victor\AppData\Roaming\burnaware.ini

[2012/07/28 00:51:38 | 000,000,074 | ---- | M] () -- C:\windows\ZMatrixSS.ini

[2012/07/27 20:25:05 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe

[2012/07/27 20:25:05 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe

[2012/07/27 20:25:05 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe

[2012/07/27 20:16:39 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys

[2012/07/27 17:24:36 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf

[2012/07/27 17:18:39 | 000,015,794 | ---- | M] () -- C:\windows\SysNative\results.xml

[2012/07/27 14:54:50 | 000,039,252 | ---- | M] () -- C:\windows\SysWow64\license.rtf

[2012/07/27 14:54:50 | 000,039,252 | ---- | M] () -- C:\windows\SysNative\license.rtf

[2012/07/27 13:05:22 | 000,001,448 | ---- | M] () -- C:\Users\Victor\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/07/27 12:31:07 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll

[2012/07/27 12:31:07 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll

[2012/07/27 12:31:07 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll

[2012/07/27 12:31:07 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll

[2012/07/27 12:31:07 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll

[2012/07/27 12:31:07 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe

[2012/07/27 12:31:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe

[2012/07/27 12:31:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll

[2012/07/27 12:31:07 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe

[2012/07/27 12:31:06 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat

[2012/07/27 12:31:06 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll

[2012/07/27 12:31:06 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec

[2012/07/27 12:31:06 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll

[2012/07/27 12:31:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll

[2012/07/27 12:31:06 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe

[2012/07/27 12:31:06 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe

[2012/07/27 12:31:06 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll

[2012/07/27 12:31:06 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll

[2012/07/27 12:31:06 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll

[2012/07/27 12:31:06 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll

[2012/07/27 12:31:06 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe

[2012/07/27 12:31:06 | 000,072,822 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf

[2012/07/27 12:31:06 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll

[2012/07/27 12:31:06 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx

[2012/07/27 12:31:06 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll

[2012/07/27 12:31:06 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll

[2012/07/27 12:31:06 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll

[2012/07/27 12:31:05 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll

[2012/07/27 12:31:05 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll

[2012/07/27 12:31:05 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe

[2012/07/27 12:31:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat

[2012/07/27 12:31:04 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll

[2012/07/27 12:31:04 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll

[2012/07/27 12:31:04 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec

[2012/07/27 12:31:04 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll

[2012/07/27 12:31:04 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll

[2012/07/27 12:31:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll

[2012/07/27 12:31:04 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll

[2012/07/27 12:31:04 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll

[2012/07/27 12:31:04 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll

[2012/07/27 12:31:04 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll

[2012/07/27 12:31:04 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll

[2012/07/27 12:31:04 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll

[2012/07/27 12:31:04 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll

[2012/07/27 12:31:04 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe

[2012/07/27 12:31:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe

[2012/07/27 12:31:04 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll

[2012/07/27 12:31:04 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll

[2012/07/27 12:31:04 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx

[2012/07/27 12:31:04 | 000,072,822 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf

[2012/07/27 12:31:04 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll

[2012/07/27 12:31:04 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll

[2012/07/27 12:31:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll

[2012/07/27 12:31:04 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll

[2012/07/27 12:31:04 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll

[2012/07/27 12:31:04 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe

[2012/07/27 12:31:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe

[2012/07/27 12:31:03 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll

[2012/07/27 12:31:03 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll

[2012/07/27 12:31:03 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe

[2012/07/27 12:31:03 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe

[2012/07/27 11:57:20 | 000,000,013 | RHS- | M] () -- C:\windows\SysNative\drivers\fbd.sys

[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/20 11:06:15 | 000,002,154 | ---- | C] () -- C:\windows\epplauncher.mif

[2012/08/20 11:06:07 | 000,001,926 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

[2012/08/20 11:06:01 | 000,749,728 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2012/08/18 12:15:59 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2012/08/18 11:35:40 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe

[2012/08/18 11:35:40 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe

[2012/08/18 11:35:40 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe

[2012/08/18 11:35:40 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe

[2012/08/18 11:35:40 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe

[2012/08/18 09:39:13 | 000,000,971 | ---- | C] () -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZMatrix.lnk

[2012/08/16 22:14:17 | 000,881,521 | ---- | C] () -- C:\Users\Victor\Desktop\SecurityCheck.exe

[2012/08/12 21:15:13 | 000,139,264 | ---- | C] () -- C:\Users\Victor\Desktop\SystemLook.exe

[2012/08/12 11:13:20 | 000,000,040 | RH-- | C] () -- C:\Users\Victor\Desktop\stinger.opt

[2012/08/12 09:24:06 | 000,000,512 | ---- | C] () -- C:\Users\Victor\Desktop\MBR.dat

[2012/08/12 09:21:30 | 001,558,528 | ---- | C] () -- C:\Users\Victor\Desktop\RogueKiller.exe

[2012/08/12 09:15:25 | 000,000,935 | ---- | C] () -- C:\Users\Victor\Desktop\NTREGOPT.lnk

[2012/08/12 09:15:25 | 000,000,916 | ---- | C] () -- C:\Users\Victor\Desktop\ERUNT.lnk

[2012/08/06 18:51:10 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2012/08/01 09:31:22 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

[2012/07/29 07:55:47 | 000,000,198 | ---- | C] () -- C:\Users\Victor\AppData\Roaming\burnaware.ini

[2012/07/28 00:51:38 | 000,000,074 | ---- | C] () -- C:\windows\ZMatrixSS.ini

[2012/07/27 21:21:28 | 001,870,831 | ---- | C] () -- C:\Users\Victor\Documents\picture-574.jpg

[2012/07/27 21:21:28 | 000,843,740 | ---- | C] () -- C:\Users\Victor\Documents\my_name_is_earl_joy_wedding.pdf

[2012/07/27 21:21:28 | 000,078,971 | ---- | C] () -- C:\Users\Victor\Documents\profile (4).JPG

[2012/07/27 21:21:28 | 000,042,730 | ---- | C] () -- C:\Users\Victor\Documents\profile (3).jpg

[2012/07/27 21:21:28 | 000,019,247 | ---- | C] () -- C:\Users\Victor\Documents\profile (2).jpg

[2012/07/27 21:21:27 | 002,122,528 | ---- | C] () -- C:\Users\Victor\Documents\Lamb - Christopher Moore.pdf

[2012/07/27 21:21:27 | 001,142,848 | ---- | C] () -- C:\Users\Victor\Documents\Lamb - Christopher Moore.rtf

[2012/07/27 21:21:27 | 000,555,958 | ---- | C] () -- C:\Users\Victor\Documents\greatdebate.pdf

[2012/07/27 21:21:26 | 003,811,472 | ---- | C] () -- C:\Users\Victor\Documents\A Beautiful Mind.pdf

[2012/07/27 21:21:26 | 003,616,058 | ---- | C] () -- C:\Users\Victor\Documents\Dreadfully Ever After - Steve Hockensmith.pdf

[2012/07/27 21:21:26 | 003,030,473 | ---- | C] () -- C:\Users\Victor\Documents\Dawn of the Dreadfuls - Steve Hockensmith.pdf

[2012/07/27 21:17:20 | 001,141,615 | ---- | C] () -- C:\Users\Victor\Documents\Zombieland.pdf

[2012/07/27 21:17:20 | 001,035,761 | ---- | C] () -- C:\Users\Victor\Documents\semipro.pdf

[2012/07/27 21:17:20 | 000,283,531 | ---- | C] () -- C:\Users\Victor\Documents\The_Hangover.pdf

