Babylon Seach -- Chrome

View previous topic View next topic Go down

Babylon Seach -- Chrome

Post by button22 on 9th August 2012, 7:14 pm

Hi,

I'm currently running Windows Xp and recently google chrome has been hijacked by 'babylon search'

each time i open google chrome babylon search opens up.

Anyone know how i can remove this please ? - I've tried to remove via chrome settings but i've had no luck so far.

any help will be great. thank you.

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by Dr Jay on 9th August 2012, 7:35 pm

Welcome to GeekPolice!

Follow instructions in this thread: [You must be registered and logged in to see this link.]

Post logs back here, please.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302999
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 9th August 2012, 8:05 pm

hi sorry the link for the OTL doesnt seem to work

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 9th August 2012, 8:09 pm

ignore that sorry, i managed to find a download link from another thread i'll post the log soon Smile

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 9th August 2012, 8:30 pm

Ok im going to post all 3 bits of information requested in the 'read this before posting thread' now. I'll do three seperate posts Smile

Aswell as the Babylon search hijacking google chrome issue

i also have an issue with ' rundll32.exe ' everytime i go to shutdown an error occurs and it wont allow me to shutdown without clicking end now

Since the Babylon and Rundll32.exe issues have arisen i have also lost my playback drivers for this computer, so i now have no sound.


Any help greatly appreciated! Smile

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 9th August 2012, 8:34 pm

OTL logfile created on: 09/08/2012 21:10:03 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Sam\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

958.48 Mb Total Physical Memory | 190.93 Mb Available Physical Memory | 19.92% Memory free
2.26 Gb Paging File | 1.62 Gb Available in Paging File | 71.90% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.32 Gb Total Space | 1.39 Gb Free Space | 1.97% Space Free | Partition Type: NTFS

Computer Name: HEMMINGS | User Name: Sam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/09 21:08:41 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sam\My Documents\Downloads\OTL.exe
PRC - [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/07/18 17:23:25 | 000,263,024 | ---- | M] (Probit Software LTD) -- C:\Program Files\Probit Software\Easy Speed PC\ESPCSmartScan.exe
PRC - [2012/07/18 17:23:20 | 000,272,752 | ---- | M] (Probit Software LTD) -- C:\Program Files\Probit Software\Easy Speed PC\ESPCReminder.exe
PRC - [2012/07/03 15:55:28 | 003,530,720 | ---- | M] (PC Drivers Headquarters) -- C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
PRC - [2012/03/28 00:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\6.2.1.5\ccsvchst.exe
PRC - [2011/11/07 20:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
PRC - [2011/11/07 20:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/28 20:56:16 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/04 19:16:41 | 000,150,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\d866ccb1c87220962122a2bf53f0c716\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
MOD - [2012/08/04 19:16:41 | 000,119,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\XPBurnComponent\40185fb5663aafab718bf3dfdcc4c9e7\XPBurnComponent.ni.dll
MOD - [2012/08/04 19:16:40 | 000,304,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\9c302811f4f3a113484f54d77f98901f\Microsoft.Practices.ObjectBuilder.ni.dll
MOD - [2012/08/04 19:16:39 | 000,309,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\ffa75b0bd36be74e3f5cfd79172d9136\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
MOD - [2012/08/04 19:16:38 | 000,235,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\56e1a131172ad3e0c7423da344a05fff\Microsoft.ApplicationBlocks.Updater.ni.dll
MOD - [2012/08/04 19:16:37 | 001,777,152 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\RuleEngine\8e9fd70669a3f6366b0bd9d4cd8ce92f\RuleEngine.ni.dll
MOD - [2012/08/04 19:16:36 | 000,357,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Win32.Tas#\004949f47a3ee06f8e41922704c0c52d\Microsoft.Win32.TaskScheduler.ni.dll
MOD - [2012/08/04 19:16:35 | 000,838,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Agent.Communication\7f348ba85b29367cf8e9579181c31267\Agent.Communication.ni.dll
MOD - [2012/08/04 19:16:34 | 000,202,240 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.WUApiLib\f0b8db1d869cb292cf4f87d471f81140\Interop.WUApiLib.ni.dll
MOD - [2012/08/04 19:16:30 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
MOD - [2012/08/04 19:16:29 | 000,060,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ExceptionLogging\206628d6b01618dcc12a0eefb861c6d3\ExceptionLogging.ni.dll
MOD - [2012/08/04 19:16:28 | 002,271,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Common\8c2a7a74a32f9d4bc1daa31f66dc4e0e\Common.ni.dll
MOD - [2012/08/04 19:16:25 | 000,766,464 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Agent.Common\f66bbbe13dec510b3f890658a20273de\Agent.Common.ni.dll
MOD - [2012/08/04 19:16:21 | 007,631,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Agent\035c4b180b0a35182b86860404ccdff0\Agent.ni.exe
MOD - [2012/07/31 06:36:14 | 000,442,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll
MOD - [2012/07/31 06:36:13 | 012,235,288 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
MOD - [2012/07/31 06:36:12 | 003,997,720 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.60\pdf.dll
MOD - [2012/07/31 06:34:45 | 000,144,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.60\avutil-51.dll
MOD - [2012/07/31 06:34:43 | 000,266,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.60\avformat-54.dll
MOD - [2012/07/31 06:34:42 | 002,480,680 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll
MOD - [2012/07/03 15:55:36 | 000,309,224 | ---- | M] () -- C:\Program Files\PC Drivers HeadQuarters\Driver Detective\Agent.Communication.XmlSerializers.dll
MOD - [2012/07/03 15:54:58 | 000,804,800 | ---- | M] () -- C:\Program Files\PC Drivers HeadQuarters\Driver Detective\ThemePack.Default.dll
MOD - [2012/06/14 19:35:25 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/06/14 19:30:37 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/06/14 19:30:21 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/06/14 07:01:25 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/06/14 06:49:56 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll
MOD - [2012/05/11 13:35:39 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/05/11 13:34:01 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/11 13:30:56 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/11 13:29:37 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll
MOD - [2012/05/11 13:27:21 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/11 13:27:00 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2011/11/03 16:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/08/24 06:33:05 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2010/06/03 13:46:00 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/06/26 16:05:42 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/03/28 00:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe -- (N360)
SRV - [2011/11/07 20:37:20 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/11/07 20:36:13 | 000,135,608 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2008/05/30 12:32:16 | 000,572,416 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand | Unknown] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Fxdrv.sys -- (FXDRV)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2012/08/06 18:11:44 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120806.002\navex15.sys -- (NAVEX15)
DRV - [2012/08/06 18:11:43 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120806.002\naveng.sys -- (NAVENG)
DRV - [2012/06/19 01:01:14 | 000,821,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120804.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/06/14 19:39:26 | 000,369,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120808.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/05/31 20:48:57 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/05/31 20:48:57 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/05/28 19:51:37 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/03/29 07:03:27 | 000,574,072 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0602010.005\srtsp.sys -- (SRTSP)
DRV - [2012/03/29 07:03:27 | 000,032,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0602010.005\srtspx.sys -- (SRTSPX)
DRV - [2011/11/24 03:23:48 | 000,905,336 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0602010.005\symefa.sys -- (SymEFA)
DRV - [2011/11/17 04:38:00 | 000,388,216 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0602010.005\symtdi.sys -- (SYMTDI)
DRV - [2011/11/17 04:17:48 | 000,149,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0602010.005\ironx86.sys -- (SymIRON)
DRV - [2011/11/05 00:59:36 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0602010.005\ccsetx86.sys -- (ccSet_N360)
DRV - [2011/08/16 07:51:40 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0602010.005\symds.sys -- (SymDS)
DRV - [2008/05/07 07:38:36 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 07:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 07:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/02/01 15:17:12 | 000,138,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2008/02/01 15:17:06 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/11/07 10:42:30 | 000,086,368 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200obex.sys -- (w200obex)
DRV - [2006/11/07 10:42:28 | 000,088,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mgmt.sys -- (w200mgmt)
DRV - [2006/11/07 10:42:24 | 000,097,056 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdm.sys -- (w200mdm)
DRV - [2006/11/07 10:42:22 | 000,009,328 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdfl.sys -- (w200mdfl)
DRV - [2006/11/07 10:42:16 | 000,061,504 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200bus.sys -- (w200bus)
DRV - [2005/10/13 14:53:24 | 001,379,328 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/03/04 04:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/12/01 19:35:16 | 000,438,912 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TNET1130.sys -- (TNET1130)
DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2001/08/17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\Google: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2379: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012/05/28 19:52:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012/08/09 20:54:14 | 000,000,000 | ---D | M]

[2012/08/03 23:09:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - homepage: [You must be registered and logged in to see this link.]
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: [You must be registered and logged in to see this link.]
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Sam\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Entanglement = C:\Documents and Settings\Sam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Poppit = C:\Documents and Settings\Sam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\Sam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\

O1 HOSTS File: ([2006/03/15 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.2.1.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.2.1.5\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.2.1.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.2.1.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Driver Detective] C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe (PC Drivers Headquarters)
O4 - HKCU..\Run: [Easy Driver Pro] C:\Program Files\Probit Software\Easy Driver Pro\DPLauncher.exe (Probit Software)
O4 - HKCU..\Run: [Easy Speed PC] C:\Program Files\Probit Software\Easy Speed PC\ESPCLauncher.exe (Probit Software LTD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF2A460C-E5D0-4B81-B563-B98AA6ECFAF6}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Sam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sam\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/23 06:44:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\Z\Shell - "" = AutoRun
O33 - MountPoints2\Z\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\Z\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe - (Adobe Systems Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Catalyst System Tray.lnk - - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Nokia Ovi Suite.lnk - C:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe - (Nokia)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AOL_Demo - hkey= - key= - File not found
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - File not found
MsConfig - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - File not found
MsConfig - StartUpReg: Corel Photo Downloader - hkey= - key= - File not found
MsConfig - StartUpReg: ctfmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: dlbxmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: dlcqmon.exe - hkey= - key= - File not found
MsConfig - StartUpReg: ehTray - hkey= - key= - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: FaxCenterServer - hkey= - key= - File not found
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - File not found
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: MemoryCardManager - hkey= - key= - File not found
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe ()
MsConfig - StartUpReg: Power2GoExpress - hkey= - key= - C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe (Cyberlink)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: Recguard - hkey= - key= - C:\WINDOWS\SMINST\Recguard.exe ()
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: Sony Ericsson PC Suite - hkey= - key= - C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - File not found
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TS - hkey= - key= - File not found
MsConfig - StartUpReg: WeatherDPA - hkey= - key= - File not found
MsConfig - StartUpReg: ZangoSA - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1325db73-d9f1-48f8-8895-6d814ec58889} - Security Update for Windows XP (KB913433)
ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall

Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/09 19:51:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/08 15:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam\My Documents\CyberLink
[2012/08/05 20:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NortonPCCheckup
[2012/08/05 20:32:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NortonPCCheckup\0200110.014
[2012/08/05 20:32:40 | 000,000,000 | ---D | C] -- C:\Program Files\Norton PC Checkup
[2012/08/05 20:32:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton PC Checkup
[2012/08/04 19:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2012/08/04 19:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam\Local Settings\Application Data\PC_Drivers_Headquarters
[2012/08/04 19:16:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2012/08/04 19:15:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2012/08/04 19:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2012/08/03 23:11:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam\Application Data\Probit Software
[2012/08/03 23:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/08/03 23:08:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam\Application Data\Babylon
[2012/08/03 23:08:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012/08/03 23:08:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Probit Software
[2012/08/03 23:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Probit Software
[2012/08/03 22:49:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam\Application Data\DriverCure
[2012/08/03 22:49:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam\Application Data\SpeedyPC Software
[2012/08/03 22:48:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software
[2012/08/03 22:44:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam\My Documents\Downloads
[2012/08/03 21:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sony Ericsson
[2012/07/28 08:55:27 | 000,000,000 | ---D | C] -- C:\N360_BACKUP
[2012/07/27 21:39:57 | 000,000,000 | ---D | C] -- C:\5da7bd2bc6110e3a63dae7675ccb
[2012/07/27 21:24:05 | 000,000,000 | ---D | C] -- C:\4e787b1e651de2510a674595786aa0
[2009/08/15 20:11:40 | 000,092,064 | ---- | C] (MCCI) -- C:\Documents and Settings\Sam\mqdmmdm.sys
[2009/08/15 20:11:40 | 000,079,328 | ---- | C] (MCCI) -- C:\Documents and Settings\Sam\mqdmserd.sys
[2009/08/15 20:11:40 | 000,009,232 | ---- | C] (MCCI) -- C:\Documents and Settings\Sam\mqdmmdfl.sys
[2009/08/15 20:11:40 | 000,005,936 | ---- | C] (MCCI) -- C:\Documents and Settings\Sam\mqdmwhnt.sys
[2009/08/15 20:11:40 | 000,004,048 | ---- | C] (MCCI) -- C:\Documents and Settings\Sam\mqdmcr.sys
[2009/08/15 20:11:39 | 000,066,656 | ---- | C] (MCCI) -- C:\Documents and Settings\Sam\mqdmbus.sys
[2009/08/15 20:11:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Sam\usbsermptxp.sys
[2009/08/15 20:11:39 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Sam\usbsermpt.sys
[2009/08/15 20:11:39 | 000,006,208 | ---- | C] (MCCI) -- C:\Documents and Settings\Sam\mqdmcmnt.sys
[18 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/09 21:05:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/09 20:53:29 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/09 20:52:58 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/09 20:52:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/09 20:51:41 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/08/05 20:32:54 | 000,001,953 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton PC Checkup.LNK
[2012/08/05 20:08:05 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2012/08/04 19:15:59 | 000,002,198 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2012/08/03 23:10:11 | 000,000,315 | ---- | M] () -- C:\user.js
[2012/08/03 21:33:25 | 000,018,137 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2012/08/02 19:35:25 | 000,001,789 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/07/22 19:44:24 | 000,308,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/21 08:50:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[18 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/09 20:51:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/08/05 20:32:54 | 000,001,953 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton PC Checkup.LNK
[2012/08/05 20:32:41 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NortonPCCheckup\0200110.014\isolate.ini
[2012/08/04 19:15:59 | 000,002,198 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2012/08/03 23:10:07 | 000,000,315 | ---- | C] () -- C:\user.js
[2012/06/05 19:31:20 | 000,308,400 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/16 12:23:19 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/10/18 20:50:04 | 000,001,697 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/03/17 22:30:43 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011/03/17 22:30:43 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011/03/17 22:30:43 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011/03/17 22:30:43 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011/03/17 22:30:43 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011/03/17 22:30:43 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011/03/17 22:30:43 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011/03/17 22:30:43 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011/03/17 22:30:43 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011/03/17 22:30:43 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2011/03/17 22:30:43 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011/03/17 22:30:43 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011/03/17 22:30:43 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011/03/17 22:30:43 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011/03/17 22:30:43 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011/03/17 22:30:43 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2011/03/17 22:30:43 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2011/03/17 22:30:43 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011/03/17 22:30:43 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/08/14 20:51:27 | 000,064,648 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/08/15 20:15:39 | 000,016,002 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem358.PNF
[2009/08/15 20:15:38 | 000,015,682 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem355.PNF
[2009/08/15 20:15:38 | 000,014,334 | ---- | C] () -- C:\Documents and Settings\Sam\Copy (2) of oem351.PNF
[2009/08/15 20:15:38 | 000,012,866 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem353.PNF
[2009/08/15 20:15:38 | 000,012,828 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem352.PNF
[2009/08/15 20:15:38 | 000,012,348 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem354.PNF
[2009/08/15 20:15:38 | 000,009,913 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem358.inf
[2009/08/15 20:15:38 | 000,009,232 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem355.inf
[2009/08/15 20:15:38 | 000,007,754 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem356.PNF
[2009/08/15 20:15:38 | 000,007,314 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem357.PNF
[2009/08/15 20:15:38 | 000,007,201 | ---- | C] () -- C:\Documents and Settings\Sam\1250363738-(null)
[2009/08/15 20:15:38 | 000,006,989 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem356.inf
[2009/08/15 20:15:38 | 000,006,209 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem353.inf
[2009/08/15 20:15:38 | 000,005,880 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem352.inf
[2009/08/15 20:15:38 | 000,005,813 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem354.inf
[2009/08/15 20:15:38 | 000,004,477 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem357.inf
[2009/08/15 20:11:39 | 000,009,913 | ---- | C] () -- C:\Documents and Settings\Sam\MCCI_MDM.INF
[2009/08/15 20:11:39 | 000,009,232 | ---- | C] () -- C:\Documents and Settings\Sam\USB_MOT_BRIT.INF
[2009/08/15 20:11:39 | 000,007,201 | ---- | C] () -- C:\Documents and Settings\Sam\USBMOT2000.INF
[2009/08/15 20:11:39 | 000,006,989 | ---- | C] () -- C:\Documents and Settings\Sam\MCCI_BUS.INF
[2009/08/15 20:11:39 | 000,006,141 | ---- | C] () -- C:\Documents and Settings\Sam\USBMOT2000XP.INF
[2009/08/15 20:11:39 | 000,005,960 | ---- | C] () -- C:\Documents and Settings\Sam\USB_MOT_A1000.INF
[2009/08/15 20:11:39 | 000,005,880 | ---- | C] () -- C:\Documents and Settings\Sam\USB_CMCS_2000.INF
[2009/08/15 20:11:39 | 000,004,477 | ---- | C] () -- C:\Documents and Settings\Sam\MCCI_SDM.INF
[2009/08/15 20:11:36 | 000,070,690 | ---- | C] () -- C:\Documents and Settings\Sam\Copy of oem351.PNF
[2009/08/15 20:11:36 | 000,054,341 | ---- | C] () -- C:\Documents and Settings\Sam\1250363495-(null)
[2007/09/15 21:29:35 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Sam\default.pls
[2007/07/06 21:34:45 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/28 21:01:55 | 000,078,336 | ---- | C] () -- C:\Documents and Settings\Sam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/31 16:56:31 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Sam\Local Settings\Application Data\fusioncache.dat

