[code] OTS logfile created on: 2/28/2010 2:54:47 PM - Run 1 OTS by OldTimer - Version 3.1.22.3 Folder = C:\Users\Marc\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 48.00% Memory free 8.00 Gb Paging File | 6.00 Gb Available in Paging File | 71.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450.70 Gb Total Space | 289.11 Gb Free Space | 64.15% Space Free | Partition Type: NTFS Drive D: | 15.00 Gb Total Space | 7.49 Gb Free Space | 49.93% Space Free | Partition Type: NTFS Drive E: | 147.02 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive K: | 273.44 Gb Total Space | 196.70 Gb Free Space | 71.94% Space Free | Partition Type: NTFS Computer Name: MARC-PC1 Current User Name: Marc Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: On Skip Microsoft Files: Off File Age = 90 Days [Processes - Safe List] ots.exe -> C:\Users\Marc\Desktop\OTS.exe -> [2010/02/28 11:56:14 | 000,632,832 | ---- | M] (OldTimer Tools) flashutil10e.exe -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10e.exe -> [2010/01/26 19:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) jusched.exe -> C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe -> [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) teamviewer.exe -> C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe -> [2009/12/17 11:29:50 | 005,014,824 | ---- | M] (TeamViewer GmbH) teamviewer_service.exe -> C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -> [2009/12/17 11:04:18 | 000,185,640 | ---- | M] (TeamViewer GmbH) avgemc.exe -> C:\Program Files (x86)\AVG\AVG9\avgemc.exe -> [2009/11/11 10:11:52 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) avgam.exe -> C:\Program Files (x86)\AVG\AVG9\avgam.exe -> [2009/11/11 10:11:52 | 000,827,160 | ---- | M] (AVG Technologies CZ, s.r.o.) avgcsrvx.exe -> C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe -> [2009/11/11 10:11:52 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -> [2009/11/11 10:11:51 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) avgidsagent.exe -> C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2009/11/11 10:11:40 | 005,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) ituneshelper.exe -> C:\Program Files (x86)\iTunes\iTunesHelper.exe -> [2009/10/28 20:21:26 | 000,141,600 | ---- | M] (Apple Inc.) networklicenseserver.exe -> C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -> [2009/09/29 18:18:41 | 000,809,736 | ---- | M] (ABBYY) applemobiledeviceservice.exe -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) orblauncher.exe -> C:\Program Files (x86)\Orb Networks\Orb\bin\OrbLauncher.exe -> [2009/08/21 16:05:08 | 000,525,264 | ---- | M] (Orb Networks) orb.exe -> C:\Program Files (x86)\Orb Networks\Orb\bin\Orb.exe -> [2009/08/21 16:03:02 | 000,171,520 | ---- | M] (Orb Networks, Inc.) sprtcmd.exe -> C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe -> [2009/05/21 07:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) autosizer.exe -> C:\Program Files (x86)\AutoSizer\AutoSizer.exe -> [2009/05/11 21:56:42 | 000,131,072 | ---- | M] (South Bay Software) googletoolbarnotifier.exe -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2009/05/11 21:55:43 | 000,039,408 | ---- | M] (Google Inc.) ieuser.exe -> C:\Program Files (x86)\Internet Explorer\ieuser.exe -> [2009/04/11 01:27:39 | 000,299,520 | ---- | M] (Microsoft Corporation) mlb-nexdef-autobahn.exe -> C:\Users\Marc\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe -> [2009/04/01 16:51:34 | 000,801,032 | ---- | M] () ocxipcfg.exe -> C:\Windows\SysWOW64\ocxipcfg.exe -> [2009/02/13 03:57:39 | 000,327,680 | ---- | M] () sdwinsec.exe -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) docklogin.exe -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2008/12/18 12:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) sprtsvc.exe -> C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -> [2008/12/16 20:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) mdnsresponder.exe -> C:\Program Files (x86)\Bonjour\mDNSResponder.exe -> [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) pdvddxsrv.exe -> C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe -> [2008/05/23 13:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) brccmctl.exe -> C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe -> [2006/12/05 16:30:06 | 000,450,560 | ---- | M] (Brother Industries, Ltd.) brmfcwnd.exe -> C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe -> [2006/11/24 19:20:36 | 000,622,592 | ---- | M] (Brother Industries, Ltd.) brmfimon.exe -> C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe -> [2006/05/08 17:52:04 | 000,204,800 | ---- | M] (Brother Industries, Ltd.) [Modules - Safe List] ots.exe -> C:\Users\Marc\Desktop\OTS.exe -> [2010/02/28 11:56:14 | 000,632,832 | ---- | M] (OldTimer Tools) wininet.dll -> C:\Windows\SysWOW64\wininet.dll -> [2009/12/16 06:44:23 | 000,834,048 | ---- | M] (Microsoft Corporation) comdlg32.dll -> C:\Windows\SysWOW64\comdlg32.dll -> [2009/04/11 01:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) voxopmon.dll -> C:\Windows\SysWOW64\voxopmon.dll -> [2009/02/13 03:57:39 | 001,269,760 | ---- | M] () wsock32.dll -> C:\Windows\SysWOW64\wsock32.dll -> [2008/01/20 21:48:15 | 000,015,360 | ---- | M] (Microsoft Corporation) normaliz.dll -> C:\Windows\SysWOW64\normaliz.dll -> [2006/11/02 03:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] 64bit-(HitmanPro35CrusaderBoot) [Auto | Stopped] -> C:\Program Files\Hitman Pro 3.5\HitmanPro35_x64.exe -> [2010/02/27 17:26:12 | 006,607,168 | ---- | M] (SurfRight B.V.) 64bit-(iPod Service) [On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> [2009/10/28 20:21:28 | 000,660,256 | ---- | M] (Apple Inc.) 64bit-(FontCache) [On_Demand | Stopped] -> C:\Windows\SysNative\FntCache.dll -> [2009/09/24 20:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) 64bit-(Ati External Event Utility) [Auto | Running] -> C:\Windows\SysNative\Ati2evxx.exe -> [2009/02/24 02:49:22 | 000,901,120 | ---- | M] (ATI Technologies Inc.) 64bit-(DockLoginService) [Auto | Running] -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2008/12/18 12:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) 64bit-(AERTFilters) [Auto | Running] -> C:\Windows\SysNative\AERTSr64.exe -> [2008/02/15 10:33:34 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) 64bit-(vvdsvc) [Auto | Stopped] -> C:\Windows\SysNative\svchost.exe -> [2008/01/20 21:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) 64bit-(WinDefend) [Auto | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) (gupdate) Google Update Service (gupdate) [Auto | Stopped] -> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -> [2010/02/07 00:44:39 | 000,135,664 | ---- | M] (Google Inc.) (GoToAssist) GoToAssist [On_Demand | Stopped] -> C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -> [2009/12/25 12:59:14 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) (TeamViewer5) TeamViewer 5 [Auto | Running] -> C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -> [2009/12/17 11:04:18 | 000,185,640 | ---- | M] (TeamViewer GmbH) (avg9emc) AVG E-mail Scanner [Auto | Running] -> C:\Program Files (x86)\AVG\AVG9\avgemc.exe -> [2009/11/11 10:11:52 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) (avg9wd) AVG WatchDog [Auto | Running] -> C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -> [2009/11/11 10:11:51 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) (AVGIDSAgent) AVG9IDSAgent [Auto | Running] -> C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -> [2009/11/11 10:11:40 | 005,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) (LMIMaint) LogMeIn Maintenance Service [Auto | Running] -> C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -> [2009/10/01 17:57:31 | 000,120,640 | ---- | M] (LogMeIn, Inc.) (ABBYY.Licensing.FineReader.Professional.10.0) ABBYY FineReader 10 PE Licensing Service [Auto | Running] -> C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -> [2009/09/29 18:18:41 | 000,809,736 | ---- | M] (ABBYY) (vvdsvc) VJVodClientServices [Auto | Stopped] -> C:\Windows\SysWOW64\Nagasoft\vjocx.dll -> [2009/09/23 21:59:24 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) (Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) (gusvc) Google Software Updater [On_Demand | Stopped] -> C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/05/11 21:55:38 | 000,182,768 | ---- | M] (Google) (clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2009/03/29 23:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) (SBSDWSCService) SBSD Security Center Service [Auto | Running] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) [Auto | Running] -> C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -> [2008/12/16 20:14:42 | 000,206,064 | ---- | M] (SupportSoft, Inc.) (Bonjour Service) Bonjour Service [Auto | Running] -> C:\Program Files (x86)\Bonjour\mDNSResponder.exe -> [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) (Microsoft Office Groove Audit Service) Microsoft Office Groove Audit Service [On_Demand | Stopped] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -> [2008/10/25 10:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) (LogMeIn) LogMeIn [Auto | Running] -> C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -> [2008/07/24 17:46:08 | 000,057,920 | ---- | M] (LogMeIn, Inc.) (RoxLiveShare10) LiveShare P2P Server 10 [Auto | Stopped] -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -> [2008/05/14 09:32:18 | 000,309,744 | ---- | M] (Sonic Solutions) (RoxWatch10) Roxio Hard Drive Watcher 10 [Auto | Stopped] -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -> [2008/05/14 09:32:10 | 000,166,384 | ---- | M] (Sonic Solutions) (RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2008/05/14 09:31:38 | 001,120,752 | ---- | M] (Sonic Solutions) (stllssvr) stllssvr [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe -> [2008/03/24 06:35:22 | 000,074,384 | R--- | M] (MicroVision Development, Inc.) (Viewpoint Manager Service) Viewpoint Manager Service [Auto | Running] -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) (MSDTC) Distributed Transaction Coordinator [Unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2006/11/02 08:34:14 | 000,000,000 | ---D | M] (vds) Virtual Disk [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2006/11/02 01:35:15 | 000,060,994 | ---- | M] () (VSS) Volume Shadow Copy [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vss.mof -> [2006/11/02 01:35:15 | 000,055,846 | ---- | M] () (IDriverT) InstallDriver Table Manager [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [Driver Services - Safe List] 64bit-(AvgTdiA) AVG8 Network Redirector [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\avgtdia.sys -> [2009/11/11 10:12:39 | 000,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) 64bit-(AvgLdx64) AVG AVI Loader Driver x64 [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\avgldx64.sys -> [2009/11/11 10:12:39 | 000,422,920 | ---- | M] (AVG Technologies CZ, s.r.o.) 64bit-(AvgMfx64) AVG On-access Scanner Minifilter Driver x64 [File_System | System | Running] -> C:\Windows\SysNative\Drivers\avgmfx64.sys -> [2009/11/11 10:12:39 | 000,034,248 | ---- | M] (AVG Technologies CZ, s.r.o.) 64bit-(AvgRkx64) AvgRkx64 [File_System | Boot | Running] -> C:\Windows\SysNative\Drivers\avgrkx64.sys -> [2009/11/11 10:12:08 | 000,201,928 | ---- | M] (AVG Technologies CZ, s.r.o.) 64bit-(AVGIDSErHrvta) AVG9IDSErHr [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\AVGIDSva.sys -> [2009/11/11 10:12:08 | 000,027,144 | ---- | M] (AVG Technologies ) 64bit-(LMIRfsClientNP) LMIRfsClientNP [File_System | Disabled | Stopped] -> C:\Windows\SysNative\LMIRfsClientNP.dll -> [2009/10/01 17:57:23 | 000,087,384 | ---- | M] (LogMeIn, Inc.) 64bit-(WpdUsb) WpdUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\wpdusb.sys -> [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) 64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -> [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) 64bit-(HdAudAddService) Microsoft 1.1 UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HdAudio.sys -> [2009/04/11 00:39:51 | 000,275,456 | ---- | M] (Microsoft Corporation) 64bit-(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbaudio.sys -> [2009/04/11 00:39:34 | 000,098,944 | ---- | M] (Microsoft Corporation) 64bit-(R300) R300 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\atikmdag.sys -> [2009/02/24 02:49:28 | 004,598,784 | ---- | M] (ATI Technologies Inc.) 64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\atikmdag.sys -> [2009/02/24 02:49:28 | 004,598,784 | ---- | M] (ATI Technologies Inc.) 64bit-(laniwmag) laniwmag [File_System | Boot | Running] -> C:\Windows\SysNative\DRIVERS\laniwmag.sys -> [2009/02/13 03:57:39 | 000,059,920 | ---- | M] () 64bit-(USBModem) LGE CDMA USB Modem [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\lgx64modem.sys -> [2008/11/11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) 64bit-(UsbDiag) LGE CDMA USB Serial Port [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\lgx64diag.sys -> [2008/11/11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) 64bit-(usbbus) LGE CDMA Composite USB Device [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\lgx64bus.sys -> [2008/11/11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) 64bit-(OA002Vid) Creative Camera OA002 Function Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\OA002Vid.sys -> [2008/07/31 16:01:00 | 000,306,560 | ---- | M] (Creative Technology Ltd.) 64bit-(LMIRfsDriver) LogMeIn Remote File System Driver [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\LMIRfsDriver.sys -> [2008/07/24 17:46:08 | 000,072,216 | ---- | M] (LogMeIn, Inc.) 64bit-(lmimirr) lmimirr [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\lmimirr.sys -> [2008/07/24 17:45:20 | 000,011,552 | ---- | M] (LogMeIn, Inc.) 64bit-(RtNdPt60) Realtek NDIS Protocol Driver [Kernel | Auto | Running] -> C:\Windows\SysNative\DRIVERS\RtNdPt60.sys -> [2008/07/21 06:18:30 | 000,026,624 | ---- | M] (Windows (R) Codename Longhorn DDK provider) 64bit-(iaStor) Intel AHCI Controller [Kernel | Disabled | Stopped] -> C:\Windows\SysNative\drivers\iastor.sys -> [2008/07/15 07:14:10 | 000,395,288 | ---- | M] (Intel Corporation) 64bit-(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\Rtlh64.sys -> [2008/07/10 06:28:50 | 000,170,496 | ---- | M] (Realtek Corporation ) 64bit-(OA002Ufd) Creative Camera OA002 Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\OA002Ufd.sys -> [2008/06/03 08:30:38 | 000,168,864 | ---- | M] (Creative Technology Ltd.) 64bit-(PxHlpa64) PxHlpa64 [Kernel | Boot | Running] -> C:\Windows\SysNative\Drivers\PxHlpa64.sys -> [2008/04/08 02:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) 64bit-(Avc) AVC Device [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\avc.sys -> [2008/01/20 21:47:28 | 000,048,768 | ---- | M] (Microsoft Corporation) 64bit-(usbvideo) USB Video Device (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\usbvideo.sys -> [2008/01/20 21:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) 64bit-(StillCam) Still Serial Digital Camera Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\serscan.sys -> [2008/01/20 21:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) 64bit-(61883) 61883 Unit Device [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\61883.sys -> [2008/01/20 21:46:57 | 000,058,496 | ---- | M] (Microsoft Corporation) 64bit-(e1express) Intel(R) PRO/1000 PCI Express Network Connection Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\e1e6032e.sys -> [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) 64bit-(MSDV) Microsoft DV Camera and VCR [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\msdv.sys -> [2008/01/20 21:46:53 | 000,061,568 | ---- | M] (Microsoft Corporation) 64bit-(NPF) NetGroup Packet Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\npf.sys -> [2007/11/06 15:23:14 | 000,040,464 | ---- | M] (CACE Technologies) 64bit-(SCDEmu) SCDEmu [Kernel | System | Running] -> C:\Windows\SysNative\drivers\scdemu.sys -> [2007/08/06 19:21:32 | 000,057,776 | ---- | M] (PowerISO Computing, Inc.) 64bit-(OA002Afx) Provides a software interface to control audio effects of OA002 camera. [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\OA002Afx.sys -> [2007/06/07 16:00:02 | 000,219,544 | ---- | M] (Creative Technology Ltd.) (AVGIDSDrivervta) AVG9IDSDriver [Kernel | On_Demand | Running] -> C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista64\AVGIDSDriver.sys -> [2009/11/11 10:11:49 | 000,132,616 | ---- | M] (AVG Technologies ) (AVGIDSFiltervta) AVG9IDSFilter [Kernel | On_Demand | Running] -> C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista64\AVGIDSFilter.sys -> [2009/11/11 10:11:48 | 000,035,848 | ---- | M] (AVG Technologies ) (PCD5SRVC{048DBD20-445E8C82-05040104}) PCD5SRVC{048DBD20-445E8C82-05040104} - PCDR Kernel Mode Service Helper Driver [Kernel | On_Demand | Running] -> C:\Program Files (x86)\Dell Support Center\HWDiag\bin\pcd5srvc_x64.pkms -> [2008/11/04 18:16:40 | 000,028,152 | ---- | M] (PC-Doctor, Inc.) (LMIInfo) LogMeIn Kernel Information Provider [Kernel | Auto | Running] -> C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -> [2008/07/24 17:46:10 | 000,015,928 | ---- | M] (LogMeIn, Inc.) ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}) {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} [Kernel | Auto | Running] -> C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -> [2008/06/26 21:10:38 | 000,032,240 | ---- | M] (Cyberlink Corp.) (Tcpip) TCP/IP Protocol Driver [Kernel | Boot | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2006/09/18 16:36:40 | 000,003,066 | ---- | M] () (mpsdrv) Windows Firewall Authorization Driver [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2006/09/18 16:35:23 | 000,001,088 | ---- | M] () [Registry - Safe List] < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\] > -> -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\: Main\\"Default_Page_URL" -> http://g.msn.com/USCON/1 -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\: Main\\"Start Page" -> http://www.yahoo.com/ -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\: Main\\"StartPageCache" -> 1 -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\: URLSearchHooks\\"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" [HKLM] -> C:\Program Files (x86)\Search Settings\kb128\SearchSettings.dll [SearchSettings Class] -> [2009/07/29 15:39:38 | 001,153,024 | ---- | M] (Spigot, Inc.) HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\: "ProxyEnable" -> 0 -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\: "ProxyOverride" -> -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\: "ProxyServer" -> 67.69.254.254:80 -> < FireFox Settings [Prefs.js] > -> C:\Users\Marc\AppData\Roaming\Mozilla\FireFox\Profiles\h27346g7.default\prefs.js -> browser.startup.homepage -> "http://www.yahoo.com/" -> extensions.enabledItems -> joshua.carcione@gmail.com:1 -> extensions.enabledItems -> LogMeInClient@logmein.com:1.0.0.407 -> extensions.enabledItems -> firefox@tvunetworks.com:2 -> extensions.enabledItems -> 4 -> extensions.enabledItems -> 8 -> extensions.enabledItems -> 1 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} -> C:\Program Files\Real\RealPlayer\browserrecord [C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD] -> [2009/05/30 10:00:43 | 000,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\Program Files (x86)\AVG\AVG9\Firefox [C:\PROGRAM FILES (X86)\AVG\AVG9\FIREFOX] -> [2009/12/10 08:07:28 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2009/11/14 18:24:59 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.1\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2009/12/25 12:54:47 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\Marc\AppData\Roaming\Mozilla\Extensions -> [2009/07/13 10:24:47 | 000,000,000 | ---D | M] -> C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\h27346g7.default\extensions -> [2009/09/17 21:33:21 | 000,000,000 | ---D | M] -> C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\h27346g7.default\extensions\firefox@tvunetworks.com -> [2009/10/22 17:07:25 | 000,000,000 | ---D | M] -> C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\h27346g7.default\extensions\joshua.carcione@gmail.com -> [2009/07/13 17:03:09 | 000,000,000 | ---D | M] -> C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\h27346g7.default\extensions\LogMeInClient@logmein.com -> [2009/07/15 20:17:51 | 000,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2010/02/12 19:39:29 | 000,000,000 | ---D | M] -> C:\Program Files (x86)\Mozilla Firefox\extensions\search@searchsettings.com -> [2009/11/03 11:40:41 | 000,000,000 | ---D | M] < HOSTS File > ([2009/05/11 22:03:09 | 000,306,011 | R--- | M] - 10581 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> First 25 entries... Reset Hosts 127.0.0.1 localhost ::1 localhost 127.0.0.1 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1001namen.com 127.0.0.1 1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 10sek.com < 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG9\avgssiea.dll [AVG Safe Search] -> [2009/12/10 08:06:46 | 002,129,688 | ---- | M] (AVG Technologies CZ, s.r.o.) {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar Helper] -> [2010/01/31 12:05:19 | 000,373,872 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll [Google Toolbar Notifier BHO] -> [2010/02/07 00:44:37 | 000,319,984 | ---- | M] (Google Inc.) < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 11:07:26 | 000,075,128 | ---- | M] (Adobe Systems Incorporated) {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2009/05/30 10:00:43 | 000,312,928 | ---- | M] (RealPlayer) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2009/12/10 08:06:45 | 001,484,056 | ---- | M] (AVG Technologies CZ, s.r.o.) {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009/01/26 14:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 14:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/02/17 15:11:04 | 000,408,440 | ---- | M] (Microsoft Corporation) {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/01/31 12:05:12 | 000,279,664 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [Google Toolbar Notifier BHO] -> [2010/02/07 00:44:37 | 000,812,528 | ---- | M] (Google Inc.) {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2010/01/11 20:42:48 | 000,041,760 | ---- | M] (Sun Microsystems, Inc.) {E312764E-7706-43F1-8DAB-FCDD2B1E416D} [HKLM] -> C:\Program Files (x86)\Search Settings\kb128\SearchSettings.dll [SearchSettings Class] -> [2009/07/29 15:39:38 | 001,153,024 | ---- | M] (Spigot, Inc.) < 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2010/01/31 12:05:19 | 000,373,872 | ---- | M] (Google Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/01/31 12:05:12 | 000,279,664 | ---- | M] (Google Inc.) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\] > -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 64bit-WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2010/01/31 12:05:19 | 000,373,872 | ---- | M] (Google Inc.) WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/01/31 12:05:12 | 000,279,664 | ---- | M] (Google Inc.) WebBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "" -> [] -> File not found "LogMeIn GUI" -> C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe ["C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"] -> [2008/07/24 17:46:08 | 000,057,928 | ---- | M] (LogMeIn, Inc.) "RtHDVCpl" -> C:\Windows\RAVCpl64.exe [RAVCpl64.exe] -> [2008/07/18 07:42:18 | 006,431,232 | ---- | M] (Realtek Semiconductor) "Skytel" -> [Skytel.exe] -> File not found "Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/20 21:47:32 | 001,584,184 | ---- | M] (Microsoft Corporation) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/02/27 16:10:28 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) "AVG9_TRAY" -> C:\Program Files (x86)\AVG\AVG9\avgtray.exe [C:\PROGRA~2\AVG\AVG9\avgtray.exe] -> [2009/12/23 09:25:15 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) "Bonus.SSR.FR10" -> C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe ["C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun] -> [2009/10/07 09:59:54 | 000,939,272 | ---- | M] (ABBYY.) "BrMfcWnd" -> C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe ["C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN] -> [2006/11/24 19:20:36 | 000,622,592 | ---- | M] (Brother Industries, Ltd.) "ControlCenter3" -> C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe ["C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun] -> [2006/07/19 13:51:54 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) "DellSupportCenter" -> C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe ["C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter] -> [2009/05/21 07:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) "Google Quick Search Box" -> C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe ["C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun] -> [2009/08/28 22:36:18 | 000,122,368 | ---- | M] (Google Inc.) "iTunesHelper" -> C:\Program Files (x86)\iTunes\iTunesHelper.exe ["C:\Program Files (x86)\iTunes\iTunesHelper.exe"] -> [2009/10/28 20:21:26 | 000,141,600 | ---- | M] (Apple Inc.) "PDVDDXSrv" -> C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe ["C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"] -> [2008/05/23 13:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) "QuickTime Task" -> C:\Program Files (x86)\Orb Networks\Orb\bin\QT Lite\QTTask.exe ["C:\Program Files (x86)\Orb Networks\Orb\bin\QT Lite\QTTask.exe" -atboottime] -> [2009/09/05 01:54:42 | 000,417,792 | ---- | M] (Apple Inc.) "RoxWatchTray" -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe ["C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"] -> [2008/05/14 09:31:58 | 000,244,208 | ---- | M] (Sonic Solutions) "SearchSettings" -> C:\Program Files (x86)\Search Settings\SearchSettings.exe [C:\Program Files (x86)\Search Settings\SearchSettings.exe] -> [2009/07/29 15:52:10 | 001,024,512 | ---- | M] (Spigot, Inc.) "StartCCC" -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2008/01/21 11:17:18 | 000,061,440 | ---- | M] (Advanced Micro Devices, Inc.) "SunJavaUpdateSched" -> C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ["C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"] -> [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 01:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) "WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 01:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 01:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) "WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 01:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\] > -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Aim6" -> [] -> File not found "AutoSizer" -> C:\Program Files (x86)\AutoSizer\AutoSizer.exe ["C:\Program Files (x86)\AutoSizer\AutoSizer.exe"] -> [2009/05/11 21:56:42 | 000,131,072 | ---- | M] (South Bay Software) "Messenger (Yahoo!)" -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe ["C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet] -> [2009/05/26 20:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.) "SpybotSD TeaTimer" -> C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe] -> [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) "swg" -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2009/05/11 21:55:43 | 000,039,408 | ---- | M] (Google Inc.) "WMPNSCFG" -> C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoActiveDesktop" -> [1] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000] > -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> < 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\] > -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> Download All Files by HiDownload -> C:\Program Files (x86)\StreamingStar\HiDownload\HDGetAll.htm [C:\Program Files (x86)\StreamingStar\HiDownload\HDGetAll.htm] -> [2007/11/03 20:18:20 | 000,000,664 | ---- | M] () Download by HiDownload -> C:\Program Files (x86)\StreamingStar\HiDownload\HDGet.htm [C:\Program Files (x86)\StreamingStar\HiDownload\HDGet.htm] -> [2007/11/03 20:17:58 | 000,001,793 | ---- | M] () Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> [2010/01/31 12:06:02 | 000,848,896 | ---- | M] (Google Inc.) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\] > -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> Append to existing PDF -> Reg Error: Value error. [Reg Error: Value error.] -> File not found Convert link target to Adobe PDF -> Reg Error: Value error. [Reg Error: Value error.] -> File not found Convert link target to existing PDF -> Reg Error: Value error. [Reg Error: Value error.] -> File not found Convert selected links to Adobe PDF -> Reg Error: Value error. [Reg Error: Value error.] -> File not found Convert selected links to existing PDF -> Reg Error: Value error. [Reg Error: Value error.] -> File not found Convert selection to Adobe PDF -> Reg Error: Value error. [Reg Error: Value error.] -> File not found Convert selection to existing PDF -> Reg Error: Value error. [Reg Error: Value error.] -> File not found Convert to Adobe PDF -> Reg Error: Value error. [Reg Error: Value error.] -> File not found Download All Files by HiDownload -> C:\Program Files (x86)\StreamingStar\HiDownload\HDGetAll.htm [C:\Program Files (x86)\StreamingStar\HiDownload\HDGetAll.htm] -> [2007/11/03 20:18:20 | 000,000,664 | ---- | M] () Download by HiDownload -> C:\Program Files (x86)\StreamingStar\HiDownload\HDGet.htm [C:\Program Files (x86)\StreamingStar\HiDownload\HDGet.htm] -> [2007/11/03 20:17:58 | 000,001,793 | ---- | M] () Google Sidewiki... -> C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll [res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html] -> [2010/01/31 12:06:02 | 000,848,896 | ---- | M] (Google Inc.) < 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {7F9DB11C-E358-4ca6-A83D-ACC663939424}:{9999A076-A9E2-4C99-8A2B-632FC9429223} [HKLM] -> C:\Program Files\Bonjour\ExplorerPlugin.dll [Button: Bonjour] -> [2008/12/12 10:12:12 | 000,838,656 | ---- | M] (Apple Inc.) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2008/12/02 21:27:36 | 000,187,224 | ---- | M] (Microsoft Corporation) {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2008/12/02 21:27:36 | 000,187,224 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2008/10/25 06:52:00 | 000,604,056 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2008/10/25 06:52:00 | 000,604,056 | ---- | M] (Microsoft Corporation) {7F9DB11C-E358-4ca6-A83D-ACC663939424}:{9999A076-A9E2-4C99-8A2B-632FC9429223} [HKLM] -> C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll [Button: Bonjour] -> [2008/12/12 10:11:44 | 000,516,096 | ---- | M] (Apple Inc.) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2009/01/26 14:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\] > -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\Software\Microsoft\Internet Explorer\Extensions\ -> 64bit-{F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"ButtonText" [HKLM] -> [Reg Error: Key error.] -> File not found {F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"ButtonText" [HKLM] -> [Reg Error: Key error.] -> File not found 64bit-{F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"CLSID" [HKLM] -> [{0000031A-0000-0000-C000-000000000046}] -> File not found {F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"CLSID" [HKLM] -> [{0000031A-0000-0000-C000-000000000046}] -> File not found 64bit-{F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"Default Visible" [HKLM] -> [Reg Error: Key error.] -> File not found {F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"Default Visible" [HKLM] -> [Reg Error: Key error.] -> File not found 64bit-{F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"Exec" [HKLM] -> [Reg Error: Key error.] -> File not found {F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"Exec" [HKLM] -> [Reg Error: Key error.] -> File not found 64bit-{F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"HotIcon" [HKLM] -> [Reg Error: Key error.] -> File not found {F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"HotIcon" [HKLM] -> [Reg Error: Key error.] -> File not found 64bit-{F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"Icon" [HKLM] -> [Reg Error: Key error.] -> File not found {F4FBA929-A891-492C-A0F6-5C79CC4F1742}\\"Icon" [HKLM] -> [Reg Error: Key error.] -> File not found < 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5492 domain(s) found. -> < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5492 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5492 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5492 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\] > -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5494 domain(s) found. -> support_dell.com [http] -> Trusted sites -> ssologin.dhs_state.nj.us [https] -> Trusted sites -> webmail.dhs_state.nj.us [https] -> Trusted sites -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\] > -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab [Facebook Photo Uploader 5 Control] -> {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} [HKLM] -> http://fb.familylink.com/we_are_related/stream/core/lib/AurigmaImageUploader/ImageUploader5.cab [Image Uploader Control] -> {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} [HKLM] -> http://support.dell.com/systemprofiler/DellSystemLite.CAB [DellSystemLite.Scanner] -> {8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab [Facebook Photo Uploader 5 Control] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab [Java Plug-in 1.6.0_18] -> {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab [Java Plug-in 1.6.0_18] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab [Java Plug-in 1.6.0_18] -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} [HKLM] -> https://secure.logmein.com/activex/ractrl.cab?lmi=100 [Performance Viewer Activex Control] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.2.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {422F20E5-37F8-4A42-B0B7-0ECF16D0F71C}\\DhcpNameServer -> 192.168.2.1 (Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)) -> < 64bit-AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 64bit-*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> avgrssta.dll -> C:\Windows\SysNative\avgrssta.dll -> [2009/11/11 10:12:09 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) *MultiFile Done* -> -> < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000] > -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_USERS\S-1-5-21-4099910235-4113496858-431632383-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> GoToAssist -> C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll -> File not found < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009/02/12 14:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) < Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications -> < Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications -> 64bit-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List \List\\"$INSTDIR\FlvDetector.exe" -> C:\FlashGet Network\Flashget 3\FlvDetector.exe [C:\FlashGet Network\Flashget 3\FlvDetector.exe:*:Enabled:FGFlvDetector] -> File not found \List\\"C:\FlashGet Network\Flashget 3\FlashGet3.exe" -> C:\FlashGet Network\Flashget 3\FlashGet3.exe [C:\FlashGet Network\Flashget 3\FlashGet3.exe:*:Enabled:Flashget3] -> File not found < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {12C3D00F-4059-42F4-8D70-2190F54A4B33} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32811 | app=%systemroot%\system32\svchost.exe | svc=fdrespub | {15C64E04-3C9A-419F-AC34-208BC636B507} -> lport=2869 | profile=domain | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | {187D05E1-67B2-4006-B874-D1F1AF7A6E76} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | {1A50BF9A-46FE-4AAE-8E5D-18E20BFBCB88} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32805 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {1AED49C3-7DCE-453E-822C-33D2083D877D} -> lport=1900 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32753 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {23975FAA-D477-4E87-94E8-3F9E58A6B476} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=file and printer sharing (smb-out) | app=system | {24BF40CC-59E0-4953-9690-1AD6226EAE25} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | {2869FF2D-EB3C-4BBC-A3D0-69C2C9759DB2} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | {2EA667B5-0024-4B72-9526-309F8C779242} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=file and printer sharing (nb-name-out) | app=system | {384AF196-3479-41CF-AE3B-5AEC2040A593} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | {3D0A8E87-1A47-46E5-8631-52962124D99E} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=file and printer sharing (spooler service - rpc) | app=c:\windows\system32\spoolsv.exe | svc=spooler | {4F41FC1E-E173-40E3-B55F-47787BD3D28E} -> rport=1900 | profile=domain | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {5BDCE05C-7A7A-4505-B072-2608F7BA401C} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=file and printer sharing (nb-datagram-out) | app=system | {7B882761-5616-45FE-B7F5-22D6931CA260} -> lport=54925 | profile=private | protocol=17 | dir=in | action=allow | name=brother | {8F9186CB-6718-4BC0-91B5-F78620A477C8} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=file and printer sharing (nb-session-in) | app=system | {8FCC9CAD-61D8-4FC3-913E-056B80E88910} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32801 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {A5CAFD42-2B3E-49C9-B014-7B60427E1EDF} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | {A6724CCE-994A-4EA8-8835-A6014A1A1D55} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32785 | app=%systemroot%\system32\svchost.exe | svc=fdphost | {B5140F19-2973-4AC1-A616-120413E26030} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=file and printer sharing (nb-name-in) | app=system | {C0B6AF32-7C7C-458C-B167-861980E1D998} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32789 | app=%systemroot%\system32\svchost.exe | svc=fdphost | {C1A51926-45F7-4BA9-9B4C-9576BC7EDFE1} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32809 | app=%systemroot%\system32\svchost.exe | svc=fdrespub | {D1CCD6A4-DC5D-4E03-94C1-96CF0C906BBA} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=file and printer sharing (nb-datagram-in) | app=system | {DA1A2A97-05C0-4166-8D74-5E49125CA428} -> lport=1900 | profile=domain | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {E0505DA3-8A4B-467A-9129-55CE242B255C} -> lport=6004 | profile=private | protocol=17 | dir=in | action=allow | name=microsoft office outlook | app=c:\program files (x86)\microsoft office\office12\outlook.exe | {E415AFC8-E9B9-4361-A211-FCC1F56C98E2} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=file and printer sharing (nb-session-out) | app=system | {ED197BC5-0256-411F-AC96-FF8A061F902E} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=file and printer sharing (spooler service - rpc-epmap) | svc=rpcss | {EFADE38A-BCC4-4373-94CA-DFD3580D89DA} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | {F9DE0670-0E73-482C-8C4D-A5922A20D67D} -> rport=1900 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32757 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {FAD1BAA8-EC49-4F49-A0A4-23EF244C461A} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=file and printer sharing (smb-in) | app=system | < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {001A8BB7-B748-4342-8619-240D4A8CDAB1} -> profile=public | protocol=17 | dir=in | action=allow | name=advanced networking service | app=c:\program files (x86)\common files\dell\advanced networking service\hnm_svc.exe | {002F1F8D-14E3-4A74-9158-FBAED3DB29B6} -> profile=private | protocol=6 | dir=in | action=allow | name=μtorrent (tcp-in) | app=c:\program files (x86)\utorrent\utorrent.exe | {036504D9-2973-4D69-ABAA-51AC602AAF61} -> profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | {05242E27-74D4-4FA1-94CE-CAE67B789E80} -> profile=private | dir=in | action=allow | name=avgnsa.exe | app=c:\program files (x86)\avg\avg8\avgnsa.exe | {07C1EAF2-627E-408B-94BB-21E26D83A7CA} -> profile=private | protocol=17 | dir=in | action=allow | name=orblauncher | app=c:\program files (x86)\orb networks\orb\bin\orblauncher.exe | {0C053C32-E22A-4944-B234-1CD3BD5C99C9} -> profile=private | protocol=17 | dir=in | action=allow | name=pplive | app=c:\program files (x86)\pplive\pplive.exe | {0F2E9D5D-A3C0-41B7-9D44-CDFA5D043FEE} -> profile=private | protocol=6 | dir=in | action=allow | name=orb stream client | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe | {13EA75AD-38D2-4B1B-865E-4FEC66333274} -> profile=private | protocol=17 | dir=in | action=allow | name=μtorrent (udp-in) | app=c:\program files (x86)\utorrent\utorrent.exe | {15FAC64C-12F9-4127-A7D5-A5A1F964C700} -> profile=public | protocol=17 | dir=in | action=allow | name=dell remote access | app=c:\program files (x86)\dell remote access\ezi_ra.exe | {1973E77E-EBFC-4C2C-82D6-A698229F566B} -> profile=private | protocol=17 | dir=in | action=allow | name=orbtray | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | {1AFCA161-4053-49EB-944F-5D31C5EE1EC3} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31325 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {1D3619F0-CCB5-49E3-980A-F7F0F2B71BA8} -> profile=domain | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | {1F197E93-4DF9-4672-ADA4-01AD7402C7D1} -> profile=private | protocol=6 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | {23E9F842-3437-4E14-9310-EA6BC07B1808} -> profile=domain | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | {31A95D80-D05B-4D1A-9B64-AFE504B0F063} -> profile=private | protocol=6 | dir=in | action=allow | name=tv network service | app=c:\program files (x86)\snapstream media\beyond tv\btvnetworkservice.exe | {3273C816-DD11-426F-B815-9CDEAFB09A4A} -> profile=private | protocol=17 | dir=in | action=allow | name=orbsetupwizard | app=c:\program files (x86)\orb networks\orb\bin\orbsetupwizard.exe | {40DBCD49-A338-4A61-A467-09EF0D102A48} -> profile=private | protocol=17 | dir=in | action=allow | name=aim | app=c:\program files (x86)\aim6\aim6.exe | {40E3DE66-F1EB-49F5-9DD1-836FDD5603BA} -> profile=private | protocol=6 | dir=in | action=allow | name=bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | {43116DEE-F2EC-4BB9-A462-B235FABF00EF} -> profile=private | protocol=6 | dir=in | action=allow | name=aol loader | app=c:\program files (x86)\common files\aol\loader\aolload.exe | {441A721E-9584-4E55-AEF6-18EFA1CDE5D0} -> profile=private | protocol=6 | dir=in | action=allow | name=dell video chat | app=c:\program files (x86)\dell video chat\dellvideochat.exe | {466124E3-C661-4B8A-BD13-63E0477A4DE6} -> profile=private | protocol=6 | dir=in | action=allow | name=piolet | app=c:\program files (x86)\piolet\piolet.exe | {46B9AA82-01B5-4519-A893-AF0C4C670620} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | {493D30E1-EE87-4309-8A3C-1A1A123CC074} -> profile=private | protocol=17 | dir=in | action=allow | name=orbtvguide | app=c:\program files (x86)\orb networks\orb\bin\xmltv.exe | {4A8228C0-3A4F-4A0B-9A10-34FD5188CA11} -> profile=private | protocol=17 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | {4BE99E38-6F54-4DDA-848C-6415B5DEE1EB} -> profile=private | protocol=6 | dir=in | action=allow | name=hitman pro 3.5 | app=c:\program files\hitman pro 3.5\hitmanpro35_x64.exe | {50FB5713-033F-4601-9D77-6EE85FC74A43} -> profile=private | protocol=17 | dir=in | action=allow | name=orb stream client | app=c:\program files (x86)\orb networks\orb\bin\orbstreamerclient.exe | {515565BB-DD06-46FC-9C27-032903459B96} -> profile=private | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | {56AA4950-6A80-43FB-9EA8-819A415EB249} -> profile=private | protocol=6 | dir=in | action=allow | name=microsoft office groove | app=c:\program files (x86)\microsoft office\office12\groove.exe | {5AF46526-81C4-4917-AD94-D3D80403A819} -> profile=private | protocol=17 | dir=in | action=allow | name=piolet | app=c:\program files (x86)\piolet\piolet.exe | {5BCD7BC9-C9C6-4884-BA24-D0B796173D13} -> profile=private | protocol=17 | dir=in | action=allow | name=orbir | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe | {5DD3FD27-90FB-44F0-9B54-420126220CAB} -> profile=private | protocol=17 | dir=in | action=allow | name=dell video chat | app=c:\program files (x86)\dell video chat\dellvideochat.exe | {5FA2BEC4-F722-4419-8E5B-6D29F6569979} -> profile=private | protocol=6 | dir=in | action=allow | name=orbcontrolpanel | app=c:\program files (x86)\orb networks\orb\bin\orbcontrolpanel.exe | {611E7546-8237-4B23-A7C0-7BE122FA386B} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | {62C1D441-5DE8-46CF-A27D-22C2C6544371} -> profile=private | protocol=6 | dir=in | action=allow | name=tv guide data loader | app=c:\program files (x86)\snapstream media\beyond tv\btvguidedataloader.exe | {63505412-5931-47C7-9B2A-97EECA91C260} -> profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-32821 | app=%systemroot%\system32\svchost.exe | svc=upnphost | {67A50EEB-8A47-4C26-8930-DEB3061DE7A8} -> profile=private | protocol=17 | dir=in | action=allow | name=microsoft office groove | app=c:\program files (x86)\microsoft office\office12\groove.exe | {694D104C-97B9-4D73-9ADF-714282D3AB75} -> profile=private | protocol=6 | dir=in | action=allow | name=orbsetupwizard | app=c:\program files (x86)\orb networks\orb\bin\orbsetupwizard.exe | {6C39AB5D-2F34-413D-B3BC-42BCA2A22B52} -> profile=private | protocol=6 | dir=in | action=allow | name=tv recording engine | app=c:\program files (x86)\snapstream media\beyond tv\btvrecordingengine.exe | {6CE5607D-AA4B-46AB-BAC1-6604BA9B056D} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31324 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {6DDD2672-5FCC-4E3E-B1EE-D4450494519F} -> profile=private | protocol=17 | dir=in | action=allow | name=aol loader | app=c:\program files (x86)\common files\aol\loader\aolload.exe | {6E05F07F-76BA-4B74-8F8D-585027E281BC} -> profile=private | protocol=1 | dir=in | action=allow | name=file and printer sharing (echo request - icmpv4-in) | {70E32EF8-C340-4410-9F83-BFEBED26C221} -> profile=private | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | {71CFCC81-7066-402C-B3B7-9A91A2F90EBD} -> profile=private | protocol=6 | dir=in | action=allow | name=tv registration service | app=c:\program files (x86)\snapstream media\beyond tv\btvregistrationservice.exe | {77ABAF78-289D-4A59-B21C-C995F0DC6E80} -> profile=private | protocol=17 | dir=in | action=allow | name=tv registration service | app=c:\program files (x86)\snapstream media\beyond tv\btvregistrationservice.exe | {783814D3-196A-413E-ABFD-8D78083FAEE6} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | {785B2ADD-3425-4401-83B6-19EBB11640FA} -> profile=private | protocol=17 | dir=in | action=allow | name=tv network service | app=c:\program files (x86)\snapstream media\beyond tv\btvnetworkservice.exe | {7B94C420-B0B1-4CEA-8FBB-2EBB467A0F6B} -> profile=private | protocol=17 | dir=in | action=allow | name=hitman pro 3.5 | app=c:\program files\hitman pro 3.5\hitmanpro35_x64.exe | {7E55842D-F66E-4E91-AA74-D03601B15911} -> profile=private | protocol=6 | dir=in | action=allow | name=ppliveva | app=c:\program files (x86)\ppliveva\ppliveva.exe | {7E84DEBC-AD6E-4EF9-9ECC-28AEDC69A14D} -> profile=private | protocol=6 | dir=in | action=allow | name=yahoo! messenger | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | {80B20C37-427A-43E6-B32E-153345384E87} -> profile=private | protocol=17 | dir=in | action=allow | name=bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe | {8521B6A9-1B25-48F3-AD13-13CC4F682C66} -> profile=private | protocol=17 | dir=in | action=allow | name=scanner utility | app=c:\program files (x86)\brother\brmfl06a\brscutil.exe | {86DBE18C-098B-4553-81EF-B0630C104FCF} -> profile=private | protocol=17 | dir=in | action=allow | name=tv setup wizard | app=c:\program files (x86)\snapstream media\beyond tv\setupwizard.exe | {8D4374AC-D557-4DC8-9910-2DE1EC2B19F9} -> profile=private | protocol=6 | dir=in | action=allow | name=orbtray | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | {8F978869-2678-423E-8677-53E2802B56CB} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | {939A977C-DB5B-4DE3-B15F-90D3B2440EE2} -> profile=domain | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {96D0007A-0559-42C3-91E9-6360C4BB7F5F} -> profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | {9AE956B7-E948-4A0C-A26A-5C3B540D7894} -> profile=private | protocol=17 | dir=in | action=allow | name=teamviewer remote control application | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | {A20A272E-FB0F-49E9-89F7-6236EDDBCB6B} -> profile=private | protocol=17 | dir=in | action=allow | name=ppliveva | app=c:\program files (x86)\ppliveva\ppliveva.exe | {A2C57428-A0D0-48A8-BC5C-9BD5213A6374} -> profile=private | protocol=6 | dir=in | action=allow | name=teamviewer remote control application | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe | {A4A70679-450F-4D3E-BA1F-5386227872B8} -> profile=private | protocol=6 | dir=in | action=allow | name=tv setup wizard | app=c:\program files (x86)\snapstream media\beyond tv\setupwizard.exe | {A5C65942-F14B-4DD9-840E-85114E4AA763} -> profile=private | protocol=17 | dir=in | action=allow | name=tv task manager service | app=c:\program files (x86)\snapstream media\beyond tv\btvtaskmanagerservice.exe | {A614ED06-2F5E-4A64-B99F-1C00AD8FD8B3} -> profile=private | protocol=6 | dir=in | action=allow | name=tv settings service | app=c:\program files (x86)\snapstream media\beyond tv\btvsettingsservice.exe | {A88A29D7-BEAA-4CC1-90EF-E023ACFE8642} -> profile=private | protocol=6 | dir=in | action=allow | name=orblauncher | app=c:\program files (x86)\orb networks\orb\bin\orblauncher.exe | {AC368AC6-952A-4F7A-8E13-3E8499DFDF7A} -> profile=private | protocol=6 | dir=in | action=allow | name=scanner utility | app=c:\program files (x86)\brother\brmfl06a\brscutil.exe | {ACEF24EA-4DBC-4E1D-8368-9983CB526104} -> profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | {AF4C330F-3919-45C1-B031-07FE12BF7E4A} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | {B039D4A4-28E7-4671-85FF-3F5775713A1E} -> profile=domain | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {B03A6E1F-902F-42F5-8C91-B19B869B297F} -> profile=private | protocol=6 | dir=in | action=allow | name=orbir | app=c:\program files (x86)\orb networks\orb\bin\orbir.exe | {B422553F-22C2-4AB6-8B22-CF1FCE551CD0} -> profile=private | protocol=17 | dir=in | action=allow | name=tv viewscape | app=c:\program files (x86)\snapstream media\beyond tv\btvd3dshell.exe | {B6961308-ADCC-4D3B-9FE2-DB5ED6B9FCC9} -> profile=private | protocol=6 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | {B6A1134F-82E2-4048-B25D-43ABEF576CB3} -> profile=private | protocol=6 | dir=in | action=allow | name=tv task manager service | app=c:\program files (x86)\snapstream media\beyond tv\btvtaskmanagerservice.exe | {B7D40D31-D10C-4682-A578-085E46239CF3} -> profile=private | protocol=17 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe | {B911D861-8A80-434F-8806-A4163D86319A} -> profile=private | protocol=17 | dir=in | action=allow | name=tv playback engine | app=c:\program files (x86)\snapstream media\beyond tv\btvplaybackengine.exe | {BBCFCA23-4DF2-469B-BC09-70FA801FEE3B} -> profile=private | protocol=17 | dir=in | action=allow | name=yahoo! messenger | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | {BC18817C-CE4D-491D-BE41-76C6E9759263} -> profile=private | protocol=6 | dir=in | action=allow | name=orbtvguide | app=c:\program files (x86)\orb networks\orb\bin\xmltv.exe | {BCE21D65-CD9F-4F15-A81C-FA042E84667F} -> dir=in | action=allow | name=cyberlink powerdvd dx | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe | {BF9164DF-BD6C-4554-9C39-6C11CE47F80C} -> profile=private | protocol=6 | dir=in | action=allow | name=pplive | app=c:\program files (x86)\pplive\pplive.exe | {C2CD6587-55C1-4F35-BBB9-D8F8CF217630} -> profile=private | protocol=6 | dir=in | action=allow | name=aim | app=c:\program files (x86)\aim6\aim6.exe | {CAB34CB9-340F-47EB-9B9E-8CEE5EA0EC3F} -> dir=in | action=allow | name=windows live sync | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | {CB910C89-8398-4A06-97D8-AB8DBDBA980A} -> profile=private | dir=in | action=allow | name=avgupd.exe | app=c:\program files (x86)\avg\avg8\avgupd.exe | {CD936DEF-AD9B-4A5E-8145-B149EF374785} -> profile=private | protocol=58 | dir=in | action=allow | name=file and printer sharing (echo request - icmpv6-in) | {D02A119F-522F-401A-AC73-5F5D8EB20156} -> profile=private | dir=in | action=allow | name=avgdiagex.exe | app=c:\program files (x86)\avg\avg9\avgdiagex.exe | {D1069165-A265-4028-91AC-FB0CE96031FD} -> profile=public | protocol=6 | dir=in | action=allow | name=advanced networking service | app=c:\program files (x86)\common files\dell\advanced networking service\hnm_svc.exe | {D41E285F-15FD-446D-8B07-F68FD28F207B} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | {D943D42B-BC3A-4994-AF8E-0832DD6730D8} -> profile=private | protocol=17 | dir=in | action=allow | name=tv guide data loader | app=c:\program files (x86)\snapstream media\beyond tv\btvguidedataloader.exe | {D9E7E2DB-6AEA-4B25-9C30-DB9CBF739B03} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31323 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {DA4CE840-0436-4750-B375-AAC794B07944} -> profile=public | protocol=17 | dir=in | action=allow | name=dell video chat | app=c:\program files (x86)\dell video chat\dellvideochat.exe | {DC7D1780-F727-48D5-93B2-83A958D6828D} -> profile=domain | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {DE2748D6-2BF0-4A2B-968F-A7B1F795A769} -> profile=private | protocol=17 | dir=in | action=allow | name=orbcontrolpanel | app=c:\program files (x86)\orb networks\orb\bin\orbcontrolpanel.exe | {DEC05B9E-9E1D-43BC-9269-6A608FA859AE} -> dir=in | action=allow | name=cyberlink powerdvd dx resident program | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe | {DFF7225A-C7D0-4867-9186-D5C8720C7EA4} -> profile=private | protocol=6 | dir=in | action=allow | name=tv viewscape | app=c:\program files (x86)\snapstream media\beyond tv\btvd3dshell.exe | {E2CBE59A-6EF5-4D38-9DD1-3AA0C8CE673F} -> profile=private | protocol=6 | dir=in | action=allow | name=tv playback engine | app=c:\program files (x86)\snapstream media\beyond tv\btvplaybackengine.exe | {E553B585-E170-457B-ADE9-4AC95F5A367D} -> profile=public | protocol=6 | dir=in | action=allow | name=dell video chat | app=c:\program files (x86)\dell video chat\dellvideochat.exe | {E612B842-D748-4658-A28D-BDDA0E328893} -> profile=private | dir=in | action=allow | name=avgemc.exe | app=c:\program files (x86)\avg\avg8\avgemc.exe | {E6E4384D-B116-4E23-9DE2-FB8D1E08BB8F} -> profile=private | protocol=17 | dir=in | action=allow | name=tv settings service | app=c:\program files (x86)\snapstream media\beyond tv\btvsettingsservice.exe | {F0066CF8-3A6B-492A-8517-8F9092B53B9C} -> profile=private | dir=in | action=allow | name=avgam.exe | app=c:\program files (x86)\avg\avg9\avgam.exe | {F26C4278-EF12-41B6-8044-1C988073BDB6} -> profile=private | protocol=17 | dir=in | action=allow | name=tv recording engine | app=c:\program files (x86)\snapstream media\beyond tv\btvrecordingengine.exe | {F73DA4B2-EF2F-4253-BF5B-334D5A1EEB0E} -> profile=private | protocol=1 | dir=out | action=allow | name=file and printer sharing (echo request - icmpv4-out) | {F790CCED-A4EA-4068-81E4-C6CF5054FF4F} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | {FB1D7766-66A1-48B2-9C3A-97CB1A3E521B} -> profile=public | protocol=6 | dir=in | action=allow | name=dell remote access | app=c:\program files (x86)\dell remote access\ezi_ra.exe | {FDD9BAF8-AF4E-4453-AA9D-1399F56A247D} -> profile=private | protocol=58 | dir=out | action=allow | name=file