[2012/07/27 21:17:20 | 000,000,209 | ---- | C] () -- C:\Users\Victor\Documents\ui_redirect.pl

[2012/07/27 20:15:14 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI

[2012/07/27 19:52:56 | 000,001,153 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012/07/27 17:24:36 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf

[2012/07/27 17:18:39 | 000,015,794 | ---- | C] () -- C:\windows\SysNative\results.xml

[2012/07/27 17:11:11 | 3062,255,616 | -HS- | C] () -- C:\hiberfil.sys

[2012/07/27 14:41:50 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NortonPCCheckupx64\0200050.03C\isolate.ini

[2012/07/27 14:41:19 | 000,001,726 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com - Shopping.lnk

[2012/07/27 13:05:22 | 000,001,420 | ---- | C] () -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2012/07/27 13:05:18 | 000,001,448 | ---- | C] () -- C:\Users\Victor\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/07/27 12:31:06 | 000,072,822 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf

[2012/07/27 12:31:04 | 000,072,822 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf

[2012/07/27 11:58:00 | 000,001,454 | ---- | C] () -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012/07/27 11:57:20 | 000,000,013 | RHS- | C] () -- C:\windows\SysNative\drivers\fbd.sys

[2012/07/27 11:55:47 | 000,000,290 | ---- | C] () -- C:\Users\Victor\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2012/07/27 11:55:47 | 000,000,272 | ---- | C] () -- C:\Users\Victor\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*.dll /s >

< %APPDATA%\*. >

[2012/07/28 00:51:42 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\.ZMatrix

[2012/07/28 17:24:17 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Adobe

[2012/07/28 19:53:46 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\AnvSoft

[2012/07/28 21:47:08 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Blackboard

[2012/07/28 17:44:58 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Collaborate

[2012/07/28 17:37:39 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Google

[2012/07/27 11:57:48 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Identities

[2012/07/27 18:23:27 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Macromedia

[2012/07/27 20:10:32 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Malwarebytes

[2009/07/14 03:44:38 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Media Center Programs

[2012/08/12 09:02:01 | 000,000,000 | --SD | M] -- C:\Users\Victor\AppData\Roaming\Microsoft

[2012/07/27 19:53:20 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Mozilla

[2012/08/01 09:31:29 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Opera

[2012/07/27 20:07:51 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Real

[2012/08/18 10:50:00 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Skype

[2012/08/04 16:44:39 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Tific

[2012/07/27 12:02:24 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\Toshiba

[2012/08/17 14:02:52 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\vlc

[2012/07/27 11:56:41 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\WinBatch

[2012/07/27 20:09:30 | 000,000,000 | ---D | M] -- C:\Users\Victor\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >

[2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Victor\AppData\Roaming\Google\Google Talk\googletalk.exe

[2012/07/28 17:37:39 | 000,079,367 | ---- | M] () -- C:\Users\Victor\AppData\Roaming\Google\Google Talk\uninstall.exe

[2012/08/21 18:36:12 | 000,653,464 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Victor\AppData\Roaming\Real\RealPlayer\setup\AU_setup32.exe

< %SYSTEMDRIVE%\*.exe >

< c:|Fun4IM;true;true;true; /FP >

< c:|Bandoo;true;true;true; /FP >

< c:|Searchn;true;true;true; /FP >

< c:|Searchq;true;true;true; /FP >

< c:|datamngr;true;true;true; /FP >

< c:|iLivid;true;true;true; /FP >

< c:|whitesmoke;true;true;true; /FP >

< c:|services;true;true;true; /FP >

[2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- c:\Program Files\Common Files\Services

[2012/08/18 12:15:57 | 000,000,000 | ---D | M] -- c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services

[2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- c:\Program Files (x86)\Common Files\Services

[2012/07/27 20:14:00 | 000,000,000 | ---D | M] -- c:\Program Files (x86)\Microsoft Office\OFFICE11\1033\DataServices

[2012/07/28 02:41:34 | 000,000,000 | ---D | M] -- c:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery

[2012/08/12 09:02:40 | 000,000,000 | ---D | M] -- c:\Users\Victor\AppData\Local\TOSHIBA_Corporation\ToshibaServiceStation.exe_Url_lidkhntuzcqftx1osnwucx1afj3bgluo

[2012/08/21 22:06:01 | 000,000,000 | ---D | M] -- c:\Users\Victor\AppData\Local\TOSHIBA_Corporation\ToshibaServiceStation.exe_Url_lidkhntuzcqftx1osnwucx1afj3bgluo\2.1.3565.26576

[2012/07/27 13:09:04 | 000,000,000 | ---D | M] -- c:\Users\Victor\AppData\LocalLow\Microsoft\Internet Explorer\Services

[2012/08/20 09:59:10 | 000,000,000 | ---D | M] -- c:\Users\Victor\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7NFSHAC2\media.mtvnservices.com

[2012/08/01 09:38:24 | 000,000,000 | ---D | M] -- c:\Users\Victor\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\7NFSHAC2\media.mtvnservices.com\player

[2012/08/01 09:38:24 | 000,000,000 | ---D | M] -- c:\Users\Victor\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#media.mtvnservices.com

[2012/08/12 09:02:43 | 000,000,000 | ---D | M] -- c:\Users\Work\AppData\Local\TOSHIBA_Corporation\ToshibaServiceStation.exe_Url_lidkhntuzcqftx1osnwucx1afj3bgluo

[2012/08/22 07:35:05 | 000,000,000 | ---D | M] -- c:\Users\Work\AppData\Local\TOSHIBA_Corporation\ToshibaServiceStation.exe_Url_lidkhntuzcqftx1osnwucx1afj3bgluo\2.1.3565.26576

[2009/07/13 23:20:09 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_32\System.EnterpriseServices

[2009/07/13 23:20:09 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a

[2009/07/13 23:20:09 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_64\System.EnterpriseServices

[2009/07/13 23:20:09 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a

[2009/07/14 01:32:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.Data.Services

[2009/07/14 01:32:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089

[2009/07/14 01:32:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.Data.Services.Client

[2009/07/14 01:32:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089

[2009/07/14 01:32:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.Data.Services.Design

[2009/07/14 01:32:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089

[2009/07/13 23:20:09 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.DirectoryServices

[2009/07/13 23:20:09 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a

[2009/07/14 01:32:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement

[2009/07/14 01:32:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089

[2009/07/13 23:20:09 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols

[2009/07/13 23:20:09 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a

[2009/07/13 23:20:09 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.Web.Services

[2009/07/13 23:20:09 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a

[2009/07/14 01:32:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.WorkflowServices

[2009/07/14 01:32:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35

[2012/07/29 10:58:08 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services

[2012/07/29 10:58:08 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\30664d5f93b99eb6e51900ec8137909d

[2012/07/29 10:55:07 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services

[2012/07/29 10:55:07 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\675c8bd801698993255d100c3b350d4b

[2012/07/29 11:42:20 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services

[2012/07/29 11:42:20 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\027818d739a4d16c6c6a6d3a3f97d5ed

[2012/07/29 11:35:35 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services

[2012/07/29 11:35:35 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\35b994e63fbc2836f32326e9f5862a1b

[2012/07/29 11:01:13 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services

[2012/07/29 11:01:13 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\b37cc0aa41e7feaba9f290da4da91d71

[2012/07/29 11:49:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services

[2012/07/29 11:49:41 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web.Services\bc6df78c506c89659ab7be738179b2ba