========== Custom Scans ==========

< %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

< %AppData%\Local\ >

< %systemroot%\system32\sysprep >

< *.xpi /md5 >

< %systemroot%\Downloaded Program Files\ >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2008/04/14 01:12:35 | 000,045,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2008/04/14 01:12:35 | 000,045,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2008/04/14 01:12:35 | 000,045,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "%programfiles%\Internet Explorer\iexplore.exe" [2008/04/14 01:12:22 | 000,093,184 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/08/06 02:43:06 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/08/06 02:43:06 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/08/06 02:43:06 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/08/06 02:43:06 | 002,388,264 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/07/31 06:36:16 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2008/04/14 01:12:35 | 000,045,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2008/04/14 01:12:35 | 000,045,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2008/04/14 01:12:35 | 000,045,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "%programfiles%\Internet Explorer\iexplore.exe" [2008/04/14 01:12:22 | 000,093,184 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/08/06 02:43:06 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/08/06 02:43:06 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/08/06 02:43:06 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/08/06 02:43:06 | 002,388,264 | ---- | M] (Apple Inc.)

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 9th August 2012, 8:35 pm

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /90 >
[2012/05/28 19:51:37 | 000,141,944 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2006/08/22 23:32:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006/08/22 23:32:16 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006/08/22 23:32:16 | 000,876,544 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %SYSTEMDRIVE%\*.exe /md5 >

< "%WinDir%\$NtUninstallKB*$." /30 >

< %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >

< %USERPROFILE%\AppData\Local\ /s >

< %systemroot%\Installer\ /s >

< %systemroot%\system32\Cache\ /s >

< %systemroot%\system32\config\systemprofile\Application Data /s >

< %PROGRAMFILES%\*. >
[2012/05/28 20:27:30 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/07/12 10:04:54 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2012/05/28 20:27:30 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2005/01/01 23:18:36 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2011/01/24 21:59:31 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2012/06/05 18:44:47 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2012/08/04 19:02:44 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2012/08/03 21:37:22 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2011/09/20 11:52:27 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2012/08/03 21:42:47 | 000,000,000 | ---D | M] -- C:\Program Files\Dell PC Fax
[2011/09/20 11:52:34 | 000,000,000 | ---D | M] -- C:\Program Files\Dell_ENA
[2008/05/23 17:33:19 | 000,000,000 | ---D | M] -- C:\Program Files\Dell_Photo AIO Printer 962
[2009/09/07 19:23:09 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2007/11/17 20:34:29 | 000,000,000 | ---D | M] -- C:\Program Files\Disc2Phone
[2012/08/03 21:53:46 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2012/05/02 06:49:44 | 000,000,000 | ---D | M] -- C:\Program Files\DL_cats
[2012/08/03 21:42:55 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/03/30 15:32:21 | 000,000,000 | ---D | M] -- C:\Program Files\Hazard Perception 2003-2004
[2012/08/03 21:46:25 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2012/05/28 20:27:38 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/01/24 22:07:00 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/01/24 22:08:08 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2012/08/03 21:50:36 | 000,000,000 | ---D | M] -- C:\Program Files\Jasc Software Inc
[2012/08/03 21:52:59 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2012/08/03 21:33:14 | 000,000,000 | ---D | M] -- C:\Program Files\LDC Driving Test Complete
[2009/04/21 20:46:45 | 000,000,000 | ---D | M] -- C:\Program Files\Live-Player
[2009/09/16 19:20:33 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/11/28 23:51:17 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2007/02/01 13:04:09 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2005/01/02 06:52:16 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2012/08/03 21:55:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/03/17 21:28:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/03/17 21:28:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Synchronization Services
[2007/02/01 13:01:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2007/02/01 13:01:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2007/02/01 13:00:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/11 06:52:45 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2012/08/03 23:09:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/08/20 21:48:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2005/01/02 06:52:16 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2005/01/02 06:52:17 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2009/09/07 19:28:09 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2007/01/31 17:33:59 | 000,000,000 | ---D | M] -- C:\Program Files\Nero
[2008/11/28 21:44:36 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2009/09/07 19:29:04 | 000,000,000 | ---D | M] -- C:\Program Files\Nokia
[2012/05/28 19:50:05 | 000,000,000 | ---D | M] -- C:\Program Files\Norton 360
[2012/08/05 20:32:41 | 000,000,000 | ---D | M] -- C:\Program Files\Norton PC Checkup
[2012/08/05 20:32:36 | 000,000,000 | ---D | M] -- C:\Program Files\NortonInstaller
[2006/08/23 09:35:32 | 000,000,000 | ---D | M] -- C:\Program Files\Oca History Tool
[2005/01/02 06:52:17 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/16 07:48:48 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2012/08/03 21:33:19 | 000,000,000 | ---D | M] -- C:\Program Files\Panasonic
[2012/08/04 19:15:23 | 000,000,000 | ---D | M] -- C:\Program Files\PC Drivers HeadQuarters
[2012/08/03 23:10:39 | 000,000,000 | ---D | M] -- C:\Program Files\Probit Software
[2012/05/28 20:27:54 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2007/03/28 20:56:15 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/08/20 21:47:54 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/08/14 20:24:01 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2007/11/17 20:21:53 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Ericsson
[2012/05/28 19:51:37 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2010/11/26 21:44:40 | 000,000,000 | ---D | M] -- C:\Program Files\Theory Test Demo
[2007/02/17 11:18:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2012/05/28 20:27:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/11/28 21:44:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/01/02 06:52:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Plus
[2012/05/28 19:50:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2007/01/31 17:30:51 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2007/01/31 17:30:02 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip
[2005/01/02 06:52:21 | 000,000,000 | ---D | M] -- C:\Program Files\xerox

< %appdata%\*.* >
[2006/08/22 23:33:40 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Sam\Application Data\desktop.ini

< MD5 for: AFD.SYS >
[2011/08/17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\dllcache\afd.sys
[2011/08/17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=1E44BC1E83D8FD2305F8D452DB109CF9 -- C:\WINDOWS\system32\drivers\afd.sys
[2003/06/19 20:05:04 | 000,120,240 | ---- | M] (Microsoft Corporation) MD5=320CAC00366BB4D5684B46928CEE5ADF -- C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\afd.sys
[2003/06/19 20:05:04 | 000,120,240 | ---- | M] (Microsoft Corporation) MD5=320CAC00366BB4D5684B46928CEE5ADF -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\afd.sys
[2008/04/13 20:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2008/04/13 20:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\WINDOWS\ServicePackFiles\i386\afd.sys
[2011/02/16 14:22:48 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=355556D9E580915118CD7EF736653A89 -- C:\WINDOWS\$NtUninstallKB2592799$\afd.sys
[2008/10/16 16:07:58 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=38D7B715504DA4741DF35E3594FE2099 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys
[2008/08/14 11:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2008/08/14 10:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\WINDOWS\$NtServicePackUninstall$\afd.sys
[2006/03/15 13:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\WINDOWS\$NtUninstallKB951748_0$\afd.sys
[2008/08/14 10:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\WINDOWS\$hf_mig$\KB956803\SP2QFE\afd.sys
[2008/10/16 15:43:01 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7618D5218F2A614672EC61A80D854A37 -- C:\WINDOWS\$NtUninstallKB2503665$\afd.sys
[2008/08/14 11:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys
[2008/08/14 11:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\WINDOWS\$NtUninstallKB2509553$\afd.sys
[2011/02/16 14:25:05 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=8D499B1276012EB907E7A9E0F4D8FDA4 -- C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys
[2008/06/20 11:44:38 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=944CA435BFCFC82CC1ED9E3A7D731AA9 -- C:\WINDOWS\$NtUninstallKB956803_0$\afd.sys
[2005/04/21 09:03:08 | 000,127,568 | ---- | M] (Microsoft Corporation) MD5=C47D5F36016CCD480B7AC33D3D99A4DF -- C:\Temp\Old Drive\WINNT\system32\dllcache\afd.sys
[2005/04/21 09:03:08 | 000,127,568 | ---- | M] (Microsoft Corporation) MD5=C47D5F36016CCD480B7AC33D3D99A4DF -- C:\Temp\Old Drive\WINNT\system32\drivers\AFD.SYS
[2008/06/20 12:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008/06/20 11:44:08 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=D99DDFFB33DEACDCF20717CB520379F6 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
[2008/06/20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
[2008/06/20 12:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2011/08/17 14:41:46 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=F6B7B1ECD7B41736BDB6FF4B092BCB79 -- C:\WINDOWS\$hf_mig$\KB2592799\SP3QFE\afd.sys

< MD5 for: ATAPI.SYS >
[2005/05/20 10:05:40 | 010,066,272 | ---- | M] () .cab file -- C:\Temp\Old Drive\WINNT\Driver Cache\i386\sp4.cab:atapi.sys
[2005/05/20 10:05:40 | 010,066,272 | ---- | M] () .cab file -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\sp4.cab:atapi.sys
[2006/03/15 13:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/11/28 21:35:15 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2006/03/15 13:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/11/28 21:35:15 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2003/06/19 20:05:04 | 000,086,672 | ---- | M] (Microsoft Corporation) MD5=8C718AA8C77041B3285D55A0CE980867 -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\atapi.sys
[2003/06/19 20:05:04 | 000,086,672 | ---- | M] (Microsoft Corporation) MD5=8C718AA8C77041B3285D55A0CE980867 -- C:\Temp\Old Drive\WINNT\system32\drivers\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/03/15 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2006/03/15 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtUninstallKB914906$\cryptsvc.dll
[2003/06/19 20:05:04 | 000,076,048 | ---- | M] (Microsoft Corporation) MD5=385F52746FD8558D43999AEED250769A -- C:\Temp\Old Drive\WINNT\$NtUninstallKB835732$\cryptsvc.dll
[2003/06/19 20:05:04 | 000,076,048 | ---- | M] (Microsoft Corporation) MD5=385F52746FD8558D43999AEED250769A -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\cryptsvc.dll
[2008/04/14 01:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008/04/14 01:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
[2004/03/24 03:17:01 | 000,076,048 | ---- | M] (Microsoft Corporation) MD5=644108E90CA7F628AA5650C31A2E74F5 -- C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\cryptsvc.dll
[2005/04/21 09:08:44 | 000,078,096 | ---- | M] (Microsoft Corporation) MD5=7D77D4AF905903AEDBEED9989857A9A5 -- C:\Temp\Old Drive\WINNT\system32\cryptsvc.dll
[2005/04/21 09:08:44 | 000,078,096 | ---- | M] (Microsoft Corporation) MD5=7D77D4AF905903AEDBEED9989857A9A5 -- C:\Temp\Old Drive\WINNT\system32\dllcache\cryptsvc.dll
[2006/02/11 04:48:12 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=87F3E2D2A3231F820F9248DB90090F42 -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll

< MD5 for: DNSRSLVR.DLL >
[2008/04/14 01:11:52 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=474B4DC3983173E4B4C9740B0DAC98A6 -- C:\WINDOWS\$NtUninstallKB2509553$\dnsrslvr.dll
[2008/04/14 01:11:52 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=474B4DC3983173E4B4C9740B0DAC98A6 -- C:\WINDOWS\ServicePackFiles\i386\dnsrslvr.dll
[2005/04/08 12:54:32 | 000,094,480 | ---- | M] (Microsoft Corporation) MD5=5BC8AA65DD2C8406692837D8F6806908 -- C:\Temp\Old Drive\WINNT\system32\dllcache\dnsrslvr.dll
[2005/04/08 12:54:32 | 000,094,480 | ---- | M] (Microsoft Corporation) MD5=5BC8AA65DD2C8406692837D8F6806908 -- C:\Temp\Old Drive\WINNT\system32\dnsrslvr.dll
[2009/04/20 18:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=5F7E24FA9EAB896051FFB87F840730D2 -- C:\WINDOWS\system32\dllcache\dnsrslvr.dll
[2009/04/20 18:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=5F7E24FA9EAB896051FFB87F840730D2 -- C:\WINDOWS\system32\dnsrslvr.dll
[2006/07/06 12:45:32 | 000,096,528 | ---- | M] (Microsoft Corporation) MD5=5F915387587324E99E8B2D3C3F69E0D2 -- C:\Temp\Old Drive\WINNT\SoftwareDistribution\Download\3ce2ad4955ded96d3b51e4dbc090322e\dnsrslvr.dll
[2008/02/20 19:49:36 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=6333C7E182E5B6247500188D28214DEF -- C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
[2006/03/15 13:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7379DE06FD196E396A00AA97B990C00D -- C:\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll
[2004/03/24 03:17:01 | 000,092,432 | ---- | M] (Microsoft Corporation) MD5=8F1F6FD5DAD28B460C43777CA43B1612 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB835732$\dnsrslvr.dll
[2004/03/24 03:17:01 | 000,092,432 | ---- | M] (Microsoft Corporation) MD5=8F1F6FD5DAD28B460C43777CA43B1612 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB885835$\dnsrslvr.dll
[2004/03/24 03:17:01 | 000,092,432 | ---- | M] (Microsoft Corporation) MD5=8F1F6FD5DAD28B460C43777CA43B1612 -- C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\dnsrslvr.dll
[2008/02/20 06:32:43 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=AAC8FFBFD61E784FA3BAC851D4A0BD5F -- C:\WINDOWS\$NtServicePackUninstall$\dnsrslvr.dll
[2003/06/19 20:05:04 | 000,092,432 | ---- | M] (Microsoft Corporation) MD5=AACDF5955A3A1CAAEF9FEC34EC08245B -- C:\Temp\Old Drive\WINNT\$NtUninstallKB890859$\dnsrslvr.dll
[2003/06/19 20:05:04 | 000,092,432 | ---- | M] (Microsoft Corporation) MD5=AACDF5955A3A1CAAEF9FEC34EC08245B -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\dnsrslvr.dll
[2009/04/20 18:06:44 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=D977659AE4D8ECE5286D99D1ED34614D -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\dnsrslvr.dll

< MD5 for: ES.DLL >
[2004/03/11 22:29:22 | 000,239,888 | ---- | M] (Microsoft Corporation) MD5=0400F13BDEC0E1F04C1AD2002D5650A4 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB902400$\es.dll
[2008/04/14 01:11:53 | 000,246,272 | ---- | M] (Microsoft Corporation) MD5=19A799805B24990867B00C120D300C3A -- C:\WINDOWS\$NtUninstallKB950974$\es.dll
[2008/04/14 01:11:53 | 000,246,272 | ---- | M] (Microsoft Corporation) MD5=19A799805B24990867B00C120D300C3A -- C:\WINDOWS\ServicePackFiles\i386\es.dll
[2005/07/26 05:39:45 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=34BBD9ACC1538818F2C878898C64E793 -- C:\WINDOWS\$NtUninstallKB950974_0$\es.dll
[2012/07/31 06:35:14 | 000,008,728 | ---- | M] () MD5=5653263DC8AB89F5467E379CE4D95AF1 -- C:\Program Files\Google\Chrome\Application\21.0.1180.60\Locales\es.dll
[2008/07/07 21:32:22 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=60D1A6342238378BFB7545C81EE3606C -- C:\WINDOWS\$NtServicePackUninstall$\es.dll
[2005/07/26 05:20:28 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=95F5FEA4C6DE2C3F28784D0DCC8F0DD3 -- C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll
[2008/07/07 21:06:43 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=A4AB3DCA4A383F0DF4988ABDEB84F9A4 -- C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
[2006/03/15 13:00:00 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=ACD36A2DD7D1E9D8A060AA651DC07E63 -- C:\WINDOWS\$NtUninstallKB902400$\es.dll
[2012/07/10 05:07:57 | 000,008,216 | ---- | M] () MD5=D088A143E3692E65FCEECBEAF6B66E08 -- C:\Program Files\Google\Chrome\Application\20.0.1132.57\Locales\es.dll
[2008/07/07 21:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=D4991D98F2DB73C60D042F1AEF79EFAE -- C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
[2008/07/07 21:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=D4991D98F2DB73C60D042F1AEF79EFAE -- C:\WINDOWS\system32\dllcache\es.dll
[2008/07/07 21:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=D4991D98F2DB73C60D042F1AEF79EFAE -- C:\WINDOWS\system32\es.dll
[2005/09/05 09:18:45 | 000,242,448 | ---- | M] (Microsoft Corporation) MD5=D8D44D8ED1B35285A83984ACF5D13CB3 -- C:\Temp\Old Drive\WINNT\system32\dllcache\es.dll
[2005/09/05 09:18:45 | 000,242,448 | ---- | M] (Microsoft Corporation) MD5=D8D44D8ED1B35285A83984ACF5D13CB3 -- C:\Temp\Old Drive\WINNT\system32\es.dll
[2008/07/07 21:23:18 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=F17F6226BDC0CD5F0BEF0DAF84D29BEC -- C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
[2003/06/19 20:05:04 | 000,233,232 | ---- | M] (Microsoft Corporation) MD5=FACD7422F6FBC7CD3AEA3AFCB8382ECF -- C:\Temp\Old Drive\WINNT\$NtUninstallKB828741$\es.dll
[2003/06/19 20:05:04 | 000,233,232 | ---- | M] (Microsoft Corporation) MD5=FACD7422F6FBC7CD3AEA3AFCB8382ECF -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\es.dll

< MD5 for: EXPLORER.EXE >
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2003/06/19 20:05:04 | 000,243,472 | ---- | M] (Microsoft Corporation) MD5=59CF2B7DCED9111F48F51B4B570E672D -- C:\Temp\Old Drive\WINNT\explorer.exe
[2003/06/19 20:05:04 | 000,243,472 | ---- | M] (Microsoft Corporation) MD5=59CF2B7DCED9111F48F51B4B570E672D -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\explorer.exe
[2007/06/13 12:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 11:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2006/03/15 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: IPNATHLP.DLL >
[2003/06/19 20:05:04 | 000,441,616 | ---- | M] (Microsoft Corporation) MD5=32032196EEA97CE6A2327867A3ADB66A -- C:\Temp\Old Drive\WINNT\$NtUninstallKB835732$\ipnathlp.dll
[2003/06/19 20:05:04 | 000,441,616 | ---- | M] (Microsoft Corporation) MD5=32032196EEA97CE6A2327867A3ADB66A -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\ipnathlp.dll
[2006/03/15 13:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) MD5=36CC8C01B5E50163037BEF56CB96DEFF -- C:\WINDOWS\$NtServicePackUninstall$\ipnathlp.dll
[2004/03/24 03:17:02 | 000,442,640 | ---- | M] (Microsoft Corporation) MD5=3B5264FDE0C619FB702DAEBD641A39A1 -- C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\ipnathlp.dll
[2008/04/14 01:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) MD5=83F41D0D89645D7235C051AB1D9523AC -- C:\WINDOWS\ServicePackFiles\i386\ipnathlp.dll
[2008/04/14 01:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) MD5=83F41D0D89645D7235C051AB1D9523AC -- C:\WINDOWS\system32\ipnathlp.dll
[2005/01/12 20:39:52 | 000,442,640 | ---- | M] (Microsoft Corporation) MD5=AEA7A0F7C23337F36B57666DAC442CF1 -- C:\Temp\Old Drive\WINNT\system32\dllcache\ipnathlp.dll
[2005/01/12 20:39:52 | 000,442,640 | ---- | M] (Microsoft Corporation) MD5=AEA7A0F7C23337F36B57666DAC442CF1 -- C:\Temp\Old Drive\WINNT\system32\ipnathlp.dll

< MD5 for: IPSEC.SYS >
[2008/04/13 20:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\ServicePackFiles\i386\ipsec.sys
[2008/04/13 20:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\WINDOWS\system32\drivers\ipsec.sys
[2006/03/15 13:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\WINDOWS\$NtServicePackUninstall$\ipsec.sys
[2003/06/19 20:05:04 | 000,064,304 | ---- | M] (Microsoft Corporation) MD5=6BF394C7987FBC91B047EB0A8EFB2AA5 -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\ipsec.sys
[2003/06/19 20:05:04 | 000,064,304 | ---- | M] (Microsoft Corporation) MD5=6BF394C7987FBC91B047EB0A8EFB2AA5 -- C:\Temp\Old Drive\WINNT\system32\drivers\ipsec.sys
[2003/04/21 19:19:42 | 000,080,848 | ---- | M] (Microsoft Corporation) MD5=9D61C8E8044BDAAC6D922EB27552F93A -- C:\Temp\Old Drive\WINNT\SoftwareDistribution\Download\360675579500dc331661420999c217ee\ipsec.sys
[2003/04/21 19:19:42 | 000,080,848 | ---- | M] (Microsoft Corporation) MD5=9D61C8E8044BDAAC6D922EB27552F93A -- C:\Temp\Old Drive\WINNT\SoftwareDistribution\Download\3c5a782b487782e5c4e53704c5d78d6f\ipsec.sys

< MD5 for: NETBT.SYS >
[2006/03/15 13:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=0C80E410CD2F47134407EE7DD19CC86B -- C:\WINDOWS\$NtServicePackUninstall$\netbt.sys
[2003/07/16 20:44:28 | 000,163,600 | ---- | M] (Microsoft Corporation) MD5=54AE15BCB205DEA14FD76F5B2848CFE6 -- C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\netbt.sys
[2008/04/13 20:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\ServicePackFiles\i386\netbt.sys
[2008/04/13 20:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\WINDOWS\system32\drivers\netbt.sys
[2005/04/08 12:51:14 | 000,175,632 | ---- | M] (Microsoft Corporation) MD5=A7CA87628217BBF4A6F501DB65B19E9D -- C:\Temp\Old Drive\WINNT\system32\dllcache\netbt.sys
[2005/04/08 12:51:14 | 000,175,632 | ---- | M] (Microsoft Corporation) MD5=A7CA87628217BBF4A6F501DB65B19E9D -- C:\Temp\Old Drive\WINNT\system32\drivers\netbt.sys
[2003/06/19 20:05:04 | 000,168,624 | ---- | M] (Microsoft Corporation) MD5=E854473D50E5F7917767A7C10E08E5F8 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB824105$\netbt.sys
[2003/06/19 20:05:04 | 000,168,624 | ---- | M] (Microsoft Corporation) MD5=E854473D50E5F7917767A7C10E08E5F8 -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\netbt.sys

< MD5 for: NETMAN.DLL >
[2008/04/14 01:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\ServicePackFiles\i386\netman.dll
[2008/04/14 01:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\system32\netman.dll
[2005/08/22 19:24:55 | 000,197,632 | ---- | M] (Microsoft Corporation) MD5=3516D8A18B36784B1005B950B84232E1 -- C:\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll
[2005/08/22 19:29:46 | 000,197,632 | ---- | M] (Microsoft Corporation) MD5=36739B39267914BA69AD0610A0299732 -- C:\WINDOWS\$NtServicePackUninstall$\netman.dll
[2005/08/16 09:35:00 | 000,100,112 | ---- | M] (Microsoft Corporation) MD5=600104D606AB3E9B9AB36076E6261A05 -- C:\Temp\Old Drive\WINNT\system32\dllcache\netman.dll
[2005/08/16 09:35:00 | 000,100,112 | ---- | M] (Microsoft Corporation) MD5=600104D606AB3E9B9AB36076E6261A05 -- C:\Temp\Old Drive\WINNT\system32\netman.dll
[2003/06/19 20:05:04 | 000,095,504 | ---- | M] (Microsoft Corporation) MD5=648A07AB73E49EF547A48D240CD36125 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB905414$\netman.dll
[2003/06/19 20:05:04 | 000,095,504 | ---- | M] (Microsoft Corporation) MD5=648A07AB73E49EF547A48D240CD36125 -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\netman.dll
[2006/03/15 13:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=DAB9E6C7105D2EF49876FE92C524F565 -- C:\WINDOWS\$NtUninstallKB905414$\netman.dll

< MD5 for: QMGR.DLL >
[2006/03/15 13:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\bits\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\qmgr.dll
[2004/10/05 10:43:30 | 000,362,496 | ---- | M] (Microsoft Corporation) MD5=DCD38D8178BF1BEA585F2F003EE3460E -- C:\Temp\Old Drive\WINNT\system32\BITS\qmgr.dll
[2004/10/05 10:43:30 | 000,362,496 | ---- | M] (Microsoft Corporation) MD5=DCD38D8178BF1BEA585F2F003EE3460E -- C:\Temp\Old Drive\WINNT\system32\dllcache\qmgr.dll
[2004/10/05 10:43:30 | 000,362,496 | ---- | M] (Microsoft Corporation) MD5=DCD38D8178BF1BEA585F2F003EE3460E -- C:\Temp\Old Drive\WINNT\system32\qmgr.dll
[2003/06/19 20:05:04 | 000,244,224 | ---- | M] (Microsoft Corporation) MD5=FE02334DB8598E2706A51A24DD33AB00 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB842773$\qmgr.dll
[2003/06/19 20:05:04 | 000,244,224 | ---- | M] (Microsoft Corporation) MD5=FE02334DB8598E2706A51A24DD33AB00 -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\qmgr.dll

< MD5 for: RPCSS.DLL >
[2005/09/05 09:18:45 | 000,212,240 | ---- | M] (Microsoft Corporation) MD5=037EBCF93DF5F0C31CCD2FF7E31E3BA5 -- C:\Temp\Old Drive\WINNT\system32\dllcache\rpcss.dll
[2005/09/05 09:18:45 | 000,212,240 | ---- | M] (Microsoft Corporation) MD5=037EBCF93DF5F0C31CCD2FF7E31E3BA5 -- C:\Temp\Old Drive\WINNT\system32\rpcss.dll
[2005/01/14 02:27:10 | 000,212,240 | ---- | M] (Microsoft Corporation) MD5=10789155522BE499A232AD2773AC1DF0 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB902400$\rpcss.dll
[2008/04/14 01:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\WINDOWS\$NtUninstallKB956572$\rpcss.dll
[2008/04/14 01:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\WINDOWS\ServicePackFiles\i386\rpcss.dll
[2005/01/14 09:55:50 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=419899803CA479B73B02390318C787C0 -- C:\WINDOWS\$NtUninstallKB894391$\rpcss.dll
[2006/03/15 13:00:00 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=5C83A4408604F737717AB96371201680 -- C:\WINDOWS\$NtUninstallKB873333$\rpcss.dll
[2009/02/09 13:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\system32\dllcache\rpcss.dll
[2009/02/09 13:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\WINDOWS\system32\rpcss.dll
[2009/02/09 11:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=9222562D44021B988B9F9F62207FB6F2 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[2005/01/14 06:07:42 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=94456045BEB4545B5EBE1DCC85951AFA -- C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[2003/06/19 20:05:04 | 000,239,376 | ---- | M] (Microsoft Corporation) MD5=B49E4F60ED7E5918E44396768F9F02F2 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB873333$\rpcss.dll
[2003/06/19 20:05:04 | 000,239,376 | ---- | M] (Microsoft Corporation) MD5=B49E4F60ED7E5918E44396768F9F02F2 -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\rpcss.dll
[2005/07/26 05:20:40 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=C369DF215D352B6F3A0B8C3469AA34F8 -- C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[2005/04/28 20:31:11 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=C8061F289E000703E7672916B7FE1571 -- C:\WINDOWS\$NtUninstallKB902400$\rpcss.dll
[2005/07/26 05:39:49 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=CE94A2BD25E3E9F4D46A7373FF455C6D -- C:\WINDOWS\$NtServicePackUninstall$\rpcss.dll
[2005/04/28 20:35:01 | 000,396,288 | ---- | M] (Microsoft Corporation) MD5=DA383FB39A6F1C445F3AFC94B3EB1248 -- C:\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll

< MD5 for: SERVICES.EXE >
[2009/02/06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2005/04/08 12:51:16 | 000,092,944 | ---- | M] (Microsoft Corporation) MD5=B861B4E6E9637EB76A40C10C552E0229 -- C:\Temp\Old Drive\WINNT\system32\dllcache\services.exe
[2005/04/08 12:51:16 | 000,092,944 | ---- | M] (Microsoft Corporation) MD5=B861B4E6E9637EB76A40C10C552E0229 -- C:\Temp\Old Drive\WINNT\system32\SERVICES.EXE
[2006/03/15 13:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2003/06/19 20:05:04 | 000,089,360 | ---- | M] (Microsoft Corporation) MD5=CFED2D28F5B8A24127E9E06043070643 -- C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\services.exe
[2003/06/19 20:05:04 | 000,089,360 | ---- | M] (Microsoft Corporation) MD5=CFED2D28F5B8A24127E9E06043070643 -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\services.exe

< MD5 for: SR.SYS >
[2008/04/13 19:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=76BB022C2FB6902FD5BDD4F78FC13A5D -- C:\WINDOWS\ServicePackFiles\i386\sr.sys
[2008/04/13 19:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=76BB022C2FB6902FD5BDD4F78FC13A5D -- C:\WINDOWS\system32\drivers\sr.sys
[2006/03/15 13:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=E41B6D037D6CD08461470AF04500DC24 -- C:\WINDOWS\$NtServicePackUninstall$\sr.sys

< MD5 for: SRSVC.DLL >
[2008/04/14 01:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) MD5=3805DF0AC4296A34BA4BF93B346CC378 -- C:\WINDOWS\ServicePackFiles\i386\srsvc.dll
[2008/04/14 01:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) MD5=3805DF0AC4296A34BA4BF93B346CC378 -- C:\WINDOWS\system32\srsvc.dll
[2006/03/15 13:00:00 | 000,170,496 | ---- | M] (Microsoft Corporation) MD5=92BDF74F12D6CBEC43C94D4B7F804838 -- C:\WINDOWS\$NtServicePackUninstall$\srsvc.dll

< MD5 for: SVCHOST.EXE >
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006/03/15 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2000/07/26 13:00:00 | 000,007,952 | ---- | M] (Microsoft Corporation) MD5=9E64AD53CFD9DA2D22E8A924F8C6E62C -- C:\Temp\Old Drive\WINNT\system32\dllcache\svchost.exe
[2000/07/26 13:00:00 | 000,007,952 | ---- | M] (Microsoft Corporation) MD5=9E64AD53CFD9DA2D22E8A924F8C6E62C -- C:\Temp\Old Drive\WINNT\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2006/04/25 14:38:52 | 000,320,336 | ---- | M] (Microsoft Corporation) MD5=0F62FFCD1C136103D7EA57E5B2B30994 -- C:\Temp\Old Drive\WINNT\SoftwareDistribution\Download\c9489fbf48dc5cadef2303015a63b511\tcpip.sys
[2006/04/20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008/06/20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2005/05/12 11:25:02 | 000,320,176 | ---- | M] (Microsoft Corporation) MD5=4800519C7B6A6FA2212F1F14781430A6 -- C:\Temp\Old Drive\WINNT\system32\dllcache\tcpip.sys
[2005/05/12 11:25:02 | 000,320,176 | ---- | M] (Microsoft Corporation) MD5=4800519C7B6A6FA2212F1F14781430A6 -- C:\Temp\Old Drive\WINNT\system32\drivers\tcpip.sys
[2006/01/13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006/01/13 03:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2003/06/19 20:05:04 | 000,332,144 | ---- | M] (Microsoft Corporation) MD5=5F1BE742B1F2196663255991AE7ACC83 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB893066$\tcpip.sys
[2003/06/19 20:05:04 | 000,332,144 | ---- | M] (Microsoft Corporation) MD5=5F1BE742B1F2196663255991AE7ACC83 -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\tcpip.sys
[2005/05/25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007/10/30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008/06/20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005/05/25 20:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007/10/30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006/03/15 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006/03/15 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
[2003/06/19 20:05:04 | 000,017,680 | ---- | M] (Microsoft Corporation) MD5=BF179C5B8A722CC79AEF1CA90D6C7D48 -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\userinit.exe
[2003/06/19 20:05:04 | 000,017,680 | ---- | M] (Microsoft Corporation) MD5=BF179C5B8A722CC79AEF1CA90D6C7D48 -- C:\Temp\Old Drive\WINNT\system32\USERINIT.EXE

< MD5 for: VOLSNAP.SYS >
[2008/04/13 19:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
[2008/04/13 19:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2006/03/15 13:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=EE4660083DEBA849FF6C485D944B379B -- C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys

< MD5 for: WINLOGON.EXE >
[2006/03/15 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2003/06/19 20:05:04 | 000,181,008 | ---- | M] (Microsoft Corporation) MD5=3980C28D116D438BBB36FB38526FDE1A -- C:\Temp\Old Drive\WINNT\$NtUninstallKB890859$\winlogon.exe
[2003/06/19 20:05:04 | 000,181,008 | ---- | M] (Microsoft Corporation) MD5=3980C28D116D438BBB36FB38526FDE1A -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\winlogon.exe
[2004/08/24 23:59:09 | 000,182,544 | ---- | M] (Microsoft Corporation) MD5=5922E8055EB439A58EF29530D8567A40 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB840987$\winlogon.exe
[2004/08/24 23:59:09 | 000,182,544 | ---- | M] (Microsoft Corporation) MD5=5922E8055EB439A58EF29530D8567A40 -- C:\Temp\Old Drive\WINNT\$NtUninstallKB841533$\winlogon.exe
[2004/08/24 23:59:09 | 000,182,544 | ---- | M] (Microsoft Corporation) MD5=5922E8055EB439A58EF29530D8567A40 -- C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\winlogon.exe
[2005/04/08 12:51:16 | 000,186,640 | ---- | M] (Microsoft Corporation) MD5=BB1DAF6A5737652646D52665251A0265 -- C:\Temp\Old Drive\WINNT\system32\dllcache\WINLOGON.EXE
[2005/04/08 12:51:16 | 000,186,640 | ---- | M] (Microsoft Corporation) MD5=BB1DAF6A5737652646D52665251A0265 -- C:\Temp\Old Drive\WINNT\system32\WINLOGON.EXE
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WMISVC.DLL >
[2008/04/14 01:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) MD5=2D0E4ED081963804CCC196A0929275B5 -- C:\WINDOWS\ServicePackFiles\i386\wmisvc.dll
[2008/04/14 01:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) MD5=2D0E4ED081963804CCC196A0929275B5 -- C:\WINDOWS\system32\wbem\wmisvc.dll
[2006/03/15 13:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) MD5=F399242A80C4066FD155EFA4CF96658E -- C:\WINDOWS\$NtServicePackUninstall$\wmisvc.dll

< MD5 for: WSCSVC.DLL >
[2006/03/15 13:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) MD5=4D59DAA66C60858CDF4F67A900F42D4A -- C:\WINDOWS\$NtServicePackUninstall$\wscsvc.dll
[2008/04/14 01:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=7C278E6408D1DCE642230C0585A854D5 -- C:\WINDOWS\ServicePackFiles\i386\wscsvc.dll
[2008/04/14 01:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=7C278E6408D1DCE642230C0585A854D5 -- C:\WINDOWS\system32\wscsvc.dll

< MD5 for: WUAUSERV.DLL >
[2006/03/15 13:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=13D72740963CBA12D9FF76A7F218BCD8 -- C:\WINDOWS\$NtServicePackUninstall$\wuauserv.dll
[2008/04/14 01:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=35321FB577CDC98CE3EB3A3EB9E4610A -- C:\WINDOWS\ServicePackFiles\i386\wuauserv.dll
[2008/04/14 01:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=35321FB577CDC98CE3EB3A3EB9E4610A -- C:\WINDOWS\system32\wuauserv.dll
[2003/06/19 20:05:04 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=C9921283E4C271DBB51B3E5D5283DD04 -- C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\wuauserv.dll
[2003/06/19 20:05:04 | 000,009,216 | ---- | M] (Microsoft Corporation) MD5=C9921283E4C271DBB51B3E5D5283DD04 -- C:\Temp\Old Drive\WINNT\system32\wuauserv.dll

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Sam\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf:SummaryInformation
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\wuauserv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\USERINIT.EXE:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\rpcss.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\qmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\netman.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\drivers\AFD.SYS:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\dnsrslvr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\WINLOGON.EXE:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\services.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\qmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\netman.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\system32\BITS\qmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\wuauserv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\userinit.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\tcpip.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\services.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\rpcss.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\qmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\netman.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\netbt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\ipsec.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\ipnathlp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\explorer.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\es.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\dnsrslvr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\atapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\ServicePackFiles\i386\afd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\services.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\netbt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\ipnathlp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\dnsrslvr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUpdateRollupPackUninstall$\afd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB905414$\netman.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB902400$\rpcss.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB902400$\es.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB893066$\tcpip.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB890859$\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB890859$\dnsrslvr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB885835$\dnsrslvr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB873333$\rpcss.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB842773$\qmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB841533$\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB840987$\winlogon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB835732$\ipnathlp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB835732$\dnsrslvr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB835732$\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB828741$\es.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Temp\Old Drive\WINNT\$NtUninstallKB824105$\netbt.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\system32\ipnathlp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\tcpip.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\svchost.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\rpcss.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\netbt.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\ipnathlp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\es.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\dnsrslvr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\system32\dllcache\afd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\SoftwareDistribution\Download\c9489fbf48dc5cadef2303015a63b511\tcpip.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\SoftwareDistribution\Download\3ce2ad4955ded96d3b51e4dbc090322e\dnsrslvr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\SoftwareDistribution\Download\3c5a782b487782e5c4e53704c5d78d6f\ipsec.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Temp\Old Drive\WINNT\SoftwareDistribution\Download\360675579500dc331661420999c217ee\ipsec.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Sam\My Documents\european.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Sam\My Documents\Crimbo_1.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Sam\My Documents\creuropean.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Sam\My Documents\40.doc:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Temp\Old Drive\WINNT\system32\WINLOGON.EXE:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Temp\Old Drive\WINNT\system32\svchost.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Temp\Old Drive\WINNT\system32\SERVICES.EXE:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Temp\Old Drive\WINNT\system32\es.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Temp\Old Drive\WINNT\system32\drivers\tcpip.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Temp\Old Drive\WINNT\system32\drivers\netbt.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Temp\Old Drive\WINNT\system32\drivers\ipsec.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Temp\Old Drive\WINNT\system32\drivers\atapi.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Temp\Old Drive\WINNT\explorer.exe:KAVICHS