and printer sharing (echo request - icmpv6-out) | TCP Query User{00E0A40A-5586-44E7-9783-EE9A45471B50}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe -> profile=private | protocol=6 | dir=in | action=allow | name=streamtorrent p2p media player | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe | TCP Query User{06548EB3-0A1B-4CE8-A648-A7EA68C374DD}C:\program files (x86)\orb networks\orb\bin\orblauncher.exe -> profile=public | protocol=6 | dir=in | action=allow | name=orblauncher | app=c:\program files (x86)\orb networks\orb\bin\orblauncher.exe | TCP Query User{208EC0EA-5EEE-493E-B403-A621BCF434E8}C:\program files (x86)\sopcast\sopcast.exe -> profile=private | protocol=6 | dir=in | action=allow | name=sopcast main application | app=c:\program files (x86)\sopcast\sopcast.exe | TCP Query User{2B662BE7-DC91-4B9D-A274-B2A78227267E}C:\program files (x86)\internet explorer\iexplore.exe -> profile=private | protocol=6 | dir=in | action=allow | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe | TCP Query User{420579A5-A93B-46B0-9371-1AE90EC95B96}C:\flashget network\flashget 3\flashget3.exe -> profile=private | protocol=6 | dir=in | action=allow | name=flashget3 | app=c:\flashget network\flashget 3\flashget3.exe | TCP Query User{48C35550-4DEC-4283-9E77-54DE69EA1A18}C:\program files\foxit software\pdf editor\pdfedit.exe -> profile=private | protocol=6 | dir=in | action=allow | name=foxit pdf editor, the first real editor for pdf files! | app=c:\program files\foxit software\pdf editor\pdfedit.exe | TCP Query User{8344D23B-685A-4795-8F34-75E3ACFB0885}C:\program files (x86)\safari\safari.exe -> profile=private | protocol=6 | dir=in | action=allow | name=safari | app=c:\program files (x86)\safari\safari.exe | TCP Query User{970EDC21-8408-42F5-92C4-43F2F730BB68}C:\program files (x86)\tvants\tvants.exe -> profile=private | protocol=6 | dir=in | action=allow | name=tvants | app=c:\program files (x86)\tvants\tvants.exe | TCP Query User{98821A17-FA9A-4B06-ABD9-23BCA3B9149F}C:\program files (x86)\orb networks\orb\bin\orbtray.exe -> profile=public | protocol=6 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | TCP Query User{9A38C640-15D9-4236-9F40-F80EEA767101}C:\program files (x86)\sopcast\adv\sopadver.exe -> profile=private | protocol=6 | dir=in | action=allow | name=sopcast adver | app=c:\program files (x86)\sopcast\adv\sopadver.exe | TCP Query User{CC7758BF-064F-49C1-8EC3-3A72A93E9F4C}C:\program files (x86)\flashget\flashget.exe -> profile=private | protocol=6 | dir=in | action=allow | name=flashget | app=c:\program files (x86)\flashget\flashget.exe | TCP Query User{D392C4AE-7835-44D9-BF9B-BDD2B6F174F2}C:\users\marc\appdata\local\temp\fgcn_548.exe -> profile=private | protocol=6 | dir=in | action=allow | name=fgcn_548.exe | app=c:\users\marc\appdata\local\temp\fgcn_548.exe | TCP Query User{F25CD05B-34A5-4716-8F90-0F8E9C7F7163}C:\program files (x86)\orb networks\orb\bin\orb.exe -> profile=public | protocol=6 | dir=in | action=allow | name=orb application | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | UDP Query User{07476CC2-96B6-4D09-B772-590375C5E584}C:\program files (x86)\sopcast\adv\sopadver.exe -> profile=private | protocol=17 | dir=in | action=allow | name=sopcast adver | app=c:\program files (x86)\sopcast\adv\sopadver.exe | UDP Query User{07EA463F-2585-4A22-8158-CCA60FF8CF50}C:\program files (x86)\safari\safari.exe -> profile=private | protocol=17 | dir=in | action=allow | name=safari | app=c:\program files (x86)\safari\safari.exe | UDP Query User{0A7EFF13-DFDC-4E3E-87A6-69FE8BB62F94}C:\program files\foxit software\pdf editor\pdfedit.exe -> profile=private | protocol=17 | dir=in | action=allow | name=foxit pdf editor, the first real editor for pdf files! | app=c:\program files\foxit software\pdf editor\pdfedit.exe | UDP Query User{1D34B4DB-6BC0-4BB4-BD2D-EE63B4FB5499}C:\program files (x86)\internet explorer\iexplore.exe -> profile=private | protocol=17 | dir=in | action=allow | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe | UDP Query User{322F88CC-BC5E-462E-8C04-1782A12398C6}C:\program files (x86)\orb networks\orb\bin\orblauncher.exe -> profile=public | protocol=17 | dir=in | action=allow | name=orblauncher | app=c:\program files (x86)\orb networks\orb\bin\orblauncher.exe | UDP Query User{3F95A1FF-F5F0-46C5-A14A-B8E41901530B}C:\users\marc\appdata\local\temp\fgcn_548.exe -> profile=private | protocol=17 | dir=in | action=allow | name=fgcn_548.exe | app=c:\users\marc\appdata\local\temp\fgcn_548.exe | UDP Query User{72B45909-83F0-40E7-A2E5-8532932934E2}C:\program files (x86)\orb networks\orb\bin\orbtray.exe -> profile=public | protocol=17 | dir=in | action=allow | name=orb | app=c:\program files (x86)\orb networks\orb\bin\orbtray.exe | UDP Query User{75AE3CE5-89CF-4A9C-92D8-1E20701E8702}C:\program files (x86)\sopcast\sopcast.exe -> profile=private | protocol=17 | dir=in | action=allow | name=sopcast main application | app=c:\program files (x86)\sopcast\sopcast.exe | UDP Query User{818E3488-9B1F-4CC5-B8D7-B6D702D9584D}C:\program files (x86)\flashget\flashget.exe -> profile=private | protocol=17 | dir=in | action=allow | name=flashget | app=c:\program files (x86)\flashget\flashget.exe | UDP Query User{91252BA7-B7F5-45BB-9622-1B4CF7A2B657}C:\program files (x86)\orb networks\orb\bin\orb.exe -> profile=public | protocol=17 | dir=in | action=allow | name=orb application | app=c:\program files (x86)\orb networks\orb\bin\orb.exe | UDP Query User{9786A0AC-F0CD-4016-914A-A5F05AB28D56}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe -> profile=private | protocol=17 | dir=in | action=allow | name=streamtorrent p2p media player | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe | UDP Query User{9D4525C3-039C-47D5-A06B-B0001627909C}C:\flashget network\flashget 3\flashget3.exe -> profile=private | protocol=17 | dir=in | action=allow | name=flashget3 | app=c:\flashget network\flashget 3\flashget3.exe | UDP Query User{F217704C-B7C2-4145-8DCB-EABA97CE73CB}C:\program files (x86)\tvants\tvants.exe -> profile=private | protocol=17 | dir=in | action=allow | name=tvants | app=c:\program files (x86)\tvants\tvants.exe | < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "$INSTDIR\FlvDetector.exe" -> C:\FlashGet Network\Flashget 3\FlvDetector.exe [C:\FlashGet Network\Flashget 3\FlvDetector.exe:*:Enabled:FGFlvDetector] -> File not found "C:\FlashGet Network\Flashget 3\FlashGet3.exe" -> C:\FlashGet Network\Flashget 3\FlashGet3.exe [C:\FlashGet Network\Flashget 3\FlashGet3.exe:*:Enabled:Flashget3] -> File not found < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> C:\Windows\SysNative\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/04/11 00:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) < Drives with AutoRun files > -> -> E:\autorun.inf [[autorun] | action=Install H&R Block Tax Software | open=tcauto.exe | icon=tcauto.exe | ] -> E:\autorun.inf [ CDFS ] -> [2009/10/22 13:03:35 | 000,000,082 | R--- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{f31169fd-3441-11de-b22e-806e6f6e6963} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f31169fd-3441-11de-b22e-806e6f6e6963}\shell \{f31169fd-3441-11de-b22e-806e6f6e6963}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f31169fd-3441-11de-b22e-806e6f6e6963}\shell\AutoRun\command \{f31169fd-3441-11de-b22e-806e6f6e6963}\shell\AutoRun\command\\"" -> E:\tcauto.exe [E:\tcauto.exe] -> [2009/10/09 11:18:00 | 008,062,448 | R--- | M] (HR Block ) < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> 64bit-comfile [open] -> "%1" %* -> File not found 64bit-exefile [open] -> "%1" %* -> File not found comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> [Registry - Additional Scans - Safe List] < 64bit-Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE -> [2001/02/13 00:01:04 | 000,083,360 | ---- | M] (Microsoft Corporation) < 64bit-Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> Dell DataSafe Online hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe -> [2008/11/03 08:54:00 | 001,745,648 | ---- | M] () FlashGet 3 hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\FlashGet Network\Flashget 3\Flashget3.exe -> File not found Google Quick Search Box hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe -> [2009/08/28 22:36:18 | 000,122,368 | ---- | M] (Google Inc.) GrooveMonitor hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe -> [2008/10/25 10:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) PWRISOVM.EXE hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -> [2007/08/06 19:05:46 | 000,200,704 | ---- | M] (PowerISO Computing, Inc.) SightSpeed hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe -> [2008/12/17 23:27:22 | 004,823,928 | ---- | M] (Dell Inc. and SightSpeed Inc.) Skytel hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found swg hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2009/05/11 21:55:43 | 000,039,408 | ---- | M] (Google Inc.) TkBellExe hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe -> [2009/05/30 10:00:26 | 000,198,160 | ---- | M] (RealNetworks, Inc.) < 64bit-Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "bootini" -> 2 -> "startup" -> 2 -> < 64bit-Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "aux" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "aux1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "aux2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "midi" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "midi1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "midi2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "midimapper" -> C:\Windows\SysNative\midimap.dll [midimap.dll] -> [2009/04/11 02:11:15 | 000,020,480 | ---- | M] (Microsoft Corporation) "mixer" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "mixer1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "mixer2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "msacm.imaadpcm" -> C:\Windows\SysNative\imaadp32.acm [imaadp32.acm] -> [2006/11/02 06:15:38 | 000,021,504 | ---- | M] (Microsoft Corporation) "msacm.l3acm" -> C:\Windows\SysNative\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2008/01/20 21:51:45 | 000,072,192 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.msadpcm" -> C:\Windows\SysNative\msadp32.acm [msadp32.acm] -> [2006/11/02 06:15:38 | 000,022,528 | ---- | M] (Microsoft Corporation) "msacm.msg711" -> C:\Windows\SysNative\msg711.acm [msg711.acm] -> [2006/11/02 06:15:38 | 000,014,336 | ---- | M] (Microsoft Corporation) "msacm.msgsm610" -> C:\Windows\SysNative\msgsm32.acm [msgsm32.acm] -> [2006/11/02 06:15:38 | 000,028,672 | ---- | M] (Microsoft Corporation) "MSVideo8" -> C:\Windows\SysNative\vfwwdm32.dll [VfWWDM32.dll] -> [2008/01/20 21:50:46 | 000,067,584 | ---- | M] (Microsoft Corporation) "vidc.i420" -> C:\Windows\SysNative\iyuv_32.dll [iyuv_32.dll] -> [2009/12/04 13:49:49 | 000,054,272 | ---- | M] (Microsoft Corporation) "VIDC.IYUV" -> C:\Windows\SysNative\iyuv_32.dll [iyuv_32.dll] -> [2009/12/04 13:49:49 | 000,054,272 | ---- | M] (Microsoft Corporation) "vidc.mrle" -> C:\Windows\SysNative\msrle32.dll [msrle32.dll] -> [2009/12/04 13:50:33 | 000,015,872 | ---- | M] (Microsoft Corporation) "vidc.msvc" -> C:\Windows\SysNative\msvidc32.dll [msvidc32.dll] -> [2009/12/04 13:50:37 | 000,038,400 | ---- | M] (Microsoft Corporation) "VIDC.UYVY" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/04 13:50:40 | 000,025,600 | ---- | M] (Microsoft Corporation) "VIDC.YUY2" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/04 13:50:40 | 000,025,600 | ---- | M] (Microsoft Corporation) "VIDC.YVU9" -> C:\Windows\SysNative\tsbyuv.dll [tsbyuv.dll] -> [2009/12/04 13:52:22 | 000,014,848 | ---- | M] (Microsoft Corporation) "VIDC.YVYU" -> C:\Windows\SysNative\msyuv.dll [msyuv.dll] -> [2009/12/04 13:50:40 | 000,025,600 | ---- | M] (Microsoft Corporation) "wave" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "wave1" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "wave2" -> C:\Windows\SysNative\wdmaud.drv [wdmaud.drv] -> [2009/04/11 02:09:50 | 000,212,992 | ---- | M] (Microsoft Corporation) "wavemapper" -> C:\Windows\SysNative\msacm32.drv [msacm32.drv] -> [2009/04/11 02:09:50 | 000,025,600 | ---- | M] (Microsoft Corporation) < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.ac3acm" -> C:\Windows\SysWow64\ac3acm.acm [ac3acm.acm] -> [2007/09/20 19:52:46 | 000,118,784 | ---- | M] (fccHandler) "msacm.avis" -> C:\Windows\SysWow64\ff_acm.acm [ff_acm.acm] -> [2008/05/24 09:55:00 | 000,006,144 | ---- | M] () "msacm.l3acm" -> C:\Windows\SysWOW64\l3codeca.acm [C:\Windows\SysWOW64\l3codeca.acm] -> [2008/01/20 21:51:46 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "msacm.lameacm" -> C:\Windows\SysWow64\lameACM.acm [lameACM.acm] -> [2008/09/24 13:41:12 | 000,839,680 | ---- | M] (http://www.mp3dev.org/) "vidc.cvid" -> C:\Windows\SysWow64\iccvid.dll [iccvid.dll] -> [2006/11/02 10:02:31 | 000,081,920 | ---- | M] (Radius Inc.) "VIDC.DIVX" -> C:\Windows\SysWow64\divx.dll [divx.dll] -> [2008/09/15 19:11:56 | 000,683,520 | ---- | M] (DivX, Inc.) "VIDC.FFDS" -> C:\Windows\SysWow64\ff_vfw.dll [ff_vfw.dll] -> [2008/05/24 09:55:00 | 000,007,680 | ---- | M] () "vidc.tscc" -> C:\Windows\SysWow64\tsccvid.dll [tsccvid.dll] -> [2005/06/15 02:00:00 | 000,102,400 | ---- | M] (TechSmith Corporation) "vidc.XVID" -> C:\Windows\SysWow64\xvidvfw.dll [xvidvfw.dll] -> [2008/01/10 07:16:20 | 000,159,839 | ---- | M] () "VIDC.YV12" -> C:\Windows\SysWow64\yv12vfw.dll [yv12vfw.dll] -> [2004/01/25 11:18:44 | 000,217,088 | ---- | M] (www.helixcommunity.org) < 64bit-Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysNative\icardie.dll [InformationCardSigninHelper Class] -> [2008/01/20 21:48:23 | 000,085,504 | ---- | M] (Microsoft Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysNative\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009/04/11 02:11:15 | 000,758,272 | ---- | M] (Microsoft Corporation) {333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysNative\tdc.ocx [Tabular Data Control] -> [2008/01/20 21:49:13 | 000,077,824 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/09/10 12:12:13 | 013,428,224 | ---- | M] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/04/11 02:11:16 | 000,221,696 | ---- | M] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysNative\RegCtrl.dll [Registration Control] -> [2008/01/20 21:48:47 | 000,048,640 | ---- | M] (Microsoft Corporation) {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysNative\msnetobj.dll [RMGetLicense Class] -> [2009/04/11 02:11:16 | 000,221,696 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> Reg Error: Key error. [Adobe PDF Reader] -> File not found {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysNative\scrrun.dll [Scripting.Dictionary] -> [2009/04/11 02:11:24 | 000,198,656 | ---- | M] (Microsoft Corporation) 3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 435899C9-44AB-11D1-AF00-080036234103 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 4F664F91-FF01-11D0-8AED-00C04FD7B597 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 65303443-AD66-11D1-9D65-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 92337A8C-E11D-11D0-BE48-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found C3701884-B39B-11D1-9D68-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {01010E00-5E80-11D8-9E86-0007E96C65AE} [HKLM] -> C:\Program Files (x86)\Common Files\supportsoft\bin\tgctlsi.dll [SupportSoft SmartIssue] -> [2009/05/21 07:59:24 | 001,103,144 | ---- | M] (SupportSoft, Inc.) {01011300-5E80-11D8-9E86-0007E96C65AE} [HKLM] -> C:\Program Files (x86)\Common Files\supportsoft\bin\sdcnetcheck.dll [SdcNetCheckCtl Class] -> [2009/05/21 07:59:24 | 000,386,344 | ---- | M] (SupportSoft, Inc.) {01012101-5E80-11D8-9E86-0007E96C65AE} [HKLM] -> C:\Program Files (x86)\Common Files\supportsoft\bin\tgctlsr.dll [SupportSoft Script Runner Class] -> [2009/05/21 07:59:24 | 000,599,336 | ---- | M] (SupportSoft, Inc.) {01113300-3E00-11D2-8470-0060089874ED} [HKLM] -> C:\Program Files (x86)\Common Files\supportsoft\bin\tgctlcm.dll [Support.com Configuration Class] -> [2009/05/21 07:59:24 | 000,296,232 | ---- | M] (SupportSoft, Inc.) {01118D00-3E00-11D2-8470-0060089874ED} [HKLM] -> C:\Program Files (x86)\Common Files\supportsoft\bin\tgctlpw.dll [SupportSoft Password Reset Class] -> [2008/12/16 20:15:00 | 000,284,200 | ---- | M] (SupportSoft, Inc.) {01119000-3E00-11D2-8470-0060089874ED} [HKLM] -> C:\Program Files (x86)\Common Files\supportsoft\bin\ssmail.dll [SdcMail Class] -> [2008/12/16 20:15:00 | 000,661,032 | ---- | M] (SupportSoft, Inc.) {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2008/10/25 05:18:50 | 000,172,880 | ---- | M] () {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files (x86)\Orb Networks\Orb\bin\QT Lite\QTPlugin.ocx [QuickTime Object] -> [2009/09/05 01:55:06 | 000,795,952 | ---- | M] (Apple Inc.) {03D19749-C5FA-4CCC-99AB-00AB2AF45ACD} [HKLM] -> C:\Windows\Downloaded Program Files\RACtrl.dll [File Transfer ActiveX Client] -> [2009/09/24 10:06:36 | 004,023,624 | ---- | M] () {03F998B2-0E00-11D3-A498-00104B6EB52E} [HKLM] -> C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\AxMetaStream.dll [MetaStreamCtl Class] -> [2008/02/06 19:58:48 | 000,262,214 | ---- | M] (Viewpoint Corporation) {07B06095-5687-4D13-9E32-12B4259C9813} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSUPLD.DLL [STSUpld UploadCtl Class] -> [2006/10/26 18:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {0D012ABD-CEED-11D2-9C76-00105AA73033} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveDocumentShareTool.dll [Groove DocumentShareView] -> [2009/02/14 05:03:38 | 003,070,832 | ---- | M] (Microsoft Corporation) {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysWOW64\icardie.dll [InformationCardSigninHelper Class] -> [2008/01/20 21:49:21 | 000,063,488 | ---- | M] (Microsoft Corporation) {1B00725B-C455-4DE6-BFB6-AD540AD427CD} [HKLM] -> C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\AxMetaStream.dll [MetaStreamCtl Class] -> [2008/02/06 19:58:48 | 000,262,214 | ---- | M] (Viewpoint Corporation) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HKLM] -> C:\Windows\SysWOW64\mshtmled.dll [HtmlDlgSafeHelper Class] -> [2009/04/11 01:28:20 | 000,477,184 | ---- | M] (Microsoft Corporation) {333C7BC4-460F-11D0-BC04-0080C7055A83} [HKLM] -> C:\Windows\SysWOW64\tdc.ocx [Tabular Data Control] -> [2008/01/20 21:49:59 | 000,066,560 | ---- | M] (Microsoft Corporation) {3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Spreadsheet Launcher] -> [2009/03/06 03:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files (x86)\Orb Networks\Orb\bin\QT Lite\QTPlugin.ocx [QuickTime Object] -> [2009/09/05 01:55:06 | 000,795,952 | ---- | M] (Apple