[2012/07/29 01:01:02 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices

[2012/07/29 01:01:02 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a

[2012/07/29 01:01:12 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices

[2012/07/29 01:01:12 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a

[2012/07/29 01:01:14 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client

[2012/07/29 01:01:14 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089

[2012/07/29 01:01:13 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices

[2012/07/29 01:01:13 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a

[2012/07/29 01:01:13 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement

[2012/07/29 01:01:13 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089

[2012/07/29 01:01:13 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols

[2012/07/29 01:01:13 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a

[2012/07/29 01:01:15 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices

[2012/07/29 01:01:15 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35

[2012/07/29 01:01:17 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services

[2012/07/29 01:01:17 | 000,000,000 | ---D | M] -- c:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a

[2012/07/27 15:03:00 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-d..services-sam-netapi_31bf3856ad364e35_6.1.7601.17514_none_e4e845f8dcca9f23

[2012/07/27 15:03:00 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7601.17514_none_10145eccb79418a5

[2012/07/27 15:03:00 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-ehome-services-ehrecvr_31bf3856ad364e35_6.1.7601.17514_none_1b8f8373383de46a

[2012/07/27 15:03:06 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-t..alservices-lsmproxy_31bf3856ad364e35_6.1.7601.17514_none_69b23aa9e1fce5a2

[2012/07/27 15:03:06 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-t..andinkinputservices_31bf3856ad364e35_6.1.7601.17514_none_7ad330432fb24d63

[2012/07/27 15:03:06 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-t..lservices-workspace_31bf3856ad364e35_6.1.7601.17514_none_2f1505d970be5493

[2012/07/27 15:03:06 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7601.17514_none_ac02530437b71a3f

[2012/07/27 15:03:06 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-t..nalservices-drivers_31bf3856ad364e35_6.1.7601.17514_none_af761db50d19d44f

[2012/07/27 15:03:06 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-t..nalservices-runtime_31bf3856ad364e35_6.1.7601.17514_none_3b05f4d3e2a0703c

[2012/07/27 15:03:06 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-t..services-remotepage_31bf3856ad364e35_6.1.7601.17514_none_631c9722c4191077

[2012/07/27 15:03:07 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-terminalservices-rdpdr_31bf3856ad364e35_6.1.7601.17514_none_5f60151d5fa6ce24

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7601.17514_none_90ba4080c9f2e648

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-webservices_31bf3856ad364e35_6.1.7601.17514_none_6ca25da84551ca13

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_netfx35cdf-system.workflowservices_31bf3856ad364e35_6.1.7601.17514_none_c60c71ccff3a107f

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_netfx35linq-system.data.services.client_31bf3856ad364e35_6.1.7601.17514_none_2c400be857e72e9c

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_netfx35linq-system.data.services.design_31bf3856ad364e35_6.1.7601.17514_none_57f64808c4ad1ed1

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_netfx35linq-system.data.services_31bf3856ad364e35_6.1.7601.17514_none_4d80338bda6aae67

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_netfx-system.directoryservices_b03f5f7f11d50a3a_6.1.7601.17514_none_16b6c895a094210d

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_netfx-system.web.services_b03f5f7f11d50a3a_6.1.7601.17514_none_f88c2ed4e4f8c858

[2012/07/27 15:03:10 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_system.enterpriseservices_b03f5f7f11d50a3a_6.1.7601.17514_none_6255c435563eb9c7

[2012/07/27 15:03:21 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.data.services.client_b77a5c561934e089_6.1.7601.17514_none_f18a3b06e9085403

[2012/07/27 15:03:21 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.data.services.design_b77a5c561934e089_6.1.7601.17514_none_1d40772755ce4438

[2012/07/27 15:03:21 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.data.services_b77a5c561934e089_6.1.7601.17514_none_ffdee3edd2f6841c

[2012/07/27 15:03:21 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.directoryservices_b03f5f7f11d50a3a_6.1.7601.17514_none_2afaa0f3ee15f952

[2012/07/27 15:03:21 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.web.services_b03f5f7f11d50a3a_6.1.7601.17514_none_c721f9706ebc717d

[2012/07/27 15:03:21 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\msil_system.workflowservices_31bf3856ad364e35_6.1.7601.17514_none_e5f6ab8026e23e63

[2012/07/27 15:03:24 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-t..lservices-workspace_31bf3856ad364e35_6.1.7601.17514_none_3969b02ba51f168e

[2012/07/27 15:03:24 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7601.17514_none_b656fd566c17dc3a

[2012/07/27 15:03:25 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-d..services-sam-netapi_31bf3856ad364e35_6.1.7601.17514_none_88c9aa75246d2ded

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-t..alservices-lsmproxy_31bf3856ad364e35_6.1.7601.17514_none_0d939f26299f746c

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-t..nalservices-runtime_31bf3856ad364e35_6.1.7601.17514_none_dee759502a42ff06

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-t..nalservices-utildll_31bf3856ad364e35_6.1.7601.17514_none_138553d0ef80e052

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-t..services-publicapis_31bf3856ad364e35_6.1.7601.17514_none_c938554924975526

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-t..services-remotepage_31bf3856ad364e35_6.1.7601.17514_none_06fdfb9f0bbb9f41

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-webservices_31bf3856ad364e35_6.1.7601.17514_none_1083c2248cf458dd

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_netfx35cdf-system.workflowservices_31bf3856ad364e35_6.1.7601.17514_none_69edd64946dc9f49

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_netfx35linq-system.data.services.client_31bf3856ad364e35_6.1.7601.17514_none_d02170649f89bd66

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_netfx35linq-system.data.services.design_31bf3856ad364e35_6.1.7601.17514_none_fbd7ac850c4fad9b

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_netfx35linq-system.data.services_31bf3856ad364e35_6.1.7601.17514_none_f1619808220d3d31

[2012/07/27 15:03:28 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_system.enterpriseservices_b03f5f7f11d50a3a_6.1.7601.17514_none_aa02fb0c6abae2cd

[2009/07/14 01:32:40 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\migwiz\dlmanifests\Microsoft-ActiveDirectory-WebServices-DL

[2009/07/14 01:32:40 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\migwiz\dlmanifests\Microsoft-Windows-DirectoryServices-ADAM-DL

[2009/07/14 01:32:40 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\migwiz\dlmanifests\Microsoft-Windows-TextServicesFramework-Migration-DL

[2009/07/14 01:32:40 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\migwiz\replacementmanifests\microsoft-activedirectory-webservices

[2009/07/14 01:32:40 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\migwiz\replacementmanifests\Microsoft-Windows-TerminalServices-AppServer-Licensing

[2009/07/14 01:32:40 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\migwiz\replacementmanifests\Microsoft-Windows-TerminalServices-LicenseServer

[2009/07/13 23:20:30 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-commonlogservicesapi_31bf3856ad364e35_6.1.7600.16385_none_caaa1808998835c4

[2009/07/13 23:20:31 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-d..oryservices-ntdsapi_31bf3856ad364e35_6.1.7600.16385_none_2ad2380d0ae7577e

[2009/07/13 23:20:31 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-d..services-sam-netapi_31bf3856ad364e35_6.1.7600.16385_none_e2b73230dfdc1b89

[2009/07/13 23:20:31 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-d..t-services-unattend_31bf3856ad364e35_6.1.7600.16385_none_25104b6dbe690465

[2009/07/13 23:20:32 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7600.16385_none_0de34b04baa5950b

[2012/07/27 14:04:17 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7601.17514_none_10145eccb79418a5

[2009/07/14 01:30:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ehome-services-ehrecvr_31bf3856ad364e35_6.1.7600.16385_none_195e6fab3b4f60d0

[2010/10/14 23:32:57 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ehome-services-ehrecvr_31bf3856ad364e35_6.1.7600.16590_none_194ea2193b5bf85c

[2012/07/27 12:42:52 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ehome-services-ehrecvr_31bf3856ad364e35_6.1.7600.16648_none_198cb5eb3b2c3486

[2010/10/14 23:32:57 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ehome-services-ehrecvr_31bf3856ad364e35_6.1.7600.20710_none_1a2ec02a5438b5c5

[2012/07/27 12:42:52 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ehome-services-ehrecvr_31bf3856ad364e35_6.1.7600.20771_none_19eee0ec546876c2

[2012/07/27 14:04:54 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ehome-services-ehrecvr_31bf3856ad364e35_6.1.7601.17514_none_1b8f8373383de46a

[2009/07/14 01:30:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ehome-services-ehsched_31bf3856ad364e35_6.1.7600.16385_none_0167f08155bf1c81

[2009/07/14 01:30:19 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-live-services_31bf3856ad364e35_6.1.7600.16385_none_31a075c6a5802364

[2009/07/13 23:20:38 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a

[2009/07/13 23:20:38 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c

[2009/07/13 23:20:38 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..alservices-lsmproxy_31bf3856ad364e35_6.1.7600.16385_none_678126e1e50e6208

[2009/07/13 23:20:38 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..alservices-webproxy_31bf3856ad364e35_6.1.7600.16385_none_8d6c9c807200865a

[2009/07/14 01:30:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..andinkinputservices_31bf3856ad364e35_6.1.7600.16385_none_78a21c7b32c3c9c9

[2009/07/13 23:20:38 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..inalservices-drprov_31bf3856ad364e35_6.1.7600.16385_none_29cdb92232f3fab5

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..lservices-workspace_31bf3856ad364e35_6.1.7600.16385_none_2ce3f21173cfd0f9

[2012/07/27 14:02:49 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..lservices-workspace_31bf3856ad364e35_6.1.7601.17514_none_2f1505d970be5493

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7600.16385_none_a9d13f3c3ac896a5

[2012/07/27 12:24:50 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7600.16722_none_aa0f257e3a9a9796

[2012/07/27 12:24:50 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7600.20861_none_aa6c824f53d98dcd

[2012/07/27 14:02:46 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7601.17514_none_ac02530437b71a3f

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..nalservices-drivers_31bf3856ad364e35_6.1.7600.16385_none_ad4509ed102b50b5

[2012/07/27 14:03:12 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..nalservices-drivers_31bf3856ad364e35_6.1.7601.17514_none_af761db50d19d44f

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..nalservices-runtime_31bf3856ad364e35_6.1.7600.16385_none_38d4e10be5b1eca2

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..nalservices-sysprep_31bf3856ad364e35_6.1.7600.16385_none_8d8e87f861f2a220

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..nalservices-utildll_31bf3856ad364e35_6.1.7600.16385_none_6d72db8caaefcdee

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..services-publicapis_31bf3856ad364e35_6.1.7600.16385_none_2325dd04e00642c2

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..services-remotepage_31bf3856ad364e35_6.1.7600.16385_none_60eb835ac72a8cdd

[2009/07/14 01:37:20 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..tservices.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6d56e46461ee1b1a

[2009/07/14 01:30:28 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-terminalservices-rdpdr_31bf3856ad364e35_6.1.7600.16385_none_5d2f015562b84a8a

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-terminalservices-theme_31bf3856ad364e35_6.1.7600.16385_none_31db018394805d6b

[2009/07/14 01:37:17 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-w..eservices.resources_31bf3856ad364e35_6.1.7600.16385_en-us_354c8605d3d714f3

[2009/07/14 01:30:15 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7600.16385_none_8e892cb8cd0462ae

[2012/07/27 14:05:48 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7601.17514_none_90ba4080c9f2e648

[2009/07/14 01:37:02 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-webservices.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6aac11498ff0f4ac

[2009/07/13 23:20:40 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-webservices_31bf3856ad364e35_6.1.7600.16385_none_6a7149e048634679

[2009/07/14 01:30:23 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_netfx35cdf-system.workflowservices_31bf3856ad364e35_6.1.7600.16385_none_c3db5e05024b8ce5

[2009/07/14 01:30:25 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_netfx35linq-system.data.services.client_31bf3856ad364e35_6.1.7600.16385_none_2a0ef8205af8ab02

[2009/07/14 01:30:25 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_netfx35linq-system.data.services.design_31bf3856ad364e35_6.1.7600.16385_none_55c53440c7be9b37

[2009/07/14 01:30:25 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_netfx35linq-system.data.services_31bf3856ad364e35_6.1.7600.16385_none_4b4f1fc3dd7c2acd

[2009/07/13 23:20:41 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_netfx-sys_enterpriseservices_tlb_b03f5f7f11d50a3a_6.1.7600.16385_none_a8a4035909e14dff

[2009/07/13 23:20:41 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_netfx-system.directoryservices.protocols_b03f5f7f11d50a3a_6.1.7600.16385_none_f65534c04a41b956

[2009/07/13 23:20:42 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_netfx-system.directoryservices_b03f5f7f11d50a3a_6.1.7600.16385_none_16e1bb11a03cda57

[2009/07/13 23:20:42 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_netfx-system.web.services_b03f5f7f11d50a3a_6.1.7600.16385_none_f8b72150e4a181a2

[2009/07/13 23:20:42 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_system.enterpriseservices_b03f5f7f11d50a3a_6.1.7600.16385_none_6280b6b155e77311

[2009/07/14 01:30:25 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\msil_system.data.services.client_b77a5c561934e089_6.1.7600.16385_none_ef59273eec19d069

[2009/07/14 01:30:25 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\msil_system.data.services.design_b77a5c561934e089_6.1.7600.16385_none_1b0f635f58dfc09e

[2009/07/14 01:30:25 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\msil_system.data.services_b77a5c561934e089_6.1.7600.16385_none_fdadd025d6080082

[2009/07/13 23:21:04 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\msil_system.directoryservices.protocols_b03f5f7f11d50a3a_6.1.7600.16385_none_83a19ecc10aa89e7

[2009/07/13 23:21:04 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\msil_system.directoryservices_b03f5f7f11d50a3a_6.1.7600.16385_none_2b25936fedbeb29c

[2009/07/13 23:21:04 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\msil_system.web.services_b03f5f7f11d50a3a_6.1.7600.16385_none_c74cebec6e652ac7

[2009/07/14 01:30:23 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\msil_system.workflowservices_31bf3856ad364e35_6.1.7600.16385_none_e3c597b829f3bac9

[2009/07/13 23:21:04 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7600.16385_none_1837f556ef065706

[2009/07/14 01:30:28 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-t..andinkinputservices_31bf3856ad364e35_6.1.7600.16385_none_82f6c6cd67248bc4

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-t..lservices-workspace_31bf3856ad364e35_6.1.7600.16385_none_37389c63a83092f4

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7600.16385_none_b425e98e6f2958a0

[2012/07/27 12:24:50 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7600.16722_none_b463cfd06efb5991

[2012/07/27 12:24:50 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7600.20861_none_b4c12ca1883a4fc8

[2012/07/27 14:02:24 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7601.17514_none_b656fd566c17dc3a

[2009/07/14 01:37:20 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-t..tservices.resources_31bf3856ad364e35_6.1.7600.16385_en-us_77ab8eb6964edd15

[2009/07/14 01:30:32 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7600.16385_none_98ddd70b016524a9

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-commonlogservicesapi_31bf3856ad364e35_6.1.7600.16385_none_6e8b7c84e12ac48e

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-d..oryservices-ntdsapi_31bf3856ad364e35_6.1.7600.16385_none_ceb39c895289e648

