OTL logfile created on: 2/14/2012 5:15:15 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\owner\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19170) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.87 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 49.58% Memory free 3.99 Gb Paging File | 1.55 Gb Available in Paging File | 39.01% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 225.61 Gb Total Space | 117.83 Gb Free Space | 52.23% Space Free | Partition Type: NTFS Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/02/14 17:12:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe PRC - [2012/01/03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe PRC - [2011/10/17 18:38:55 | 000,034,320 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE PRC - [2011/10/08 10:16:10 | 001,111,568 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe PRC - [2011/07/18 02:42:27 | 000,238,928 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE PRC - [2011/02/25 20:21:50 | 000,665,104 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Browser Guard\tmiegsrv.exe PRC - [2011/02/25 20:20:58 | 000,787,984 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Browser Guard\BGUI.exe PRC - [2011/02/16 14:26:04 | 000,188,272 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe PRC - [2011/02/10 09:00:24 | 000,116,752 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe PRC - [2011/02/10 08:57:40 | 001,035,512 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe PRC - [2011/01/08 12:09:19 | 000,138,640 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe PRC - [2010/12/17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe PRC - [2010/12/17 09:33:06 | 001,103,184 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/02/22 14:13:07 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe PRC - [2008/01/29 21:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008/01/29 19:00:40 | 000,430,080 | ---- | M] () -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2008/01/21 19:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2007/12/25 16:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe PRC - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe PRC - [2007/09/28 19:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2007/06/11 12:53:33 | 000,455,600 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\lxdlmon.exe PRC - [2007/06/01 07:06:09 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\lxdlamon.exe PRC - [2007/05/29 03:19:56 | 000,598,960 | ---- | M] ( ) -- C:\Windows\System32\lxdlcoms.exe PRC - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe PRC - [2006/10/05 15:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/10/13 02:51:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll MOD - [2011/10/13 02:49:56 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll MOD - [2011/10/13 02:49:30 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll MOD - [2011/10/13 02:49:17 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll MOD - [2011/10/13 02:47:40 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll MOD - [2011/10/13 02:46:07 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll MOD - [2011/07/18 02:42:27 | 000,079,184 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEHook.dll MOD - [2011/02/25 20:22:00 | 000,247,312 | ---- | M] () -- C:\Program Files\Trend Micro\Browser Guard\TMBGCFG2.dll MOD - [2011/02/16 22:42:44 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_36.dll MOD - [2011/02/16 22:42:44 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_36.dll MOD - [2011/01/08 12:09:19 | 000,057,344 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll MOD - [2011/01/08 12:09:19 | 000,049,152 | ---- | M] () -- C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll MOD - [2008/06/03 03:35:18 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008/01/29 19:00:40 | 000,430,080 | ---- | M] () -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe MOD - [2007/06/11 12:53:33 | 000,455,600 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\lxdlmon.exe MOD - [2007/06/08 03:52:43 | 000,036,864 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\app4r.monitor.core.dll MOD - [2007/06/08 03:52:43 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\app4r.monitor.common.dll MOD - [2007/06/08 03:52:00 | 000,057,344 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\app4r.devmons.mcmdevmon.dll MOD - [2007/06/01 07:06:28 | 000,011,776 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\app4r.devmons.mcmdevmon.autoplayutil.dll MOD - [2007/06/01 07:06:09 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\lxdlamon.exe MOD - [2007/05/24 15:21:25 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 7500 Series\lxdlscw.dll MOD - [2007/05/03 10:39:31 | 000,589,824 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxdldatr.dll MOD - [2007/03/26 02:39:35 | 000,073,728 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxdlcats.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService) SRV - [2011/10/17 18:38:55 | 000,034,320 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService) SRV - [2011/08/24 15:32:42 | 000,074,240 | ---- | M] (Freemake) [Auto | Stopped] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (FreemakeUtilsService) SRV - [2011/08/05 11:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV - [2011/08/05 11:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm) SRV - [2011/08/05 11:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2011/02/16 14:26:04 | 000,188,272 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp) SRV - [2010/12/17 09:33:10 | 000,439,632 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe -- (RUBotSrv) SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/10/20 13:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009/02/22 14:13:07 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost) SRV - [2008/01/21 19:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/12/25 16:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr) SRV - [2007/09/28 19:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2007/05/29 03:19:56 | 000,598,960 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdlcoms.exe -- (lxdl_device) SRV - [2007/05/29 03:19:38 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdlserv.exe -- (lxdlCATSCustConnectService) SRV - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger) SRV - [2006/10/05 15:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/01/08 12:09:28 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm) DRV - [2011/01/08 12:09:28 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi) DRV - [2011/01/08 12:09:28 | 000,080,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon) DRV - [2011/01/08 12:09:28 | 000,064,080 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr) DRV - [2010/05/20 15:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo) DRV - [2009/10/20 13:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB) DRV - [2008/06/10 18:54:36 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008/06/03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/01/25 16:24:56 | 000,764,416 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/01/21 18:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32) DRV - [2007/11/09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007/01/30 02:41:50 | 000,011,264 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TpChoice.sys -- (TpChoice) DRV - [2007/01/24 17:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21) DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006/11/28 18:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006/11/19 21:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) DRV - [2006/11/09 00:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I) DRV - [2006/11/09 00:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N) DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2006/07/28 19:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3850138164-68269979-4277157850-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart IE - HKU\S-1-5-21-3850138164-68269979-4277157850-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=16 IE - HKU\S-1-5-21-3850138164-68269979-4277157850-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-3850138164-68269979-4277157850-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com) IE - HKU\S-1-5-21-3850138164-68269979-4277157850-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin [2011/11/09 03:21:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\firefoxextension\ [2012/02/13 21:04:53 | 000,000,000 | ---D | M] [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} O1 HOSTS File: ([2010/08/03 14:59:55 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com) O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.) O2 - BHO: (no name) - {9F3209E2-334B-41E9-B09C-703F398742E7} - No CLSID value found. O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (TMIEGBHO Class) - {F1AD4A42-BA52-47BC-89DF-3F68F24C017F} - C:\Program Files\Trend Micro\Browser Guard\TMAMS.dll (Trend Micro Inc.) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.) O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found. O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (TMBGBAR TOOLBAR) - {C8137A8D-415D-450C-A1B1-D0C519D45296} - C:\Program Files\Trend Micro\Browser Guard\tmieg.dll (Trend Micro Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-3850138164-68269979-4277157850-1000\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O3 - HKU\S-1-5-21-3850138164-68269979-4277157850-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [Lexmark 7500 Series Fax Server] C:\Program Files\Lexmark 7500 Series\fm3032.exe () O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [lxdlamon] C:\Program Files\Lexmark 7500 Series\lxdlamon.exe () O4 - HKLM..\Run: [lxdlmon.exe] C:\Program Files\Lexmark 7500 Series\lxdlmon.exe () O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com) O4 - HKLM..\Run: [OE] C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Trend Micro Browser Guard] C:\Program Files\Trend Micro\Browser Guard\BGUI.EXE (Trend Micro Inc.) O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.) O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.) O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3850138164-68269979-4277157850-1000..