Inc.) {4849E17D-2DEF-40D7-98DE-DB555B4A589C} [HKLM] -> C:\Windows\Downloaded Program Files\RACtrl.dll [Telnet ActiveX Client] -> [2009/09/24 10:06:36 | 004,023,624 | ---- | M] () {556EEC63-31E2-47C3-BF29-DFF799D2FE04} [HKLM] -> C:\Windows\Downloaded Program Files\RACtrl.dll [Remote Access ActiveX Client] -> [2009/09/24 10:06:36 | 004,023,624 | ---- | M] () {56A58823-AE99-11D5-B90B-0050DACD1F75} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveCommonComponents.dll [Groove Data List Display] -> [2009/02/14 05:03:28 | 002,687,336 | ---- | M] (Microsoft Corporation) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2009/12/17 17:14:04 | 000,108,320 | ---- | M] (Sun Microsystems, Inc.) {62B4D041-4667-40B6-BB50-4BC0A5043A73} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Export Database Launcher] -> [2009/03/06 03:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSLIST.DLL [Microsoft Office List 12.0] -> [2009/03/06 02:01:06 | 002,335,648 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11d3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/09/10 11:49:49 | 010,626,560 | ---- | M] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/04/11 01:28:21 | 000,179,712 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8075631E-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\INLAUNCH.DLL [SharepointOpenXMLDocuments] -> [2009/03/06 03:26:06 | 000,065,400 | ---- | M] (Microsoft Corporation) {88d969c0-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XML DOM Document 4.0] -> [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c1-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [Free Threaded XML DOM Document 4.0] -> [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c2-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XML Schema Cache 4.0] -> [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c3-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XSL Template 4.0] -> [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c4-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XML Data Source Object 4.0] -> [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88d969c5-f192-11d4-a65f-0040963251e5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XML HTTP 4.0] -> [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_18] -> [2009/12/17 17:14:04 | 000,108,320 | ---- | M] () {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\SysWOW64\RegCtrl.dll [Registration Control] -> [2008/01/20 21:49:42 | 000,040,960 | ---- | M] (Microsoft Corporation) {9203C2CB-1DC1-482D-967E-597AFF270F0D} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint OpenDocuments Class] -> [2009/03/06 03:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {9E385F0A-0BA2-430C-96AA-4399C5E40F6C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\SysWOW64\msnetobj.dll [RMGetLicense Class] -> [2009/04/11 01:28:21 | 000,179,712 | ---- | M] (Microsoft Corporation) {BAEB32D0-732D-11d2-8BF4-0060B0A4A9EA} [HKLM] -> C:\Program Files (x86)\AIM6\services\imApp\ver6_9_15_1\isAim.dll [aimlocator Class] -> [2009/05/19 00:18:18 | 000,062,256 | ---- | M] (AOL LLC) {BDEADE3E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientEventSubscription Class] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientMiscApis Class] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE40-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCommentThread Class] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE42-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientComment Class] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE43-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSBrowserUI Class] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWS Post Data] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [SharePoint Spreadsheet Launcher] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB3-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB7-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionServers Class] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB8-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCollaboration Class] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDA-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussion] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDB-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussions] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDC-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServer] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDD-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServers] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OSE Global Class] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEE0-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionBar Class] -> [2008/11/21 01:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office10\OWSSUPP.DLL [SharePoint OpenDocuments Class] -> [2001/02/16 00:11:26 | 000,042,400 | ---- | M] (Microsoft Corporation) {BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint Stssync Handler] -> File not found {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Stssync Handler] -> [2009/03/06 03:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {C2828995-4A83-4100-A212-3024BA117356} [HKLM] -> C:\Program Files (x86)\Windows Live SkyDrive\Microsoft.Live.Folders.RichUpload.3.dll [Windows Live Upload Tool] -> [2008/10/29 10:46:56 | 000,245,112 | ---- | M] (Microsoft Corporation) {C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2008/10/25 05:18:46 | 000,054,152 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2009/02/27 11:07:48 | 000,660,840 | ---- | M] (Adobe Systems, Inc.) {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_18] -> [2009/12/17 17:14:04 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_18] -> [2009/12/17 17:14:04 | 000,108,320 | ---- | M] () {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_18] -> [2009/12/17 17:14:04 | 000,108,320 | ---- | M] () {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deploytk.dll [Deployment Toolkit] -> [2009/12/17 17:14:00 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files (x86)\Orb Networks\Orb\bin\QT Lite\QTPlugin.ocx [Behavior Object] -> [2009/09/05 01:55:06 | 000,795,952 | ---- | M] (Apple Inc.) {CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\STSUPLD.DLL [STSUpld CopyCtl Class] -> [2006/10/26 18:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> C:\Windows\SysWOW64\rmoc3260.dll [RealPlayer G2 Control] -> [2009/05/30 10:00:37 | 000,185,920 | ---- | M] (RealNetworks, Inc.) {D2517915-48CE-4286-970F-921E881B8C5C} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Control] -> [2009/02/17 15:11:04 | 000,408,440 | ---- | M] (Microsoft Corporation) {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10e.ocx [Shockwave Flash Object] -> [2010/01/26 19:58:36 | 003,981,080 | R--- | M] (Adobe Systems, Inc.) {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files (x86)\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2009/10/28 20:21:16 | 000,111,912 | ---- | M] (Apple Inc.) {DA4F543C-C8A9-4E88-9A79-548CBB46F18F} [HKLM] -> C:\Program Files (x86)\Yahoo!\Messenger\YPagerChecker.dll [MessengerChecker Class] -> [2009/05/26 20:06:34 | 000,103,664 | ---- | M] (Yahoo! Inc.) {DFEAF541-F3E1-4c24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\3.0.50106.0\npctrl.dll [Microsoft Silverlight] -> [2010/01/06 00:33:56 | 000,876,872 | ---- | M] ( Microsoft Corporation) {E01D1C6A-4F40-11D3-8958-00105A272DCF} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveTextTools.dll [Groove Text View] -> [2009/02/14 05:03:54 | 001,161,568 | ---- | M] (Microsoft Corporation) {E543A17A-F212-49C0-B63D-BF09B460250E} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\oisctrl.dll [OISClientLauncher Class] -> [2009/03/06 03:23:50 | 000,022,432 | ---- | M] (Microsoft Corporation) {E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Portal\PortalConnectCore.dll [PersonalSite Class] -> [2008/10/26 04:42:16 | 000,482,656 | ---- | M] () {EE09B103-97E0-11CF-978F-00A02463E06F} [HKLM] -> C:\Windows\SysWOW64\scrrun.dll [Scripting.Dictionary] -> [2009/04/11 01:28:24 | 000,172,032 | ---- | M] (Microsoft Corporation) {F3FFF5F4-A643-447E-A5A5-0B5F760C7F4A} [HKLM] -> C:\Program Files (x86)\Google\Update\1.2.183.17\npGoogleOneClick8.dll [Google Update Plugin] -> [2010/02/26 04:49:20 | 000,220,656 | ---- | M] (Google Inc.) {FA5369ED-D19A-434C-8F59-EE90D690D36C} [HKLM] -> C:\Windows\Downloaded Program Files\RACtrl.dll [Chat Activex Control] -> [2009/09/24 10:06:36 | 004,023,624 | ---- | M] () {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} [HKLM] -> C:\Windows\Downloaded Program Files\RACtrl.dll [Performance Viewer Activex Control] -> [2009/09/24 10:06:36 | 004,023,624 | ---- | M] () 3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 435899C9-44AB-11D1-AF00-080036234103 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 4F664F91-FF01-11D0-8AED-00C04FD7B597 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 65303443-AD66-11D1-9D65-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 92337A8C-E11D-11D0-BE48-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found C3701884-B39B-11D1-9D68-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2009/02/27 11:07:32 | 000,061,816 | ---- | M] (Adobe Systems Incorporated) {0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> C:\Windows\Downloaded Program Files\PhotoUploader5.ocx [Facebook Photo Uploader 5 Control] -> [2008/10/10 14:44:58 | 003,536,384 | ---- | M] () {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 11:07:26 | 000,075,128 | ---- | M] (Adobe Systems Incorporated) 64bit-{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2010/01/31 12:05:19 | 000,373,872 | ---- | M] (Google Inc.) {2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/01/31 12:05:12 | 000,279,664 | ---- | M] (Google Inc.) {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2009/05/30 10:00:43 | 000,312,928 | ---- | M] (RealPlayer) 64bit-{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG9\avgssiea.dll [AVG Safe Search] -> [2009/12/10 08:06:46 | 002,129,688 | ---- | M] (AVG Technologies CZ, s.r.o.) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2009/12/10 08:06:45 | 001,484,056 | ---- | M] (AVG Technologies CZ, s.r.o.) {47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009/01/26 14:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {556EEC63-31E2-47C3-BF29-DFF799D2FE04} [HKLM] -> C:\Windows\Downloaded Program Files\RACtrl.dll [Remote Access ActiveX Client] -> [2009/09/24 10:06:36 | 004,023,624 | ---- | M] () {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} [HKLM] -> C:\Windows\Downloaded Program Files\ImageUploader5.ocx [Image Uploader Control] -> [2009/04/16 13:58:46 | 003,577,352 | ---- | M] () 64bit-{6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/09/10 12:12:13 | 013,428,224 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/09/10 11:49:49 | 010,626,560 | ---- | M] (Microsoft Corporation) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 14:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/02/17 15:11:04 | 000,408,440 | ---- | M] (Microsoft Corporation) 64bit-{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar Helper] -> [2010/01/31 12:05:19 | 000,373,872 | ---- | M] (Google Inc.) {AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/01/31 12:05:12 | 000,279,664 | ---- | M] (Google Inc.) {AE7CD045-E861-484F-8273-0445EE161910} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 64bit-{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll [Google Toolbar Notifier BHO] -> [2010/02/07 00:44:37 | 000,319,984 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [Google Toolbar Notifier BHO] -> [2010/02/07 00:44:37 | 000,812,528 | ---- | M] (Google Inc.) {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10e.ocx [Shockwave Flash Object] -> [2010/01/26 19:58:36 | 003,981,080 | R--- | M] (Adobe Systems, Inc.) {DBC80044-A445-435B-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2010/01/11 20:42:48 | 000,041,760 | ---- | M] (Sun Microsystems, Inc.) {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} [HKLM] -> C:\Windows\Downloaded Program Files\RACtrl.dll [Performance Viewer Activex Control] -> [2009/09/24 10:06:36 | 004,023,624 | ---- | M] () < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> 64bit-{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Script Object] -> [2010/01/31 12:05:19 | 000,373,872 | ---- | M] (Google Inc.) {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Script Object] -> [2010/01/31 12:05:12 | 000,279,664 | ---- | M] (Google Inc.) {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {0468C085-CA5B-11D0-AF08-00609797F0E0} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL [Outlook Today's Data-binding control] -> [2009/08/17 21:54:46 | 000,136,520 | ---- | M] () {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2009/02/27 11:07:32 | 000,061,816 | ---- | M] (Adobe Systems Incorporated) {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found {0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> C:\Windows\Downloaded Program Files\PhotoUploader5.ocx [Facebook Photo Uploader 5 Control] -> [2008/10/10 14:44:58 | 003,536,384 | ---- | M] () {116BA71C-8187-4F15-9A1F-C9D6289155D1} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 11:07:26 | 000,075,128 | ---- | M] (Adobe Systems Incorporated) 64bit-{19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysNative\icardie.dll [InformationCardSigninHelper Class] -> [2008/01/20 21:48:23 | 000,085,504 | ---- | M] (Microsoft Corporation) {19916E01-B44E-4E31-94A4-4696DF46157B} [HKLM] -> C:\Windows\SysWOW64\icardie.dll [InformationCardSigninHelper Class] -> [2008/01/20 21:49:21 | 000,063,488 | ---- | M] (Microsoft Corporation) {1EB0FE44-B210-47FE-BADE-04D617312B39} [HKLM] -> C:\Program Files (x86)\Veetle\plugins\Veetle.ocx [Veetle TV Core] -> [2009/07/13 17:43:24 | 000,870,424 | ---- | M] (Veetle Inc) {219C3416-8CB2-491A-A3C7-D9FCDDC9D600} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {21FA44EF-376D-4D53-9B0F-8A89D3229068} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {22BF413B-C6D2-4D91-82A9-A0F997BA588C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 64bit-{22D6F312-B0F6-11D0-94AB-0080C74C7E95} [HKLM] -> C:\Windows\SysNative\wmpdxm.dll [Windows Media Player] -> [2009/07/15 09:47:00 | 000,368,128 | ---- | M] (Microsoft Corporation) {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [HKLM] -> C:\Windows\SysWOW64\wmpdxm.dll [Windows Media Player] -> [2009/07/15 07:39:58 | 000,313,344 | ---- | M] (Microsoft Corporation) 64bit-{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar] -> [2010/01/31 12:05:19 | 000,373,872 | ---- | M] (Google Inc.) {2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2010/01/31 12:05:12 | 000,279,664 | ---- | M] (Google Inc.) {2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2974c985-8151-4de5-b23c-b875f0a8522f} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2009/05/30 10:00:43 | 000,312,928 | ---- | M] (RealPlayer) {38481807-CA0E-42D2-BF39-B33AF135CC4D} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Smart Tag\IETAG.DLL [IETag Factory] -> [2009/04/02 11:01:44 | 000,177,520 | ---- | M] (Microsoft Corporation) 64bit-{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG9\avgssiea.dll [AVG Safe Search] -> [2009/12/10 08:06:46 | 002,129,688 | ---- | M] (AVG Technologies CZ, s.r.o.) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2009/12/10 08:06:45 | 001,484,056 | ---- | M] (AVG Technologies CZ, s.r.o.) {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} [HKLM] -> C:\Windows\SysWOW64\TVUAx\npTVUAx.dll [CTVUAxCtrl Object] -> [2009/09/14 03:07:46 | 002,506,040 | ---- | M] (TVU networks) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files (x86)\Orb Networks\Orb\bin\QT Lite\QTPlugin.ocx [QuickTime Object] -> [2009/09/05 01:55:06 | 000,795,952 | ---- | M] (Apple Inc.) {47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {5067A26B-1337-4436-8AFE-EE169C2DA79F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009/01/26 14:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) {556EEC63-31E2-47C3-BF29-DFF799D2FE04} [HKLM] -> C:\Windows\Downloaded Program Files\RACtrl.dll [Remote Access ActiveX Client] -> [2009/09/24 10:06:36 | 004,023,624 | ---- | M] () {5C255C8A-E604-49B4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} [HKLM] -> C:\Windows\Downloaded Program Files\ImageUploader5.ocx [Image Uploader Control] -> [2009/04/16 13:58:46 | 003,577,352 | ---- | M] () 64bit-{6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysNative\wmp.dll [Windows Media Player] -> [2009/09/10 12:12:13 | 013,428,224 | ---- | M] (Microsoft Corporation) {6BF52A52-394A-11D3-B153-00C04F79FAA6} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [Windows Media Player] -> [2009/09/10 11:49:49 | 010,626,560 | ---- | M] (Microsoft Corporation) {6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} [HKLM] -> C:\Windows\Downloaded Program Files\DellSystemLite.ocx [DellSystemLite.Scanner] -> [2009/08/18 05:35:20 | 000,051,120 | ---- | M] () {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 14:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {7F9DB11C-E358-4CA6-A83D-ACC663939424} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> C:\Windows\Downloaded Program Files\PhotoUploader55.ocx [Facebook Photo Uploader 5 Control] -> [2009/07/29 20:21:24 | 003,540,488 | ---- | M] () {88D969C0-F192-11D4-A65F-0040963251E5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XML DOM Document 4.0] -> [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {88D969C5-F192-11D4-A65F-0040963251E5} [HKLM] -> C:\Windows\SysWOW64\msxml4.dll [XML HTTP 4.0] -> [2009/07/21 00:05:40 | 001,348,432 | ---- | M] (Microsoft Corporation) {8A4227BF-0CC2-4EEF-B076-DAFFF941EEA5} [HKLM] -> C:\Program Files (x86)\Veetle\Player\axvlc.dll [Veetle TV Player 0.9.15] -> [2009/07/13 17:43:12 | 000,208,408 | ---- | M] () {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll [Java Plug-in 1.6.0_18] -> [2009/12/17 17:14:04 | 000,108,320 | ---- | M] () {8FEFF364-6A5F-4966-A917-A3AC28411659} [HKLM] -> C:\Program Files (x86)\SopCast\sopocx.ocx [SopCore Control] -> [2009/07/09 02:11:56 | 001,757,184 | ---- | M] (SopCast.com) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/02/17 15:11:04 | 000,408,440 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {95B3F550-91C4-4627-BCC4-521288C52977} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {A986E409-30CC-4185-89BB-AB212C104524} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 64bit-{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Toolbar Helper] -> [2010/01/31 12:05:19 | 000,373,872 | ---- | M] (Google