< End of report >

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 9th August 2012, 8:36 pm

Results of screen317's Security Check version 0.99.43
Windows XP Service Pack 3 x86
Internet Explorer 6 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton 360
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 20.0.1132.57
Google Chrome 21.0.1180.60
Google Chrome VisualElementsManifest.xml..
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 25% Defragment your hard drive soon!
````````````````````End of Log``````````````````````

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 9th August 2012, 8:37 pm

OTL Extras logfile created on: 09/08/2012 21:10:03 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Sam\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

958.48 Mb Total Physical Memory | 190.93 Mb Available Physical Memory | 19.92% Memory free
2.26 Gb Paging File | 1.62 Gb Available in Paging File | 71.90% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.32 Gb Total Space | 1.39 Gb Free Space | 1.97% Space Free | Partition Type: NTFS

Computer Name: HEMMINGS | User Name: Sam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Disabled:Java(TM) 2 Platform Standard Edition binary
"C:\WINDOWS\system32\dlbxcoms.exe" = C:\WINDOWS\system32\dlbxcoms.exe:*:Enabled:Dell 962 Server
"C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe" = C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:*:Enabled:TwonkyMedia
"C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe" = C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:*:Enabled:TwonkyMediaServer
"C:\WINDOWS\system32\dlcqcoms.exe" = C:\WINDOWS\system32\dlcqcoms.exe:*:Enabled:Dell 966 Server


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{03528A01-7E5E-4C5F-94DF-1D8012E969EF}" = Nokia Map Loader
"{0BA6B649-579C-4C8B-8B2D-9DD0A75E6E40}" = Nokia Photos
"{0CFF0BFE-B750-4ECA-882D-03B8C6A9F26A}" = Nokia Ovi Content Copier
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1933FE45-AF8D-482D-9BC7-5F651BBF0A4F}" = Nokia Ovi System Utilities
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BAB23B0-70CE-4E7C-85B4-36154482CD57}" = Nokia Ovi Suite
"{2EEC2A94-7204-45C6-93BB-67EAEB19E4D6}" = Safari
"{2FA28330-2028-4033-BD10-425C87EB4D54}" = Nokia Software Updater
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}" = Driver Detective
"{6112DD9A-2A3B-4487-8271-ADBA4A390287}" = Hazard Perception Training 2003-2004
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6CEC5DEA-44D1-4C56-978E-56BFD84AF10D}" = Nokia Ovi One Touch Access
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9C7C8898-DC29-4E8B-9E77-55A77C3250F6}" = PC Connectivity Solution
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4E0CA0F-1903-440A-9B98-FEA6CB049999}" = Nokia Flashing Cable Driver
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B56B1487-9A26-4AFD-A1FD-949C40F5F2BC}" = Sony Ericsson PC Suite
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D353C323-5E95-4873-9825-9FEC1C8A3794}" = Nokia Download!
"{DAC63ECB-4571-435F-9B19-51F54BC88109}" = Nokia Home Media Server
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{FC762E57-B09D-41AE-AA5F-3DAC3CBE453E}" = Nokia Ovi Application Installer
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell_ENA" = Dell Wireless Software Uninstall
"Easy Driver Pro_is1" = Easy Driver Pro v8.03
"Easy Speed PC_is1" = Easy Speed PC v7.02
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"N360" = Norton 360
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3008
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3008
"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3008
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3008
"NortonPCCheckup" = Norton PC Checkup
"OcaHistoryUpd" = OCA Client history tool install
"RealPlayer 6.0" = RealPlayer
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 03/08/2012 16:05:41 | Computer Name = HEMMINGS | Source = ESENT | ID = 482
Description = svchost (1048) An attempt to write to the file "C:\WINDOWS\system32\CatRoot2\tmp.edb"
at offset 8192 (0x0000000000002000) for 1048576 (0x00100000) bytes failed with
system error 112 (0x00000070): "There is not enough space on the disk. ". The write
operation will fail with error -1808 (0xfffff8f0). If this error persists then
the file may be damaged and may need to be restored from a previous backup.

Error - 03/08/2012 16:05:41 | Computer Name = HEMMINGS | Source = ESENT | ID = 482
Description = svchost (1048) An attempt to write to the file "C:\WINDOWS\system32\CatRoot2\tmp.edb"
at offset 8192 (0x0000000000002000) for 1048576 (0x00100000) bytes failed with
system error 112 (0x00000070): "There is not enough space on the disk. ". The write
operation will fail with error -1808 (0xfffff8f0). If this error persists then
the file may be damaged and may need to be restored from a previous backup.

Error - 03/08/2012 16:05:41 | Computer Name = HEMMINGS | Source = ESENT | ID = 482
Description = svchost (1048) An attempt to write to the file "C:\WINDOWS\system32\CatRoot2\tmp.edb"
at offset 8192 (0x0000000000002000) for 1048576 (0x00100000) bytes failed with
system error 112 (0x00000070): "There is not enough space on the disk. ". The write
operation will fail with error -1808 (0xfffff8f0). If this error persists then
the file may be damaged and may need to be restored from a previous backup.

Error - 03/08/2012 16:05:42 | Computer Name = HEMMINGS | Source = ESENT | ID = 482
Description = svchost (1048) An attempt to write to the file "C:\WINDOWS\system32\CatRoot2\tmp.edb"
at offset 8192 (0x0000000000002000) for 1048576 (0x00100000) bytes failed with
system error 112 (0x00000070): "There is not enough space on the disk. ". The write
operation will fail with error -1808 (0xfffff8f0). If this error persists then
the file may be damaged and may need to be restored from a previous backup.

Error - 03/08/2012 16:05:42 | Computer Name = HEMMINGS | Source = ESENT | ID = 482
Description = svchost (1048) An attempt to write to the file "C:\WINDOWS\system32\CatRoot2\tmp.edb"
at offset 8192 (0x0000000000002000) for 1048576 (0x00100000) bytes failed with
system error 112 (0x00000070): "There is not enough space on the disk. ". The write
operation will fail with error -1808 (0xfffff8f0). If this error persists then
the file may be damaged and may need to be restored from a previous backup.

Error - 03/08/2012 16:05:43 | Computer Name = HEMMINGS | Source = ESENT | ID = 482
Description = svchost (1048) An attempt to write to the file "C:\WINDOWS\system32\CatRoot2\tmp.edb"
at offset 8192 (0x0000000000002000) for 1048576 (0x00100000) bytes failed with
system error 112 (0x00000070): "There is not enough space on the disk. ". The write
operation will fail with error -1808 (0xfffff8f0). If this error persists then
the file may be damaged and may need to be restored from a previous backup.

Error - 03/08/2012 16:05:43 | Computer Name = HEMMINGS | Source = ESENT | ID = 482
Description = svchost (1048) An attempt to write to the file "C:\WINDOWS\system32\CatRoot2\tmp.edb"
at offset 8192 (0x0000000000002000) for 1048576 (0x00100000) bytes failed with
system error 112 (0x00000070): "There is not enough space on the disk. ". The write
operation will fail with error -1808 (0xfffff8f0). If this error persists then
the file may be damaged and may need to be restored from a previous backup.

Error - 03/08/2012 16:47:24 | Computer Name = HEMMINGS | Source = MsiInstaller | ID = 11704
Description = Product: J2SE Runtime Environment 5.0 Update 9 -- Error 1704.An installation
for Sony Ericsson PC Suite is currently suspended. You must undo the changes made
by that installation to continue. Do you want to undo those changes?

Error - 09/08/2012 14:50:45 | Computer Name = HEMMINGS | Source = Application Hang | ID = 1002
Description = Hanging application Au_.exe, version 1.5.29.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 09/08/2012 14:50:58 | Computer Name = HEMMINGS | Source = Application Hang | ID = 1002
Description = Hanging application Au_.exe, version 1.5.29.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 02/08/2012 15:12:13 | Computer Name = HEMMINGS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFD BHDrvx86 ccSet_N360 eeCtrl Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SRTSPX
SymIRON
SYMTDI
Tcpip

Error - 02/08/2012 15:12:15 | Computer Name = HEMMINGS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service netman with
arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 02/08/2012 15:12:59 | Computer Name = HEMMINGS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 02/08/2012 15:15:08 | Computer Name = HEMMINGS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 05/08/2012 09:24:14 | Computer Name = HEMMINGS | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 00120E0D8A21. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 06/08/2012 01:50:31 | Computer Name = HEMMINGS | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 00120E0D8A21. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 06/08/2012 01:51:44 | Computer Name = HEMMINGS | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 00120E0D8A21. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 08/08/2012 10:22:14 | Computer Name = HEMMINGS | Source = Service Control Manager | ID = 7034
Description = The Ati HotKey Poller service terminated unexpectedly. It has done
this 1 time(s).

Error - 09/08/2012 15:51:08 | Computer Name = HEMMINGS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 09/08/2012 15:51:50 | Computer Name = HEMMINGS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 9th August 2012, 8:38 pm

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-09 21:14:05
-----------------------------
21:14:05.031 OS Version: Windows 5.1.2600 Service Pack 3
21:14:05.031 Number of processors: 2 586 0x40A
21:14:05.031 ComputerName: HEMMINGS UserName: Sam
21:14:08.406 Initialize success
21:15:53.765 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-16
21:15:53.765 Disk 0 Vendor: WDC_WD800BB-22JHC0 05.01C05 Size: 76319MB BusType: 3
21:15:53.812 Disk 0 MBR read successfully
21:15:53.812 Disk 0 MBR scan
21:15:53.812 Disk 0 unknown MBR code
21:15:53.828 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 72010 MB offset 8819685
21:15:53.843 Disk 0 Partition 2 00 12 Compaq diag RECOVERY 4306 MB offset 63
21:15:53.890 Disk 0 scanning sectors +156296385
21:15:54.046 Disk 0 scanning C:\WINDOWS\system32\drivers
21:16:18.390 Service scanning
21:16:30.125 Service FXDRV D:\Fxdrv.sys **LOCKED** 21
21:17:12.734 Modules scanning
21:18:28.562 Disk 0 trace - called modules:
21:18:28.609 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
21:18:29.125 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x861c8030]
21:18:29.125 3 CLASSPNP.SYS[f76b0fd7] -> nt!IofCallDriver -> \Device\00000094[0x861703b8]
21:18:29.125 5 ACPI.sys[f74c7620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP4T0L0-16[0x86139d98]
21:18:29.125 Scan finished successfully
21:23:26.656 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Sam\Desktop\MBR.dat"
21:23:26.671 The log file has been saved successfully to "C:\Documents and Settings\Sam\Desktop\aswMBR.txt"


button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 10th August 2012, 1:46 pm

any ideas yet anyone ? Smile

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by Dr Jay on 13th August 2012, 10:35 am

Sorry for delay!

Please download and run [You must be registered and logged in to see this link.] to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.




-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.



------------------------

Click the Start Scan button.



-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue




----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.





--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302999
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 14th August 2012, 12:17 am

thank you dude! i will try that tomorrow as it's a friends PC i'm currently trying to repair Smile. i'll post logs back tomorrow.

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by Dr Jay on 14th August 2012, 8:25 am

Okay. Will wait here.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302999
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 15th August 2012, 5:20 pm

18:15:29.0914 2368 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
18:15:31.0914 2368 ============================================================
18:15:31.0914 2368 Current date / time: 2012/08/15 18:15:31.0914
18:15:31.0914 2368 SystemInfo:
18:15:31.0914 2368
18:15:31.0914 2368 OS Version: 5.1.2600 ServicePack: 3.0
18:15:31.0914 2368 Product type: Workstation
18:15:31.0914 2368 ComputerName: HEMMINGS
18:15:31.0914 2368 UserName: Sam
18:15:31.0914 2368 Windows directory: C:\WINDOWS
18:15:31.0914 2368 System windows directory: C:\WINDOWS
18:15:31.0914 2368 Processor architecture: Intel x86
18:15:31.0914 2368 Number of processors: 2
18:15:31.0914 2368 Page size: 0x1000
18:15:31.0914 2368 Boot type: Normal boot
18:15:31.0914 2368 ============================================================
18:15:36.0602 2368 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:15:36.0617 2368 ============================================================
18:15:36.0617 2368 \Device\Harddisk0\DR0:
18:15:36.0633 2368 MBR partitions:
18:15:36.0633 2368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x8693E5, BlocksNum 0x8CA50DC
18:15:36.0633 2368 ============================================================
18:15:36.0695 2368 C: <-> \Device\Harddisk0\DR0\Partition1
18:15:36.0992 2368 ============================================================
18:15:36.0992 2368 Initialize success
18:15:36.0992 2368 ============================================================
18:16:06.0070 3964 ============================================================
18:16:06.0070 3964 Scan started
18:16:06.0070 3964 Mode: Manual; SigCheck; TDLFS;
18:16:06.0070 3964 ============================================================
18:16:06.0680 3964 ================ Scan services =============================
18:16:06.0867 3964 Abiosdsk - ok
18:16:06.0914 3964 [ 6abb91494fe6c59089b9336452ab2ea3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
18:16:10.0555 3964 abp480n5 - ok
18:16:10.0586 3964 [ 8fd99680a539792a30e97944fdaecf17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:16:10.0789 3964 ACPI - ok
18:16:10.0820 3964 [ 9859c0f6936e723e4892d7141b1327d5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:16:10.0961 3964 ACPIEC - ok
18:16:11.0008 3964 [ 9a11864873da202c996558b2106b0bbc ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
18:16:11.0180 3964 adpu160m - ok
18:16:11.0195 3964 [ 8bed39e3c35d6a489438b8141717a557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:16:11.0367 3964 aec - ok
18:16:11.0398 3964 [ 1e44bc1e83d8fd2305f8d452db109cf9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:16:11.0805 3964 AFD - ok
18:16:11.0836 3964 [ 08fd04aa961bdc77fb983f328334e3d7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
18:16:11.0992 3964 agp440 - ok
18:16:11.0992 3964 [ 03a7e0922acfe1b07d5db2eeb0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
18:16:12.0148 3964 agpCPQ - ok
18:16:12.0180 3964 [ c23ea9b5f46c7f7910db3eab648ff013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
18:16:12.0258 3964 Aha154x - ok
18:16:12.0273 3964 [ 19dd0fb48b0c18892f70e2e7d61a1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
18:16:12.0414 3964 aic78u2 - ok
18:16:12.0430 3964 [ b7fe594a7468aa0132deb03fb8e34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
18:16:12.0586 3964 aic78xx - ok
18:16:12.0602 3964 ALCXWDM - ok
