[code] OTS logfile created on: 28/07/2009 01:23:07 - Run 1 OTS by OldTimer - Version 3.0.10.1 Folder = C:\Users\Bruno\Desktop Windows Vista Home Premium Edition Service Pack 2, v.286 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 92.13% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 53.94 Gb Total Space | 28.74 Gb Free Space | 53.29% Space Free | Partition Type: NTFS Drive D: | 244.14 Gb Total Space | 118.93 Gb Free Space | 48.71% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BRUNO-PC Current User Name: Bruno Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] basvc.exe -> C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -> [2009/04/13 14:45:53 | 03,521,024 | ---- | M] () clhnservice.exe -> C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -> [2008/01/16 22:35:02 | 00,081,504 | ---- | M] () compptcvui.exe -> C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe -> [2009/04/13 14:46:02 | 03,437,568 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) conime.exe -> C:\Windows\System32\conime.exe -> [2009/01/31 02:27:36 | 00,069,120 | ---- | M] (Microsoft Corporation) eaudio.exe -> C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe -> [2008/05/31 03:24:30 | 00,544,768 | ---- | M] (Acer Incorporated) edsloader.exe -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe -> [2008/05/15 08:05:22 | 00,526,896 | ---- | M] (Egis Incorporated) edsservice.exe -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -> [2008/05/15 08:05:30 | 00,500,784 | ---- | M] (Egis Incorporated) egui.exe -> C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe -> [2009/03/19 11:44:28 | 02,029,640 | ---- | M] (ESET) ehmsas.exe -> C:\Windows\ehome\ehmsas.exe -> [2008/01/21 10:25:11 | 00,037,376 | ---- | M] (Microsoft Corporation) ehtray.exe -> C:\Windows\ehome\ehtray.exe -> [2008/01/21 10:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation) ekrn.exe -> C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -> [2009/03/19 11:44:50 | 00,731,840 | ---- | M] (ESET) epower_dmc.exe -> C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe -> [2008/06/12 01:22:16 | 00,409,600 | ---- | M] (Acer Inc.) etservice.exe -> C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -> [2008/03/22 04:22:52 | 00,024,576 | ---- | M] () evteng.exe -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2008/10/16 17:26:20 | 00,860,160 | ---- | M] (Intel(R) Corporation) explorer.exe -> C:\Windows\Explorer.EXE -> [2009/01/31 02:27:50 | 02,927,616 | ---- | M] (Microsoft Corporation) explorer.exe -> C:\Windows\Explorer.exe -> [2009/01/31 02:27:50 | 02,927,616 | ---- | M] (Microsoft Corporation) groovemonitor.exe -> C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe -> [2008/10/25 11:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) iaanotif.exe -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> [2008/07/20 17:45:06 | 00,182,808 | ---- | M] (Intel Corporation) iaantmon.exe -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -> [2008/07/20 17:45:06 | 00,354,840 | ---- | M] (Intel Corporation) iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/03/09 05:09:24 | 00,638,816 | ---- | M] (Microsoft Corporation) iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/03/09 05:09:24 | 00,638,816 | ---- | M] (Microsoft Corporation) iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/03/09 05:09:24 | 00,638,816 | ---- | M] (Microsoft Corporation) iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> [2009/03/09 05:09:24 | 00,638,816 | ---- | M] (Microsoft Corporation) lssrvc.exe -> C:\Program Files\Common Files\LightScribe\LSSrvc.exe -> [2007/01/18 02:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) nvvsvc.exe -> C:\Windows\System32\nvvsvc.exe -> [2008/07/19 00:23:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) ots.exe -> C:\Users\Bruno\Desktop\OTS.exe -> [2009/07/28 01:20:00 | 00,514,560 | ---- | M] (OldTimer Tools) pdagent.exe -> C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe -> [2009/07/17 11:10:16 | 00,931,080 | ---- | M] (Raxco Software, Inc.) pdagents1.exe -> C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe -> [2009/07/17 11:10:18 | 00,066,824 | ---- | M] (Raxco Software, Inc.) qtzgacer.exe -> C:\Program Files\Launch Manager\QtZgAcer.EXE -> [2008/06/04 20:03:36 | 00,817,672 | ---- | M] (Dritek System Inc.) regsrvc.exe -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2008/10/16 16:54:34 | 00,466,944 | ---- | M] (Intel(R) Corporation) rs_service.exe -> C:\Program Files\Acer\Acer VCM\RS_Service.exe -> [2008/01/10 17:03:00 | 00,233,472 | ---- | M] (Acer Incorporated) rthdvcpl.exe -> C:\Windows\RtHDVCpl.exe -> [2008/05/07 16:19:26 | 06,139,904 | ---- | M] (Realtek Semiconductor) rtkbtmnt.exe -> C:\Users\Bruno\AppData\Local\Temp\RtkBtMnt.exe -> [2009/07/27 15:09:32 | 00,204,800 | ---- | M] (Realtek Semiconductor Corp.) sidebar.exe -> C:\Program Files\Windows Sidebar\sidebar.exe -> [2009/01/31 02:28:26 | 01,233,920 | ---- | M] (Microsoft Corporation) sidebar.exe -> C:\Program Files\Windows Sidebar\sidebar.exe -> [2009/01/31 02:28:26 | 01,233,920 | ---- | M] (Microsoft Corporation) syntpenh.exe -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> [2008/04/25 10:08:40 | 01,049,896 | ---- | M] (Synaptics, Inc.) syntphelper.exe -> C:\Program Files\Synaptics\SynTP\SynTPHelper.exe -> [2008/04/25 10:08:48 | 00,103,720 | ---- | M] (Synaptics, Inc.) tuprogst.exe -> C:\Windows\System32\TUProgSt.exe -> [2009/07/25 13:23:56 | 00,604,416 | ---- | M] (TuneUp Software) unsecapp.exe -> C:\Windows\System32\wbem\unsecapp.exe -> [2009/01/31 02:28:32 | 00,037,888 | ---- | M] (Microsoft Corporation) unsecapp.exe -> C:\Windows\System32\wbem\unsecapp.exe -> [2009/01/31 02:28:32 | 00,037,888 | ---- | M] (Microsoft Corporation) upeksvr.exe -> C:\Program Files\Common Files\SPBA\upeksvr.exe -> [2008/03/25 19:25:06 | 00,050,952 | ---- | M] (UPEK Inc.) wlidsvc.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) wlidsvcm.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe -> [2009/03/30 16:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) wmiprvse.exe -> C:\Windows\System32\wbem\wmiprvse.exe -> [2009/01/31 02:28:40 | 00,247,808 | ---- | M] (Microsoft Corporation) wmiprvse.exe -> C:\Windows\System32\wbem\wmiprvse.exe -> [2009/01/31 02:28:40 | 00,247,808 | ---- | M] (Microsoft Corporation) wmiprvse.exe -> C:\Windows\System32\wbem\wmiprvse.exe -> [2009/01/31 02:28:40 | 00,247,808 | ---- | M] (Microsoft Corporation) xaudio.exe -> C:\Windows\System32\DRIVERS\xaudio.exe -> [2007/10/19 06:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Win32 Services - Safe List] (CLHNService) CLHNService [Win32_Own | Auto | Running] -> C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -> [2008/01/16 22:35:02 | 00,081,504 | ---- | M] () (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/12/14 21:02:50 | 00,067,400 | ---- | M] (Microsoft Corporation) (eDataSecurity Service) eDataSecurity Service [Win32_Own | Auto | Running] -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -> [2008/05/15 08:05:30 | 00,500,784 | ---- | M] (Egis Incorporated) (ehRecvr) Windows Media Center Receiver Service [Win32_Own | On_Demand | Stopped] -> C:\Windows\ehome\ehRecvr.exe -> [2008/01/21 10:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) (ehSched) Windows Media Center Scheduler Service [Win32_Own | On_Demand | Stopped] -> C:\Windows\ehome\ehsched.exe -> [2006/11/02 20:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) (ehstart) Windows Media Center Service Launcher [Win32_Shared | On_Demand | Stopped] -> C:\Windows\ehome\ehstart.dll -> [2006/11/02 20:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) (EhttpSrv) ESET HTTP Server [Win32_Own | On_Demand | Stopped] -> C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -> [2009/03/19 11:48:08 | 00,020,680 | ---- | M] (ESET) (ekrn) ESET Service [Win32_Own | Auto | Running] -> C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -> [2009/03/19 11:44:50 | 00,731,840 | ---- | M] (ESET) (ETService) Empowering Technology Service [Win32_Own | Auto | Running] -> C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -> [2008/03/22 04:22:52 | 00,024,576 | ---- | M] () (Eventlog) Windows Event Log [Win32_Shared | Auto | Running] -> C:\Windows\System32\wevtsvc.dll -> [2009/01/31 02:28:56 | 01,017,344 | ---- | M] (Microsoft Corporation) (EvtEng) Intel® PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2008/10/16 17:26:20 | 00,860,160 | ---- | M] (Intel(R) Corporation) (FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/12/16 20:50:38 | 00,043,872 | ---- | M] (Microsoft Corporation) (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/04/08 07:16:26 | 00,136,120 | ---- | M] (Google) (IAANTMON) Intel(R) Matrix Storage Event Monitor [Win32_Own | Auto | Running] -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -> [2008/07/20 17:45:06 | 00,354,840 | ---- | M] (Intel Corporation) (idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/12/16 20:50:30 | 00,879,432 | ---- | M] (Microsoft Corporation) (IGBASVC) iGroupTec Service [Win32_Own | Auto | Running] -> C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -> [2009/04/13 14:45:53 | 03,521,024 | ---- | M] () (LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\LightScribe\LSSrvc.exe -> [2007/01/18 02:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) (Microsoft Office Groove Audit Service) Microsoft Office Groove Audit Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -> [2008/10/25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) (MobilityService) MobilityService [Win32_Own | On_Demand | Stopped] -> C:\Acer\Mobility Center\MobilityService.exe -> [2007/12/07 07:15:28 | 00,110,592 | ---- | M] () (Nero BackItUp Scheduler 3) Nero BackItUp Scheduler 3 [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -> [2007/12/03 14:21:24 | 00,869,672 | ---- | M] (Nero AG) (NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/12/16 20:50:32 | 00,129,864 | ---- | M] (Microsoft Corporation) (NMIndexingService) NMIndexingService [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -> [2007/12/13 19:10:56 | 00,447,784 | ---- | M] (Nero AG) (nvsvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> C:\Windows\System32\nvvsvc.exe -> [2008/07/19 00:23:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) (odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 18:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) (PDAgent) PDAgent [Win32_Own | Auto | Running] -> C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe -> [2009/07/17 11:10:16 | 00,931,080 | ---- | M] (Raxco Software, Inc.) (PDEngine) PDEngine [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe -> [2009/07/17 11:10:18 | 01,033,480 | ---- | M] (Raxco Software, Inc.) (PnkBstrA) PnkBstrA [Win32_Own | Disabled | Stopped] -> C:\Windows\System32\PnkBstrA.exe -> [2009/06/28 04:50:17 | 00,066,872 | ---- | M] () (RegSrvc) Intel® PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2008/10/16 16:54:34 | 00,466,944 | ---- | M] (Intel(R) Corporation) (RS_Service) Raw Socket Service [Win32_Own | Auto | Running] -> C:\Program Files\Acer\Acer VCM\RS_Service.exe -> [2008/01/10 17:03:00 | 00,233,472 | ---- | M] (Acer Incorporated) (ServiceLayer) ServiceLayer [Win32_Own | On_Demand | Stopped] -> C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -> [2009/06/02 10:10:08 | 00,637,952 | ---- | M] (Nokia.) (TuneUp.Defrag) TuneUp Drive Defrag Service [Win32_Own | On_Demand | Stopped] -> C:\Windows\System32\TuneUpDefragService.exe -> [2009/07/25 13:23:55 | 00,361,216 | ---- | M] (TuneUp Software) (TuneUp.ProgramStatisticsSvc) TuneUp Program Statistics Service [Win32_Own | Auto | Running] -> C:\Windows\System32\TUProgSt.exe -> [2009/07/25 13:23:56 | 00,604,416 | ---- | M] (TuneUp Software) (UxTuneUp) TuneUp Theme Extension [Win32_Shared | Auto | Running] -> C:\Windows\System32\uxtuneup.dll -> [2009/04/27 20:21:36 | 00,028,928 | ---- | M] (TuneUp Software) (WinDefend) Windows Defender [Win32_Shared | Disabled | Stopped] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2008/01/21 10:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) (wlidsvc) Windows Live ID Sign-in Assistant [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009/03/30 16:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) (WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Disabled | Stopped] -> C:\Program Files\Windows Media Player\wmpnetwk.exe -> [2008/01/21 10:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) (XAudioService) XAudioService [Win32_Own | Auto | Running] -> C:\Windows\System32\DRIVERS\xaudio.exe -> [2007/10/19 06:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Driver Services - Safe List] (adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2008/01/21 10:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) (adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2008/01/21 10:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2008/01/21 10:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) (adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2008/01/21 10:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 17:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) (AlfaFF) AlfaFF File System mini-filter [File_System | Boot | Running] -> C:\Windows\system32\Drivers\AlfaFF.sys -> [2009/04/13 14:45:50 | 00,043,184 | ---- | M] (Alfa Corporation) (aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2008/01/21 10:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) (arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2008/01/21 10:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) (arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2008/01/21 10:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) (athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\athr.sys -> [2008/05/19 19:42:56 | 00,912,384 | ---- | M] (Atheros Communications, Inc.) (atksgt) atksgt [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\atksgt.sys -> [2009/04/13 18:40:40 | 00,278,984 | ---- | M] () (aw32bus) ASUS Device W32 Driver driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\aw32bus.sys -> [2007/06/20 11:41:30 | 00,083,456 | ---- | M] (MCCI Corporation) (aw32mdfl) ASUS Device W32 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\aw32mdfl.sys -> [2007/06/20 11:41:30 | 00,014,848 | ---- | M] (MCCI Corporation) (aw32mdm) ASUS Device W32 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\aw32mdm.sys -> [2007/06/20 11:41:30 | 00,109,696 | ---- | M] (MCCI Corporation) (aw32mgmt) ASUS Device W32 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\aw32mgmt.sys -> [2007/06/20 11:41:30 | 00,102,912 | ---- | M] (MCCI Corporation) (BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 16:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) (BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 16:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) (Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 16:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) (BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 16:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) (BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 16:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) (BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 16:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) (btwaudio) Bluetooth Audio Device Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwaudio.sys -> [2008/02/14 09:17:10 | 00,080,424 | ---- | M] (Broadcom Corporation.) (btwavdt) Bluetooth AVDT [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwavdt.sys -> [2007/07/16 08:20:24 | 00,080,936 | ---- | M] (Broadcom Corporation.) (btwrchid) btwrchid [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\btwrchid.sys -> [2007/07/16 08:20:26 | 00,016,168 | ---- | M] (Broadcom Corporation.) (cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2008/01/21 10:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) (DefragFS) DefragFS [File_System | Auto | Running] -> C:\Windows\System32\drivers\DefragFs.sys -> [2009/06/08 10:00:56 | 00,071,696 | ---- | M] (Raxco Software, Inc.) (DKbFltr) Dritek Keyboard Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\DKbFltr.sys -> [2006/11/02 21:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) (E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\E1G60I32.sys -> [2008/01/21 10:23:24 | 00,118,784 | ---- | M] (Intel Corporation) (eamon) eamon [File_System | On_Demand | Running] -> C:\Windows\System32\DRIVERS\eamon.sys -> [2009/03/19 11:41:38 | 00,113,960 | ---- | M] (ESET) (ehdrv) ehdrv [Kernel | System | Running] -> C:\Windows\System32\DRIVERS\ehdrv.sys -> [2009/03/19 11:44:34 | 00,107,256 | ---- | M] (ESET) (elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2008/01/21 10:23:22 | 00,342,584 | ---- | M] (Emulex) (epfwwfpr) epfwwfpr [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\epfwwfpr.sys -> [2009/03/19 11:45:40 | 00,093,312 | ---- | M] (ESET) (GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\GEARAspiWDM.sys -> [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) (HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2008/01/21 10:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) (HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\VSTAZL3.SYS -> [2008/01/21 10:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) (HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\HSX_DPV.sys -> [2008/03/26 06:41:30 | 00,980,992 | ---- | M] (Conexant Systems, Inc.) (HSXHWAZL) HSXHWAZL [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\HSXHWAZL.sys -> [2008/03/26 06:39:20 | 00,207,872 | ---- | M] (Conexant Systems, Inc.) (iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\iaStor.sys -> [2008/07/20 22:44:44 | 00,324,120 | ---- | M] (Intel Corporation) (iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2008/01/21 10:23:23 | 00,235,064 | ---- | M] (Intel Corporation) (iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 17:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) (int15) int15 [Kernel | Auto | Running] -> C:\Windows\System32\drivers\int15.sys -> [2007/01/26 14:32:18 | 00,069,632 | ---- | M] () (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTKVHDA.sys -> [2008/05/07 19:22:50 | 02,134,424 | ---- | M] (Realtek Semiconductor Corp.) (iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 17:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) (iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 17:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\L1E60x86.sys -> [2009/05/20 06:02:42 | 00,048,640 | ---- | M] (Atheros Communications, Inc.) (lirsgt) lirsgt [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\lirsgt.sys -> [2009/04/13 18:40:40 | 00,025,416 | ---- | M] () (LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2008/01/21 10:23:23 | 00,096,312 | ---- | M] (LSI Logic) (LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2008/01/21 10:23:25 | 00,089,656 | ---- | M] (LSI Logic) (LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2008/01/21 10:23:23 | 00,096,312 | ---- | M] (LSI Logic) (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\mdmxsdk.sys -> [2006/06/19 13:26:58 | 00,012,672 | ---- | M] (Conexant) (megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2008/01/21 10:23:27 | 00,031,288 | ---- | M] (LSI Corporation) (MegaSR) MegaSR [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasr.sys -> [2008/01/21 10:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) (Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 17:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) (NETw5v32) Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\NETw5v32.sys -> [2008/11/17 07:40:22 | 03,668,480 | ---- | M] (Intel Corporation) (nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 17:50:19 | 00,045,160 | ---- | M] (IBM Corporation) (nmwcd) Nokia USB Phone Parent [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ccdcmb.sys -> [2009/02/09 08:37:46 | 00,017,664 | ---- | M] (Nokia) (nmwcdc) Nokia USB Generic [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ccdcmbo.sys -> [2009/02/09 08:37:46 | 00,022,016 | ---- | M] (Nokia) (nmwcdnsu) Nokia USB Flashing Phone Parent [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\nmwcdnsu.sys -> [2009/03/19 14:48:18 | 00,136,704 | ---- | M] (Nokia) (nmwcdnsuc) Nokia USB Flashing Generic [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\nmwcdnsuc.sys -> [2009/03/19 14:48:12 | 00,008,320 | ---- | M] (Nokia) (NTIDrvr) Upper Class Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\NTIDrvr.sys -> [2008/01/30 17:52:06 | 00,014,848 | ---- | M] (NewTech Infosystems, Inc.) (NTIPPKernel) NTIPPKernel [Kernel | Auto | Running] -> C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -> [2008/01/16 22:35:08 | 00,122,368 | ---- | M] (Cyberlink Corp.) (ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 15:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) (NuidFltr) NUID filter driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\NuidFltr.sys -> [2007/08/31 18:58:20 | 00,018,856 | ---- | M] (Microsoft Corporation) (NVHDA) Service for NVIDIA High Definition Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvhda32v.sys -> [2009/06/26 22:55:12 | 00,066,080 | ---- | M] (NVIDIA Corporation) (nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\nvlddmkm.sys -> [2008/07/19 00:23:00 | 07,545,824 | ---- | M] (NVIDIA Corporation) (nvraid) NVIDIA nForce RAID Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2008/01/21 10:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) (nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2008/01/21 10:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) (pccsmcfd) PCCS Mode Change Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\pccsmcfd.sys -> [2008/08/26 10:26:12 | 00,018,816 | ---- | M] (Nokia) (pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\pfc.sys -> [2009/04/19 05:36:07 | 00,010,368 | ---- | M] (Padus, Inc.) (PSDFilter) PSDFilter [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\psdfilter.sys -> [2008/05/15 08:05:42 | 00,018,992 | ---- | M] (Egis Incorporated) (PSDNServ) PSDNServ [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\PSDNServ.sys -> [2008/05/15 08:05:42 | 00,016,944 | ---- | M] (Egis Incorporated) (psdvdisk) psdvdisk [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\PSDVdisk.sys -> [2008/05/15 08:05:44 | 00,060,464 | ---- | M] (Egis Incorporated) (ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2008/01/21 10:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) (ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 17:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) (RTSTOR) Realtek USB 2.0 Card Reader [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTSTOR.SYS -> [2009/03/26 08:00:02 | 00,064,000 | ---- | M] (Realtek Semiconductor Corp.) (secdrv) Security Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\secdrv.sys -> [2006/11/02 14:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2008/01/21 10:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) (Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 17:50:05 | 00,035,944 | ---- | M] (LSI Logic) (Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 17:49:56 | 00,031,848 | ---- | M] (LSI Logic) (Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 17:50:03 | 00,034,920 | ---- | M] (LSI Logic) (SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\SynTP.sys -> [2008/04/25 10:08:42 | 00,199,472 | ---- | M] (Synaptics, Inc.) (TcUsb) TC USB Kernel Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\tcusb.sys -> [2008/04/28 19:56:16 | 00,050,576 | ---- | M] (UPEK Inc.) (U6000ALL) U6000 TV Box(ALL) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\U6000ALL.sys -> [2007/07/13 17:56:08 | 00,230,784 | ---- | M] () (uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2008/01/21 10:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) (UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 17:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) (ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2008/01/21 10:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) (upperdev) upperdev [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\usbser_lowerflt.sys -> [2009/02/09 08:37:48 | 00,007,808 | ---- | M] (Nokia) (usbser) USB Modem Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\usbser.sys -> [2009/01/31 00:39:32 | 00,027,648 | ---- | M] (Microsoft Corporation) (UsbserFilt) UsbserFilt [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys -> [2009/02/09 08:37:56 | 00,007,808 | ---- | M] (Nokia) (viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2008/01/21 10:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) (vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2008/01/21 10:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) (winachsf) winachsf [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\HSX_CNXT.sys -> [2008/03/26 06:38:32 | 00,661,504 | ---- | M] (Conexant Systems, Inc.) (winbondcir) Winbond IR Transceiver [Kernel | On_Demand | Running] -> C:\Windows\System32\DRIVERS\winbondcir.sys -> [2007/03/28 22:51:40 | 00,043,008 | ---- | M] (Winbond Electronics Corporation) (XAudio) XAudio [Kernel | Auto | Running] -> C:\Windows\System32\DRIVERS\xaudio.sys -> [2007/10/19 06:36:54 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Kernel | Auto | Running] -> C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -> [2008/05/09 16:03:58 | 00,061,424 | ---- | M] (Cyberlink Corp.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\System32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://securityresponse.symantec.com/avcenter/fix_homepage/ -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> HKEY_USERS\S-1-5-19\: Main\\"Start Page" -> http://securityresponse.symantec.com/avcenter/fix_homepage/ -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> HKEY_USERS\S-1-5-20\: Main\\"Start Page" -> http://securityresponse.symantec.com/avcenter/fix_homepage/ -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\] > -> -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\: Main\\"Default_Secondary_Page_URL" -> http://global.acer.com [binary data] -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\: Main\\"Local Page" -> C:\Windows\system32\blank.htm -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\: Main\\"Page_Transitions" -> 1 -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\: Main\\"Start Page" -> http://www.google.com.sg/ -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\: Main\\"StartPageCache" -> 1 -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\: "ProxyEnable" -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com -> C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC [C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC\] -> [2009/07/27 01:58:31 | 00,000,000 | ---D | M] HKLM\software\mozilla\Thunderbird\Extensions -> -> HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com -> C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD -> < FireFox Extensions [User Folders] > -> < HOSTS File > (27 bytes and 1 lines) -> C:\Windows\System32\drivers\etc\Hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 02,217,848 | ---- | M] (Microsoft Corporation) {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} [HKLM] -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [ShowBarObj Class] -> [2008/05/15 08:04:22 | 00,312,880 | ---- | M] (Egis) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live ID Sign-in Helper] -> [2009/03/30 16:31:54 | 00,403,824 | ---- | M] (Microsoft Corporation) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{0BF43445-2F28-4351-9252-17FE6E806AA0}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found "{5CBE3B7C-1E47-477e-A7DD-396DB0476E29}" [HKLM] -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [Acer eDataSecurity Management] -> [2008/05/15 08:04:40 | 00,142,896 | ---- | M] (Egis Incorporated.) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\] > -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\"{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}" [HKLM] -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [Acer eDataSecurity Management] -> [2008/05/15 08:04:40 | 00,142,896 | ---- | M] (Egis Incorporated.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "eAudio" -> C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe ["C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"] -> [2008/05/31 03:24:30 | 00,544,768 | ---- | M] (Acer Incorporated) "eDataSecurity Loader" -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe] -> [2008/05/15 08:05:22 | 00,526,896 | ---- | M] (Egis Incorporated) "egui" -> C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe ["C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice] -> [2009/03/19 11:44:28 | 02,029,640 | ---- | M] (ESET) "ePower_DMC" -> C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe] -> [2008/06/12 01:22:16 | 00,409,600 | ---- | M] (Acer Inc.) "GrooveMonitor" -> C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe ["C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"] -> [2008/10/25 11:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) "IAAnotif" -> C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe] -> [2008/07/20 17:45:06 | 00,182,808 | ---- | M] (Intel Corporation) "LManager" -> C:\Program Files\Launch Manager\QtZgAcer.EXE [C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE] -> [2008/06/04 20:03:36 | 00,817,672 | ---- | M] (Dritek System Inc.) "NeroFilterCheck" -> C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe] -> [2007/03/01 14:57:24 | 00,153,136 | ---- | M] (Nero AG) "NvCplDaemon" -> C:\Windows\System32\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2008/07/19 00:23:00 | 13,543,968 | ---- | M] (NVIDIA Corporation) "NvMediaCenter" -> C:\Windows\System32\NvMcTray.DLL [RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> [2008/07/19 00:23:00 | 00,092,704 | ---- | M] (NVIDIA Corporation) "RtHDVCpl" -> C:\Windows\RtHDVCpl.exe [RtHDVCpl.exe] -> [2008/05/07 16:19:26 | 06,139,904 | ---- | M] (Realtek Semiconductor) "SynTPEnh" -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2008/04/25 10:08:40 | 01,049,896 | ---- | M] (Synaptics, Inc.) < Run [HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\] > -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "ehTray.exe" -> C:\Windows\ehome\ehTray.exe [C:\Windows\ehome\ehTray.exe] -> [2008/01/21 10:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation) "Sidebar" -> C:\Program Files\Windows Sidebar\sidebar.exe [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun] -> [2009/01/31 02:28:26 | 01,233,920 | ---- | M] (Microsoft Corporation) < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> < Software Policy Settings [HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000] > -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\SOFTWARE\Policies\Microsoft\Internet Explorer -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\Software\Policies\Microsoft\Internet Explorer\CommandBar \CommandBar\\"ShowLeftAddressToolbar" -> [1] -> File not found HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel \Control Panel\\"GeneralTab" -> [0] -> File not found \Control Panel\\"History" -> [0] -> File not found \Control Panel\\"Colors" -> [0] -> File not found \Control Panel\\"Fonts" -> [0] -> File not found \Control Panel\\"Languages" -> [0] -> File not found \Control Panel\\"Accessibility" -> [0] -> File not found \Control Panel\\"SecurityTab" -> [0] -> File not found \Control Panel\\"SecChangeSettings" -> [0] -> File not found \Control Panel\\"SecAddSites" -> [0] -> File not found \Control Panel\\"ContentTab" -> [0] -> File not found \Control Panel\\"Ratings" -> [0] -> File not found \Control Panel\\"Certificates" -> [0] -> File not found \Control Panel\\"Wallet" -> [0] -> File not found \Control Panel\\"Profiles" -> [0] -> File not found \Control Panel\\"ConnectionsTab" -> [0] -> File not found \Control Panel\\"Connwiz Admin Lock" -> [0] -> File not found \Control Panel\\"Connection Settings" -> [0] -> File not found \Control