Inc.) {AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2010/01/31 12:05:12 | 000,279,664 | ---- | M] (Google Inc.) {AE7CD045-E861-484F-8273-0445EE161910} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 64bit-{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll [Google Toolbar Notifier BHO] -> [2010/02/07 00:44:37 | 000,319,984 | ---- | M] (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [Google Toolbar Notifier BHO] -> [2010/02/07 00:44:37 | 000,812,528 | ---- | M] (Google Inc.) {B070D3E3-FEC0-47D9-8E8A-99D4EEB3D3B0} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2008/10/25 05:18:46 | 000,054,152 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2009/02/27 11:07:48 | 000,660,840 | ---- | M] (Adobe Systems, Inc.) {CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\Windows\SysWOW64\deploytk.dll [Deployment Toolkit] -> [2009/12/17 17:14:00 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) 64bit-{CD3AFA76-B84F-48F0-9393-7EDC34128127} [HKLM] -> C:\Windows\SysNative\wmp.dll [AUDIO__MP3 Moniker Class] -> [2009/09/10 12:12:13 | 013,428,224 | ---- | M] (Microsoft Corporation) {CD3AFA76-B84F-48F0-9393-7EDC34128127} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [AUDIO__MP3 Moniker Class] -> [2009/09/10 11:49:49 | 010,626,560 | ---- | M] (Microsoft Corporation) 64bit-{CD3AFA7B-B84F-48F0-9393-7EDC34128127} [HKLM] -> C:\Windows\SysNative\wmp.dll [AUDIO__WAV Moniker Class] -> [2009/09/10 12:12:13 | 013,428,224 | ---- | M] (Microsoft Corporation) {CD3AFA7B-B84F-48F0-9393-7EDC34128127} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [AUDIO__WAV Moniker Class] -> [2009/09/10 11:49:49 | 010,626,560 | ---- | M] (Microsoft Corporation) 64bit-{CD3AFA88-B84F-48F0-9393-7EDC34128127} [HKLM] -> C:\Windows\SysNative\wmp.dll [VIDEO__AVI Moniker Class] -> [2009/09/10 12:12:13 | 013,428,224 | ---- | M] (Microsoft Corporation) {CD3AFA88-B84F-48F0-9393-7EDC34128127} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [VIDEO__AVI Moniker Class] -> [2009/09/10 11:49:49 | 010,626,560 | ---- | M] (Microsoft Corporation) 64bit-{CD3AFA8F-B84F-48F0-9393-7EDC34128127} [HKLM] -> C:\Windows\SysNative\wmp.dll [VIDEO__X_MS_ASF Moniker Class] -> [2009/09/10 12:12:13 | 013,428,224 | ---- | M] (Microsoft Corporation) {CD3AFA8F-B84F-48F0-9393-7EDC34128127} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [VIDEO__X_MS_ASF Moniker Class] -> [2009/09/10 11:49:49 | 010,626,560 | ---- | M] (Microsoft Corporation) 64bit-{CD3AFA94-B84F-48F0-9393-7EDC34128127} [HKLM] -> C:\Windows\SysNative\wmp.dll [VIDEO__X_MS_WMV Moniker Class] -> [2009/09/10 12:12:13 | 013,428,224 | ---- | M] (Microsoft Corporation) {CD3AFA94-B84F-48F0-9393-7EDC34128127} [HKLM] -> C:\Windows\SysWOW64\wmp.dll [VIDEO__X_MS_WMV Moniker Class] -> [2009/09/10 11:49:49 | 010,626,560 | ---- | M] (Microsoft Corporation) {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [HKLM] -> C:\Windows\SysWOW64\rmoc3260.dll [RealPlayer G2 Control] -> [2009/05/30 10:00:37 | 000,185,920 | ---- | M] (RealNetworks, Inc.) {D2517915-48CE-4286-970F-921E881B8C5C} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Control] -> [2009/02/17 15:11:04 | 000,408,440 | ---- | M] (Microsoft Corporation) {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\SysWOW64\Macromed\Flash\Flash10e.ocx [Shockwave Flash Object] -> [2010/01/26 19:58:36 | 003,981,080 | R--- | M] (Adobe Systems, Inc.) {D4003189-95B1-4A2F-9A87-F2B03665960D} [HKLM] -> C:\Windows\SysWOW64\Nagasoft\vjocx.dll [VodClient Control Class] -> [2009/09/23 21:59:24 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) {D6E814A0-E0C5-11D4-8D29-0050BA6940E3} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {DA4F543C-C8A9-4E88-9A79-548CBB46F18F} [HKLM] -> C:\Program Files (x86)\Yahoo!\Messenger\YPagerChecker.dll [MessengerChecker Class] -> [2009/05/26 20:06:34 | 000,103,664 | ---- | M] (Yahoo! Inc.) {DBC80044-A445-435B-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2010/01/11 20:42:48 | 000,041,760 | ---- | M] (Sun Microsystems, Inc.) {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [HKLM] -> C:\Program Files (x86)\Orb Networks\Orb\bin\QT Lite\QTSystem\QuickTimeCheck.ocx [QuickTimeCheck Class] -> [2009/09/05 01:55:06 | 000,136,496 | ---- | M] (Apple Inc.) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [HKLM] -> c:\Program Files (x86)\Microsoft Silverlight\3.0.50106.0\npctrl.dll [Microsoft Silverlight] -> [2010/01/06 00:33:56 | 000,876,872 | ---- | M] ( Microsoft Corporation) {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {E16DC1FE-7C34-43F2-B754-F3AD12DDF97C} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {E312764E-7706-43F1-8DAB-FCDD2B1E416D} [HKLM] -> C:\Program Files (x86)\Search Settings\kb128\SearchSettings.dll [SearchSettings Class] -> [2009/07/29 15:39:38 | 001,153,024 | ---- | M] (Spigot, Inc.) {F156768E-81EF-470C-9057-481BA8380DBA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {F4FBA929-A891-492C-A0F6-5C79CC4F1742} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} [HKLM] -> C:\Windows\Downloaded Program Files\RACtrl.dll [Performance Viewer Activex Control] -> [2009/09/24 10:06:36 | 004,023,624 | ---- | M] () < 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> Ias -> C:\Windows\SysNative\ias -> [2008/01/20 22:06:38 | 000,000,000 | ---D | M] Irmon -> C:\Windows\SysNative\irmon.dll -> [2006/11/02 06:17:42 | 000,022,016 | ---- | M] (Microsoft Corporation) Wmi -> C:\Windows\SysNative\wmi.dll -> [2008/01/20 21:51:07 | 000,005,632 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> Ias -> C:\Windows\SysWOW64\ias -> [2008/01/20 22:08:35 | 000,000,000 | ---D | M] Wmi -> C:\Windows\SysWOW64\wmi.dll -> [2006/11/02 04:44:15 | 000,005,120 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < 64bit-SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> Service NTDS -> 32bit -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group Primary disk -> Driver Group sacsvr -> Service SCSI Class -> Driver Group System Bus Extender -> Driver Group TrustedInstaller -> 32bit -> File not found WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppInfo -> 64bit -> File not found AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group DcomLaunch -> 64bit -> File not found EventLog -> 64bit -> File not found File system -> Driver Group Filter -> Driver Group HelpSvc -> Service NTDS -> 64bit -> File not found PCI Configuration -> Driver Group PlugPlay -> 64bit -> File not found PNP Filter -> Driver Group Primary disk -> Driver Group ProfSvc -> 64bit -> File not found RpcSs -> 64bit -> File not found sacsvr -> Service SCSI Class -> Driver Group sermouse.sys -> 64bit -> File not found SWPRV -> 64bit -> File not found System Bus Extender -> Driver Group TabletInputService -> 64bit -> File not found TBS -> 64bit -> File not found VDS -> C:\Windows\SysWOW64\wbem\vds.mof -> [2006/11/02 01:35:15 | 000,060,994 | ---- | M] () vga.sys -> 64bit -> File not found vgasave.sys -> 64bit -> File not found volmgr.sys -> 64bit -> File not found volmgrx.sys -> 64bit -> File not found WinDefend -> 64bit -> File not found WinMgmt -> 64bit -> File not found < 64bit-SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AppMgmt -> Service Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group GoToAssist -> 32bit -> File not found HelpSvc -> Service hitmanpro35 -> Reg Error: Value error. hitmanpro35.sys -> Reg Error: Value error. HitmanPro35Crusader -> Reg Error: Value error. Messenger -> Service NDIS Wrapper -> Driver Group NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group NTDS -> 32bit -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group PNP_TDI -> Driver Group Primary disk -> Driver Group rdsessmgr -> Service sacsvr -> Service SCSI Class -> Driver Group Streams Drivers -> Driver Group System Bus Extender -> Driver Group TDI -> Driver Group TrustedInstaller -> 32bit -> File not found WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) WudfPf -> Driver WudfUsbccidDriver -> Driver < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices AFD -> 64bit -> File not found AppInfo -> 64bit -> File not found AppMgmt -> Service Base -> Driver Group BFE -> 64bit -> File not found Boot Bus Extender -> Driver Group Boot file system -> Driver Group bowser -> 64bit -> File not found Browser -> 64bit -> File not found DcomLaunch -> 64bit -> File not found dfsc -> 64bit -> File not found DnsCache -> 64bit -> File not found Dot3Svc -> 64bit -> File not found Eaphost -> 64bit -> File not found EventLog -> 64bit -> File not found File system -> Driver Group Filter -> Driver Group GoToAssist -> C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -> [2009/12/25 12:59:14 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) HelpSvc -> Service hitmanpro35 -> Reg Error: Value error. hitmanpro35.sys -> Reg Error: Value error. HitmanPro35Crusader -> Reg Error: Value error. IKEEXT -> 64bit -> File not found ipnat.sys -> 64bit -> File not found LanmanServer -> 64bit -> File not found LanmanWorkstation -> 64bit -> File not found LmHosts -> 64bit -> File not found Messenger -> Service MPSDrv -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2006/09/18 16:35:23 | 000,001,088 | ---- | M] () MPSSvc -> 64bit -> File not found mrxsmb -> 64bit -> File not found mrxsmb10 -> 64bit -> File not found mrxsmb20 -> 64bit -> File not found NativeWifiP -> 64bit -> File not found NDIS -> 64bit -> File not found NDIS Wrapper -> Driver Group Ndisuio -> 64bit -> File not found NetBIOS -> 64bit -> File not found NetBIOSGroup -> Driver Group NetBT -> 64bit -> File not found NetDDEGroup -> Driver Group NetMan -> 64bit -> File not found Network -> Driver Group NetworkProvider -> Driver Group NlaSvc -> 64bit -> File not found Nsi -> 64bit -> File not found nsiproxy.sys -> 64bit -> File not found NTDS -> 64bit -> File not found PCI Configuration -> Driver Group PlugPlay -> 64bit -> File not found PNP Filter -> Driver Group PNP_TDI -> Driver Group PolicyAgent -> 64bit -> File not found Primary disk -> Driver Group ProfSvc -> 64bit -> File not found rdbss -> 64bit -> File not found rdpencdd.sys -> 64bit -> File not found rdsessmgr -> Service RpcSs -> 64bit -> File not found sacsvr -> Service SCSI Class -> Driver Group sermouse.sys -> 64bit -> File not found SharedAccess -> 64bit -> File not found Streams Drivers -> Driver Group SWPRV -> 64bit -> File not found System Bus Extender -> Driver Group TabletInputService -> 64bit -> File not found TBS -> 64bit -> File not found Tcpip -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2006/09/18 16:36:40 | 000,003,066 | ---- | M] () TDI -> Driver Group VDS -> C:\Windows\SysWOW64\wbem\vds.mof -> [2006/11/02 01:35:15 | 000,060,994 | ---- | M] () vga.sys -> 64bit -> File not found vgasave.sys -> 64bit -> File not found volmgr.sys -> 64bit -> File not found volmgrx.sys -> 64bit -> File not found WinDefend -> 64bit -> File not found WinMgmt -> 64bit -> File not found Wlansvc -> 64bit -> File not found WudfPf -> Driver WudfRd -> 64bit -> File not found WudfSvc -> 64bit -> File not found WudfUsbccidDriver -> Driver [Files/Folders - Created Within 90 Days] OTS.exe -> C:\Users\Marc\Desktop\OTS.exe -> [2010/02/28 11:56:11 | 000,632,832 | ---- | C] (OldTimer Tools) ERDNT -> C:\Windows\ERDNT -> [2010/02/28 11:54:46 | 000,000,000 | ---D | C] ERUNT -> C:\Program Files (x86)\ERUNT -> [2010/02/28 11:54:17 | 000,000,000 | ---D | C] bootdelete.exe -> C:\Windows\SysNative\bootdelete.exe -> [2010/02/27 17:34:06 | 000,012,872 | ---- | C] (SurfRight B.V.) Hitman Pro -> C:\ProgramData\Hitman Pro -> [2010/02/27 17:26:19 | 000,000,000 | ---D | C] Hitman Pro 3.5 -> C:\Program Files\Hitman Pro 3.5 -> [2010/02/27 17:26:16 | 000,000,000 | ---D | C] HitmanPro35_x64.exe -> C:\Users\Marc\Desktop\HitmanPro35_x64.exe -> [2010/02/27 17:26:06 | 006,607,168 | ---- | C] (SurfRight B.V.) MozillaControl -> C:\Users\Marc\AppData\Roaming\MozillaControl -> [2010/02/25 09:36:29 | 000,000,000 | ---D | C] TaxCut -> C:\Users\Marc\AppData\Roaming\TaxCut -> [2010/02/23 18:04:14 | 000,000,000 | ---D | C] Wolters Kluwer -> C:\ProgramData\Wolters Kluwer -> [2010/02/23 18:03:46 | 000,000,000 | ---D | C] temp.011 -> C:\Windows\SysWow64\temp.011 -> [2010/02/23 18:02:51 | 000,326,656 | ---- | C] (Microsoft Corporation) temp.010 -> C:\Windows\SysWow64\temp.010 -> [2010/02/23 18:02:51 | 000,295,000 | ---- | C] (Microsoft Corporation) temp.00F -> C:\Windows\SysWow64\temp.00F -> [2010/02/23 18:02:50 | 000,995,383 | ---- | C] (Microsoft Corporation) temp.00E -> C:\Windows\SysWow64\temp.00E -> [2010/02/23 18:02:42 | 000,379,152 | ---- | C] (Microsoft Corporation) temp.00A -> C:\Windows\SysWow64\temp.00A -> [2010/02/23 18:02:14 | 001,388,544 | ---- | C] (Microsoft Corporation) temp.00B -> C:\Windows\SysWow64\temp.00B -> [2010/02/23 18:02:14 | 000,598,288 | ---- | C] (Microsoft Corporation) temp.00C -> C:\Windows\SysWow64\temp.00C -> [2010/02/23 18:02:14 | 000,164,112 | ---- | C] (Microsoft Corporation) temp.009 -> C:\Windows\SysWow64\temp.009 -> [2010/02/23 18:02:14 | 000,147,728 | ---- | C] (Microsoft Corporation) temp.00D -> C:\Windows\SysWow64\temp.00D -> [2010/02/23 18:02:14 | 000,017,920 | ---- | C] (Microsoft Corporation) H&R Block Business 2009 -> C:\Program Files (x86)\H&R Block Business 2009 -> [2010/02/23 18:02:08 | 000,000,000 | ---D | C] Ssdw3b32.ocx -> C:\Windows\SysWow64\Ssdw3b32.ocx -> [2010/02/23 18:00:42 | 000,874,224 | ---- | C] (Sheridan Software Systems, Inc.) tab32x30.ocx -> C:\Windows\SysWow64\tab32x30.ocx -> [2010/02/23 18:00:42 | 000,451,760 | ---- | C] (FarPoint Technologies, Inc.) TAXPDF.DLL -> C:\Windows\SysWow64\TAXPDF.DLL -> [2010/02/23 18:00:42 | 000,143,360 | ---- | C] (Symbol Technologies, Inc.) Ssprn32.dll -> C:\Windows\SysWow64\Ssprn32.dll -> [2010/02/23 18:00:42 | 000,072,192 | ---- | C] (Sheridan Software Systems, Inc.) Ssmedt32.dll -> C:\Windows\SysWow64\Ssmedt32.dll -> [2010/02/23 18:00:42 | 000,061,440 | ---- | C] (Sheridan Software Systems, Inc.) temp.006 -> C:\Windows\SysWow64\temp.006 -> [2010/02/23 18:00:41 | 000,995,383 | ---- | C] (Microsoft Corporation) Flp32a30.ocx -> C:\Windows\SysWow64\Flp32a30.ocx -> [2010/02/23 18:00:41 | 000,726,128 | ---- | C] (FarPoint Technologies) temp.008 -> C:\Windows\SysWow64\temp.008 -> [2010/02/23 18:00:41 | 000,326,656 | ---- | C] (Microsoft Corporation) temp.007 -> C:\Windows\SysWow64\temp.007 -> [2010/02/23 18:00:41 | 000,295,000 | ---- | C] (Microsoft Corporation) Cp5dll32.dll -> C:\Windows\SysWow64\Cp5dll32.dll -> [2010/02/23 18:00:41 | 000,216,064 | ---- | C] (EllTech Development, Inc.) Richtx32.ocx -> C:\Windows\SysWow64\Richtx32.ocx -> [2010/02/23 18:00:41 | 000,203,976 | ---- | C] (Microsoft Corporation) VBPrnDlg.dll -> C:\Windows\SysWow64\VBPrnDlg.dll -> [2010/02/23 18:00:41 | 000,102,469 | ---- | C] (Microsoft) Rsrc32.dll -> C:\Windows\SysWow64\Rsrc32.dll -> [2010/02/23 18:00:41 | 000,024,576 | ---- | C] (Microsoft Corporation) msjet35.dll -> C:\Windows\SysWow64\msjet35.dll -> [2010/02/23 18:00:28 | 001,050,896 | ---- | C] (Microsoft Corporation) msrepl35.dll -> C:\Windows\SysWow64\msrepl35.dll -> [2010/02/23 18:00:28 | 000,415,504 | ---- | C] (Microsoft Corporation) Msexcl35.dll -> C:\Windows\SysWow64\Msexcl35.dll -> [2010/02/23 18:00:28 | 000,252,688 | ---- | C] (Microsoft Corporation) msrd2x35.dll -> C:\Windows\SysWow64\msrd2x35.dll -> [2010/02/23 18:00:28 | 000,252,176 | ---- | C] (Microsoft Corporation) Mstext35.dll -> C:\Windows\SysWow64\Mstext35.dll -> [2010/02/23 18:00:28 | 000,166,672 | ---- | C] (Microsoft Corporation) msjint35.dll -> C:\Windows\SysWow64\msjint35.dll -> [2010/02/23 18:00:28 | 000,123,664 | ---- | C] (Microsoft Corporation) Vb5db.dll -> C:\Windows\SysWow64\Vb5db.dll -> [2010/02/23 18:00:28 | 000,089,360 | ---- | C] (Microsoft Corporation) msjter35.dll -> C:\Windows\SysWow64\msjter35.dll -> [2010/02/23 18:00:28 | 000,024,848 | ---- | C] (Microsoft Corporation) temp.005 -> C:\Windows\SysWow64\temp.005 -> [2010/02/23 18:00:27 | 000,379,152 | ---- | C] (Microsoft Corporation) Vbar332.dll -> C:\Windows\SysWow64\Vbar332.dll -> [2010/02/23 18:00:27 | 000,368,912 | ---- | C] (Microsoft Corporation) CCHSFS -> C:\Program Files (x86)\Common Files\CCHSFS -> [2010/02/23 18:00:00 | 000,000,000 | ---D | C] Vb5stkit.dll -> C:\Windows\SysWow64\Vb5stkit.dll -> [2010/02/23 17:59:46 | 000,029,696 | ---- | C] (Microsoft Corporation) temp.004 -> C:\Windows\SysWow64\temp.004 -> [2010/02/23 17:59:46 | 000,017,920 | ---- | C] (Microsoft Corporation) temp.001 -> C:\Windows\SysWow64\temp.001 -> [2010/02/23 17:59:45 | 001,388,544 | ---- | C] (Microsoft Corporation) temp.002 -> C:\Windows\SysWow64\temp.002 -> [2010/02/23 17:59:45 | 000,598,288 | ---- | C] (Microsoft Corporation) temp.003 -> C:\Windows\SysWow64\temp.003 -> [2010/02/23 17:59:45 | 000,164,112 | ---- | C] (Microsoft Corporation) temp.000 -> C:\Windows\SysWow64\temp.000 -> [2010/02/23 17:59:45 | 000,147,728 | ---- | C] (Microsoft Corporation) PDF995 -> C:\Program Files (x86)\PDF995 -> [2010/02/23 17:56:30 | 000,000,000 | ---D | C] HRBlock2009 -> C:\Program Files (x86)\HRBlock2009 -> [2010/02/23 17:56:30 | 000,000,000 | ---D | C] HRBlock -> C:\Users\Marc\Documents\HRBlock -> [2010/02/23 17:56:30 | 000,000,000 | ---D | C] TaxCut -> C:\ProgramData\TaxCut -> [2010/02/23 17:53:56 | 000,000,000 | ---D | C] secproc_isv.dll -> C:\Windows\SysWow64\secproc_isv.dll -> [2010/02/23 15:50:48 | 000,471,552 | ---- | C] (Microsoft Corporation) secproc.dll -> C:\Windows\SysWow64\secproc.dll -> [2010/02/23 15:50:47 | 000,471,552 | ---- | C] (Microsoft Corporation) secproc_isv.dll -> C:\Windows\SysNative\secproc_isv.dll -> [2010/02/23 15:50:46 | 000,538,624 | ---- | C] (Microsoft Corporation) secproc.dll -> C:\Windows\SysNative\secproc.dll -> [2010/02/23 15:50:44 | 000,539,136 | ---- | C] (Microsoft Corporation) RMActivate_isv.exe -> C:\Windows\SysNative\RMActivate_isv.exe -> [2010/02/23 15:50:43 | 000,600,576 | ---- | C] (Microsoft Corporation) RMActivate.exe -> C:\Windows\SysNative\RMActivate.exe -> [2010/02/23 15:50:43 | 000,599,552 | ---- | C] (Microsoft Corporation) RMActivate_ssp.exe -> C:\Windows\SysNative\RMActivate_ssp.exe -> [2010/02/23 15:50:43 | 000,409,600 | ---- | C] (Microsoft Corporation) RMActivate_ssp_isv.exe -> C:\Windows\SysNative\RMActivate_ssp_isv.exe -> [2010/02/23 15:50:42 | 000,413,696 | ---- | C] (Microsoft Corporation) RMActivate_isv.exe -> C:\Windows\SysWow64\RMActivate_isv.exe -> [2010/02/23 15:50:41 | 000,526,336 | ---- | C] (Microsoft Corporation) RMActivate_ssp.exe -> C:\Windows\SysWow64\RMActivate_ssp.exe -> [2010/02/23 15:50:41 | 000,347,136 | ---- | C] (Microsoft Corporation) RMActivate_ssp_isv.exe -> C:\Windows\SysWow64\RMActivate_ssp_isv.exe -> [2010/02/23 15:50:41 | 000,346,624 | ---- | C] (Microsoft Corporation) RMActivate.exe -> C:\Windows\SysWow64\RMActivate.exe -> [2010/02/23 15:50:40 | 000,518,144 | ---- | C] (Microsoft Corporation) msdrm.dll -> C:\Windows\SysNative\msdrm.dll -> [2010/02/23 15:50:40 | 000,460,288 | ---- | C] (Microsoft Corporation) msdrm.dll -> C:\Windows\SysWow64\msdrm.dll -> [2010/02/23 15:50:40 | 000,332,288 | ---- | C] (Microsoft Corporation) secproc_ssp_isv.dll -> C:\Windows\SysNative\secproc_ssp_isv.dll -> [2010/02/23 15:50:40 | 000,160,768 | ---- | C] (Microsoft Corporation) secproc_ssp.dll -> C:\Windows\SysNative\secproc_ssp.dll -> [2010/02/23 15:50:40 | 000,160,768 | ---- | C] (Microsoft Corporation) secproc_ssp_isv.dll -> C:\Windows\SysWow64\secproc_ssp_isv.dll -> [2010/02/23 15:50:40 | 000,152,576 | ---- | C] (Microsoft Corporation) secproc_ssp.dll -> C:\Windows\SysWow64\secproc_ssp.dll -> [2010/02/23 15:50:40 | 000,152,064 | ---- | C] (Microsoft Corporation) gameux.dll -> C:\Windows\SysNative\gameux.dll -> [2010/02/23 15:50:38 | 001,927,680 | ---- | C] (Microsoft Corporation) gameux.dll -> C:\Windows\SysWow64\gameux.dll -> [2010/02/23 15:50:38 | 001,696,256 | ---- | C] (Microsoft Corporation) GameUXLegacyGDFs.dll -> C:\Windows\SysWow64\GameUXLegacyGDFs.dll -> [2010/02/23 15:50:37 | 004,240,384 | ---- | C] (Microsoft) GameUXLegacyGDFs.dll -> C:\Windows\SysNative\GameUXLegacyGDFs.dll -> [2010/02/23 15:50:37 | 004,240,384 | ---- | C] (Microsoft) Apphlpdm.dll -> C:\Windows\SysNative\Apphlpdm.dll -> [2010/02/23 15:50:37 | 000,032,256 | ---- | C] (Microsoft Corporation) Apphlpdm.dll -> C:\Windows\SysWow64\Apphlpdm.dll -> [2010/02/23 15:50:37 | 000,028,672 | ---- | C] (Microsoft Corporation) Kindergarten Forms -> C:\Users\Marc\Desktop\Kindergarten Forms -> [2010/02/14 17:11:12 | 000,000,000 | ---D | C] ABBYY -> C:\Program Files (x86)\Common Files\ABBYY -> [2010/02/12 19:51:12 | 000,000,000 | ---D | C] ABBYY FineReader 10 -> C:\Program Files (x86)\ABBYY FineReader 10 -> [2010/02/12 19:44:51 | 000,000,000 | ---D | C] ABBYY -> C:\Users\Marc\AppData\Roaming\ABBYY -> [2010/02/12 16:35:02 | 000,000,000 | ---D | C] ABBYY -> C:\Users\Marc\AppData\Local\ABBYY -> [2010/02/12 16:22:29 | 000,000,000 | ---D | C] ABBYY -> C:\ProgramData\ABBYY -> [2010/02/12 16:22:28 | 000,000,000 | ---D | C] temp -> C:\temp -> [2010/02/12 16:15:29 | 000,000,000 | ---D | C] quartz.dll -> C:\Windows\SysNative\quartz.dll -> [2010/02/09 17:02:46 | 001,570,816 | ---- | C] (Microsoft Corporation) quartz.dll -> C:\Windows\SysWow64\quartz.dll -> [2010/02/09 17:02:46 | 001,314,816 | ---- | C] (Microsoft Corporation) iyuv_32.dll -> C:\Windows\SysNative\iyuv_32.dll -> [2010/02/09 17:02:46 | 000,054,272 | ---- | C] (Microsoft Corporation) msvidc32.dll -> C:\Windows\SysNative\msvidc32.dll -> [2010/02/09 17:02:46 | 000,038,400 | ---- | C] (Microsoft Corporation) msyuv.dll -> C:\Windows\SysNative\msyuv.dll -> [2010/02/09 17:02:46 | 000,025,600 | ---- | C] (Microsoft Corporation) tsbyuv.dll -> C:\Windows\SysNative\tsbyuv.dll -> [2010/02/09 17:02:46 | 000,014,848 | ---- | C] (Microsoft Corporation) msvfw32.dll -> C:\Windows\SysWow64\msvfw32.dll -> [2010/02/09 17:02:45 | 000,123,904 | ---- | C] (Microsoft Corporation) avifil32.dll -> C:\Windows\SysWow64\avifil32.dll -> [2010/02/09 17:02:45 | 000,091,136 | ---- | C] (Microsoft Corporation) mciavi32.dll -> C:\Windows\SysWow64\mciavi32.dll -> [2010/02/09 17:02:45 | 000,082,944 | ---- | C] (Microsoft Corporation) msrle32.dll -> C:\Windows\SysNative\msrle32.dll -> [2010/02/09 17:02:45 | 000,015,872 | ---- | C] (Microsoft Corporation) ntoskrnl.exe -> C:\Windows\SysNative\ntoskrnl.exe -> [2010/02/09 17:02:34 | 004,698,184 | ---- | C] (Microsoft Corporation) Veetle -> C:\Program Files (x86)\Veetle -> [2010/02/07 00:04:50 | 000,000,000 | ---D | C] Sun -> C:\Windows\Sun -> [2010/01/28 21:10:03 | 000,000,000 | ---D | C] Sun -> C:\ProgramData\Sun -> [2010/01/28 21:09:44 | 000,000,000 | ---D | C] Java -> C:\Program Files (x86)\Common Files\Java -> [2010/01/28 21:09:43 | 000,000,000 | ---D | C] wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2010/01/21 14:31:16 | 001,032,192 | ---- | C] (Microsoft Corporation) wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2010/01/21 14:31:13 | 000,834,048 | ---- | C] (Microsoft Corporation) ieui.dll -> C:\Windows\SysWow64\ieui.dll -> [2010/01/21 14:31:09 | 000,180,736 | ---- | C] (Microsoft Corporation) iepeers.dll -> C:\Windows\SysNative\iepeers.dll -> [2010/01/21 14:31:08 | 000,249,856 | ---- | C] (Microsoft Corporation) iepeers.dll -> C:\Windows\SysWow64\iepeers.dll -> [2010/01/21 14:31:08 | 000,193,024 | ---- | C] (Microsoft Corporation) ieencode.dll -> C:\Windows\SysNative\ieencode.dll -> [2010/01/21 14:31:08 | 000,086,528 | ---- | C] (Microsoft Corporation) ieencode.dll -> C:\Windows\SysWow64\ieencode.dll -> [2010/01/21 14:31:08 | 000,078,336 | ---- | C] (Microsoft Corporation) ieapfltr.dll -> C:\Windows\SysNative\ieapfltr.dll -> [2010/01/21 14:31:06 | 000,422,400 | ---- | C] (Microsoft Corporation) ieapfltr.dll -> C:\Windows\SysWow64\ieapfltr.dll -> [2010/01/21 14:31:05 | 000,380,928 | ---- | C] (Microsoft Corporation) Mom's Cell Files -> C:\Users\Marc\Desktop\Mom's Cell Files -> [2010/01/16 16:37:37 | 000,000,000 | ---D | C] t2embed.dll -> C:\Windows\SysNative\t2embed.dll -> [2010/01/13 00:40:31 | 000,189,440 | ---- | C] (Microsoft Corporation) t2embed.dll -> C:\Windows\SysWow64\t2embed.dll -> [2010/01/13 00:40:31 | 000,156,672 | ---- | C] (Microsoft Corporation) fontsub.dll -> C:\Windows\SysNative\fontsub.dll -> [2010/01/13 00:40:30 | 000,096,256 | ---- | C] (Microsoft Corporation) fontsub.dll -> C:\Windows\SysWow64\fontsub.dll -> [2010/01/13 00:40:30 | 000,072,704 | ---- | C] (Microsoft Corporation) PrevxCSI -> C:\ProgramData\PrevxCSI -> [2010/01/10 18:33:37 | 000,000,000 | ---D | C] VJVod_Cache -> C:\VJVod_Cache -> [2010/01/09 15:05:31 | 000,000,000 | -H-D | C] Malwarebytes -> C:\Users\Marc\AppData\Roaming\Malwarebytes -> [2010/01/09 14:52:05 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/01/09 14:51:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) Malwarebytes -> C:\ProgramData\Malwarebytes -> [2010/01/09 14:51:56 | 000,000,000 | ---D | C] mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/01/09 14:51:55 | 000,022,104 | ---- | C] (Malwarebytes Corporation) Malwarebytes' Anti-Malware -> C:\Program Files (x86)\Malwarebytes' Anti-Malware -> [2010/01/09 14:51:55 | 000,000,000 | ---D | C] Nagasoft -> C:\Windows\SysWow64\Nagasoft -> [2010/01/08 21:28:28 | 000,000,000 | ---D | C] Ashley with Makeup -> C:\Users\Marc\Desktop\Ashley with Makeup -> [2010/01/06 21:35:53 | 000,000,000 | ---D | C] Env Files -> C:\Users\Marc\Desktop\Env Files -> [2010/01/05 22:57:50 | 000,000,000 | ---D | C] Sound Normalizer -> C:\Program Files (x86)\Sound Normalizer -> [2010/01/05 00:19:54 | 000,000,000 | ---D | C] Audacity -> C:\Program Files (x86)\Audacity -> [2010/01/05 00:10:57 | 000,000,000 | ---D | C] hobbes_system_sounds_wav_2 -> C:\Users\Marc\Desktop\hobbes_system_sounds_wav_2 -> [2010/01/04 22:48:39 | 000,000,000 | ---D | C] hobbes--ringers--2[1] -> C:\Users\Marc\Documents\hobbes--ringers--2[1] -> [2010/01/04 22:46:09 | 000,000,000 | ---D | C] LG Electronics -> C:\Program Files (x86)\LG Electronics -> [2010/01/03 21:26:04 | 000,000,000 | ---D | C] LG3USB -> C:\Users\Marc\Desktop\LG3USB -> [2010/01/03 21:24:45 | 000,000,000 | ---D | C] LGUsbDriver -> C:\Program Files\LGUsbDriver -> [2010/01/03 21:19:35 | 000,000,000 | ---D | C] msxml4a.dll -> C:\Windows\SysWow64\msxml4a.dll -> [2010/01/03 21:17:04 | 000,044,544 | ---- | C] (Microsoft Corporation) LGMOBILEAX -> C:\ProgramData\LGMOBILEAX -> [2010/01/03 21:16:50 | 000,000,000 | ---D | C] bitpim -> C:\Users\Marc\Documents\bitpim -> [2010/01/03 21:04:51 | 000,000,000 | ---D | C] BitPim -> C:\Program Files (x86)\BitPim -> [2010/01/03 21:04:39 | 000,000,000 | ---D | C] McAfee -> C:\ProgramData\McAfee -> [2009/12/27 10:26:11 | 000,000,000 | ---D | C] mbam-setup.exe -> C:\Users\Marc\Desktop\mbam-setup.exe -> [2009/12/26 14:44:53 | 004,844,296 | ---- | C] (Malwarebytes Corporation ) SRSTSX64.dll -> C:\Windows\SysNative\SRSTSX64.dll -> [2009/12/25 13:09:56 | 000,513,536 | ---- | C] (SRS Labs, Inc.) SRSWOW64.dll -> C:\Windows\SysNative\SRSWOW64.dll -> [2009/12/25 13:09:56 | 000,150,528 | ---- | C] (SRS Labs, Inc.) Citrix -> C:\ProgramData\Citrix -> [2009/12/25 12:59:47 | 000,000,000 | ---D | C] Citrix -> C:\Users\Marc\AppData\Local\Citrix -> [2009/12/25 12:59:09 | 000,000,000 | ---D | C] McAfee Security Scan -> C:\ProgramData\McAfee Security Scan -> [2009/12/25 10:26:10 | 000,000,000 | ---D | C] VirtualDub-1.9.7 -> C:\Users\Marc\Desktop\VirtualDub-1.9.7 -> [2009/12/21 13:16:11 | 000,000,000 | ---D | C] DVDVideoSoft -> C:\Program Files (x86)\Common Files\DVDVideoSoft -> [2009/12/21 12:52:06 | 000,000,000 | ---D | C] msvcr70.dll -> C:\Windows\SysWow64\msvcr70.dll -> [2009/12/21 12:52:00 | 000,344,064 | ---- | C] (Microsoft Corporation) gtk-2.0 -> C:\Users\Marc\AppData\Roaming\gtk-2.0 -> [2009/12/21 10:11:00 | 000,000,000 | ---D | C] .thumbnails -> C:\Users\Marc\.thumbnails -> [2009/12/21 10:10:58 | 000,000,000 | ---D | C] gegl-0.0 -> C:\Users\Marc\Documents\gegl-0.0 -> [2009/12/21 10:09:16 | 000,000,000 | ---D | C] .gimp-2.6 -> C:\Users\Marc\.gimp-2.6 -> [2009/12/21 10:09:16 | 000,000,000 | ---D | C] GIMP-2.0 -> C:\Program Files (x86)\GIMP-2.0 -> [2009/12/21 10:08:46 | 000,000,000 | ---D | C] gimp-2.6.7-i686-setup.exe -> C:\Users\Marc\Desktop\gimp-2.6.7-i686-setup.exe -> [2009/12/21 10:08:14 | 016,871,432 | ---- | C] ( ) Scanned Images -> C:\Users\Marc\Desktop\Scanned Images -> [2009/12/20 21:31:29 | 000,000,000 | ---D | C] DIFxAPI.dll -> C:\Windows\DIFxAPI.dll -> [2009/12/20 21:28:26 | 000,525,792 | ---- | C] (Microsoft Corporation) Misc Docs -> C:\Users\Marc\Desktop\Misc Docs -> [2009/12/20 21:15:48 | 000,000,000 | ---D | C] Misc Pics -> C:\Users\Marc\Desktop\Misc Pics -> [2009/12/20 21:13:35 | 000,000,000 | ---D | C] DFX -> C:\Users\Marc\AppData\Local\DFX -> [2009/12/19 19:14:16 | 000,000,000 | ---D | C] DFX -> C:\ProgramData\DFX -> [2009/12/19 19:13:58 | 000,000,000 | ---D | C] DFX -> C:\Program Files\DFX -> [2009/12/19 19:13:55 | 000,000,000 | ---D | C] DFX -> C:\Program Files\Common Files\DFX -> [2009/12/19 19:13:55 | 000,000,000 | ---D | C] MP3Gain -> C:\Program Files (x86)\MP3Gain -> [2009/12/19 18:38:35 | 000,000,000 | ---D | C] nshhttp.dll -> C:\Windows\SysNative\nshhttp.dll -> [2009/12/11 03:00:26 | 000,032,768 | ---- | C] (Microsoft Corporation) nshhttp.dll -> C:\Windows\SysWow64\nshhttp.dll -> [2009/12/11 03:00:26 | 000,024,064 | ---- | C] (Microsoft Corporation) httpapi.dll -> C:\Windows\SysNative\httpapi.dll -> [2009/12/11 03:00:23 | 000,033,792 | ---- | C] (Microsoft Corporation) httpapi.dll -> C:\Windows\SysWow64\httpapi.dll -> [2009/12/11 03:00:23 | 000,030,720 | ---- | C] (Microsoft Corporation) rastls.dll -> C:\Windows\SysNative\rastls.dll -> [2009/12/09 21:15:40 | 000,280,576 | ---- | C] (Microsoft Corporation) rastls.dll -> C:\Windows\SysWow64\rastls.dll -> [2009/12/09 21:15:40 | 000,243,712 | ---- | C] (Microsoft Corporation) vlc -> C:\Users\Marc\AppData\Roaming\vlc -> [2009/12/05 16:43:32 | 000,000,000 | ---D | C] VideoLAN -> C:\Program Files (x86)\VideoLAN -> [2009/12/05 16:42:49 | 000,000,000 | ---D | C] mplayerc_homecinema_x64_v1.0.11.0 -> C:\Users\Marc\Documents\mplayerc_homecinema_x64_v1.0.11.0 -> [2009/12/05 16:38:34 | 000,000,000 | ---D | C] Dell Edoc Viewer -> C:\Users\Marc\AppData\Local\Dell Edoc Viewer -> [2009/12/04 00:28:08 | 000,000,000 | ---D | C] 1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> [Files/Folders - Modified Within 90 Days] NTUSER.DAT -> C:\Users\Marc\NTUSER.DAT -> [2010/02/28 15:01:06 | 007,864,320 | -HS- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/02/28 14:57:11 | 000,003,616 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/02/28 14:57:11 | 000,003,616 | -H-- | M] () GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/02/28 14:54:00 | 000,000,898 | ---- | M] () thread.rtf -> C:\Users\Marc\Desktop\thread.rtf -> [2010/02/28 12:06:21 | 000,004,230 | ---- | M] () thread.docx -> C:\Users\Marc\Desktop\thread.docx -> [2010/02/28 12:03:15 | 000,012,647 | ---- | M] () OTS.exe -> C:\Users\Marc\Desktop\OTS.exe -> [2010/02/28 11:56:14 | 000,632,832 | ---- | M] (OldTimer Tools) ERUNT AutoBackup.lnk -> C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2010/02/28 11:54:25 | 000,000,979 | ---- | M] () NTREGOPT.lnk -> C:\Users\Marc\Desktop\NTREGOPT.lnk -> [2010/02/28 11:54:21 | 000,000,799 | ---- | M] () ERUNT.lnk -> C:\Users\Marc\Desktop\ERUNT.lnk -> [2010/02/28 11:54:20 | 000,000,780 | ---- | M] () The_Comedian.exe -> C:\Users\Marc\Desktop\The_Comedian.exe -> [2010/02/28 11:50:46 | 000,794,112 | ---- | M] () incavi.avm -> C:\Windows\SysNative\drivers\Avg\incavi.avm -> [2010/02/28 09:57:56 | 056,422,506 | ---- | M] () GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/02/28 04:54:00 | 000,000,894 | ---- | M] () TakeOwnership.zip -> C:\Users\Marc\Desktop\TakeOwnership.zip -> [2010/02/27 17:59:20 | 000,000,622 | ---- | M] () hitmanpro35.sys -> C:\Windows\SysNative\drivers\hitmanpro35.sys -> [2010/02/27 17:42:11 | 000,019,016 | ---- | M] () bootdelete.exe -> C:\Windows\SysNative\bootdelete.exe -> [2010/02/27 17:38:17 | 000,012,872 | ---- | M] (SurfRight B.V.) .crusader -> C:\Windows\SysNative\.crusader -> [2010/02/27 17:38:17 | 000,000,870 | ---- | M] () bootdelete.lst -> C:\Windows\SysNative\bootdelete.lst -> [2010/02/27 17:38:17 | 000,000,610 | ---- | M] () Hitman Pro 3.5.lnk -> C:\Users\Public\Desktop\Hitman Pro 3.5.lnk -> [2010/02/27 17:26:18 | 000,001,849 | ---- | M] () HitmanPro35_x64.exe -> C:\Users\Marc\Desktop\HitmanPro35_x64.exe -> [2010/02/27 17:26:12 | 006,607,168 | ---- | M] (SurfRight B.V.) 26136_1381985351164_1277852098_1116030_354140_n.jpg -> C:\Users\Marc\Desktop\26136_1381985351164_1277852098_1116030_354140_n.jpg -> [2010/02/26 18:37:18 | 000,074,457 | ---- | M] () tax.jpg -> C:\Users\Marc\Desktop\tax.jpg -> [2010/02/26 14:36:59 | 000,016,478 | ---- | M] () taxcut.jpg -> C:\Users\Marc\Desktop\taxcut.jpg -> [2010/02/26 14:31:55 | 000,002,727 | ---- | M] () RtlNICDiagVistaStart.job -> C:\Windows\tasks\RtlNICDiagVistaStart.job -> [2010/02/25 15:25:10 | 000,000,288 | ---- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/02/25 10:56:49 | 000,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2010/02/25 10:56:42 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/02/25 10:56:37 | 4294,107,136 | -HS- | M] () MEMORY.DMP -> C:\Windows\MEMORY.DMP -> [2010/02/25 09:23:09 | 685,131,249 | ---- | M] () d3d9caps.dat -> C:\Users\Marc\AppData\Local\d3d9caps.dat -> [2010/02/25 05:06:12 | 000,000,680 | ---- | M] () GDIPFONTCACHEV1.DAT -> C:\Users\Marc\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/02/24 23:21:13 | 000,121,080 | ---- | M] () NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Marc\NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TMContainer00000000000000000001.regtrans-ms -> [2010/02/23 23:36:11 | 000,524,288 | -HS- | M] () NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TM.blf -> C:\Users\Marc\NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TM.blf -> [2010/02/23 23:36:11 | 000,065,536 | -HS- | M] () FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2010/02/23 23:21:06 | 000,434,544 | ---- | M] () IconCache.db -> C:\Users\Marc\AppData\Local\IconCache.db -> [2010/02/23 23:17:58 | 002,100,554 | -H-- | M] () H&R Block Business 2009.LNK -> C:\Users\Marc\Desktop\H&R Block Business 2009.LNK -> [2010/02/23 18:02:54 | 000,001,064 | ---- | M] () H&R Block 2009.lnk -> C:\Users\Public\Desktop\H&R Block 2009.lnk -> [2010/02/23 17:59:19 | 000,001,900 | ---- | M] () 24797886A.jpg -> C:\Users\Marc\Desktop\24797886A.jpg -> [2010/02/18 18:05:18 | 000,024,341 | ---- | M] () Manalapan Soccer Club.mht -> C:\Users\Marc\Desktop\Manalapan Soccer Club.mht -> [2010/02/14 10:04:49 | 000,382,064 | ---- | M] () Upcoming Assignments.mht -> C:\Users\Marc\Desktop\Upcoming Assignments.mht -> [2010/02/13 10:58:53 | 000,759,279 | ---- | M] () Upcoming Assignments.htm -> C:\Users\Marc\Desktop\Upcoming Assignments.htm -> [2010/02/13 10:57:46 | 000,033,692 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/02/05 21:36:52 | 000,049,664 | ---- | M] () secproc_isv.dll -> C:\Windows\SysNative\secproc_isv.dll -> [2010/01/25 07:10:22 | 000,538,624 | ---- | M] (Microsoft Corporation) secproc_ssp_isv.dll -> C:\Windows\SysNative\secproc_ssp_isv.dll -> [2010/01/25 07:10:22 | 000,160,768 | ---- | M] (Microsoft Corporation) secproc_ssp.dll -> C:\Windows\SysNative\secproc_ssp.dll -> [2010/01/25 07:10:22 | 000,160,768 | ---- | M] (Microsoft Corporation) secproc.dll -> C:\Windows\SysNative\secproc.dll -> [2010/01/25 07:10:03 | 000,539,136 | ---- | M] (Microsoft Corporation) msdrm.dll -> C:\Windows\SysNative\msdrm.dll -> [2010/01/25 07:08:59 | 000,460,288 | ---- | M] (Microsoft Corporation) secproc_isv.dll -> C:\Windows\SysWow64\secproc_isv.dll -> [2010/01/25 07:00:35 | 000,471,552 | ---- | M] (Microsoft Corporation) secproc_ssp_isv.dll -> C:\Windows\SysWow64\secproc_ssp_isv.dll -> [2010/01/25 07:00:35 | 000,152,576 | ---- | M] (Microsoft Corporation) secproc_ssp.dll -> C:\Windows\SysWow64\secproc_ssp.dll -> [2010/01/25 07:00:35 | 000,152,064 | ---- | M] (Microsoft Corporation) secproc.dll -> C:\Windows\SysWow64\secproc.dll -> [2010/01/25 07:00:22 | 000,471,552 | ---- | M] (Microsoft Corporation) msdrm.dll -> C:\Windows\SysWow64\msdrm.dll -> [2010/01/25 06:58:52 | 000,332,288 | ---- | M] (Microsoft Corporation) RMActivate_ssp_isv.exe -> C:\Windows\SysNative\RMActivate_ssp_isv.exe -> [2010/01/25 03:29:35 | 000,413,696 | ---- | M] (Microsoft Corporation) RMActivate_isv.exe -> C:\Windows\SysNative\RMActivate_isv.exe -> [2010/01/25 03:29:31 | 000,600,576 | ---- | M] (Microsoft Corporation) RMActivate_ssp.exe -> C:\Windows\SysNative\RMActivate_ssp.exe -> [2010/01/25 03:29:31 | 000,409,600 | ---- | M] (Microsoft Corporation) RMActivate.exe -> C:\Windows\SysNative\RMActivate.exe -> [2010/01/25 03:29:28 | 000,599,552 | ---- | M] (Microsoft Corporation) RMActivate_isv.exe -> C:\Windows\SysWow64\RMActivate_isv.exe -> [2010/01/25 03:21:20 | 000,526,336 | ---- | M] (Microsoft Corporation) RMActivate_ssp_isv.exe -> C:\Windows\SysWow64\RMActivate_ssp_isv.exe -> [2010/01/25 03:21:20 | 000,346,624 | ---- | M] (Microsoft Corporation) RMActivate.exe -> C:\Windows\SysWow64\RMActivate.exe -> [2010/01/25 03:21:18 | 000,518,144 | ---- | M] (Microsoft Corporation) RMActivate_ssp.exe -> C:\Windows\SysWow64\RMActivate_ssp.exe -> [2010/01/25 03:21:18 | 000,347,136 | ---- | M] (Microsoft Corporation) microavi.avg -> C:\Windows\SysNative\drivers\Avg\microavi.avg -> [2010/01/19 17:49:18 | 000,142,495 | ---- | M] () reg 011310.reg -> C:\Users\Marc\Documents\reg 011310.reg -> [2010/01/13 22:50:46 | 000,000,832 | ---- | M] () prevx_3.0.zip -> C:\Users\Marc\Desktop\prevx_3.0.zip -> [2010/01/11 21:16:45 | 001,705,334 | ---- | M] () prevx 3.0.rar -> C:\Users\Marc\Desktop\prevx 3.0.rar -> [2010/01/10 18:31:11 | 000,847,588 | ---- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/01/09 14:52:01 | 000,000,884 | ---- | M] () mbamswissarmy.sys -> C:\Windows\SysWow64\drivers\mbamswissarmy.sys -> [2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) mbam.sys -> C:\Windows\SysNative\drivers\mbam.sys -> [2010/01/07 16:07:06 | 000,022,104 | ---- | M] (Malwarebytes Corporation) gameux.dll -> C:\Windows\SysNative\gameux.dll -> [2010/01/06 11:00:02 | 001,927,680 | ---- | M] (Microsoft Corporation) Apphlpdm.dll -> C:\Windows\SysNative\Apphlpdm.dll -> [2010/01/06 10:58:36 | 000,032,256 | ---- | M] (Microsoft Corporation) gameux.dll -> C:\Windows\SysWow64\gameux.dll -> [2010/01/06 10:39:38 | 001,696,256 | ---- | M] (Microsoft Corporation) Apphlpdm.dll -> C:\Windows\SysWow64\Apphlpdm.dll -> [2010/01/06 10:38:47 | 000,028,672 | ---- | M] (Microsoft Corporation) GameUXLegacyGDFs.dll -> C:\Windows\SysNative\GameUXLegacyGDFs.dll -> [2010/01/06 09:03:28 | 004,240,384 | ---- | M] (Microsoft) GameUXLegacyGDFs.dll -> C:\Windows\SysWow64\GameUXLegacyGDFs.dll -> [2010/01/06 08:30:41 | 004,240,384 | ---- | M] (Microsoft) hobbes_system_sounds_wav_2.zip -> C:\Users\Marc\Desktop\hobbes_system_sounds_wav_2.zip -> [2010/01/04 22:48:34 | 000,269,676 | ---- | M] () hobbes_system_sounds_wav_1.zip -> C:\Users\Marc\Desktop\hobbes_system_sounds_wav_1.zip -> [2010/01/04 22:48:04 | 000,299,632 | ---- | M] () Msft_User_WpdMtpDr_01_07_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf -> [2010/01/04 21:55:38 | 000,000,000 | -H-- | M] () PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2010/01/04 20:55:10 | 000,690,960 | ---- | M] () perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2010/01/04 20:55:10 | 000,595,446 | ---- | M] () perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2010/01/04 20:55:10 | 000,101,144 | ---- | M] () mr.zip -> C:\Users\Marc\Desktop\mr.zip -> [2010/01/03 21:51:49 | 000,000,000 | ---- | M] () LG3USB.zip -> C:\Users\Marc\Desktop\LG3USB.zip -> [2010/01/03 21:19:08 | 001,860,277 | ---- | M] () lgAxconfig.ini -> C:\Windows\SysWow64\lgAxconfig.ini -> [2010/01/03 21:17:15 | 000,002,412 | ---- | M] () Global.sw2 -> C:\Users\Public\Documents\Global.sw2 -> [2010/01/03 13:10:48 | 000,002,453 | ---- | M] () mbam-setup.exe -> C:\Users\Marc\Desktop\mbam-setup.exe -> [2009/12/26 14:44:56 | 004,844,296 | ---- | M] (Malwarebytes Corporation ) TeamViewer 5.lnk -> C:\Users\Public\Desktop\TeamViewer 5.lnk -> [2009/12/26 14:39:02 | 000,001,033 | ---- | M] () SYSTEM -> C:\Windows\SysWow64\SYSTEM -> [2009/12/25 13:14:05 | 000,000,020 | ---- | M] () DIFxAPI.dll -> C:\Windows\DIFxAPI.dll -> [2009/12/25 13:09:58 | 000,525,792 | ---- | M] (Microsoft Corporation) GoToAssistDownloadHelper.exe -> C:\Users\Marc\GoToAssistDownloadHelper.exe -> [2009/12/25 12:59:08 | 000,061,224 | ---- | M] () VirtualDub-1.9.7.zip -> C:\Users\Marc\Desktop\VirtualDub-1.9.7.zip -> [2009/12/21 13:16:01 | 001,703,968 | ---- | M] () .recently-used.xbel -> C:\Users\Marc\.recently-used.xbel -> [2009/12/21 11:50:41 | 000,004,231 | ---- | M] () GIMP 2.lnk -> C:\Users\Public\Desktop\GIMP 2.lnk -> [2009/12/21 10:08:58 | 000,000,964 | ---- | M] () gimp-2.6.7-i686-setup.exe -> C:\Users\Marc\Desktop\gimp-2.6.7-i686-setup.exe -> [2009/12/21 10:08:35 | 016,871,432 | ---- | M] ( ) NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\Marc\NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TMContainer00000000000000000002.regtrans-ms -> [2009/12/20 21:29:14 | 000,524,288 | -HS- | M] () DellDriverDownloadManager.application -> C:\Users\Marc\Desktop\DellDriverDownloadManager.application -> [2009/12/20 21:23:44 | 000,009,523 | ---- | M] () dell service tag.docx -> C:\Users\Marc\Documents\dell service tag.docx -> [2009/12/20 21:13:20 | 000,010,920 | ---- | M] () ntuser.dat_previous -> C:\Users\Marc\ntuser.dat_previous -> [2009/12/20 09:24:20 | 007,602,176 | -HS- | M] () NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Marc\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> [2009/12/20 09:24:16 | 000,524,288 | -HS- | M] () NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> C:\Users\Marc\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> [2009/12/20 09:24:16 | 000,065,536 | -HS- | M] () ieencode.dll -> C:\Windows\SysNative\ieencode.dll -> [2009/12/18 08:08:01 | 000,086,528 | ---- | M] (Microsoft Corporation) ieencode.dll -> C:\Windows\SysWow64\ieencode.dll -> [2009/12/18 08:01:56 | 000,078,336 | ---- | M] (Microsoft Corporation) wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2009/12/16 07:16:02 | 001,032,192 | ---- | M] (Microsoft Corporation) ieapfltr.dll -> C:\Windows\SysNative\ieapfltr.dll -> [2009/12/16 07:12:22 | 000,422,400 | ---- | M] (Microsoft Corporation) iepeers.dll -> C:\Windows\SysNative\iepeers.dll -> [2009/12/16 07:12:22 | 000,249,856 | ---- | M] (Microsoft Corporation) wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2009/12/16 06:44:23 | 000,834,048 | ---- | M] (Microsoft Corporation) iepeers.dll -> C:\Windows\SysWow64\iepeers.dll -> [2009/12/16 06:42:09 | 000,193,024 | ---- | M] (Microsoft Corporation) ieui.dll -> C:\Windows\SysWow64\ieui.dll -> [2009/12/16 06:42:09 | 000,180,736 | ---- | M] (Microsoft Corporation) ieapfltr.dll -> C:\Windows\SysWow64\ieapfltr.dll -> [2009/12/16 06:42:08 | 000,380,928 | ---- | M] (Microsoft Corporation) ntoskrnl.exe -> C:\Windows\SysNative\ntoskrnl.exe -> [2009/12/08 15:22:09 | 004,698,184 | ---- | M] (Microsoft Corporation) VLC media player.lnk -> C:\Users\Public\Desktop\VLC media player.lnk -> [2009/12/05 16:43:01 | 000,000,937 | ---- | M] () tsbyuv.dll -> C:\Windows\SysNative\tsbyuv.dll -> [2009/12/04 13:52:22 | 000,014,848 | ---- | M] (Microsoft Corporation) quartz.dll -> C:\Windows\SysNative\quartz.dll -> [2009/12/04 13:51:44 | 001,570,816 | ---- | M] (Microsoft Corporation) msyuv.dll -> C:\Windows\SysNative\msyuv.dll -> [2009/12/04 13:50:40 | 000,025,600 | ---- | M] (Microsoft Corporation) msvidc32.dll -> C:\Windows\SysNative\msvidc32.dll -> [2009/12/04 13:50:37 | 000,038,400 | ---- | M] (Microsoft Corporation) msrle32.dll -> C:\Windows\SysNative\msrle32.dll -> [2009/12/04 13:50:33 | 000,015,872 | ---- | M] (Microsoft Corporation) iyuv_32.dll -> C:\Windows\SysNative\iyuv_32.dll -> [2009/12/04 13:49:49 | 000,054,272 | ---- | M] (Microsoft Corporation) quartz.dll -> C:\Windows\SysWow64\quartz.dll -> [2009/12/04 13:29:41 | 001,314,816 | ---- | M] (Microsoft Corporation) msvfw32.dll -> C:\Windows\SysWow64\msvfw32.dll -> [2009/12/04 13:28:51 | 000,123,904 | ---- | M] (Microsoft Corporation) mciavi32.dll -> C:\Windows\SysWow64\mciavi32.dll -> [2009/12/04 13:28:27 | 000,082,944 | ---- | M] (Microsoft Corporation) avifil32.dll -> C:\Windows\SysWow64\avifil32.dll -> [2009/12/04 13:27:12 | 000,091,136 | ---- | M] (Microsoft Corporation) 64 C:\Users\Marc\AppData\Local\Temp\*.tmp files -> C:\Users\Marc\AppData\Local\Temp\*.tmp -> 64 C:\Users\Marc\AppData\Local\Temp\*.tmp files -> C:\Users\Marc\AppData\Local\Temp\*.tmp -> 414 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> 414 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> 2 C:\Users\Marc\AppData\Local\Temp\is-74GDU.tmp\_isetup\*.tmp files -> C:\Users\Marc\AppData\Local\Temp\is-74GDU.tmp\_isetup\*.tmp -> 1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> 1 C:\Users\Marc\AppData\Local\Temp\Low\*.tmp files -> C:\Users\Marc\AppData\Local\Temp\Low\*.tmp -> [Files - No Company Name] thread.rtf -> C:\Users\Marc\Desktop\thread.rtf -> [2010/02/28 12:06:21 | 000,004,230 | ---- | C] () thread.docx -> C:\Users\Marc\Desktop\thread.docx -> [2010/02/28 12:03:15 | 000,012,647 | ---- | C] () ERUNT AutoBackup.lnk -> C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2010/02/28 11:54:25 | 000,000,979 | ---- | C] () NTREGOPT.lnk -> C:\Users\Marc\Desktop\NTREGOPT.lnk -> [2010/02/28 11:54:21 | 000,000,799 | ---- | C] () ERUNT.lnk -> C:\Users\Marc\Desktop\ERUNT.lnk -> [2010/02/28 11:54:20 | 000,000,780 | ---- | C] () The_Comedian.exe -> C:\Users\Marc\Desktop\The_Comedian.exe -> [2010/02/28 11:50:39 | 000,794,112 | ---- | C] () TakeOwnership.zip -> C:\Users\Marc\Desktop\TakeOwnership.zip -> [2010/02/27 17:59:18 | 000,000,622 | ---- | C] () laniwmag.dll -> C:\Users\Marc\Desktop\laniwmag.dll -> [2010/02/27 17:42:56 | 001,053,184 | ---- | C] () .crusader -> C:\Windows\SysNative\.crusader -> [2010/02/27 17:38:17 | 000,000,870 | ---- | C] () bootdelete.lst -> C:\Windows\SysNative\bootdelete.lst -> [2010/02/27 17:34:06 | 000,000,610 | ---- | C] () hitmanpro35.sys -> C:\Windows\SysNative\drivers\hitmanpro35.sys -> [2010/02/27 17:26:34 | 000,019,016 | ---- | C] () Hitman Pro 3.5.lnk -> C:\Users\Public\Desktop\Hitman Pro 3.5.lnk -> [2010/02/27 17:26:18 | 000,001,849 | ---- | C] () 26136_1381985351164_1277852098_1116030_354140_n.jpg -> C:\Users\Marc\Desktop\26136_1381985351164_1277852098_1116030_354140_n.jpg -> [2010/02/26 18:48:52 | 000,074,457 | ---- | C] () tax.jpg -> C:\Users\Marc\Desktop\tax.jpg -> [2010/02/26 14:37:09 | 000,016,478 | ---- | C] () taxcut.jpg -> C:\Users\Marc\Desktop\taxcut.jpg -> [2010/02/26 14:32:27 | 000,002,727 | ---- | C] () H&R Block Business 2009.LNK -> C:\Users\Marc\Desktop\H&R Block Business 2009.LNK -> [2010/02/23 18:02:54 | 000,001,064 | ---- | C] () H&R Block 2009.lnk -> C:\Users\Public\Desktop\H&R Block 2009.lnk -> [2010/02/23 17:59:18 | 000,001,900 | ---- | C] () 24797886A.jpg -> C:\Users\Marc\Desktop\24797886A.jpg -> [2010/02/18 18:06:00 | 000,024,341 | ---- | C] () Manalapan Soccer Club.mht -> C:\Users\Marc\Desktop\Manalapan Soccer Club.mht -> [2010/02/14 10:04:47 | 000,382,064 | ---- | C] () Upcoming Assignments.mht -> C:\Users\Marc\Desktop\Upcoming Assignments.mht -> [2010/02/13 10:58:52 | 000,759,279 | ---- | C] () Upcoming Assignments.htm -> C:\Users\Marc\Desktop\Upcoming Assignments.htm -> [2010/02/13 10:56:35 | 000,033,692 | ---- | C] () GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/02/07 00:44:54 | 000,000,898 | ---- | C] () GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/02/07 00:44:51 | 000,000,894 | ---- | C] () reg 011310.reg -> C:\Users\Marc\Documents\reg 011310.reg -> [2010/01/13 22:50:46 | 000,000,832 | ---- | C] () prevx_3.0.zip -> C:\Users\Marc\Desktop\prevx_3.0.zip -> [2010/01/11 21:16:31 | 001,705,334 | ---- | C] () prevx 3.0.rar -> C:\Users\Marc\Desktop\prevx 3.0.rar -> [2010/01/10 18:30:40 | 000,847,588 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/01/09 14:52:01 | 000,000,884 | ---- | C] () hobbes_system_sounds_wav_2.zip -> C:\Users\Marc\Desktop\hobbes_system_sounds_wav_2.zip -> [2010/01/04 22:48:32 | 000,269,676 | ---- | C] () hobbes_system_sounds_wav_1.zip -> C:\Users\Marc\Desktop\hobbes_system_sounds_wav_1.zip -> [2010/01/04 22:48:02 | 000,299,632 | ---- | C] () Msft_User_WpdMtpDr_01_07_00.Wdf -> C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf -> [2010/01/04 21:55:38 | 000,000,000 | -H-- | C] () mr.zip -> C:\Users\Marc\Desktop\mr.zip -> [2010/01/03 21:51:49 | 000,000,000 | ---- | C] () LG3USB.zip -> C:\Users\Marc\Desktop\LG3USB.zip -> [2010/01/03 21:19:02 | 001,860,277 | ---- | C] () CommonDL.dll -> C:\Windows\SysWow64\CommonDL.dll -> [2010/01/03 21:17:04 | 000,053,248 | ---- | C] () lgAxconfig.ini -> C:\Windows\SysWow64\lgAxconfig.ini -> [2010/01/03 21:17:04 | 000,002,412 | ---- | C] () TeamViewer 5.lnk -> C:\Users\Public\Desktop\TeamViewer 5.lnk -> [2009/12/26 14:39:02 | 000,001,033 | ---- | C] () SYSTEM -> C:\Windows\SysWow64\SYSTEM -> [2009/12/25 13:14:05 | 000,000,020 | ---- | C] () USetup.iss -> C:\Windows\USetup.iss -> [2009/12/25 13:11:36 | 000,000,553 | ---- | C] () RTCOM64.dll -> C:\Windows\SysNative\RTCOM64.dll -> [2009/12/25 13:09:56 | 000,660,480 | ---- | C] () GoToAssistDownloadHelper.exe -> C:\Users\Marc\GoToAssistDownloadHelper.exe -> [2009/12/25 12:59:08 | 000,061,224 | ---- | C] () VirtualDub-1.9.7.zip -> C:\Users\Marc\Desktop\VirtualDub-1.9.7.zip -> [2009/12/21 13:15:57 | 001,703,968 | ---- | C] () .recently-used.xbel -> C:\Users\Marc\.recently-used.xbel -> [2009/12/21 11:50:41 | 000,004,231 | ---- | C] () GIMP 2.lnk -> C:\Users\Public\Desktop\GIMP 2.lnk -> [2009/12/21 10:08:58 | 000,000,964 | ---- | C] () DellDriverDownloadManager.application -> C:\Users\Marc\Desktop\DellDriverDownloadManager.application -> [2009/12/20 21:23:42 | 000,009,523 | ---- | C] () dell service tag.docx -> C:\Users\Marc\Documents\dell service tag.docx -> [2009/12/20 21:13:20 | 000,010,920 | ---- | C] () NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\Marc\NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TMContainer00000000000000000002.regtrans-ms -> [2009/12/20 09:26:15 | 000,524,288 | -HS- | C] () NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Marc\NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TMContainer00000000000000000001.regtrans-ms -> [2009/12/20 09:26:14 | 000,524,288 | -HS- | C] () NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TM.blf -> C:\Users\Marc\NTUSER.DAT{9e345f41-eabd-11de-8de4-0021705c095b}.TM.blf -> [2009/12/20 09:26:14 | 000,065,536 | -HS- | C] () VLC media player.lnk -> C:\Users\Public\Desktop\VLC media player.lnk -> [2009/12/05 16:43:01 | 000,000,937 | ---- | C] () Msglixgrx.dll -> C:\Windows\SysWow64\Msglixgrx.dll -> [2009/11/25 20:47:30 | 000,000,022 | ---- | C] () jobipkbd32.dll -> C:\Windows\SysWow64\jobipkbd32.dll -> [2009/09/17 05:50:51 | 000,311,398 | ---- | C] () EhStorAuthn.dll -> C:\Windows\SysWow64\EhStorAuthn.dll -> [2009/09/17 05:50:43 | 000,117,248 | ---- | C] () msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/09/17 05:49:52 | 000,368,640 | ---- | C] () libem.INI -> C:\Windows\libem.INI -> [2009/07/04 12:33:42 | 000,000,025 | ---- | C] () qt-dx331.dll -> C:\Windows\SysWow64\qt-dx331.dll -> [2009/06/28 13:41:09 | 003,596,288 | ---- | C] () xvidcore.dll -> C:\Windows\SysWow64\xvidcore.dll -> [2009/06/04 20:42:22 | 000,755,027 | ---- | C] () xvidvfw.dll -> C:\Windows\SysWow64\xvidvfw.dll -> [2009/06/04 20:42:21 | 000,159,839 | ---- | C] () ff_vfw.dll -> C:\Windows\SysWow64\ff_vfw.dll -> [2009/05/27 10:42:49 | 000,007,680 | ---- | C] () ff_vfw.dll.manifest -> C:\Windows\SysWow64\ff_vfw.dll.manifest -> [2009/05/27 10:42:49 | 000,000,547 | ---- | C] () rmc_rtspdl.dll -> C:\Windows\SysWow64\rmc_rtspdl.dll -> [2009/05/23 22:26:12 | 000,237,568 | ---- | C] () BRWMARK.INI -> C:\Windows\BRWMARK.INI -> [2009/05/16 16:39:35 | 000,000,419 | ---- | C] () BRPP2KA.INI -> C:\Windows\BRPP2KA.INI -> [2009/05/16 16:39:35 | 000,000,027 | ---- | C] () Brpfx04a.ini -> C:\Windows\Brpfx04a.ini -> [2009/05/16 16:38:25 | 000,000,232 | ---- | C] () brpcfx.ini -> C:\Windows\brpcfx.ini -> [2009/05/16 16:38:25 | 000,000,094 | ---- | C] () BrMuSNMP.dll -> C:\Windows\SysWow64\BrMuSNMP.dll -> [2009/05/16 16:37:09 | 000,106,496 | ---- | C] () Brfaxrx.ini -> C:\Windows\Brfaxrx.ini -> [2009/05/16 16:37:09 | 000,000,066 | ---- | C] () unrar.dll -> C:\Windows\SysWow64\unrar.dll -> [2009/05/15 00:27:59 | 000,168,448 | ---- | C] () ractrlkeyhook.dll -> C:\Windows\SysWow64\ractrlkeyhook.dll -> [2009/05/14 13:29:30 | 000,008,520 | ---- | C] () ODBC.INI -> C:\Windows\ODBC.INI -> [2009/05/12 11:55:08 | 000,000,376 | ---- | C] () voxopmon.dll -> C:\Windows\SysWow64\voxopmon.dll -> [2009/05/10 21:48:45 | 001,269,760 | ---- | C] () vbaloapi.dll -> C:\Windows\SysWow64\vbaloapi.dll -> [2009/05/10 21:48:45 | 000,389,120 | ---- | C] () tcpmon.ini -> C:\Windows\SysWow64\tcpmon.ini -> [2008/01/20 21:50:05 | 000,060,124 | ---- | C] () pthreadVC.dll -> C:\Windows\SysWow64\pthreadVC.dll -> [2007/11/06 15:19:28 | 000,053,299 | ---- | C] () AviSplitter.INI -> C:\Windows\AviSplitter.INI -> [2007/02/05 19:05:26 | 000,000,038 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006/11/02 10:07:25 | 000,037,665 | ---- | C] () GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006/11/02 10:07:25 | 000,029,779 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006/11/02 10:07:25 | 000,026,489 | ---- | C] () GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006/11/02 10:07:25 | 000,026,040 | ---- | C] () [File - Lop Check] acccore -> C:\Users\Marc\AppData\Roaming\acccore -> [2009/06/15 20:19:48 | 000,000,000 | ---D | M] AutoSizer -> C:\Users\Marc\AppData\Roaming\AutoSizer -> [2009/07/27 14:49:51 | 000,000,000 | ---D | M] BITS -> C:\Users\Marc\AppData\Roaming\BITS -> [2009/07/04 12:44:46 | 000,000,000 | ---D | M] FlashGet -> C:\Users\Marc\AppData\Roaming\FlashGet -> [2009/06/28 13:38:09 | 000,000,000 | ---D | M] FlashGetBHO -> C:\Users\Marc\AppData\Roaming\FlashGetBHO -> [2009/07/04 12:33:37 | 000,000,000 | ---D | M] FlashgetSetup -> C:\Users\Marc\AppData\Roaming\FlashgetSetup -> [2009/07/04 12:33:34 | 000,000,000 | ---D | M] Foxit -> C:\Users\Marc\AppData\Roaming\Foxit -> [2009/07/11 10:03:46 | 000,000,000 | ---D | M] GetRightToGo -> C:\Users\Marc\AppData\Roaming\GetRightToGo -> [2009/06/28 13:39:00 | 000,000,000 | ---D | M] gtk-2.0 -> C:\Users\Marc\AppData\Roaming\gtk-2.0 -> [2009/12/21 11:50:41 | 000,000,000 | ---D | M] PC -> C:\Users\Marc\AppData\Roaming\PC -> [2009/11/29 21:14:42 | 000,000,000 | ---D | M] PPLive -> C:\Users\Marc\AppData\Roaming\PPLive -> [2009/07/04 12:44:31 | 000,000,000 | ---D | M] PPLiveVA -> C:\Users\Marc\AppData\Roaming\PPLiveVA -> [2009/07/04 12:33:05 | 000,000,000 | ---D | M] Stamps.com Internet Postage -> C:\Users\Marc\AppData\Roaming\Stamps.com Internet Postage -> [2009/06/21 15:26:58 | 000,000,000 | ---D | M] StreamTorrent -> C:\Users\Marc\AppData\Roaming\StreamTorrent -> [2009/09/13 14:10:49 | 000,000,000 | ---D | M] Sub_Job_Fetcher -> C:\Users\Marc\AppData\Roaming\Sub_Job_Fetcher -> [2009/08/21 22:26:14 | 000,000,000 | ---D | M] TaxCut -> C:\Users\Marc\AppData\Roaming\TaxCut -> [2010/02/23 18:04:14 | 000,000,000 | ---D | M] TeamViewer -> C:\Users\Marc\AppData\Roaming\TeamViewer -> [2009/05/30 08:49:55 | 000,000,000 | ---D | M] uTorrent -> C:\Users\Marc\AppData\Roaming\uTorrent -> [2010/02/14 10:05:10 | 000,000,000 | ---D | M] VistaCodecs -> C:\Users\Marc\AppData\Roaming\VistaCodecs -> [2009/05/24 13:59:33 | 000,000,000 | ---D | M] Vso -> C:\Users\Marc\AppData\Roaming\Vso -> [2009/07/23 18:38:51 | 000,000,000 | ---D | M] RtlNICDiagVistaStart.job -> C:\Windows\Tasks\RtlNICDiagVistaStart.job -> [2010/02/25 15:25:10 | 000,000,288 | ---- | M] () SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2010/02/23 23:18:41 | 000,032,632 | ---- | M] () [File - Purity Scan] [Alternate Data Streams] @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:5D432CE3 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:D282699C @Alternate Data Stream - 76 bytes -> C:\Users\Marc\Documents\4th party.dmsd:Roxio EMC Stream < End of report > [/code]