18:16:12.0617 3964 [ a9a3daa780ca6c9671a19d52456705b4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:16:12.0820 3964 Alerter - ok
18:16:12.0836 3964 [ 8c515081584a38aa007909cd02020b3d ] ALG C:\WINDOWS\System32\alg.exe
18:16:12.0977 3964 ALG - ok
18:16:13.0008 3964 [ 1140ab9938809700b46bb88e46d72a96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
18:16:13.0148 3964 AliIde - ok
18:16:13.0180 3964 [ cb08aed0de2dd889a8a820cd8082d83c ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
18:16:13.0305 3964 alim1541 - ok
18:16:13.0320 3964 [ 95b4fb835e28aa1336ceeb07fd5b9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
18:16:13.0461 3964 amdagp - ok
18:16:13.0477 3964 [ 79f5add8d24bd6893f2903a3e2f3fad6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
18:16:13.0555 3964 amsint - ok
18:16:13.0664 3964 [ 018857ead9a077a56aedfc0e5ef7a24a ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:16:13.0680 3964 Apple Mobile Device - ok
18:16:13.0711 3964 [ d8849f77c0b66226335a59d26cb4edc6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:16:13.0867 3964 AppMgmt - ok
18:16:13.0883 3964 [ 62d318e9a0c8fc9b780008e724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
18:16:14.0023 3964 asc - ok
18:16:14.0039 3964 [ 69eb0cc7714b32896ccbfd5edcbea447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
18:16:14.0117 3964 asc3350p - ok
18:16:14.0117 3964 [ 5d8de112aa0254b907861e9e9c31d597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
18:16:14.0273 3964 asc3550 - ok
18:16:14.0352 3964 [ 0e5e4957549056e2bf2c49f4f6b601ad ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:16:14.0445 3964 aspnet_state - ok
18:16:14.0477 3964 [ b153affac761e7f5fcfa822b9c4e97bc ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:16:14.0617 3964 AsyncMac - ok
18:16:14.0633 3964 [ 9f3a2f5aa6875c72bf062c712cfa2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:16:14.0773 3964 atapi - ok
18:16:14.0789 3964 Atdisk - ok
18:16:14.0820 3964 [ 828472164f7eef4eb01f06c9e2ab3f55 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
18:16:14.0883 3964 Ati HotKey Poller - ok
18:16:14.0914 3964 [ 0d6b1bd5d36cb17ae76544293bef2213 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
18:16:15.0039 3964 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
18:16:15.0039 3964 ATI Smart - detected UnsignedFile.Multi.Generic (1)
18:16:15.0102 3964 [ 1f70a130ae675bcda5f4be22e4d00ba7 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:16:15.0242 3964 ati2mtag - ok
18:16:15.0258 3964 [ 9916c1225104ba14794209cfa8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:16:15.0398 3964 Atmarpc - ok
18:16:15.0414 3964 [ def7a7882bec100fe0b2ce2549188f9d ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:16:15.0555 3964 AudioSrv - ok
18:16:15.0586 3964 [ d9f724aa26c010a217c97606b160ed68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:16:15.0727 3964 audstub - ok
18:16:15.0742 3964 [ da1f27d85e0d1525f6621372e7b685e9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:16:15.0883 3964 Beep - ok
18:16:16.0195 3964 [ a9e111a358ac5f7eba7ac61e43fc6725 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120804.001\BHDrvx86.sys
18:16:16.0305 3964 BHDrvx86 - ok
18:16:16.0352 3964 [ 574738f61fca2935f5265dc4e5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
18:16:16.0508 3964 BITS - ok
18:16:16.0570 3964 [ f832f1505ad8b83474bd9a5b1b985e01 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:16:16.0617 3964 Bonjour Service - ok
18:16:16.0648 3964 [ a06ce3399d16db864f55faeb1f1927a9 ] Browser C:\WINDOWS\System32\browser.dll
18:16:16.0789 3964 Browser - ok
18:16:16.0820 3964 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
18:16:16.0992 3964 cbidf - ok
18:16:16.0992 3964 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:16:17.0133 3964 cbidf2k - ok
18:16:17.0211 3964 [ 599e7f6259a127c174c49938d2aa6a60 ] ccSet_N360 C:\WINDOWS\system32\drivers\N360\0602010.005\ccSetx86.sys
18:16:17.0227 3964 ccSet_N360 - ok
18:16:17.0242 3964 [ f3ec03299634490e97bbce94cd2954c7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
18:16:17.0305 3964 cd20xrnt - ok
18:16:17.0320 3964 [ c1b486a7658353d33a10cc15211a873b ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:16:17.0461 3964 Cdaudio - ok
18:16:17.0492 3964 [ c885b02847f5d2fd45a24e219ed93b32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:16:17.0617 3964 Cdfs - ok
18:16:17.0633 3964 [ 1f4260cc5b42272d71f79e570a27a4fe ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:16:17.0773 3964 Cdrom - ok
18:16:17.0789 3964 Changer - ok
18:16:17.0805 3964 [ 1cfe720eb8d93a7158a4ebc3ab178bde ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:16:17.0977 3964 CiSvc - ok
18:16:18.0023 3964 [ 34cbe729f38138217f9c80212a2a0c82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:16:18.0164 3964 ClipSrv - ok
18:16:18.0211 3964 [ d87acaed61e417bba546ced5e7e36d9c ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:16:18.0336 3964 clr_optimization_v2.0.50727_32 - ok
18:16:18.0367 3964 [ e5dcb56c533014ecbc556a8357c929d5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
18:16:18.0648 3964 CmdIde - ok
18:16:18.0664 3964 COMSysApp - ok
18:16:18.0680 3964 [ 3ee529119eed34cd212a215e8c40d4b6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
18:16:18.0836 3964 Cpqarray - ok
18:16:18.0867 3964 [ 3d4e199942e29207970e04315d02ad3b ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:16:19.0008 3964 CryptSvc - ok
18:16:19.0039 3964 [ e550e7418984b65a78299d248f0a7f36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
18:16:19.0211 3964 dac2w2k - ok
18:16:19.0227 3964 [ 683789caa3864eb46125ae86ff677d34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
18:16:19.0383 3964 dac960nt - ok
18:16:19.0414 3964 [ 6b27a5c03dfb94b4245739065431322c ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:16:19.0477 3964 DcomLaunch - ok
18:16:19.0523 3964 [ 5e38d7684a49cacfb752b046357e0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:16:19.0695 3964 Dhcp - ok
18:16:19.0711 3964 [ 044452051f3e02e7963599fc8f4f3e25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:16:19.0852 3964 Disk - ok
18:16:19.0867 3964 dmadmin - ok
18:16:19.0898 3964 [ d992fe1274bde0f84ad826acae022a41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:16:20.0133 3964 dmboot - ok
18:16:20.0320 3964 [ 7c824cf7bbde77d95c08005717a95f6f ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:16:20.0523 3964 dmio - ok
18:16:20.0602 3964 [ e9317282a63ca4d188c0df5e09c6ac5f ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:16:20.0789 3964 dmload - ok
18:16:20.0852 3964 [ 57edec2e5f59f0335e92f35184bc8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:16:21.0023 3964 dmserver - ok
18:16:21.0055 3964 [ 8a208dfcf89792a484e76c40e5f50b45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:16:21.0211 3964 DMusic - ok
18:16:21.0242 3964 [ 5f7e24fa9eab896051ffb87f840730d2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:16:21.0320 3964 Dnscache - ok
18:16:21.0398 3964 [ 0f0f6e687e5e15579ef4da8dd6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:16:21.0602 3964 Dot3svc - ok
18:16:21.0633 3964 [ 40f3b93b4e5b0126f2f5c0a7a5e22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
18:16:21.0773 3964 dpti2o - ok
18:16:21.0805 3964 [ 8f5fcff8e8848afac920905fbd9d33c8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:16:21.0945 3964 drmkaud - ok
18:16:21.0992 3964 [ 2187855a7703adef0cef9ee4285182cc ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:16:22.0117 3964 EapHost - ok
18:16:22.0211 3964 [ 85b8b4032a895a746d46a288a9b30ded ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:16:22.0242 3964 eeCtrl - ok
18:16:22.0305 3964 [ 5d1347aa5ae6e2f77d7f4f8372d95ac9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
18:16:22.0383 3964 ehRecvr - ok
18:16:22.0430 3964 [ a53243709439ac2a4c216b817f8d7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
18:16:22.0492 3964 ehSched - ok
18:16:22.0539 3964 [ b5a8a04a6e5b4e86b95b1553aa918f5f ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:16:22.0570 3964 EraserUtilRebootDrv - ok
18:16:22.0617 3964 [ bc93b4a066477954555966d77fec9ecb ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:16:22.0742 3964 ERSvc - ok
18:16:22.0789 3964 [ 65df52f5b8b6e9bbd183505225c37315 ] Eventlog C:\WINDOWS\system32\services.exe
18:16:22.0820 3964 Eventlog - ok
18:16:22.0852 3964 [ d4991d98f2db73c60d042f1aef79efae ] EventSystem C:\WINDOWS\system32\es.dll
18:16:22.0898 3964 EventSystem - ok
18:16:22.0914 3964 [ 38d332a6d56af32635675f132548343e ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:16:23.0055 3964 Fastfat - ok
18:16:23.0102 3964 [ 99bc0b50f511924348be19c7c7313bbf ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:16:23.0148 3964 FastUserSwitchingCompatibility - ok
18:16:23.0180 3964 [ 92cdd60b6730b9f50f6a1a0c1f8cdc81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:16:23.0320 3964 Fdc - ok
18:16:23.0367 3964 [ d45926117eb9fa946a6af572fbe1caa3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:16:23.0492 3964 Fips - ok
18:16:23.0523 3964 [ 9d27e7b80bfcdf1cdd9b555862d5e7f0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:16:23.0680 3964 Flpydisk - ok
18:16:23.0711 3964 [ b2cf4b0786f8212cb92ed2b50c6db6b0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:16:23.0867 3964 FltMgr - ok
18:16:23.0930 3964 [ 8ba7c024070f2b7fdd98ed8a4ba41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:16:23.0961 3964 FontCache3.0.0.0 - ok
18:16:24.0023 3964 [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:16:24.0398 3964 Fs_Rec - ok
18:16:24.0414 3964 [ 6ac26732762483366c3969c9e4d2259d ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:16:24.0586 3964 Ftdisk - ok
18:16:24.0586 3964 FXDRV - ok
18:16:24.0617 3964 [ 8182ff89c65e4d38b2de4bb0fb18564e ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
18:16:24.0648 3964 GEARAspiWDM - ok
18:16:24.0711 3964 [ 9f5f2f0fb0a7f5aa9f16b9a7b6dad89f ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
18:16:24.0727 3964 GoogleDesktopManager-051210-111108 - ok
18:16:24.0773 3964 [ 0a02c63c8b144bd8c86b103dee7c86a2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:16:24.0930 3964 Gpc - ok
18:16:25.0039 3964 [ 8f0de4fef8201e306f9938b0905ac96a ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:16:25.0086 3964 gupdate - ok
18:16:25.0086 3964 [ 8f0de4fef8201e306f9938b0905ac96a ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:16:25.0102 3964 gupdatem - ok
18:16:25.0148 3964 [ cc839e8d766cc31a7710c9f38cf3e375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:16:25.0258 3964 gusvc - ok
18:16:25.0367 3964 [ 4fcca060dfe0c51a09dd5c3843888bcd ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:16:25.0492 3964 helpsvc - ok
18:16:25.0539 3964 [ deb04da35cc871b6d309b77e1443c796 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:16:25.0680 3964 HidServ - ok
18:16:25.0727 3964 [ ccf82c5ec8a7326c3066de870c06daf1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:16:25.0867 3964 HidUsb - ok
18:16:25.0898 3964 [ 8878bd685e490239777bfe51320b88e9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:16:26.0039 3964 hkmsvc - ok
18:16:26.0086 3964 [ b028377dea0546a5fcfba928a8aefae0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
18:16:26.0227 3964 hpn - ok
18:16:26.0273 3964 [ f80a415ef82cd06ffaf0d971528ead38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:16:26.0398 3964 HTTP - ok
18:16:26.0430 3964 [ 6100a808600f44d999cebdef8841c7a3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:16:26.0570 3964 HTTPFilter - ok
18:16:26.0586 3964 [ 9368670bd426ebea5e8b18a62416ec28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
18:16:26.0711 3964 i2omgmt - ok
18:16:26.0742 3964 [ f10863bf1ccc290babd1a09188ae49e0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
18:16:26.0883 3964 i2omp - ok
18:16:26.0898 3964 [ 4a0b06aa8943c1e332520f7440c0aa30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:16:27.0586 3964 i8042prt - ok
18:16:27.0648 3964 [ c01ac32dc5c03076cfb852cb5da5229c ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:16:27.0727 3964 idsvc - ok
18:16:27.0820 3964 [ eeebf3616db90124c1c57019d39aa9a2 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120810.001\IDSxpx86.sys
18:16:27.0867 3964 IDSxpx86 - ok
18:16:27.0898 3964 [ 083a052659f5310dd8b6a6cb05edcf8e ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:16:28.0039 3964 Imapi - ok
18:16:28.0055 3964 [ 30deaf54a9755bb8546168cfe8a6b5e1 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:16:28.0195 3964 ImapiService - ok
18:16:28.0195 3964 InCDFs - ok
18:16:28.0211 3964 InCDPass - ok
18:16:28.0211 3964 InCDRm - ok
18:16:28.0242 3964 [ 4a40e045faee58631fd8d91afc620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
18:16:28.0398 3964 ini910u - ok
18:16:28.0398 3964 [ b5466a9250342a7aa0cd1fba13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
18:16:28.0539 3964 IntelIde - ok
18:16:28.0570 3964 [ 8c953733d8f36eb2133f5bb58808b66b ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:16:28.0727 3964 intelppm - ok
18:16:28.0758 3964 [ 3bb22519a194418d5fec05d800a19ad0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:16:28.0883 3964 Ip6Fw - ok
18:16:28.0914 3964 [ 731f22ba402ee4b62748adaf6363c182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:16:29.0117 3964 IpFilterDriver - ok
18:16:29.0148 3964 [ b87ab476dcf76e72010632b5550955f5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:16:29.0289 3964 IpInIp - ok
18:16:29.0305 3964 [ cc748ea12c6effde940ee98098bf96bb ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:16:29.0445 3964 IpNat - ok
18:16:29.0508 3964 [ 6e27978a4755f4789f912f5f49392f7c ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:16:29.0570 3964 iPod Service - ok
18:16:29.0602 3964 [ 23c74d75e36e7158768dd63d92789a91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:16:29.0742 3964 IPSec - ok
18:16:29.0758 3964 [ c93c9ff7b04d772627a3646d89f7bf89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:16:29.0898 3964 IRENUM - ok
18:16:29.0930 3964 [ 05a299ec56e52649b1cf2fc52d20f2d7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:16:30.0070 3964 isapnp - ok
18:16:30.0086 3964 [ 463c1ec80cd17420a542b7f36a36f128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:16:30.0227 3964 Kbdclass - ok
18:16:30.0242 3964 [ 9ef487a186dea361aa06913a75b3fa99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:16:30.0367 3964 kbdhid - ok
18:16:30.0398 3964 [ 692bcf44383d056aed41b045a323d378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:16:30.0539 3964 kmixer - ok
18:16:30.0586 3964 [ b467646c54cc746128904e1654c750c1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:16:30.0617 3964 KSecDD - ok
18:16:30.0648 3964 [ 3a7c3cbe5d96b8ae96ce81f0b22fb527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:16:30.0695 3964 lanmanserver - ok
18:16:30.0727 3964 [ a8888a5327621856c0cec4e385f69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:16:30.0773 3964 lanmanworkstation - ok
18:16:30.0773 3964 lbrtfdc - ok
18:16:30.0805 3964 [ a7db739ae99a796d91580147e919cc59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:16:31.0148 3964 LmHosts - ok
18:16:31.0227 3964 [ df0a511f38f16016bf658fca0090cb87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
18:16:31.0305 3964 McrdSvc - ok
18:16:31.0680 3964 [ 97ae35c0d6b77e540ee271dc2a25f004 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
18:16:31.0805 3964 MDM ( UnsignedFile.Multi.Generic ) - warning
18:16:31.0805 3964 MDM - detected UnsignedFile.Multi.Generic (1)
18:16:31.0883 3964 [ 986b1ff5814366d71e0ac5755c88f2d3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:16:32.0055 3964 Messenger - ok
18:16:32.0117 3964 [ b7521f69c0a9b29d356157229376fb21 ] MHN C:\WINDOWS\System32\mhn.dll
18:16:32.0195 3964 MHN ( UnsignedFile.Multi.Generic ) - warning