Panel\\"ProgramsTab" -> [0] -> File not found \Control Panel\\"CalendarContact" -> [0] -> File not found \Control Panel\\"ResetWebSettings" -> [0] -> File not found \Control Panel\\"Check_If_Default" -> [0] -> File not found \Control Panel\\"Messaging" -> [0] -> File not found \Control Panel\\"AdvancedTab" -> [0] -> File not found \Control Panel\\"Advanced" -> [0] -> File not found \Control Panel\\"Settings" -> [0] -> File not found \Control Panel\\"DisableDeletePasswords" -> [1] -> File not found HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\Software\Policies\Microsoft\Internet Explorer\Feed Discovery \Feed Discovery\\"Enabled" -> [0] -> File not found HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\Software\Policies\Microsoft\Internet Explorer\Feeds \Feeds\\"DisableAddRemove" -> [1] -> File not found \Feeds\\"DisableFeedPane" -> [1] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"BindDirectlyToPropertySetStorage" -> [0] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [2] -> File not found \\"ConsentPromptBehaviorUser" -> [1] -> File not found \\"EnableSecureUIAPaths" -> [1] -> File not found \\"EnableVirtualization" -> [1] -> File not found \\"PromptOnSecureDesktop" -> [0] -> File not found \\"ValidateAdminCodeSignatures" -> [0] -> File not found \\"scforceoption" -> [0] -> File not found \\"undockwithoutlogon" -> [1] -> File not found \\"FilterAdministratorToken" -> [0] -> File not found \\"EnableUIADesktopToggle" -> [0] -> File not found \\"DisableCAD" -> [1] -> File not found \\"SynchronousMachineGroupPolicy" -> [0] -> File not found \\"SynchronousUserGroupPolicy" -> [0] -> File not found \\"EnableInstallerDetection" -> [0] -> File not found \\"EnableLUA" -> [0] -> File not found \\"DisableRegistryTools" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats \UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" -> [1] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" -> [2] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" -> [7] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_DIB" -> [8] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" -> [9] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" -> [13] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" -> [17] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NofolderOptions" -> [0] -> File not found \\"NoRun" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableTaskMgr" -> [0] -> File not found \\"DisableRegistryTools" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NofolderOptions" -> [0] -> File not found \\"NoRun" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"DisableTaskMgr" -> [0] -> File not found \\"DisableRegistryTools" -> [0] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000] > -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDrives" -> [0] -> File not found \\"NoDriveTypeAutoRun" -> [145] -> File not found \\"NoBandCustomize" -> [0] -> File not found \\"NoStartMenuMFUprogramsList" -> [1] -> File not found \\"NoDesktopCleanupWizard" -> [1] -> File not found \\"NoRecentDocsHistory" -> [1] -> File not found < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000] > -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\Windows\System32\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2009/05/02 02:30:36 | 03,366,912 | ---- | M] (Google Inc.) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\Windows\System32\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2009/05/02 02:30:36 | 03,366,912 | ---- | M] (Google Inc.) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\] > -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> >> Download This Youtube Video - UnlockForUs -> D:\Torrents\Completed\YoutubeFile\lawrence.htm [D:\Torrents\Completed\YoutubeFile\lawrence.htm] -> File not found Add to Google Photos Screensa&ver -> C:\Windows\System32\GPhotos.scr [res://C:\Windows\system32\GPhotos.scr/200] -> [2009/05/02 02:30:36 | 03,366,912 | ---- | M] (Google Inc.) E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2009/05/04 08:40:04 | 18,333,536 | ---- | M] (Microsoft Corporation) Send image to &Bluetooth Device... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2007/01/23 16:57:50 | 00,001,199 | ---- | M] () Send page to &Bluetooth Device... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2007/01/23 16:57:52 | 00,002,758 | ---- | M] () < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {10954C80-4F0F-11d3-B17C-00C0DFE39736}:Exec [HKLM] -> C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe [Button: Quick-Launching Area] -> [2009/04/13 14:46:06 | 03,833,640 | ---- | M] () {10954C80-4F0F-11d3-B17C-00C0DFE39736}:Exec [HKLM] -> C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe [Menu: Quick-Launching Area] -> [2009/04/13 14:46:06 | 03,833,640 | ---- | M] () {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2008/10/25 07:52:00 | 00,604,056 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2008/10/25 07:52:00 | 00,604,056 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 04:04:56 | 00,039,464 | ---- | M] (Microsoft Corporation) {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: @btrez.dll,-4015] -> [2007/01/23 16:57:52 | 00,002,758 | ---- | M] () {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @btrez.dll,-12650] -> [2007/01/23 16:57:52 | 00,002,758 | ---- | M] () < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\] > -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> [@btrez.dll,-4015] -> File not found < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5510 domain(s) found. -> 49 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5511 domain(s) found. -> 49 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5511 domain(s) found. -> 49 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\] > -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 9043 domain(s) found. -> 56 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\] > -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-34966509-2953000490-542168643-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {1E54D648-B804-468d-BC78-4AFFED8E262F} [HKLM] -> http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab [System Requirements Lab Class] -> {74DBCB52-F298-4110-951D-AD2FF67BC8AB} [HKLM] -> http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab [NVIDIA Smart Scan] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {E4D78C3D-CBF5-47F0-B37E-3AAF81FB1106}\\DhcpNameServer -> 192.168.1.1 (Intel(R) WiFi Link 5100 AGN) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\Windows\explorer.exe -> [2009/01/31 02:27:50 | 02,927,616 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> AWinNotifyVitaKey MC3000 -> C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll -> [2009/04/13 14:46:05 | 03,115,520 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) spba -> C:\Program Files\Common Files\SPBA\homefus2.dll -> [2008/03/25 19:24:16 | 00,567,560 | ---- | M] (UPEK Inc.) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> Reg Error: Key error. [] -> File not found "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009/02/12 15:19:32 | 02,217,848 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006/09/19 05:43:36 | 00,000,024 | ---- | M] () C:\Autorun.inf [] -> C:\Autorun.inf [ NTFS ] -> [2009/04/29 02:01:45 | 00,000,000 | -H-D | M] < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> [Registry - Additional Scans - Safe List] < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Users\Bruno\Desktop\OTS.exe -> [2009/07/28 01:20:55 | 00,514,560 | ---- | C] (OldTimer Tools) SpywareBlaster -> C:\Program Files\SpywareBlaster -> [2009/07/28 01:11:13 | 00,000,000 | ---D | C] Config.Msi -> C:\Config.Msi -> [2009/07/27 19:25:10 | 00,000,000 | -HSD | C] ParetoLogic Registration.job -> C:\Windows\tasks\ParetoLogic Registration.job -> [2009/07/27 19:05:33 | 00,000,442 | ---- | C] () fidbox.dat -> C:\Windows\System32\drivers\fidbox.dat -> [2009/07/27 19:05:32 | 00,133,152 | -HS- | C] () fidbox.idx -> C:\Windows\System32\drivers\fidbox.idx -> [2009/07/27 19:05:32 | 00,003,680 | -HS- | C] () ParetoLogic -> C:\ProgramData\ParetoLogic -> [2009/07/27 18:58:30 | 00,000,000 | ---D | C] ParetoLogic -> C:\Program Files\Common Files\ParetoLogic -> [2009/07/27 18:58:30 | 00,000,000 | ---D | C] Downloaded Installations -> C:\Users\Bruno\AppData\Local\Downloaded Installations -> [2009/07/27 18:57:47 | 00,000,000 | ---D | C] IconCache.db -> C:\Users\Bruno\AppData\Local\IconCache.db -> [2009/07/27 18:43:56 | 00,411,365 | -H-- | C] () TEMP -> C:\ProgramData\TEMP -> [2009/07/27 18:09:26 | 00,000,000 | ---D | C] Simply Super Software -> C:\ProgramData\Simply Super Software -> [2009/07/27 18:06:27 | 00,000,000 | ---D | C] f9d4C0D.mht -> C:\Windows\System32\f9d4C0D.mht -> [2009/07/27 16:02:21 | 02,335,270 | ---- | C] () hiberfil.sys -> C:\hiberfil.sys -> [2009/07/27 15:38:16 | 32,158,47424 | -HS- | C] () w32apiw.dll -> C:\Windows\System32\w32apiw.dll -> [2009/07/27 15:19:52 | 00,000,000 | ---- | C] () temp -> C:\Windows\temp -> [2009/07/27 15:14:15 | 00,000,000 | ---D | C] $RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2009/07/27 15:13:21 | 00,000,000 | -HSD | C] Malwarebytes -> C:\Users\Bruno\AppData\Roaming\Malwarebytes -> [2009/07/27 13:51:39 | 00,000,000 | ---D | C] Malwarebytes -> C:\ProgramData\Malwarebytes -> [2009/07/27 13:51:34 | 00,000,000 | ---D | C] ComboFix -> C:\ComboFix -> [2009/07/27 13:09:14 | 00,000,000 | --SD | C] TUProgSt_20090727-050415.dmp -> C:\Windows\System32\TUProgSt_20090727-050415.dmp -> [2009/07/27 13:04:15 | 00,020,798 | ---- | C] () ESET -> C:\Users\Bruno\AppData\Local\ESET -> [2009/07/27 12:59:01 | 00,000,000 | ---D | C] PEV.exe -> C:\Windows\PEV.exe -> [2009/07/27 12:41:24 | 00,219,648 | ---- | C] () SWXCACLS.exe -> C:\Windows\SWXCACLS.exe -> [2009/07/27 12:41:24 | 00,212,480 | ---- | C] (SteelWerX) SWREG.exe -> C:\Windows\SWREG.exe -> [2009/07/27 12:41:24 | 00,161,792 | ---- | C] (SteelWerX) SWSC.exe -> C:\Windows\SWSC.exe -> [2009/07/27 12:41:24 | 00,136,704 | ---- | C] (SteelWerX) sed.exe -> C:\Windows\sed.exe -> [2009/07/27 12:41:24 | 00,098,816 | ---- | C] () grep.exe -> C:\Windows\grep.exe -> [2009/07/27 12:41:24 | 00,080,412 | ---- | C] () zip.exe -> C:\Windows\zip.exe -> [2009/07/27 12:41:24 | 00,068,096 | ---- | C] () NIRCMD.exe -> C:\Windows\NIRCMD.exe -> [2009/07/27 12:41:24 | 00,031,232 | ---- | C] (NirSoft) ERDNT -> C:\Windows\ERDNT -> [2009/07/27 12:41:13 | 00,000,000 | ---D | C] Qoobox -> C:\Qoobox -> [2009/07/27 12:40:58 | 00,000,000 | ---D | C] Trend Micro -> C:\Program Files\Trend Micro -> [2009/07/27 12:29:23 | 00,000,000 | ---D | C] Msft_User_PCCSWpdDriver_01_07_00.Wdf -> C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf -> [2009/07/27 01:59:58 | 00,000,000 | -H-- | C] () PCSuite -> C:\Program Files\Common Files\PCSuite -> [2009/07/27 01:58:31 | 00,000,000 | ---D | C] pccsmcfd.sys -> C:\Windows\System32\drivers\pccsmcfd.sys -> [2009/07/27 01:58:24 | 00,018,816 | ---- | C] (Nokia) PC Connectivity Solution -> C:\Program Files\PC Connectivity Solution -> [2009/07/27 01:58:19 | 00,000,000 | ---D | C] Nokia -> C:\Program Files\Common Files\Nokia -> [2009/07/27 01:19:14 | 00,000,000 | ---D | C] ESET -> C:\Program Files\ESET -> [2009/07/26 19:31:47 | 00,000,000 | ---D | C] Symantec -> C:\Users\Bruno\AppData\Local\Symantec -> [2009/07/26 15:53:56 | 00,000,000 | ---D | C] YouTube Downloader -> C:\Program Files\YouTube Downloader -> [2009/07/26 02:13:53 | 00,000,000 | ---D | C] U3 -> C:\ProgramData\U3 -> [2009/07/25 18:43:02 | 00,000,000 | ---D | C] ieui.dll -> C:\Windows\System32\ieui.dll -> [2009/07/25 18:07:34 | 00,164,352 | ---- | C] (Microsoft Corporation) admparse.dll -> C:\Windows\System32\admparse.dll -> [2009/07/25 18:07:34 | 00,072,704 | ---- | C] (Microsoft Corporation) mshtmled.dll -> C:\Windows\System32\mshtmled.dll -> [2009/07/25 18:07:34 | 00,066,560 | ---- | C] (Microsoft Corporation) icardie.dll -> C:\Windows\System32\icardie.dll -> [2009/07/25 18:07:34 | 00,059,904 | ---- | C] (Microsoft Corporation) mshtmler.dll -> C:\Windows\System32\mshtmler.dll -> [2009/07/25 18:07:34 | 00,048,128 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2009/07/25 18:07:34 | 00,025,600 | ---- | C] (Microsoft Corporation) mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2009/07/25 18:07:33 | 01,638,912 | ---- | C] (Microsoft Corporation) dxtmsft.dll -> C:\Windows\System32\dxtmsft.dll -> [2009/07/25 18:07:33 | 00,348,160 | ---- | C] (Microsoft Corporation) dxtrans.dll -> C:\Windows\System32\dxtrans.dll -> [2009/07/25 18:07:33 | 00,216,064 | ---- | C] (Microsoft Corporation) msls31.dll -> C:\Windows\System32\msls31.dll -> [2009/07/25 18:07:33 | 00,156,160 | ---- | C] (Microsoft Corporation) ieakeng.dll -> C:\Windows\System32\ieakeng.dll -> [2009/07/25 18:07:33 | 00,125,952 | ---- | C] (Microsoft Corporation) tdc.ocx -> C:\Windows\System32\tdc.ocx -> [2009/07/25 18:07:33 | 00,066,560 | ---- | C] (Microsoft Corporation) iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2009/07/25 18:07:33 | 00,055,808 | ---- | C] (Microsoft Corporation) imgutil.dll -> C:\Windows\System32\imgutil.dll -> [2009/07/25 18:07:33 | 00,034,816 | ---- | C] (Microsoft Corporation) corpol.dll -> C:\Windows\System32\corpol.dll -> [2009/07/25 18:07:33 | 00,018,944 | ---- | C] (Microsoft Corporation) webcheck.dll -> C:\Windows\System32\webcheck.dll -> [2009/07/25 18:07:32 | 00,236,544 | ---- | C] (Microsoft Corporation) ieaksie.dll -> C:\Windows\System32\ieaksie.dll -> [2009/07/25 18:07:32 | 00,229,376 | ---- | C] (Microsoft Corporation) WinFXDocObj.exe -> C:\Windows\System32\WinFXDocObj.exe -> [2009/07/25 18:07:32 | 00,208,384 | ---- | C] (Microsoft Corporation) msrating.dll -> C:\Windows\System32\msrating.dll -> [2009/07/25 18:07:32 | 00,193,536 | ---- | C] (Microsoft Corporation) iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2009/07/25 18:07:32 | 00,183,808 | ---- | C] (Microsoft Corporation) ieakui.dll -> C:\Windows\System32\ieakui.dll -> [2009/07/25 18:07:32 | 00,163,840 | ---- | C] (Microsoft Corporation) occache.dll -> C:\Windows\System32\occache.dll -> [2009/07/25 18:07:32 | 00,109,568 | ---- | C] (Microsoft Corporation) inseng.dll -> C:\Windows\System32\inseng.dll -> [2009/07/25 18:07:32 | 00,094,720 | ---- | C] (Microsoft Corporation) iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2009/07/25 18:07:32 | 00,071,680 | ---- | C] (Microsoft Corporation) wextract.exe -> C:\Windows\System32\wextract.exe -> [2009/07/25 18:07:32 | 00,066,560 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2009/07/25 18:07:32 | 00,055,296 | ---- | C] (Microsoft Corporation) licmgr10.dll -> C:\Windows\System32\licmgr10.dll -> [2009/07/25 18:07:32 | 00,043,008 | ---- | C] (Microsoft Corporation) mstime.dll -> C:\Windows\System32\mstime.dll -> [2009/07/25 18:07:31 | 00,611,840 | ---- | C] (Microsoft Corporation) msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2009/07/25 18:07:31 | 00,594,432 | ---- | C] (Microsoft Corporation) ieapfltr.dll -> C:\Windows\System32\ieapfltr.dll -> [2009/07/25 18:07:31 | 00,445,952 | ---- | C] (Microsoft Corporation) advpack.dll -> C:\Windows\System32\advpack.dll -> [2009/07/25 18:07:31 | 00,128,512 | ---- | C] (Microsoft Corporation) ieuinit.inf -> C:\Windows\System32\ieuinit.inf -> [2009/07/25 18:07:31 | 00,057,667 | ---- | C] () pngfilt.dll -> C:\Windows\System32\pngfilt.dll -> [2009/07/25 18:07:31 | 00,046,592 | ---- | C] (Microsoft Corporation) msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2009/07/25 18:07:31 | 00,013,312 | ---- | C] (Microsoft Corporation) jscript.dll -> C:\Windows\System32\jscript.dll -> [2009/07/25 18:07:30 | 00,726,528 | ---- | C] (Microsoft Corporation) vbscript.dll -> C:\Windows\System32\vbscript.dll -> [2009/07/25 18:07:30 | 00,420,352 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2009/07/25 18:07:30 | 00,391,536 | ---- | C] (Microsoft Corporation) url.dll -> C:\Windows\System32\url.dll -> [2009/07/25 18:07:30 | 00,105,984 | ---- | C] (Microsoft Corporation) ieapfltr.dat -> C:\Windows\System32\ieapfltr.dat -> [2009/07/25 18:07:29 | 03,698,584 | ---- | C] (Microsoft Corporation) html.iec -> C:\Windows\System32\html.iec -> [2009/07/25 18:07:29 | 00,385,024 | ---- | C] (Microsoft Corporation) iexpress.exe -> C:\Windows\System32\iexpress.exe -> [2009/07/25 18:07:29 | 00,169,472 | ---- | C] (Microsoft Corporation) ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2009/07/25 18:07:29 | 00,132,608 | ---- | C] (Microsoft Corporation) PDMSetup.exe -> C:\Windows\System32\PDMSetup.exe -> [2009/07/25 18:07:29 | 00,109,568 | ---- | C] (Microsoft Corporation) iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2009/07/25 18:07:29 | 00,109,056 | ---- | C] (Microsoft Corporation) RegisterIEPKEYs.exe -> C:\Windows\System32\RegisterIEPKEYs.exe -> [2009/07/25 18:07:29 | 00,107,520 | ---- | C] (Microsoft Corporation) SetIEInstalledDate.exe -> C:\Windows\System32\SetIEInstalledDate.exe -> [2009/07/25 18:07:29 | 00,107,008 | ---- | C] (Microsoft Corporation) SetDepNx.exe -> C:\Windows\System32\SetDepNx.exe -> [2009/07/25 18:07:29 | 00,103,936 | ---- | C] (Microsoft Corporation) mshta.exe -> C:\Windows\System32\mshta.exe -> [2009/07/25 18:07:29 | 00,045,568 | ---- | C] (Microsoft Corporation) iertutil.dll -> C:\Windows\System32\iertutil.dll -> [2009/07/25 18:07:28 | 01,985,024 | ---- | C] (Microsoft Corporation) wininet.dll -> C:\Windows\System32\wininet.dll -> [2009/07/25 18:07:28 | 00,914,944 | ---- | C] (Microsoft Corporation) ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2009/07/25 18:07:28 | 00,173,056 | ---- | C] (Microsoft Corporation) inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2009/07/25 18:07:27 | 01,469,440 | ---- | C] (Microsoft Corporation) urlmon.dll -> C:\Windows\System32\urlmon.dll -> [2009/07/25 18:07:27 | 01,206,784 | ---- | C] (Microsoft Corporation) ieframe.dll -> C:\Windows\System32\ieframe.dll -> [2009/07/25 18:07:26 | 11,063,808 | ---- | C] (Microsoft Corporation) mshtml.dll -> C:\Windows\System32\mshtml.dll -> [2009/07/25 18:07:26 | 05,937,152 | ---- | C] (Microsoft Corporation) PC Drivers HeadQuarters -> C:\ProgramData\PC Drivers HeadQuarters -> [2009/07/25 14:41:50 | 00,000,000 | ---D | C] 1-Click Maintenance.job -> C:\Windows\tasks\1-Click Maintenance.job -> [2009/07/25 13:23:55 | 00,000,486 | ---- | C] () GTA San Andreas User Files -> C:\Users\Bruno\Documents\GTA San Andreas User Files -> [2009/07/25 00:35:46 | 00,000,000 | ---D | C] CmdLineExt.dll -> C:\Windows\System32\CmdLineExt.dll -> [2009/07/25 00:31:44 | 00,098,304 | ---- | C] (Sony DADC Austria AG.) U3 -> C:\Users\Bruno\AppData\Roaming\U3 -> [2009/07/25 00:14:18 | 00,000,000 | ---D | C] Raxco -> C:\ProgramData\Raxco -> [2009/07/24 15:28:18 | 00,000,000 | ---D | C] mlfcache.dat -> C:\Windows\System32\mlfcache.dat -> [2009/07/24 04:36:01 | 00,171,404 | -H-- | C] () Chevron -> C:\Users\Bruno\Documents\Chevron -> [2009/07/18 14:53:31 | 00,000,000 | ---D | C] PDBoot.exe -> C:\Windows\System32\PDBoot.exe -> [2009/07/17 11:10:28 | 00,232,200 | ---- | C] (Raxco Software, Inc.) unrar.dll -> C:\Windows\System32\unrar.dll -> [2009/06/03 21:15:48 | 00,168,448 | ---- | C] () avisplitter.ini -> C:\Windows\avisplitter.ini -> [2009/06/03 21:15:47 | 00,000,038 | ---- | C] () xvidcore.dll -> C:\Windows\System32\xvidcore.dll -> [2009/06/03 21:15:41 | 00,795,648 | ---- | C] () xvidvfw.dll -> C:\Windows\System32\xvidvfw.dll -> [2009/06/03 21:15:41 | 00,130,048 | ---- | C] () qt-dx331.dll -> C:\Windows\System32\qt-dx331.dll -> [2009/06/03 21:15:40 | 03,596,288 | ---- | C] () ff_vfw.dll -> C:\Windows\System32\ff_vfw.dll -> [2009/06/03 21:15:28 | 00,084,480 | ---- | C] () ff_vfw.dll.manifest -> C:\Windows\System32\ff_vfw.dll.manifest -> [2009/06/03 21:15:28 | 00,000,547 | ---- | C] () RtDefLvl.ini -> C:\Windows\RtDefLvl.ini -> [2009/05/03 23:43:00 | 00,001,694 | R--- | C] () U6000ALL.sys -> C:\Windows\System32\drivers\U6000ALL.sys -> [2009/04/25 13:02:25 | 00,230,784 | ---- | C] () NeroDigital.ini -> C:\Windows\NeroDigital.ini -> [2009/04/16 19:02:10 | 00,000,069 | ---- | C] () PnkBstrK.sys -> C:\Windows\System32\drivers\PnkBstrK.sys -> [2009/04/14 14:16:23 | 00,138,184 | ---- | C] () EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/04/14 02:41:22 | 00,117,248 | ---- | C] () atksgt.sys -> C:\Windows\System32\drivers\atksgt.sys -> [2009/04/13 18:40:40 | 00,278,984 | ---- | C] () lirsgt.sys -> C:\Windows\System32\drivers\lirsgt.sys -> [2009/04/13 18:40:40 | 00,025,416 | ---- | C] () VMC3KAPI.dll -> C:\Windows\System32\VMC3KAPI.dll -> [2009/04/13 14:46:14 | 00,118,784 | ---- | C] () Image.dll -> C:\Windows\Image.dll -> [2009/04/13 14:39:06 | 00,626,688 | ---- | C] () PidList.ini -> C:\Windows\PidList.ini -> [2009/04/13 14:39:06 | 00,000,036 | ---- | C] () physxcudart_20.dll -> C:\Windows\System32\physxcudart_20.dll -> [2008/10/07 13:13:30 | 00,197,912 | ---- | C] () AgCPanelTraditionalChinese.dll -> C:\Windows\System32\AgCPanelTraditionalChinese.dll -> [2008/10/07 13:13:22 | 00,058,648 | ---- | C] () AgCPanelSwedish.dll -> C:\Windows\System32\AgCPanelSwedish.dll -> [2008/10/07 13:13:20 | 00,058,648 | ---- | C] () AgCPanelSpanish.dll -> C:\Windows\System32\AgCPanelSpanish.dll -> [2008/10/07 13:13:20 | 00,058,648 | ---- | C] () AgCPanelSimplifiedChinese.dll -> C:\Windows\System32\AgCPanelSimplifiedChinese.dll -> [2008/10/07 13:13:20 | 00,058,648 | ---- | C] () AgCPanelPortugese.dll -> C:\Windows\System32\AgCPanelPortugese.dll -> [2008/10/07 13:13:20 | 00,058,648 | ---- | C] () AgCPanelKorean.dll -> C:\Windows\System32\AgCPanelKorean.dll -> [2008/10/07 13:13:20 | 00,058,648 | ---- | C] () AgCPanelJapanese.dll -> C:\Windows\System32\AgCPanelJapanese.dll -> [2008/10/07 13:13:20 | 00,058,648 | ---- | C] () AgCPanelGerman.dll -> C:\Windows\System32\AgCPanelGerman.dll -> [2008/10/07 13:13:20 | 00,058,648 | ---- | C] () AgCPanelFrench.dll -> C:\Windows\System32\AgCPanelFrench.dll -> [2008/10/07 13:13:20 | 00,058,648 | ---- | C] () NTIOFM4.dll -> C:\Windows\System32\NTIOFM4.dll -> [2008/07/23 03:54:34 | 00,001,024 | RH-- | C] () NTIBUN5.dll -> C:\Windows\System32\NTIBUN5.dll -> [2008/07/23 03:54:34 | 00,001,024 | RH-- | C] () SysHook.dll -> C:\Windows\System32\SysHook.dll -> [2008/07/23 03:28:21 | 00,204,800 | ---- | C] () WdfCoInstaller01000.dll -> C:\Windows\System32\WdfCoInstaller01000.dll -> [2008/07/23 03:26:23 | 01,060,424 | ---- | C] () INT15.dll -> C:\Windows\System32\INT15.dll -> [2008/07/23 03:24:31 | 00,487,424 | ---- | C] () GTTunerCard.dll -> C:\Windows\System32\GTTunerCard.dll -> [2007/11/02 15:28:10 | 00,278,528 | ---- | C] () GTWST.dll -> C:\Windows\System32\GTWST.dll -> [2007/06/16 16:44:30 | 00,065,536 | ---- | C] () RmCard.dll -> C:\Windows\System32\RmCard.dll -> [2007/06/11 09:32:48 | 00,126,976 | ---- | C] () int15.sys -> C:\Windows\System32\drivers\int15.sys -> [2007/01/26 14:32:18 | 00,069,632 | ---- | C] () sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 20:35:32 | 00,005,632 | ---- | C] () win.ini -> C:\Windows\win.ini -> [2006/11/02 18:23:31 | 00,000,344 | ---- | C] () system.ini -> C:\Windows\system.ini -> [2006/11/02 18:23:31 | 00,000,215 | ---- | C] () pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 15:40:29 | 00,013,750 | ---- | C] () lame_enc.dll -> C:\Windows\System32\lame_enc.dll -> [2004/07/29 02:19:46 | 00,175,104 | ---- | C] () DISP_OPT1.dll -> C:\Windows\System32\DISP_OPT1.dll -> [2003/06/28 14:34:20 | 00,069,707 | ---- | C] () UNACEV2.DLL -> C:\Windows\System32\UNACEV2.DLL -> [2002/03/21 15:39:02 | 00,073,728 | ---- | C] () multiplex_vcd.dll -> C:\Windows\System32\multiplex_vcd.dll -> [2001/12/27 07:12:30 | 00,065,536 | ---- | C] () lcppn21.dll -> C:\Windows\System32\lcppn21.dll -> [2001/11/14 17:56:00 | 01,802,240 | ---- | C] () Hmpg12.dll -> C:\Windows\System32\Hmpg12.dll -> [2001/09/04 14:46:38 | 00,110,592 | ---- | C] () HMPV2_ENC.dll -> C:\Windows\System32\HMPV2_ENC.dll -> [2001/07/31 07:33:56 | 00,118,784 | ---- | C] () HMPV2_ENC_MMX.dll -> C:\Windows\System32\HMPV2_ENC_MMX.dll -> [2001/07/24 13:04:36 | 00,118,784 | ---- | C] () [Files/Folders - Modified Within 30 Days] 2 C:\Users\Bruno\AppData\Local\Temp\*.tmp files -> C:\Users\Bruno\AppData\Local\Temp\*.tmp -> NTUSER.DAT -> C:\Users\Bruno\NTUSER.DAT -> [2009/07/28 01:21:26 | 06,553,600 | ---- | M] () OTS.exe -> C:\Users\Bruno\Desktop\OTS.exe -> [2009/07/28 01:20:00 | 00,514,560 | ---- | M] (OldTimer Tools) 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/07/28 01:01:12 | 00,003,216 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/07/28 01:01:12 | 00,003,216 | -H-- | M] () nvModes.dat -> C:\ProgramData\nvModes.dat -> [2009/07/27 23:57:11 | 00,042,559 | ---- | M] () nvModes.001 -> C:\ProgramData\nvModes.001 -> [2009/07/27 23:57:11 | 00,042,559 | ---- | M] () PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2009/07/27 21:10:45 | 00,694,964 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2009/07/27 21:10:45 | 00,603,282 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2009/07/27 21:10:45 | 00,106,696 | ---- | M] () ParetoLogic Registration.job -> C:\Windows\tasks\ParetoLogic Registration.job -> [2009/07/27 21:01:15 | 00,000,442 | ---- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2009/07/27 21:01:15 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/27 21:00:56 | 00,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2009/07/27 21:00:41 | 32,158,47424 | -HS- | M] () NTUSER.DAT{7473acef-5aba-11de-9bcb-001e68c8c495}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Bruno\NTUSER.DAT{7473acef-5aba-11de-9bcb-001e68c8c495}.TMContainer00000000000000000001.regtrans-ms -> [2009/07/27 20:59:59 | 00,524,288 | -HS- | M] () fidbox.dat -> C:\Windows\System32\drivers\fidbox.dat -> [2009/07/27 20:59:59 | 00,133,152 | -HS- | M] () NTUSER.DAT{7473acef-5aba-11de-9bcb-001e68c8c495}.TM.blf -> C:\Users\Bruno\NTUSER.DAT{7473acef-5aba-11de-9bcb-001e68c8c495}.TM.blf -> [2009/07/27 20:59:59 | 00,065,536 | -HS- | M] () fidbox.idx -> C:\Windows\System32\drivers\fidbox.idx -> [2009/07/27 20:59:59 | 00,003,680 | -HS- | M] () bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2009/07/27 20:59:57 | 00,000,012 | ---- | M] () IconCache.db -> C:\Users\Bruno\AppData\Local\IconCache.db -> [2009/07/27 20:59:51 | 00,411,365 | -H-- | M] () w32apiw.dll -> C:\Windows\System32\w32apiw.dll -> [2009/07/27 20:58:02 | 00,000,000 | ---- | M] () NeroDigital.ini -> C:\Windows\NeroDigital.ini -> [2009/07/27 20:11:09 | 00,000,069 | ---- | M] () f9d4C0D.mht -> C:\Windows\System32\f9d4C0D.mht -> [2009/07/27 16:02:21 | 02,335,270 | ---- | M] () system.ini -> C:\Windows\system.ini -> [2009/07/27 15:09:36 | 00,000,215 | ---- | M] () RtkBtMnt.exe -> C:\Users\Bruno\AppData\Local\Temp\RtkBtMnt.exe -> [2009/07/27 15:09:32 | 00,204,800 | ---- | M] (Realtek Semiconductor Corp.) hosts -> C:\Windows\System32\drivers\etc\hosts -> [2009/07/27 15:09:21 | 00,000,027 | ---- | M] () TUProgSt_20090727-050415.dmp -> C:\Windows\System32\TUProgSt_20090727-050415.dmp -> [2009/07/27 13:04:17 | 00,020,798 | ---- | M] () Msft_User_PCCSWpdDriver_01_07_00.Wdf -> C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf -> [2009/07/27 01:59:58 | 00,000,000 | -H-- | M] () TUProgSt.exe -> C:\Windows\System32\TUProgSt.exe -> [2009/07/25 13:23:56 | 00,604,416 | ---- | M] (TuneUp Software) TuneUpDefragService.exe -> C:\Windows\System32\TuneUpDefragService.exe -> [2009/07/25 13:23:55 | 00,361,216 | ---- | M] (TuneUp Software) 1-Click Maintenance.job -> C:\Windows\tasks\1-Click Maintenance.job -> [2009/07/25 13:23:55 | 00,000,486 | ---- | M] () CmdLineExt.dll -> C:\Windows\System32\CmdLineExt.dll -> [2009/07/25 00:31:44 | 00,098,304 | ---- | M] (Sony DADC Austria AG.) mlfcache.dat -> C:\Windows\System32\mlfcache.dat -> [2009/07/24 04:36:01 | 00,171,404 | -H-- | M] () SYMEVENT.CAT -> C:\Windows\System32\drivers\SYMEVENT.CAT -> [2009/07/22 23:18:07 | 00,010,635 | ---- | M] () SYMEVENT.INF -> C:\Windows\System32\drivers\SYMEVENT.INF -> [2009/07/22 23:18:07 | 00,000,806 | ---- | M] () PDBoot.exe -> C:\Windows\System32\PDBoot.exe -> [2009/07/17 11:10:28 | 00,232,200 | ---- | M] (Raxco Software, Inc.) PEV.exe -> C:\Windows\PEV.exe -> [2009/07/13 05:48:54 | 00,219,648 | ---- | M] () PnkBstrA.exe -> C:\Windows\System32\PnkBstrA.exe -> [2009/06/28 04:50:17 | 00,066,872 | ---- | M] () [File - Lop Check] Roaming -> C:\Users\Administrator\AppData\Roaming -> [2009/05/01 05:37:53 | 00,000,000 | ---D | M] Media Center Programs -> C:\Users\Administrator\AppData\Roaming\Media Center Programs -> [2006/11/02 20:37:34 | 00,000,000 | ---D | M] TuneUp Software -> C:\Users\Administrator\AppData\Roaming\TuneUp Software -> [2009/05/01 05:37:53 | 00,000,000 | ---D | M] Roaming -> C:\Users\Bruno\AppData\Roaming -> [2009/07/27 18:53:56 | 00,000,000 | ---D | M] ACD Systems -> C:\Users\Bruno\AppData\Roaming\ACD Systems -> [2009/04/19 05:36:47 | 00,000,000 | ---D | M] Acer -> C:\Users\Bruno\AppData\Roaming\Acer -> [2009/04/14 04:50:16 | 00,000,000 | ---D | M] Acer GameZone Console -> C:\Users\Bruno\AppData\Roaming\Acer GameZone Console -> [2008/07/23 03:51:05 | 00,000,000 | ---D | M] Ahead -> C:\Users\Bruno\AppData\Roaming\Ahead -> [2009/04/15 19:22:23 | 00,000,000 | ---D | M] App Launcher Gadget -> C:\Users\Bruno\AppData\Roaming\App Launcher Gadget -> [2009/07/26 11:11:53 | 00,000,000 | ---D | M] CyberLink -> C:\Users\Bruno\AppData\Roaming\CyberLink -> [2009/04/17 04:04:35 | 00,000,000 | ---D | M] ESET -> C:\Users\Bruno\AppData\Roaming\ESET -> [2009/04/15 05:53:14 | 00,000,000 | ---D | M] eSobi -> C:\Users\Bruno\AppData\Roaming\eSobi -> [2009/04/13 15:22:40 | 00,000,000 | ---D | M] Games -> C:\Users\Bruno\AppData\Roaming\Games -> [2009/04/13 18:45:53 | 00,000,000 | ---D | M] iExpert Software -> C:\Users\Bruno\AppData\Roaming\iExpert Software -> [2009/04/14 01:51:21 | 00,000,000 | ---D | M] Intel -> C:\Users\Bruno\AppData\Roaming\Intel -> [2009/04/27 17:04:42 | 00,000,000 | ---D | M] Leadertech -> C:\Users\Bruno\AppData\Roaming\Leadertech -> [2009/04/13 19:04:05 | 00,000,000 | ---D | M] MahJong Suite -> C:\Users\Bruno\AppData\Roaming\MahJong Suite -> [2009/06/25 13:48:34 | 00,000,000 | ---D | M] Media Center Programs -> C:\Users\Bruno\AppData\Roaming\Media Center Programs -> [2006/11/02 20:37:34 | 00,000,000 | ---D | M] nCleaner -> C:\Users\Bruno\AppData\Roaming\nCleaner -> [2009/04/28 05:36:23 | 00,000,000 | ---D | M] Nokia -> C:\Users\Bruno\AppData\Roaming\Nokia -> [2009/07/27 01:59:42 | 00,000,000 | ---D | M] PC Suite -> C:\Users\Bruno\AppData\Roaming\PC Suite -> [2009/04/19 01:21:33 | 00,000,000 | ---D | M] smc -> C:\Users\Bruno\AppData\Roaming\smc -> [2009/06/22 18:35:40 | 00,000,000 | ---D | M] TuneUp Software -> C:\Users\Bruno\AppData\Roaming\TuneUp Software -> [2009/04/14 02:33:27 | 00,000,000 | ---D | M] U3 -> C:\Users\Bruno\AppData\Roaming\U3 -> [2009/07/25 20:00:51 | 00,000,000 | ---D | M] uTorrent -> C:\Users\Bruno\AppData\Roaming\uTorrent -> [2009/07/28 00:04:57 | 00,000,000 | ---D | M] Roaming -> C:\Users\Default\AppData\Roaming -> [2009/04/13 15:25:32 | 00,000,000 | ---D | M] Media Center Programs -> C:\Users\Default\AppData\Roaming\Media Center Programs -> [2006/11/02 20:37:34 | 00,000,000 | ---D | M] Roaming -> C:\Users\Default User\AppData\Roaming -> [2009/04/13 15:25:32 | 00,000,000 | ---D | M] Media Center Programs -> C:\Users\Default User\AppData\Roaming\Media Center Programs -> [2006/11/02 20:37:34 | 00,000,000 | ---D | M] C:\Windows\Tasks\ -> C:\Windows\Tasks -> [2009/07/27 19:24:45 | 00,000,000 | ---D | M] 1-Click Maintenance.job -> C:\Windows\Tasks\1-Click Maintenance.job -> [2009/07/25 13:23:55 | 00,000,486 | ---- | M] () GoogleUpdateTaskUserS-1-5-21-34966509-2953000490-542168643-1000.job -> C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-34966509-2953000490-542168643-1000.job -> [2009/05/01 05:32:02 | 00,000,856 | ---- | M] () ParetoLogic Registration.job -> C:\Windows\Tasks\ParetoLogic Registration.job -> [2009/07/27 21:01:15 | 00,000,442 | ---- | M] () SA.DAT -> C:\Windows\Tasks\SA.DAT -> [2009/07/27 21:01:15 | 00,000,006 | -H-- | M] () SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2009/07/27 20:59:57 | 00,032,646 | ---- | M] () [File - Purity Scan] [Alternate Data Streams] @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > [/code]