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-d..services-sam-netapi_31bf3856ad364e35_6.1.7600.16385_none_869896ad277eaa53

[2009/07/14 01:30:35 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-live-services_31bf3856ad364e35_6.1.7600.16385_none_d581da42ed22b22e

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-t..alservices-lsmproxy_31bf3856ad364e35_6.1.7600.16385_none_0b628b5e2cb0f0d2

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-t..inalservices-drprov_31bf3856ad364e35_6.1.7600.16385_none_cdaf1d9e7a96897f

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-t..nalservices-runtime_31bf3856ad364e35_6.1.7600.16385_none_dcb645882d547b6c

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-t..nalservices-sysprep_31bf3856ad364e35_6.1.7600.16385_none_316fec74a99530ea

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-t..nalservices-utildll_31bf3856ad364e35_6.1.7600.16385_none_11544008f2925cb8

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-t..services-publicapis_31bf3856ad364e35_6.1.7600.16385_none_c707418127a8d18c

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-t..services-remotepage_31bf3856ad364e35_6.1.7600.16385_none_04cce7d70ecd1ba7

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-terminalservices-theme_31bf3856ad364e35_6.1.7600.16385_none_d5bc65ffdc22ec35

[2009/07/14 01:37:13 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-w..eservices.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d92dea821b79a3bd

[2009/07/14 01:37:05 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-webservices.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0e8d75c5d7938376

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-webservices_31bf3856ad364e35_6.1.7600.16385_none_0e52ae5c9005d543

[2009/07/14 01:30:36 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_netfx35cdf-system.workflowservices_31bf3856ad364e35_6.1.7600.16385_none_67bcc28149ee1baf

[2009/07/14 01:30:36 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_netfx35linq-system.data.services.client_31bf3856ad364e35_6.1.7600.16385_none_cdf05c9ca29b39cc

[2009/07/14 01:30:36 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_netfx35linq-system.data.services.design_31bf3856ad364e35_6.1.7600.16385_none_f9a698bd0f612a01

[2009/07/14 01:30:36 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_netfx35linq-system.data.services_31bf3856ad364e35_6.1.7600.16385_none_ef308440251eb997

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_netfx-sys_enterpriseservices_tlb_b03f5f7f11d50a3a_6.1.7600.16385_none_f0513a301e5d7705

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_system.enterpriseservices_b03f5f7f11d50a3a_6.1.7600.16385_none_aa2ded886a639c17

< c:|mydomain;true;true;true; /FP >

< c:|afd;true;true;true; /FP >

[2010/10/15 00:15:55 | 000,000,000 | ---D | M] -- c:\Program Files (x86)\InstallShield Installation Information\{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}

[2012/07/27 13:02:58 | 000,000,000 | ---D | M] -- c:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_ccSvcHst.exe_9572b02b2c943c7b7b6dc1e72dafd7fe483ec_cab_0aadc467

[2012/07/27 13:02:58 | 000,000,000 | ---D | M] -- c:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_ccSvcHst.exe_9572b02b2c943c7b7b6dc1e72dafd7fe483ec_cab_0aadc467

[2012/08/18 15:47:50 | 000,000,000 | -HSD | M] -- c:\Users\Victor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\4AFDF18N

[2012/07/29 10:57:10 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\0329bf8cfafd687cee2b2d682d182ce9

[2012/07/29 10:57:27 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4bc345ee664ca736a30a7fafd8c5a16c

[2012/07/29 11:37:44 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\611f809f625bafde88d989c624f5fd0f

[2012/07/29 11:36:56 | 000,000,000 | ---D | M] -- c:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\f37d2ca916cafdabe1c4f6f9c6b2c518

[2012/07/27 17:30:04 | 000,000,000 | ---D | M] -- c:\Windows\Downloaded Installations\{2FCF3AC6-AE7F-4D89-AFDE-DE1E2590677C}

[2010/10/15 00:15:47 | 000,000,000 | ---D | M] -- c:\Windows\Installer\{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}

[2012/07/27 15:02:59 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-c..ent-indexing-common_31bf3856ad364e35_6.1.7601.17514_none_64da1339edafdc37

[2012/07/27 15:03:00 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900

[2012/07/27 15:03:03 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_8c235f42afcafdda

[2012/07/27 15:03:03 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-isoburn_31bf3856ad364e35_6.1.7601.17514_none_4458ac8eafdacbdd

[2012/07/27 15:03:05 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-packagemanager_31bf3856ad364e35_6.1.7601.17514_none_4afdc98b09e3cfe8

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-w..ystemassessmenttool_31bf3856ad364e35_6.1.7601.17514_none_d9bafd47cdf9833b

[2012/07/27 15:03:26 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-netutils_31bf3856ad364e35_6.1.7601.17514_none_3220778aa85afd05

[2012/07/27 15:03:26 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.1.7601.17514_none_4259cafda42274a4

[2012/07/27 15:03:26 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-p..g-printticket-win32_31bf3856ad364e35_6.1.7601.17514_none_1562129afd710f2c

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.1.7601.17514_none_6eaa2afd36b1e303

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_netfx35linq-system.web.dynamicdata_31bf3856ad364e35_6.1.7601.17514_none_0ddf9afd5455510c

[2009/07/14 01:31:53 | 000,000,000 | ---D | M] --

[2009/07/14 01:32:06 | 000,000,000 | ---D | M] --

[2009/07/14 01:31:33 | 000,000,000 | ---D | M] --

[2009/07/14 01:37:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_1394.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_beafdf583b909e3f

[2009/07/14 01:29:50 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_mdmcrtix.inf_31bf3856ad364e35_6.1.7600.16385_none_8a345ba26a11afd0

[2009/07/14 01:37:17 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-alttab.resources_31bf3856ad364e35_6.1.7600.16385_en-us_3e7f003afda10faa

[2009/07/13 23:20:30 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-comctl32-v5.resources_31bf3856ad364e35_6.1.7600.16385_es-es_be8a1256afbafd72

[2009/07/13 23:20:31 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-cryptbase_31bf3856ad364e35_6.1.7600.16385_none_c15ac71fc7aafddc

[2009/07/14 01:37:01 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-cttunesvr.resources_31bf3856ad364e35_6.1.7600.16385_en-us_1faafdf66e11dfec

[2009/07/14 01:37:20 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ehome-ehmsas.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b85d0baafd3364de

[2009/07/14 01:37:02 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-eventviewer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_809afd26837a22dc

[2012/07/27 14:04:54 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900

[2009/07/14 01:37:21 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-g..s-weather.resources_31bf3856ad364e35_6.1.7600.16385_en-us_92dafd34e62c3942

[2010/10/14 23:30:04 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16600_none_06198dbf73fafd2d

[2009/07/14 01:37:17 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-help-netvsta.resources_31bf3856ad364e35_6.1.7600.16385_en-us_01783f8afd02ed89

[2009/07/13 23:20:33 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-homegroup-controlpanel_31bf3856ad364e35_6.1.7600.16385_none_1229b0afdb02e1a1

[2009/07/13 23:20:34 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-i..l-keyboard-00010408_31bf3856ad364e35_6.1.7600.16385_none_e9700c3d6e7afd1b

[2012/07/27 12:34:47 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21995_none_7afd638b48d224c2

[2012/07/27 14:02:24 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_8c235f42afcafdda

[2012/07/27 12:34:47 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17824_none_8c189508afd31140

[2009/07/14 01:37:24 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-ie-ielowutil.resources_31bf3856ad364e35_8.0.7600.16385_en-us_48bafdace8a39fec

[2009/07/14 01:30:04 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-native-80211_31bf3856ad364e35_6.1.7600.16385_none_aafd9ab7a8a38ce7

[2012/07/27 14:03:58 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-packagemanager_31bf3856ad364e35_6.1.7601.17514_none_4afdc98b09e3cfe8

[2009/07/13 23:20:37 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_6.1.7600.16385_none_f7feafd2baa4f6b7

[2009/07/14 01:37:17 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..pulations.resources_31bf3856ad364e35_6.1.7600.16385_en-us_864a84afd1bdd008

[2009/07/14 01:30:04 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-telnet-server-tlntsvr_31bf3856ad364e35_6.1.7600.16385_none_1ab997fb0a83afdd

[2012/07/27 14:04:17 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-w..ystemassessmenttool_31bf3856ad364e35_6.1.7601.17514_none_d9bafd47cdf9833b

[2009/07/14 01:36:58 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_84afd4fd38ffd276

[2009/07/13 23:20:40 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-winsock-legacy-afd_31bf3856ad364e35_6.1.7600.16385_none_477be503cda35f27

[2009/07/13 23:20:41 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-wwan-coinstaller_31bf3856ad364e35_6.1.7600.16385_none_f03daa5afd0277e3

[2009/07/13 23:20:41 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_netfx-cvtres_for_vc_and_vb_b03f5f7f11d50a3a_6.1.7600.16385_none_729a32afdbde935f

[2009/07/14 01:29:49 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_ph3xibc6.inf_31bf3856ad364e35_6.1.7600.16385_none_9f0614a5fafd2f53

[2009/07/14 01:29:55 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_prnep00g.inf_31bf3856ad364e35_6.1.7600.16385_none_afdac3e7463477e2

[2009/07/14 01:29:55 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_prnep00g.inf_31bf3856ad364e35_6.1.7600.16385_none_afdac3e7463477e2\Amd64

[2009/07/14 01:30:24 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_wpf-presentationnative_31bf3856ad364e35_6.1.7600.16385_none_b2bafd8160314f8f

[2012/07/27 12:33:02 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.1.7600.20658_none_773afd616e52e333

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-coreusermodepnp_31bf3856ad364e35_6.1.7600.16385_none_dd4b472f7afdc1a7

[2009/07/14 01:37:17 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-p..an-plugin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7561afd6ec26345d

[2009/07/14 01:37:08 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-b..xthandler.resources_31bf3856ad364e35_6.1.7600.16385_en-us_e1aaadd0fafd6f34

[2012/07/27 14:03:33 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_6.1.7601.17514_ru-ru_361eafdb1f34fd8e

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-detectionandsharingapi_31bf3856ad364e35_6.1.7600.16385_none_39796cfe3f7f6afd

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-eventviewer_31bf3856ad364e35_6.1.7600.16385_none_6dc176bafd6e281f

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-font-fms.resources_31bf3856ad364e35_6.1.7600.16385_it-it_b18013afd5eb4684

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-g..policy-admin-gpedit_31bf3856ad364e35_6.1.7600.16385_none_ce0882b8c63afdf6

[2009/07/14 01:37:13 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-h..centercpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a6dce91c4afdb4aa

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-i..onal-codepage-21025_31bf3856ad364e35_6.1.7600.16385_none_5228328547760afd

[2012/07/27 12:23:44 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-i..timezones.resources_31bf3856ad364e35_6.1.7601.21855_et-ee_7f67459afd729012

[2009/07/14 01:30:35 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmpshell_31bf3856ad364e35_6.1.7600.16385_none_0b9dafdba6a26625

[2012/07/27 14:03:13 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-networkexplorer_31bf3856ad364e35_6.1.7601.17514_none_4259cafda42274a4

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-printing-oleprn_31bf3856ad364e35_6.1.7600.16385_none_7afd327dc09634d7

[2009/07/14 01:37:02 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-s..mcomputer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_5afd61c793b8bc13

[2009/07/14 01:37:05 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-s..-vbscript.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0fb240afd169f47b

[2009/07/14 01:30:32 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-slc-component-sku-ocur_31bf3856ad364e35_6.1.7600.16385_none_1823f0a0cfafd61b

[2012/07/27 14:06:02 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.1.7601.17514_none_6eaa2afd36b1e303

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-winsock-legacy-afd_31bf3856ad364e35_6.1.7600.16385_none_eb5d49801545edf1

< c:|tcpip;true;true;true; /FP >

[2012/07/27 15:03:04 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.1.7601.17514_none_e4433b761c0c84cd

[2012/07/27 15:03:07 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.1.7601.17514_none_bfab9b4ba5f934f9

[2012/07/27 15:03:07 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37

[2012/07/27 15:03:07 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.1.7601.17514_none_90ecf919657dacf4

[2012/07/27 15:03:07 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8

[2012/07/27 15:03:24 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\wow64_microsoft-windows-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ca00459dda59f6f4

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.1.7601.17514_none_34ce5d95ad203bbe

[2009/07/13 23:20:34 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.1.7600.16385_none_e21227ae1f1e0133

[2009/07/14 01:37:02 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-t..tcpip-pro.resources_31bf3856ad364e35_6.1.7600.16385_en-us_1254aa008171f7aa

[2009/07/14 01:37:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip.resources_31bf3856ad364e35_6.1.7600.16385_en-us_28376affe6d50544

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.1.7600.16385_none_bd7a8783a90ab15f

[2012/07/27 14:03:33 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.1.7601.17514_none_bfab9b4ba5f934f9

[2009/07/14 01:37:22 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_32fce046277d287b

[2009/07/14 01:30:12 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-adm_31bf3856ad364e35_6.1.7600.16385_none_8efe707fa1acdc48

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d

[2012/08/20 11:05:46 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65

[2010/10/14 23:27:01 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8

[2012/07/27 12:23:31 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde

[2012/08/20 11:05:46 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463

[2010/10/14 23:27:01 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079

[2012/07/27 12:23:31 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7

[2012/07/27 14:03:58 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37

[2012/07/27 12:23:31 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d

[2012/07/27 12:23:31 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-mof_31bf3856ad364e35_6.1.7600.16385_none_93d2d57d9ea09496

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-netip6-pro_31bf3856ad364e35_6.1.7600.16385_none_bc82dc0973ef3b46

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-nettcpip-pro_31bf3856ad364e35_6.1.7600.16385_none_0451aba3e9d81445

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.1.7600.16385_none_8ebbe551688f295a

[2012/07/27 14:04:35 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.1.7601.17514_none_90ecf919657dacf4

[2009/07/13 23:20:39 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e

[2009/07/14 01:37:04 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-w..per-tcpip.resources_31bf3856ad364e35_6.1.7600.16385_en-us_bf22f74eb8bda0f6

[2009/07/13 23:20:40 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.1.7600.16385_none_27a7f7694b388c01

[2009/07/14 01:37:21 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_server-help-chm.tcpip.resources_31bf3856ad364e35_6.1.7600.16385_en-us_818c87c5cd3b25b1

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-tcpip_31bf3856ad364e35_6.1.7600.16385_none_c7cf31d5dd6b735a

[2012/07/27 14:02:48 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ca00459dda59f6f4

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_microsoft-windows-tcpip-mof_31bf3856ad364e35_6.1.7600.16385_none_9e277fcfd3015691

[2009/07/14 01:36:58 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-tcpip.resources_31bf3856ad364e35_6.1.7600.16385_en-us_cc18cf7c2e77940e

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.1.7600.16385_none_329d49cdb031b824

[2012/07/27 14:03:57 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.1.7601.17514_none_34ce5d95ad203bbe

[2009/07/14 01:36:57 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-w..per-tcpip.resources_31bf3856ad364e35_6.1.7600.16385_en-us_63045bcb00602fc0

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.1.7600.16385_none_cb895be592db1acb

< c:|mpssvc;true;true;true; /FP >

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_networking-mpssvc_31bf3856ad364e35_6.1.7601.17514_none_689f8c48cfca2cbb

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_networking-mpssvc-admin.resources_31bf3856ad364e35_6.1.7601.17514_en-us_9f1620ebad6921e4

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_networking-mpssvc-admin_31bf3856ad364e35_6.1.7601.17514_none_03783362986e804b

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_networking-mpssvc-svc.resources_31bf3856ad364e35_6.1.7601.17514_en-us_e58eb9a1a517b5e1

[2012/07/27 15:03:09 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_networking-mpssvc-svc_31bf3856ad364e35_6.1.7601.17514_none_f83a40e7de7c47da

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_networking-mpssvc_31bf3856ad364e35_6.1.7601.17514_none_0c80f0c5176cbb85

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_networking-mpssvc-admin.resources_31bf3856ad364e35_6.1.7601.17514_en-us_42f78567f50bb0ae

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_networking-mpssvc-admin_31bf3856ad364e35_6.1.7601.17514_none_a75997dee0110f15

[2012/07/27 15:03:27 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_networking-mpssvc-svc.resources_31bf3856ad364e35_6.1.7601.17514_en-us_89701e1decba44ab

[2009/07/14 01:32:40 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\migwiz\dlmanifests\Networking-MPSSVC-Svc

[2009/07/14 01:37:08 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc.resources_31bf3856ad364e35_6.1.7600.16385_en-us_24b3cfe4ff928bea

[2009/07/13 23:20:42 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc_31bf3856ad364e35_6.1.7600.16385_none_666e7880d2dba921

[2012/07/27 14:02:25 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc_31bf3856ad364e35_6.1.7601.17514_none_689f8c48cfca2cbb

[2009/07/14 01:37:03 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc-admin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_9ce50d23b07a9e4a

[2012/07/27 14:04:35 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc-admin.resources_31bf3856ad364e35_6.1.7601.17514_en-us_9f1620ebad6921e4

[2009/07/13 23:20:42 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc-admin_31bf3856ad364e35_6.1.7600.16385_none_01471f9a9b7ffcb1

[2012/07/27 14:02:46 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc-admin_31bf3856ad364e35_6.1.7601.17514_none_03783362986e804b

[2009/07/14 01:36:58 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc-netsh.resources_31bf3856ad364e35_6.1.7600.16385_en-us_4285fd252bd260cf

[2009/07/13 23:20:42 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc-netsh_31bf3856ad364e35_6.1.7600.16385_none_0ae586d2e060c6b8

[2009/07/14 01:37:03 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc-svc.resources_31bf3856ad364e35_6.1.7600.16385_en-us_e35da5d9a8293247

[2012/07/27 14:04:35 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc-svc.resources_31bf3856ad364e35_6.1.7601.17514_en-us_e58eb9a1a517b5e1

[2009/07/13 23:20:42 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc-svc_31bf3856ad364e35_6.1.7600.16385_none_f6092d1fe18dc440

[2012/07/27 14:02:49 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_networking-mpssvc-svc_31bf3856ad364e35_6.1.7601.17514_none_f83a40e7de7c47da

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\wow64_networking-mpssvc-svc_31bf3856ad364e35_6.1.7600.16385_none_005dd77215ee863b

[2009/07/14 01:36:59 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c895346147351ab4

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc_31bf3856ad364e35_6.1.7600.16385_none_0a4fdcfd1a7e37eb

[2012/07/27 14:04:35 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc_31bf3856ad364e35_6.1.7601.17514_none_0c80f0c5176cbb85

[2009/07/14 01:37:08 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc-admin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_40c6719ff81d2d14

[2012/07/27 14:02:23 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc-admin.resources_31bf3856ad364e35_6.1.7601.17514_en-us_42f78567f50bb0ae

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc-admin_31bf3856ad364e35_6.1.7600.16385_none_a5288416e3228b7b

[2012/07/27 14:03:12 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc-admin_31bf3856ad364e35_6.1.7601.17514_none_a75997dee0110f15

[2009/07/14 01:37:01 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc-netsh.resources_31bf3856ad364e35_6.1.7600.16385_en-us_e66761a17374ef99

[2009/07/13 23:21:09 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc-netsh_31bf3856ad364e35_6.1.7600.16385_none_aec6eb4f28035582

[2009/07/14 01:37:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc-svc.resources_31bf3856ad364e35_6.1.7600.16385_en-us_873f0a55efcbc111

[2012/07/27 14:05:04 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_networking-mpssvc-svc.resources_31bf3856ad364e35_6.1.7601.17514_en-us_89701e1decba44ab

< c:|sdrsvc;true;true;true; /FP >

< c:|cryptsvc;true;true;true; /FP >

[2012/07/27 15:02:59 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a

[2012/07/27 15:03:24 | 000,000,000 | ---D | M] -- c:\Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4

[2009/07/14 01:36:57 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll.resources_31bf3856ad364e35_6.1.7600.16385_en-us_00bbc5aa103d49e7

[2009/07/13 23:20:31 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490

[2012/07/27 12:25:29 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339

[2012/07/27 12:25:29 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3

[2012/07/27 12:25:29 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795

[2012/07/27 12:25:29 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2

[2009/07/14 01:37:00 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a49d2a2657dfd8b1

[2009/07/13 23:21:06 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a

[2012/07/27 12:25:29 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203

[2012/07/27 12:25:29 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d

[2012/07/27 12:25:29 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f

[2012/07/27 12:25:29 | 000,000,000 | ---D | M] -- c:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %systemroot%\*. /mp /s >

< End of report >

Link to post
Share on other sites

Here is the Extras.Txt log:

OTL Extras logfile created on: 8/22/2012 8:14:56 PM - Run 1

OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Victor\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 71.10% Memory free

7.60 Gb Paging File | 5.95 Gb Available in Paging File | 78.25% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 452.58 Gb Total Space | 283.07 Gb Free Space | 62.55% Space Free | Partition Type: NTFS

Computer Name: VICTOR-PC | User Name: Victor | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl[@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0BA9CF43-267F-4DA6-8B7B-9E7CB10981F6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{6A1F2482-A969-444B-BAC4-D40AC9D2DD68}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{210C2287-7277-4032-9D84-EBEE9835DECF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{7A8025D2-D8F6-4805-A09D-5AFE813725A0}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |

"{8E9E864D-DB5A-4835-B29A-4AD1E723A7BD}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{964EFD39-49E9-4435-9346-07ACF7D7CC18}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |

"{99F0D604-086D-4EE4-910D-32A289FFF709}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |

"{A0994ADE-855D-4B92-A308-BDC0A25DB2FD}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |

"{BFA3EA71-55DD-400C-8A07-2D60423C694D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{DC5C4C5C-F17A-4336-A26C-570AA9C8A5DD}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"TCP Query User{144FF054-8101-455C-A137-3A55102D44B7}C:\users\work\appdata\local\vghd\bin\virtuagirl_downloader.exe" = protocol=6 | dir=in | app=c:\users\work\appdata\local\vghd\bin\virtuagirl_downloader.exe |

"TCP Query User{18A033BC-88B9-4B87-9661-CD67C652D1E1}C:\users\work\appdata\local\vghd\bin\virtuagirl_downloader.exe" = protocol=6 | dir=in | app=c:\users\work\appdata\local\vghd\bin\virtuagirl_downloader.exe |

"TCP Query User{9141A79E-0CED-49BC-B9AF-B09546D3D321}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

"UDP Query User{1C20B207-A4E1-4713-9A00-24871ACB472A}C:\users\work\appdata\local\vghd\bin\virtuagirl_downloader.exe" = protocol=17 | dir=in | app=c:\users\work\appdata\local\vghd\bin\virtuagirl_downloader.exe |

"UDP Query User{6842E96C-302A-4D08-B8E3-2E97307AA25E}C:\users\work\appdata\local\vghd\bin\virtuagirl_downloader.exe" = protocol=17 | dir=in | app=c:\users\work\appdata\local\vghd\bin\virtuagirl_downloader.exe |

"UDP Query User{C8543A4A-8620-4A49-9C03-5CA778DDDC0E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client

"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor

"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime

"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility

"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board

"{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup

"{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password

"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition

"CNXT_AUDIO_HDA" = Conexant HD Audio

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft Security Client" = Microsoft Security Essentials

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0

"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver

"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java 7 Update 5

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

"{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}" = Amazon Links

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{39187A4B-7538-4BE7-8BAD-9E83303793AA}" = Toshiba Book Place

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration

"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{78FADD33-5D93-4FB8-AC29-1D823C0574B8}" = ASPCA Reminder by We-Care.com v4.1.17.1

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer

"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)

"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility

"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver

"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor

"Any Video Converter_is1" = Any Video Converter 3.4.0

"AVG Secure Search" = AVG Security Toolbar

"BurnAware Free_is1" = BurnAware Free 5.0.1

"DVD Shrink_is1" = DVD Shrink 3.2

"ERUNT_is1" = ERUNT 1.1j

"ESET Online Scanner" = ESET Online Scanner v3

"funmoods" = Funmoods Web Search

"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package

"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime

"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility

"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board

"InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup

"InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password

"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition

"Magic DVD Ripper_is1" = Magic DVD Ripper V7.0.0

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300

"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"NortonPCCheckup" = Toshiba Laptop Checkup

"Opera 12.00.1467" = Opera 12.00

"RealPlayer 15.0" = RealPlayer

"TOSHIBA Game Console" = WildTangent ORB Game Console

"VLC media player" = VLC media player 2.0.0

"WildTangent toshiba Master Uninstall" = WildTangent Games

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR 4.20 (32-bit)

"WT088682" = Bejeweled 2 Deluxe

"WT088696" = Chuzzle Deluxe

"WT088750" = Jewel Quest - Heritage

"WT088759" = Polar Bowler

"WT089366" = Cake Mania - Lights, Camera, Action!

"WT089368" = FATE - The Traitor Soul

"WT089379" = Mystery P.I. - The London Caper

"WT089381" = Slingo Supreme

"WT089386" = Governor of Poker 2 Premium Edition

"WT089395" = Plants vs. Zombies - Game of the Year

"ZMatrix_is1" = ZMatrix 1.4.8

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 8/19/2012 11:11:19 PM | Computer Name = Victor-PC | Source = Toshiba App Place | ID = 0

Description =

Error - 8/20/2012 7:41:01 AM | Computer Name = Victor-PC | Source = Toshiba App Place | ID = 0

Description =

Error - 8/20/2012 8:26:48 AM | Computer Name = Victor-PC | Source = Customer Experience Improvement Program | ID = 1008

Description =

Error - 8/20/2012 9:28:54 AM | Computer Name = Victor-PC | Source = SideBySide | ID = 16842832

Description = Activation context generation failed for "C:\Program Files (x86)\ESET\ESET

Online Scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line

. A component version required by the application conflicts with another component

version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Component

2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error - 8/20/2012 11:08:08 AM | Computer Name = Victor-PC | Source = Toshiba App Place | ID = 0

Description =

Error - 8/20/2012 11:41:13 AM | Computer Name = Victor-PC | Source = SideBySide | ID = 16842832

Description = Activation context generation failed for "c:\program files (x86)\ESET\eset

online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line

. A component version required by the application conflicts with another component

version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Component

2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error - 8/20/2012 2:56:15 PM | Computer Name = Victor-PC | Source = Toshiba App Place | ID = 0

Description =

Error - 8/21/2012 12:02:51 AM | Computer Name = Victor-PC | Source = Toshiba App Place | ID = 0

Description =

Error - 8/21/2012 12:49:54 AM | Computer Name = Victor-PC | Source = Customer Experience Improvement Program | ID = 1008

Description =

Error - 8/21/2012 8:35:49 AM | Computer Name = Victor-PC | Source = Toshiba App Place | ID = 0

Description =

[ System Events ]

Error - 8/12/2012 2:51:13 PM | Computer Name = Victor-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 2:45:58 PM on ?8/?12/?2012 was unexpected.

Error - 8/12/2012 6:44:28 PM | Computer Name = Victor-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 6:43:01 PM on ?8/?12/?2012 was unexpected.

Error - 8/12/2012 6:50:00 PM | Computer Name = Victor-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 6:46:20 PM on ?8/?12/?2012 was unexpected.

Error - 8/12/2012 7:45:49 PM | Computer Name = Victor-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 7:43:53 PM on ?8/?12/?2012 was unexpected.

Error - 8/12/2012 7:53:21 PM | Computer Name = Victor-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 7:50:13 PM on ?8/?12/?2012 was unexpected.

Error - 8/12/2012 8:45:45 PM | Computer Name = Victor-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 8:44:15 PM on ?8/?12/?2012 was unexpected.

Error - 8/12/2012 8:47:32 PM | Computer Name = Victor-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 8:45:45 PM on ?8/?12/?2012 was unexpected.

Error - 8/12/2012 9:05:13 PM | Computer Name = Victor-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 9:02:26 PM on ?8/?12/?2012 was unexpected.

Error - 8/12/2012 9:07:51 PM | Computer Name = Victor-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 9:06:30 PM on ?8/?12/?2012 was unexpected.

Error - 8/12/2012 11:11:46 PM | Computer Name = Victor-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 10:05:44 PM on ?8/?12/?2012 was unexpected.

< End of report >

Link to post
Share on other sites

You need to make sure that your WIN7 is at Service Pack 1, from either Windows Update or the MS Download Center

http://windows.microsoft.com/en-US/windows7/install-windows-7-service-pack-1

We can wrap this up now. I see that you are clear of your original issues.

If you have a problem with these steps, or something does not quite work here, do let me know.

The following few steps will remove tools we used. Advise me after you have completed the cleanups.

We have to remove Combofix and all its associated folders. By whichever name you named it, ( you had named it ComboFix icon_exclaim.gif),

put that name in the RUN box stated just below.

The "/uninstall" in the Run line below is to start Combofix for it's cleanup & removal function.

Note the space before the slash mark.

The utility must be removed to prevent any un-intentional or accidental usage, PLUS, to free up much space on your hard disk.

  • Highlight the line in this CODEBOX.
    Select & Copy the entire line within this codebox (so that it is in Windows clipboard memory)
    C:\Users\Victor\Desktop\ComboFix.exe /uninstall


  • Start >> type in cmd >> press the Ctrl+Shift+Enter keyboard combination and cmd.exe will be launched as if you selected Run as Administrator. You will then see a User Account Control prompt asking if you would like to allow the Command Prompt to be able to make changes on your computer. Click on the Yes button and you will now be at the Elevated Command Prompt.
    Do a Right click within the command prompt window and select Paste. This must show the line from Codebox above.
    Then tap Enter

IF in the case Combofix un-install has an issue, skip that step.

NEXT

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

ERUNT you should keep and use periodically to backup Windows registry.

Delete the following if still present:

aswMBR.exe

RogueKiller.exe

TDSSKILLER.exe

Stinger.exe

SecurityCheck.exe

FSS.exe

Safer practices & malware prevention

We are finished here. Best regards. cool.gif

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.