18:16:32.0195 3964 MHN - detected UnsignedFile.Multi.Generic (1)
18:16:32.0227 3964 [ 7f2f1d2815a6449d346fcccbc569fbd6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
18:16:32.0258 3964 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
18:16:32.0258 3964 MHNDRV - detected UnsignedFile.Multi.Generic (1)
18:16:32.0289 3964 [ 4ae068242760a1fb6e1a44bf4e16afa6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:16:32.0430 3964 mnmdd - ok
18:16:32.0461 3964 [ d18f1f0c101d06a1c1adf26eed16fcdd ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:16:32.0602 3964 mnmsrvc - ok
18:16:32.0633 3964 [ dfcbad3cec1c5f964962ae10e0bcc8e1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:16:32.0758 3964 Modem - ok
18:16:32.0789 3964 [ fe80c18ba448ddd76b7bead9eb203d37 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
18:16:32.0883 3964 motmodem - ok
18:16:32.0898 3964 [ 35c9e97194c8cfb8430125f8dbc34d04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:16:33.0039 3964 Mouclass - ok
18:16:33.0070 3964 [ b1c303e17fb9d46e87a98e4ba6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:16:33.0227 3964 mouhid - ok
18:16:33.0242 3964 [ a80b9a0bad1b73637dbcbba7df72d3fd ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:16:33.0398 3964 MountMgr - ok
18:16:33.0445 3964 [ 3f4bb95e5a44f3be34824e8e7caf0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
18:16:33.0586 3964 mraid35x - ok
18:16:33.0602 3964 [ 11d42bb6206f33fbb3ba0288d3ef81bd ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:16:33.0773 3964 MRxDAV - ok
18:16:33.0867 3964 [ 7d304a5eb4344ebeeab53a2fe3ffb9f0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:16:33.0945 3964 MRxSmb - ok
18:16:33.0977 3964 [ a137f1470499a205abbb9aafb3b6f2b1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:16:34.0117 3964 MSDTC - ok
18:16:34.0148 3964 [ c941ea2454ba8350021d774daf0f1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:16:34.0273 3964 Msfs - ok
18:16:34.0289 3964 MSIServer - ok
18:16:34.0305 3964 [ d1575e71568f4d9e14ca56b7b0453bf1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:16:34.0445 3964 MSKSSRV - ok
18:16:34.0477 3964 [ 325bb26842fc7ccc1fcce2c457317f3e ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:16:34.0617 3964 MSPCLOCK - ok
18:16:34.0633 3964 [ bad59648ba099da4a17680b39730cb3d ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:16:34.0773 3964 MSPQM - ok
18:16:34.0805 3964 [ af5f4f3f14a8ea2c26de30f7a1e17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:16:34.0930 3964 mssmbios - ok
18:16:34.0961 3964 [ ca3e22598f411199adc2dfee76cd0ae0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
18:16:35.0117 3964 ms_mpu401 - ok
18:16:35.0164 3964 [ de6a75f5c270e756c5508d94b6cf68f5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:16:35.0195 3964 Mup - ok
18:16:35.0289 3964 [ c6948f034d7edabcfa2234d399fc78bc ] N360 C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
18:16:35.0305 3964 N360 - ok
18:16:35.0367 3964 [ 0102140028fad045756796e1c685d695 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:16:35.0539 3964 napagent - ok
18:16:35.0617 3964 [ f11033730b38260b6892e837c457fb4b ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120812.007\NAVENG.SYS
18:16:35.0633 3964 NAVENG - ok
18:16:35.0695 3964 [ 4e4e7c0259d3bb97de24a636c0e06aba ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120812.007\NAVEX15.SYS
18:16:35.0820 3964 NAVEX15 - ok
18:16:35.0852 3964 [ 1df7f42665c94b825322fae71721130d ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:16:35.0992 3964 NDIS - ok
18:16:36.0039 3964 [ 0109c4f3850dfbab279542515386ae22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:16:36.0086 3964 NdisTapi - ok
18:16:36.0133 3964 [ f927a4434c5028758a842943ef1a3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:16:36.0258 3964 Ndisuio - ok
18:16:36.0305 3964 [ edc1531a49c80614b2cfda43ca8659ab ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:16:36.0445 3964 NdisWan - ok
18:16:36.0477 3964 [ 9282bd12dfb069d3889eb3fcc1000a9b ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:16:36.0508 3964 NDProxy - ok
18:16:36.0539 3964 [ 5d81cf9a2f1a3a756b66cf684911cdf0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:16:36.0680 3964 NetBIOS - ok
18:16:36.0695 3964 [ 74b2b2f5bea5e9a3dc021d685551bd3d ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:16:36.0836 3964 NetBT - ok
18:16:36.0883 3964 [ b857ba82860d7ff85ae29b095645563b ] NetDDE C:\WINDOWS\system32\netdde.exe
18:16:37.0008 3964 NetDDE - ok
18:16:37.0023 3964 [ b857ba82860d7ff85ae29b095645563b ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:16:37.0148 3964 NetDDEdsdm - ok
18:16:37.0195 3964 [ bf2466b3e18e970d8a976fb95fc1ca85 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:16:37.0383 3964 Netlogon - ok
18:16:37.0430 3964 [ 13e67b55b3abd7bf3fe7aae5a0f9a9de ] Netman C:\WINDOWS\System32\netman.dll
18:16:37.0711 3964 Netman - ok
18:16:37.0758 3964 [ d34612c5d02d026535b3095d620626ae ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:16:37.0773 3964 NetTcpPortSharing - ok
18:16:37.0836 3964 [ 943337d786a56729263071623bbb9de5 ] Nla C:\WINDOWS\System32\mswsock.dll
18:16:37.0898 3964 Nla - ok
18:16:37.0930 3964 [ b4e87d4f40c57d036e821bd06db1d1b7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
18:16:38.0023 3964 nmwcd - ok
18:16:38.0102 3964 [ bee0addf01d62725ddc2cc113d6b374c ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
18:16:38.0180 3964 nmwcdc - ok
18:16:38.0273 3964 [ be7fd9ca07e7d39f77c78ba5756930d9 ] nmwcdnsu C:\WINDOWS\system32\drivers\nmwcdnsu.sys
18:16:38.0367 3964 nmwcdnsu - ok
18:16:38.0398 3964 [ 94651f5808d3328d28ef967a9e853b8f ] nmwcdnsuc C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
18:16:38.0430 3964 nmwcdnsuc - ok
18:16:38.0477 3964 Norton PC Checkup Application Launcher - ok
18:16:38.0508 3964 [ 3182d64ae053d6fb034f44b6def8034a ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:16:38.0648 3964 Npfs - ok
18:16:38.0680 3964 [ 78a08dd6a8d65e697c18e1db01c5cdca ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:16:38.0836 3964 Ntfs - ok
18:16:38.0867 3964 [ bf2466b3e18e970d8a976fb95fc1ca85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:16:39.0008 3964 NtLmSsp - ok
18:16:39.0086 3964 [ 156f64a3345bd23c600655fb4d10bc08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:16:39.0227 3964 NtmsSvc - ok
18:16:39.0273 3964 [ 73c1e1f395918bc2c6dd67af7591a3ad ] Null C:\WINDOWS\system32\drivers\Null.sys
18:16:39.0430 3964 Null - ok
18:16:39.0664 3964 [ b305f3fad35083837ef46a0bbce2fc57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:16:39.0805 3964 NwlnkFlt - ok
18:16:39.0820 3964 [ c99b3415198d1aab7227f2c88fd664b9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:16:39.0961 3964 NwlnkFwd - ok
18:16:39.0977 3964 [ 7a56cf3e3f12e8af599963b16f50fb6a ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:16:40.0039 3964 ose - ok
18:16:40.0086 3964 [ 5575faf8f97ce5e713d108c2a58d7c7c ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:16:40.0211 3964 Parport - ok
18:16:40.0242 3964 [ beb3ba25197665d82ec7065b724171c6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:16:40.0383 3964 PartMgr - ok
18:16:40.0430 3964 [ 70e98b3fd8e963a6a46a2e6247e0bea1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:16:40.0586 3964 ParVdm - ok
18:16:40.0617 3964 [ 175cc28dcf819f78caa3fbd44ad9e52a ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
18:16:40.0664 3964 pccsmcfd - ok
18:16:40.0695 3964 [ 2f86be1818c2d7ac90478e3323ee7fcb ] PCCUJobMgr C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
18:16:40.0711 3964 PCCUJobMgr - ok
18:16:40.0727 3964 [ a219903ccf74233761d92bef471a07b1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:16:40.0867 3964 PCI - ok
18:16:40.0883 3964 PCIDump - ok
18:16:40.0898 3964 [ ccf5f451bb1a5a2a522a76e670000ff0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:16:41.0055 3964 PCIIde - ok
18:16:41.0086 3964 [ 9e89ef60e9ee05e3f2eef2da7397f1c1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:16:41.0227 3964 Pcmcia - ok
18:16:41.0227 3964 PDCOMP - ok
18:16:41.0227 3964 PDFRAME - ok
18:16:41.0227 3964 PDRELI - ok
18:16:41.0242 3964 PDRFRAME - ok
18:16:41.0242 3964 [ 6c14b9c19ba84f73d3a86dba11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
18:16:41.0398 3964 perc2 - ok
18:16:41.0414 3964 [ f50f7c27f131afe7beba13e14a3b9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
18:16:41.0555 3964 perc2hib - ok
18:16:41.0570 3964 [ 65df52f5b8b6e9bbd183505225c37315 ] PlugPlay C:\WINDOWS\system32\services.exe
18:16:41.0602 3964 PlugPlay - ok
18:16:41.0617 3964 [ bf2466b3e18e970d8a976fb95fc1ca85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:16:41.0742 3964 PolicyAgent - ok
18:16:41.0758 3964 [ efeec01b1d3cf84f16ddd24d9d9d8f99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:16:41.0930 3964 PptpMiniport - ok
18:16:41.0930 3964 [ bf2466b3e18e970d8a976fb95fc1ca85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:16:42.0055 3964 ProtectedStorage - ok
18:16:42.0070 3964 [ 09298ec810b07e5d582cb3a3f9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:16:42.0211 3964 PSched - ok
18:16:42.0242 3964 [ 80d317bd1c3dbc5d4fe7b1678c60cadd ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:16:42.0383 3964 Ptilink - ok
18:16:42.0414 3964 [ 86724469cd077901706854974cd13c3e ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:16:42.0430 3964 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
18:16:42.0430 3964 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
18:16:42.0445 3964 [ 0a63fb54039eb5662433caba3b26dba7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
18:16:42.0586 3964 ql1080 - ok
18:16:42.0602 3964 [ 6503449e1d43a0ff0201ad5cb1b8c706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
18:16:42.0742 3964 Ql10wnt - ok
18:16:42.0773 3964 [ 156ed0ef20c15114ca097a34a30d8a01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
18:16:42.0914 3964 ql12160 - ok
18:16:42.0930 3964 [ 70f016bebde6d29e864c1230a07cc5e6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
18:16:43.0711 3964 ql1240 - ok
18:16:43.0727 3964 [ 907f0aeea6bc451011611e732bd31fcf ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
18:16:43.0914 3964 ql1280 - ok
18:16:43.0945 3964 [ fe0d99d6f31e4fad8159f690d68ded9c ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:16:44.0086 3964 RasAcd - ok
18:16:44.0164 3964 [ ad188be7bdf94e8df4ca0a55c00a5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:16:44.0352 3964 RasAuto - ok
18:16:44.0367 3964 [ 11b4a627bc9614b885c4969bfa5ff8a6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:16:44.0508 3964 Rasl2tp - ok
18:16:44.0523 3964 [ 76a9a3cbeadd68cc57cda5e1d7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:16:44.0664 3964 RasMan - ok
18:16:44.0695 3964 [ 5bc962f2654137c9909c3d4603587dee ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:16:44.0820 3964 RasPppoe - ok
18:16:44.0852 3964 [ fdbb1d60066fcfbb7452fd8f9829b242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:16:44.0992 3964 Raspti - ok
18:16:45.0055 3964 [ 7ad224ad1a1437fe28d89cf22b17780a ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:16:45.0195 3964 Rdbss - ok
18:16:45.0227 3964 [ 4912d5b403614ce99c28420f75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:16:45.0367 3964 RDPCDD - ok
18:16:45.0398 3964 [ 15cabd0f7c00c47c70124907916af3f1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:16:45.0555 3964 rdpdr - ok
18:16:45.0586 3964 [ 6589db6e5969f8eee594cf71171c5028 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:16:45.0633 3964 RDPWD - ok
18:16:45.0664 3964 [ 3c37bf86641bda977c3bf8a840f3b7fa ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:16:45.0805 3964 RDSessMgr - ok
18:16:45.0820 3964 [ f828dd7e1419b6653894a8f97a0094c5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:16:45.0945 3964 redbook - ok
18:16:45.0977 3964 [ 7e699ff5f59b5d9de5390e3c34c67cf5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:16:46.0117 3964 RemoteAccess - ok
18:16:46.0164 3964 [ 5b19b557b0c188210a56a6b699d90b8f ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:16:46.0289 3964 RemoteRegistry - ok
18:16:46.0320 3964 [ f17713d108aca124a139fde877eef68a ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
18:16:46.0352 3964 RimUsb - ok
18:16:46.0383 3964 [ aaed593f84afa419bbae8572af87cf6a ] RpcLocator C:\WINDOWS\system32\locator.exe
18:16:46.0508 3964 RpcLocator - ok
18:16:46.0523 3964 [ 6b27a5c03dfb94b4245739065431322c ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:16:46.0555 3964 RpcSs - ok
18:16:46.0586 3964 [ 471b3f9741d762abe75e9deea4787e47 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:16:46.0711 3964 RSVP - ok
18:16:46.0742 3964 [ 7f0413bdd7d53eb4c7a371e7f6f84df1 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
18:16:46.0805 3964 RTL8023xp - ok
18:16:46.0836 3964 [ d507c1400284176573224903819ffda3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
18:16:46.0898 3964 rtl8139 - ok
18:16:46.0914 3964 [ bf2466b3e18e970d8a976fb95fc1ca85 ] SamSs C:\WINDOWS\system32\lsass.exe
18:16:47.0039 3964 SamSs - ok
18:16:47.0070 3964 [ 86d007e7a654b9a71d1d7d856b104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:16:47.0195 3964 SCardSvr - ok
18:16:47.0242 3964 [ 0a9a7365a1ca4319aa7c1d6cd8e4eafa ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:16:47.0367 3964 Schedule - ok
18:16:47.0398 3964 [ 90a3935d05b494a5a39d37e71f09a677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:16:47.0539 3964 Secdrv - ok
18:16:47.0570 3964 [ cbe612e2bb6a10e3563336191eda1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:16:47.0695 3964 seclogon - ok
18:16:47.0727 3964 [ 7fdd5d0684eca8c1f68b4d99d124dcd0 ] SENS C:\WINDOWS\system32\sens.dll
18:16:47.0867 3964 SENS - ok
18:16:47.0898 3964 [ 0f29512ccd6bead730039fb4bd2c85ce ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:16:48.0039 3964 serenum - ok
18:16:48.0055 3964 [ cca207a8896d4c6a0c9ce29a4ae411a7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:16:48.0195 3964 Serial - ok
18:16:48.0305 3964 [ 979ae6e47129e51a242434da9664054c ] ServiceLayer C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
18:16:48.0336 3964 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
18:16:48.0336 3964 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
18:16:48.0367 3964 [ 8e6b8c671615d126fdc553d1e2de5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:16:48.0508 3964 Sfloppy - ok
18:16:48.0539 3964 [ 83f41d0d89645d7235c051ab1d9523ac ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:16:48.0695 3964 SharedAccess - ok
18:16:48.0711 3964 [ 99bc0b50f511924348be19c7c7313bbf ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:16:48.0727 3964 ShellHWDetection - ok
18:16:48.0742 3964 Simbad - ok
18:16:48.0758 3964 [ 6b33d0ebd30db32e27d1d78fe946a754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
18:16:48.0883 3964 sisagp - ok
18:16:48.0930 3964 [ a1eceeaa5c5e74b2499eb51d38185b84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
18:16:49.0102 3964 SONYPVU1 - ok
18:16:49.0148 3964 [ 83c0f71f86d3bdaf915685f3d568b20e ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
18:16:49.0211 3964 Sparrow - ok
18:16:49.0227 3964 [ ab8b92451ecb048a4d1de7c3ffcb4a9f ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:16:49.0352 3964 splitter - ok
18:16:49.0367 3964 [ 60784f891563fb1b767f70117fc2428f ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:16:49.0398 3964 Spooler - ok
18:16:49.0414 3964 [ 76bb022c2fb6902fd5bdd4f78fc13a5d ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:16:49.0555 3964 sr - ok
18:16:49.0570 3964 [ 3805df0ac4296a34ba4bf93b346cc378 ] srservice C:\WINDOWS\system32\srsvc.dll
18:16:49.0727 3964 srservice - ok
18:16:49.0758 3964 [ 9dd258ee034afd36259cb7357e19d0b1 ] SRTSP C:\WINDOWS\System32\Drivers\N360\0602010.005\SRTSP.SYS