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" File not found O4 - HKU\S-1-5-21-3850138164-68269979-4277157850-1000..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe () O7 - HKU\S-1-5-21-3850138164-68269979-4277157850-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.) O13 - gopher Prefix: missing O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F07F68CC-5093-4B58-8235-FBBB4815A2C9}: DhcpNameServer = 209.18.47.61 209.18.47.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7CEF263-2867-45F3-A94D-AEFE9749EC2F}: DhcpNameServer = 24.92.226.40 24.92.226.41 O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O30 - LSA: Authentication Packages - (ows\s) - File not found O30 - LSA: Security Packages - (y Packages settings...) - File not found O30 - LSA: Security Packages - (roc.dll) - File not found O30 - LSA: Security Packages - (er.jp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2e75eb4f-f898-11dd-beae-00a0d1df864b}\Shell\AutoRun\command - "" = E:\mri.exe O33 - MountPoints2\{b821edc3-f49b-11de-8c74-00a0d1df864b}\Shell - "" = AutoRun O33 - MountPoints2\{b821edc3-f49b-11de-8c74-00a0d1df864b}\Shell\AutoRun\command - "" = F:\StartClickFreeBackup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Error creating restore point. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/02/14 17:12:08 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe [2012/02/14 16:49:55 | 000,000,000 | ---D | C] -- C:\Users\owner\Desktop\RK_Quarantine [2012/02/13 20:22:27 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\Browser Guard [2012/02/13 20:22:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Browser Guard [2012/02/13 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Browser Guard [2012/02/13 20:17:48 | 000,000,000 | ---D | C] -- C:\Users\owner\Desktop\TrendMicro AntiThreat Toolkit [2012/02/13 20:09:11 | 002,897,894 | ---- | C] (Trend Micro Inc.) -- C:\Users\owner\Desktop\supportcustomizedpackage.exe [2012/02/13 19:18:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro RUBotted [2012/02/13 19:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap [2012/02/13 19:10:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap [2012/02/13 18:31:30 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2012/01/18 18:40:16 | 000,000,000 | ---D | C] -- C:\Windows\en [2012/01/18 18:39:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2012/01/18 18:38:54 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2012/01/18 18:37:15 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Skype [2012/01/18 18:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012/01/18 18:36:20 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012/01/18 18:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012/01/18 18:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012/01/18 18:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2012/01/18 18:30:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2012/01/18 17:51:30 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\Windows Live [2012/01/18 17:51:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2012/01/18 17:43:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam [2012/01/18 17:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam [2009/02/21 19:38:12 | 000,434,176 | ---- | C] ( ) -- C:\Windows\System32\lxdlhcp.dll [2009/02/21 19:38:11 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdlinpa.dll [2009/02/21 19:38:10 | 000,950,272 | ---- | C] ( ) -- C:\Windows\System32\lxdlusb1.dll [2009/02/21 19:38:10 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdliesc.dll [2009/02/21 19:38:09 | 001,200,128 | ---- | C] ( ) -- C:\Windows\System32\lxdlserv.dll [2009/02/21 19:38:09 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdlpmui.dll [2009/02/21 19:38:09 | 000,565,248 | ---- | C] ( ) -- C:\Windows\System32\lxdllmpm.dll [2009/02/21 19:38:09 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdlprox.dll [2009/02/21 19:38:07 | 000,320,432 | ---- | C] ( ) -- C:\Windows\System32\lxdlih.exe [2009/02/21 19:38:06 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdlhbn3.dll [2009/02/21 19:38:04 | 000,598,960 | ---- | C] ( ) -- C:\Windows\System32\lxdlcoms.exe [2009/02/21 19:38:04 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdlcomm.dll [2009/02/21 19:38:03 | 000,860,160 | ---- | C] ( ) -- C:\Windows\System32\lxdlcomc.dll [2009/02/21 19:38:02 | 000,365,488 | ---- | C] ( ) -- C:\Windows\System32\lxdlcfg.exe [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/02/14 17:12:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe [2012/02/14 17:00:35 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/02/14 16:44:34 | 001,202,688 | ---- | M] () -- C:\Users\owner\Desktop\RogueKiller.exe [2012/02/14 15:37:45 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/02/14 15:37:44 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/02/14 07:37:39 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/02/14 07:37:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/02/14 07:37:12 | 2011,201,536 | -HS- | M] () -- C:\hiberfil.sys [2012/02/13 20:22:26 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\Trend Micro Browser Guard v3.0 Beta.lnk [2012/02/13 20:17:52 | 000,000,036 | ---- | M] () -- C:\Users\owner\AppData\Local\housecall.guid.cache [2012/02/13 20:09:21 | 002,897,894 | ---- | M] (Trend Micro Inc.) -- C:\Users\owner\Desktop\supportcustomizedpackage.exe [2012/02/13 18:52:37 | 000,002,931 | ---- | M] () -- C:\Users\owner\Documents\HiJackThis.lnk [2012/02/13 18:52:37 | 000,002,931 | ---- | M] () -- C:\Users\owner\Desktop\HiJackThis.lnk [2012/02/13 18:50:12 | 000,307,905 | ---- | M] () -- C:\Users\owner\AppData\Local\census.cache [2012/02/13 18:48:59 | 000,196,518 | ---- | M] () -- C:\Users\owner\AppData\Local\ars.cache [2012/02/13 17:36:55 | 000,615,914 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/02/13 17:36:55 | 000,107,922 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/02/13 17:16:39 | 000,001,356 | ---- | M] () -- C:\Users\owner\AppData\Local\d3d9caps.dat [2012/01/27 19:56:04 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012/01/26 17:57:43 | 000,009,728 | ---- | M] () -- C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/01/26 17:15:28 | 000,001,942 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/01/25 20:04:03 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job [2012/01/21 03:23:01 | 000,328,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/01/18 17:43:51 | 000,001,881 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/02/14 16:44:26 | 001,202,688 | ---- | C] () -- C:\Users\owner\Desktop\RogueKiller.exe [2012/02/13 20:22:26 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\Trend Micro Browser Guard v3.0 Beta.lnk [2012/02/13 18:56:34 | 000,002,931 | ---- | C] () -- C:\Users\owner\Documents\HiJackThis.lnk [2012/02/13 18:50:12 | 000,307,905 | ---- | C] () -- C:\Users\owner\AppData\Local\census.cache [2012/02/13 18:48:59 | 000,196,518 | ---- | C] () -- C:\Users\owner\AppData\Local\ars.cache [2012/02/13 18:31:30 | 000,002,931 | ---- | C] () -- C:\Users\owner\Desktop\HiJackThis.lnk [2012/02/13 18:26:19 | 000,000,036 | ---- | C] () -- C:\Users\owner\AppData\Local\housecall.guid.cache [2012/02/13 17:27:43 | 2011,201,536 | -HS- | C] () -- C:\hiberfil.sys [2012/02/12 21:09:22 | 001,107,420 | ---- | C] () -- C:\Users\owner\Documents\2009_Schedule.pdf [2012/01/18 18:37:53 | 000,001,129 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2012/01/18 18:37:12 | 000,001,198 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2012/01/18 18:36:21 | 000,002,337 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012/01/18 18:35:41 | 000,001,996 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012/01/18 17:43:51 | 000,001,881 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk [2011/04/09 18:01:40 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe [2009/10/20 13:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll [2009/08/19 16:36:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/19 16:36:54 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/04/28 11:23:08 | 000,009,728 | ---- | C] () -- C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/04/08 18:32:35 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat [2009/03/16 17:32:00 | 000,014,566 | ---- | C] () -- C:\ProgramData\lxdl [2009/02/21 19:46:26 | 000,348,160 | ---- | C] () -- C:\Windows\System32\lxdlcoin.dll [2009/02/21 19:42:13 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXDLPMON.DLL [2009/02/21 19:42:13 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXDLFXPU.DLL [2009/02/21 19:41:53 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdloem.dll [2009/02/21 19:38:30 | 000,000,060 | -H-- | C] () -- C:\Windows\System32\lxdlrwrd.ini [2009/02/21 19:38:13 | 000,348,160 | ---- | C] () -- C:\Windows\System32\lxdlinst.dll [2009/02/21 19:38:05 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdlgrd.dll [2009/02/11 17:47:15 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009/02/11 17:38:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/02/11 16:25:35 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2009/02/11 16:03:20 | 000,000,013 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys [2009/02/11 16:03:20 | 000,000,003 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys [2009/02/11 16:03:12 | 000,001,356 | ---- | C] () -- C:\Users\owner\AppData\Local\d3d9caps.dat [2008/10/21 12:59:32 | 000,046,456 | R--- | C] () -- C:\Windows\System32\exitwx.exe [2008/06/03 03:35:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008/06/03 03:02:02 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008/04/28 21:09:10 | 000,172,033 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008/03/06 00:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2008/02/20 21:07:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2008/02/20 21:07:38 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2008/02/20 21:07:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2008/02/20 21:07:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2008/02/20 21:07:38 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2008/02/20 21:07:38 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2008/02/20 20:45:33 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2008/02/20 19:51:47 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll [2008/02/20 19:45:08 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini [2008/02/20 19:45:08 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll [2008/02/20 19:45:08 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini [2008/02/20 19:45:08 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini [2008/02/20 19:40:27 | 000,000,291 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008/02/20 19:40:27 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat [2008/02/20 19:40:27 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat [2008/02/20 19:40:27 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat [2008/02/20 19:16:30 | 000,157,040 | ---- | C] () -- C:\Windows\fdbpinger.exe [2007/12/21 19:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2007/05/24 15:24:25 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxdldrs.dll [2007/05/22 09:10:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxdlcaps.dll [2007/04/17 09:17:05 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdlcnv4.dll [2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 07:47:37 | 000,328,184 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 05:33:01 | 000,615,914 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 05:33:01 | 000,107,922 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006/08/01 00:53:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdlvs.dll [2005/11/23 16:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll [2005/07/23 00:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll [color=#E56717]========== LOP Check ==========[/color] [2009/03/02 18:25:24 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\7500 Series [2011/02/05 12:28:22 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009/11/16 20:50:43 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\GetRightToGo [2009/05/13 19:32:40 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Lexmark Productivity Studio [2010/10/17 21:37:57 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Red Kawa [2011/08/15 19:39:47 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Regensoft [2009/04/08 19:12:46 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Skinux [2012/01/29 03:20:57 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Smilebox [2010/05/31 21:19:20 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\TOSHIBA [2010/05/31 20:48:31 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Ulead Systems [2009/02/11 16:25:09 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\WinBatch [2012/01/25 20:04:03 | 000,000,400 | ---- | M] () -- C:\Windows\Tasks\EasyShare Registration Task.job [2012/02/13 22:24:05 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/12/17 03:27:32 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7B9A655B-F2D3-48EA-9917-0A7AE6F57785}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: CDROM.INF >[/color] [2008/01/20 21:23:02 | 000,007,850 | ---- | M] () MD5=265E11778A5CC78E5B4733AA54FD9904 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.inf [2008/01/20 21:23:02 | 000,007,850 | ---- | M] () MD5=265E11778A5CC78E5B4733AA54FD9904 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.inf [2009/12/24 14:55:11 | 000,007,850 | ---- | M] () MD5=39AD4226A5C4CECB99B7E6F5465534B1 -- C:\Windows\inf\cdrom.inf [2009/04/10 21:04:05 | 000,007,850 | ---- | M] () MD5=39AD4226A5C4CECB99B7E6F5465534B1 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.inf [2009/04/10 21:04:05 | 000,007,850 | ---- | M] () MD5=39AD4226A5C4CECB99B7E6F5465534B1 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.inf [2006/11/02 01:33:47 | 000,007,850 | ---- | M] () MD5=58D25EFD9E35850011EA94FF652922F6 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.inf [color=#A23BEC]< MD5 for: CDROM.INF_LOC >[/color] [2006/11/02 07:41:15 | 000,000,934 | ---- | M] () MD5=B7B760956BFBB8A9C685C47D9D5D6BA8 -- C:\Windows\System32\DriverStore\en-US\cdrom.inf_loc [2006/11/02 07:41:15 | 000,000,934 | ---- | M] () MD5=B7B760956BFBB8A9C685C47D9D5D6BA8 -- C:\Windows\winsxs\x86_cdrom.inf.resources_31bf3856ad364e35_6.0.6000.16386_en-us_36840b865aa5b196\cdrom.inf_loc [color=#A23BEC]< MD5 for: CDROM.PNF >[/color] [2009/12/24 14:55:13 | 000,009,992 | ---- | M] () MD5=5AE4DE898523473252D283796BE9537A -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.PNF [2009/12/24 14:55:13 | 000,009,992 | ---- | M] () MD5=AFF5A8B55F3D05D8D07E30F3EAD03BD5 -- C:\Windows\inf\cdrom.PNF [2006/11/02 07:52:25 | 000,009,992 | ---- | M] () MD5=BD30CE5B58925A2226807B9185F186EA -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.PNF [2008/02/20 19:28:37 | 000,009,992 | ---- | M] () MD5=F3D61D182C53F1BA6F1A78D97CA83C62 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.PNF [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008/01/20 21:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008/01/20 21:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009/04/10 23:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009/04/10 23:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009/04/10 23:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006/11/02 03:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008/01/20 21:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe [color=#A23BEC]< MD5 for: LSI_SAS.SYS >[/color] [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) MD5=30D73327D390F72A62F32C103DAF1D6D -- C:\Windows\System32\DriverStore\FileRepository\lsi_sas.inf_2c2f30a1\lsi_sas.sys [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) MD5=EE01EBAE8C9BF0FA072E0FF68718920A -- C:\Windows\System32\drivers\lsi_sas.sys [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) MD5=EE01EBAE8C9BF0FA072E0FF68718920A -- C:\Windows\System32\DriverStore\FileRepository\lsi_sas.inf_d274ed64\lsi_sas.sys [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) MD5=EE01EBAE8C9BF0FA072E0FF68718920A -- C:\Windows\winsxs\x86_lsi_sas.inf_31bf3856ad364e35_6.0.6001.18000_none_ff681c7630a19c8f\lsi_sas.sys [color=#A23BEC]< MD5 for: LSI_SCSI.SYS >[/color] [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) MD5=912A04696E9CA30146A62AFA1463DD5C -- C:\Windows\System32\drivers\lsi_scsi.sys [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) MD5=912A04696E9CA30146A62AFA1463DD5C -- C:\Windows\System32\DriverStore\FileRepository\lsi_scsi.inf_3a19ff4c\lsi_scsi.sys [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) MD5=912A04696E9CA30146A62AFA1463DD5C -- C:\Windows\winsxs\x86_lsi_scsi.inf_31bf3856ad364e35_6.0.6001.18000_none_9c652c0421e53dd6\lsi_scsi.sys [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) MD5=E1E36FEFD45849A95F1AB81DE0159FE3 -- C:\Windows\System32\DriverStore\FileRepository\lsi_scsi.inf_bb68e5dc\lsi_scsi.sys [color=#A23BEC]< MD5 for: NETBT.SYS >[/color] [2008/01/20 21:24:59 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7C5FEE5B1C5728507CD96FB4A13E7A02 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6001.18000_none_6064c861f7442765\netbt.sys [2009/04/10 23:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=ECD64230A59CBD93C85F1CD1CAB9F3F6 -- C:\Windows\System32\drivers\netbt.sys [2009/04/10 23:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=ECD64230A59CBD93C85F1CD1CAB9F3F6 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbt.sys [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe [2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2008/04/26 03:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys [2009/04/11 01:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys [2011/09/20 16:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys [2009/12/08 15:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys [2009/08/15 16:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys [2009/08/14 12:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys [2011/06/17 15:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys [2010/02/18 06:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys [2010/02/18 09:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys [2009/08/14 09:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys [2009/12/08 15:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys [2010/02/18 09:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys [2010/02/18 07:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys [2009/12/08 15:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys [2010/06/16 10:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys [2009/08/14 11:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys [2011/06/17 15:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys [2010/06/16 11:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys [2010/06/16 10:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys [2011/09/20 16:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\System32\drivers\tcpip.sys [2011/09/20 16:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys [2008/04/26 03:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys [2009/12/08 12:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys [2009/08/14 12:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys [2010/02/18 12:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys [2010/06/16 11:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys [2009/12/08 12:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys [2010/02/18 09:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys [2009/12/08 15:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys [2008/01/20 21:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys [2009/08/14 11:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2006/11/02 04:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys [2009/04/11 01:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\drivers\volsnap.sys [2009/04/11 01:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys [2009/04/11 01:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys [2008/01/20 21:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys [2008/01/20 21:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008/01/20 21:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\servic​es\NetBT /s >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\servic​es\NetBIOS /s >[/color] [color=#A23BEC]< C:\Windows\assembly\tmp\U\*.* /s >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< C:\Program Files\Common Files\ComObjects\*.* /s >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< >[/color] [color=#A23BEC]< >[/color] < End of report >