18:16:49.0805 3964 SRTSP - ok
18:16:49.0836 3964 [ 0cc3a10f363436c7b478419eb73f8d91 ] SRTSPX C:\WINDOWS\system32\drivers\N360\0602010.005\SRTSPX.SYS
18:16:49.0867 3964 SRTSPX - ok
18:16:49.0898 3964 [ 47ddfc2f003f7f9f0592c6874962a2e7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:16:49.0977 3964 Srv - ok
18:16:50.0055 3964 [ 0a5679b3714edab99e357057ee88fca6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:16:50.0195 3964 SSDPSRV - ok
18:16:50.0242 3964 [ 8bad69cbac032d4bbacfce0306174c30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:16:50.0398 3964 stisvc - ok
18:16:50.0430 3964 [ 3941d127aef12e93addf6fe6ee027e0f ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:16:50.0570 3964 swenum - ok
18:16:50.0570 3964 [ 8ce882bcc6cf8a62f2b2323d95cb3d01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:16:50.0883 3964 swmidi - ok
18:16:50.0883 3964 SwPrv - ok
18:16:50.0930 3964 [ 1ff3217614018630d0a6758630fc698c ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
18:16:51.0055 3964 symc810 - ok
18:16:51.0070 3964 [ 070e001d95cf725186ef8b20335f933c ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
18:16:51.0211 3964 symc8xx - ok
18:16:51.0258 3964 [ 690fa0e61b90084c4d9a721bd4f3d779 ] SymDS C:\WINDOWS\system32\drivers\N360\0602010.005\SYMDS.SYS
18:16:51.0305 3964 SymDS - ok
18:16:51.0352 3964 [ 4e55148a2e044d02245cbcdbb266b98c ] SymEFA C:\WINDOWS\system32\drivers\N360\0602010.005\SYMEFA.SYS
18:16:51.0430 3964 SymEFA - ok
18:16:51.0461 3964 [ 74e2521e96176a4449570e50be91954d ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
18:16:51.0477 3964 SymEvent - ok
18:16:51.0508 3964 [ 2c356cca706505cf63cbe39d532b9236 ] SymIRON C:\WINDOWS\system32\drivers\N360\0602010.005\Ironx86.SYS
18:16:51.0523 3964 SymIRON - ok
18:16:51.0555 3964 [ 508bd882040f9cb12319e3a4fc78edb9 ] SYMTDI C:\WINDOWS\System32\Drivers\N360\0602010.005\SYMTDI.SYS
18:16:51.0602 3964 SYMTDI - ok
18:16:51.0633 3964 [ 80ac1c4abbe2df3b738bf15517a51f2c ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
18:16:51.0773 3964 sym_hi - ok
18:16:51.0789 3964 [ bf4fab949a382a8e105f46ebb4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
18:16:51.0977 3964 sym_u3 - ok
18:16:52.0008 3964 [ 8b83f3ed0f1688b4958f77cd6d2bf290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:16:52.0180 3964 sysaudio - ok
18:16:52.0195 3964 [ c7abbc59b43274b1109df6b24d617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:16:52.0336 3964 SysmonLog - ok
18:16:52.0367 3964 [ 3cb78c17bb664637787c9a1c98f79c38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:16:52.0508 3964 TapiSrv - ok
18:16:52.0555 3964 [ 9aefa14bd6b182d61e3119fa5f436d3d ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:16:52.0617 3964 Tcpip - ok
18:16:52.0648 3964 [ 6471a66807f5e104e4885f5b67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:16:52.0773 3964 TDPIPE - ok
18:16:52.0789 3964 [ c56b6d0402371cf3700eb322ef3aaf61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:16:52.0930 3964 TDTCP - ok
18:16:52.0945 3964 [ 88155247177638048422893737429d9e ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:16:53.0070 3964 TermDD - ok
18:16:53.0133 3964 [ ff3477c03be7201c294c35f684b3479f ] TermService C:\WINDOWS\System32\termsrv.dll
18:16:53.0273 3964 TermService - ok
18:16:53.0289 3964 [ 99bc0b50f511924348be19c7c7313bbf ] Themes C:\WINDOWS\System32\shsvcs.dll
18:16:53.0305 3964 Themes - ok
18:16:53.0352 3964 [ db7205804759ff62c34e3efd8a4cc76a ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:16:53.0492 3964 TlntSvr - ok
18:16:53.0523 3964 [ 69e01cb0b78e371393521b86349b71c4 ] TNET1130 C:\WINDOWS\system32\DRIVERS\TNET1130.sys
18:16:53.0586 3964 TNET1130 - ok
18:16:53.0617 3964 [ f2790f6af01321b172aa62f8e1e187d9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
18:16:53.0758 3964 TosIde - ok
18:16:53.0789 3964 [ 55bca12f7f523d35ca3cb833c725f54e ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:16:53.0930 3964 TrkWks - ok
18:16:53.0961 3964 [ 5787b80c2e3c5e2f56c2a233d91fa2c9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:16:54.0086 3964 Udfs - ok
18:16:54.0117 3964 [ 1b698a51cd528d8da4ffaed66dfc51b9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
18:16:54.0195 3964 ultra - ok
18:16:54.0211 3964 [ 402ddc88356b1bac0ee3dd1580c76a31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:16:54.0367 3964 Update - ok
18:16:54.0398 3964 [ 1ebafeb9a3fbdc41b8d9c7f0f687ad91 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:16:54.0539 3964 upnphost - ok
18:16:54.0570 3964 [ 05365fb38fca1e98f7a566aaaf5d1815 ] UPS C:\WINDOWS\System32\ups.exe
18:16:54.0742 3964 UPS - ok
18:16:54.0805 3964 [ 5c2bdc152bbab34f36473deaf7713f22 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
18:16:54.0898 3964 USBAAPL - ok
18:16:54.0961 3964 [ 173f317ce0db8e21322e71b7e60a27e8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:16:55.0133 3964 usbccgp - ok
18:16:55.0164 3964 [ 65dcf09d0e37d4c6b11b5b0b76d470a7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:16:55.0336 3964 usbehci - ok
18:16:55.0367 3964 [ 1ab3cdde553b6e064d2e754efe20285c ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:16:55.0539 3964 usbhub - ok
18:16:55.0602 3964 [ 0daecce65366ea32b162f85f07c6753b ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:16:55.0758 3964 usbohci - ok
18:16:55.0773 3964 [ a0b8cf9deb1184fbdd20784a58fa75d4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:16:55.0914 3964 usbscan - ok
18:16:55.0945 3964 [ 1c888b000c2f9492f4b15b5b6b84873e ] usbser C:\WINDOWS\system32\drivers\usbser.sys
18:16:56.0086 3964 usbser - ok
18:16:56.0133 3964 [ eb2d3830646e393776e1ef98ac76a43d ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
18:16:56.0195 3964 UsbserFilt - ok
18:16:56.0211 3964 [ a32426d9b14a089eaa1d922e0c5801a9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:16:56.0461 3964 USBSTOR - ok
18:16:56.0492 3964 [ 26496f9dee2d787fc3e61ad54821ffe6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:16:56.0633 3964 usbuhci - ok
18:16:56.0648 3964 [ 0d3a8fafceacd8b7625cd549757a7df1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:16:56.0773 3964 VgaSave - ok
18:16:56.0805 3964 [ 754292ce5848b3738281b4f3607eaef4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
18:16:56.0930 3964 viaagp - ok
18:16:56.0945 3964 [ 3b3efcda263b8ac14fdf9cbdd0791b2e ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
18:16:57.0086 3964 ViaIde - ok
18:16:57.0117 3964 [ 4c8fcb5cc53aab716d810740fe59d025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:16:57.0273 3964 VolSnap - ok
18:16:57.0320 3964 [ 7a9db3a67c333bf0bd42e42b8596854b ] VSS C:\WINDOWS\System32\vssvc.exe
18:16:57.0477 3964 VSS - ok
18:16:57.0539 3964 [ 34923e278eac7ddcea717ae1fcf592f6 ] w200bus C:\WINDOWS\system32\DRIVERS\w200bus.sys
18:16:57.0555 3964 w200bus ( UnsignedFile.Multi.Generic ) - warning
18:16:57.0555 3964 w200bus - detected UnsignedFile.Multi.Generic (1)
18:16:57.0586 3964 [ eff90a983cd3deab05922242e8072dc6 ] w200mdfl C:\WINDOWS\system32\DRIVERS\w200mdfl.sys
18:16:57.0602 3964 w200mdfl ( UnsignedFile.Multi.Generic ) - warning
18:16:57.0602 3964 w200mdfl - detected UnsignedFile.Multi.Generic (1)
18:16:57.0633 3964 [ f03da4fbb2708a0b5409ea63e88c0f50 ] w200mdm C:\WINDOWS\system32\DRIVERS\w200mdm.sys
18:16:57.0664 3964 w200mdm ( UnsignedFile.Multi.Generic ) - warning
18:16:57.0664 3964 w200mdm - detected UnsignedFile.Multi.Generic (1)
18:16:57.0664 3964 [ 1522d6387e6bb54aef9824b1733832db ] w200mgmt C:\WINDOWS\system32\DRIVERS\w200mgmt.sys
18:16:57.0680 3964 w200mgmt ( UnsignedFile.Multi.Generic ) - warning
18:16:57.0680 3964 w200mgmt - detected UnsignedFile.Multi.Generic (1)
18:16:57.0695 3964 [ 8405be0bba1ccf26d0fbdd26be03c816 ] w200obex C:\WINDOWS\system32\DRIVERS\w200obex.sys
18:16:57.0711 3964 w200obex ( UnsignedFile.Multi.Generic ) - warning
18:16:57.0711 3964 w200obex - detected UnsignedFile.Multi.Generic (1)
18:16:57.0727 3964 [ 54af4b1d5459500ef0937f6d33b1914f ] W32Time C:\WINDOWS\system32\w32time.dll
18:16:57.0867 3964 W32Time - ok
18:16:57.0883 3964 [ e20b95baedb550f32dd489265c1da1f6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:16:58.0039 3964 Wanarp - ok
18:16:58.0102 3964 [ fd47474bd21794508af449d9d91af6e6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
18:16:58.0180 3964 Wdf01000 - ok
18:16:58.0180 3964 WDICA - ok
18:16:58.0211 3964 [ 6768acf64b18196494413695f0c3a00f ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:16:58.0352 3964 wdmaud - ok
18:16:58.0398 3964 [ 77a354e28153ad2d5e120a5a8687bc06 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:16:58.0555 3964 WebClient - ok
18:16:58.0617 3964 [ 2d0e4ed081963804ccc196a0929275b5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:16:58.0742 3964 winmgmt - ok
18:16:58.0789 3964 [ c51b4a5c05a5475708e3c81c7765b71d ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:16:58.0852 3964 WmdmPmSN - ok
18:16:58.0898 3964 [ e76f8807070ed04e7408a86d6d3a6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:16:58.0961 3964 Wmi - ok
18:16:58.0992 3964 [ e0673f1106e62a68d2257e376079f821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:16:59.0195 3964 WmiApSrv - ok
18:16:59.0242 3964 [ f74e3d9a7fa9556c3bbb14d4e5e63d3b ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:16:59.0336 3964 WMPNetworkSvc - ok
18:16:59.0383 3964 [ cf4def1bf66f06964dc0d91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:16:59.0398 3964 WpdUsb - ok
18:16:59.0430 3964 [ 7c278e6408d1dce642230c0585a854d5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:16:59.0555 3964 wscsvc - ok
18:16:59.0586 3964 [ 35321fb577cdc98ce3eb3a3eb9e4610a ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:16:59.0711 3964 wuauserv - ok
18:16:59.0742 3964 [ f15feafffbb3644ccc80c5da584e6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:16:59.0805 3964 WudfPf - ok
18:16:59.0820 3964 [ 28b524262bce6de1f7ef9f510ba3985b ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:16:59.0852 3964 WudfRd - ok
18:16:59.0852 3964 [ 05231c04253c5bc30b26cbaae680ed89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:16:59.0883 3964 WudfSvc - ok
18:16:59.0945 3964 [ 81dc3f549f44b1c1fff022dec9ecf30b ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:17:00.0102 3964 WZCSVC - ok
18:17:00.0117 3964 [ 295d21f14c335b53cb8154e5b1f892b9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:17:00.0273 3964 xmlprov - ok
18:17:00.0273 3964 ================ Scan global ===============================
18:17:00.0305 3964 (42f1f4c0afb08410e5f02d4b13ebb623) C:\WINDOWS\system32\basesrv.dll
18:17:00.0352 3964 (8c7dca4b158bf16894120786a7a5f366) C:\WINDOWS\system32\winsrv.dll
18:17:00.0383 3964 (8c7dca4b158bf16894120786a7a5f366) C:\WINDOWS\system32\winsrv.dll
18:17:00.0398 3964 (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
18:17:00.0398 3964 [Global] - ok
18:17:00.0398 3964 ================ Scan MBR ==================================
18:17:00.0414 3964 MBR (0x1B8) (2d572a71bbc779eccd3d2595fc788a35) \Device\Harddisk0\DR0
18:17:00.0695 3964 \Device\Harddisk0\DR0 - ok
18:17:00.0695 3964 ================ Scan VBR ==================================
18:17:00.0727 3964 Boot (0x1200) (656725e5d708dbf6a8a056becd695500) \Device\Harddisk0\DR0\Partition1
18:17:00.0727 3964 \Device\Harddisk0\DR0\Partition1 - ok
18:17:00.0727 3964 ============================================================
18:17:00.0727 3964 Scan finished
18:17:00.0727 3964 ============================================================
18:17:00.0836 0860 Detected object count: 11
18:17:00.0836 0860 Actual detected object count: 11
18:17:47.0336 0860 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:47.0336 0860 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:47.0336 0860 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:47.0336 0860 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:47.0336 0860 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:47.0336 0860 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:47.0336 0860 w200bus ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 w200bus ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:47.0336 0860 w200mdfl ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 w200mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:47.0336 0860 w200mdm ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 w200mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:47.0336 0860 w200mgmt ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 w200mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:17:47.0336 0860 w200obex ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:47.0336 0860 w200obex ( UnsignedFile.Multi.Generic ) - User select action: Skip

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 15th August 2012, 5:20 pm

Okay, there is the log from the download you asked me to scan with. i was unable to 'cure' so followed the option of skipping for now.

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by Dr Jay on 16th August 2012, 8:03 am

Check for Babylon search, please.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302999
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by button22 on 17th August 2012, 5:17 pm

babylon search has been removed thank you. but i still have two problems..

one is with my sound, the computer plays no sound at all, itunes says

' itunes has an encountered a problem with sound configuration and nothing plays' so im thinking i've lost my sound driver but i dont know how to get it back, as system restore does not work and we dont have the old cd's.

the computer is an old E-System computer, e-system was a brand which currys/dixons ran, but e-systems website no longer exists. any advice and help on how to get my computer to play sound s again would be very helpful Smile
windows xp, version 2002 service pack 3, Ei-System, Intel, pentium 4 cpu 3.20ghz, 960mb ram is all the computer info.


the other problem seems to lie with when the computer shutsdown, it always encounters a problem with ' srchasst ' and you have too ' end program' to sort this... any ideas ?

button22
Novice
Novice

Posts Posts : 14
Joined Joined : 2012-08-09
OS OS : windows xp
Points Points : 16048
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Babylon Seach -- Chrome

Post by Dr Jay on 17th August 2012, 7:58 pm

For the sound...

DxDiag
  1. Click Start and then click Run.
  2. Type dxdiag in the Open box, and then click OK.
  3. Click Save all information, and it will collect information and it will prompt you to save the file. Save the file to the Desktop.
  4. Find DxDiag.txt on your Desktop, and post the contents of it in your next reply.



For srchasst...let's check for more malware...

ComboFix

Please download ComboFix by sUBs
[You must be registered and logged in to see this link.]

Please save the file to your Desktop, but rename it first to svchost.exe

Important information about ComboFix

Before the download:

  • Please copy and paste these instructions to Notepad and save to your Desktop, or print them - for easier access.
  • It is important to rename ComboFix before the download.
  • Please do not rename ComboFix to other names, but only the one indicated.

After the download:

  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". [You must be registered and logged in to see this link.] if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

  • Double click on svchost.exe & follow the prompts.
  • It will attempt to install the Recovery Console:


  • When ComboFix finishes, it will produce a report for you.
  • Please post the "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14314
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302999
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum