OTL logfile created on: 2011-05-28 6:20:31 PM - Run 8 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Miso\Downloads 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd 5.99 Gb Total Physical Memory | 4.12 Gb Available Physical Memory | 68.80% Memory free 11.98 Gb Paging File | 9.92 Gb Available in Paging File | 82.76% Paging File free Paging file location(s): e:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931.41 Gb Total Space | 748.89 Gb Free Space | 80.40% Space Free | Partition Type: NTFS Drive E: | 232.88 Gb Total Space | 115.10 Gb Free Space | 49.43% Space Free | Partition Type: NTFS Drive F: | 232.88 Gb Total Space | 102.08 Gb Free Space | 43.83% Space Free | Partition Type: NTFS Drive G: | 931.51 Gb Total Space | 517.47 Gb Free Space | 55.55% Space Free | Partition Type: NTFS Drive I: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive J: | 15.13 Gb Total Space | 13.00 Gb Free Space | 85.95% Space Free | Partition Type: FAT32 Computer Name: Miso-I7 | User Name: Miso | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-05-28 18:20:11 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Miso\Downloads\OTL.exe PRC - [2011-05-12 18:35:10 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2011-04-21 16:54:38 | 000,352,656 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe PRC - [2011-04-16 10:20:20 | 000,929,792 | ---- | M] (Ray Adams) -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe PRC - [2011-04-04 19:51:57 | 000,107,000 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe PRC - [2011-03-18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe PRC - [2011-03-18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe PRC - [2010-08-31 22:18:24 | 002,941,984 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe PRC - [2010-08-31 10:27:38 | 001,411,616 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe PRC - [2010-06-08 23:50:28 | 003,887,480 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\procexp.exe PRC - [2010-02-06 10:45:24 | 003,043,840 | ---- | M] (abelhadigital.com) -- C:\Program Files (x86)\HostsMan\hm.exe PRC - [2010-01-22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009-12-01 21:24:52 | 007,275,008 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe PRC - [2009-10-16 10:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe PRC - [2009-08-19 04:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe PRC - [2009-06-04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009-06-04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009-03-12 18:18:48 | 000,602,624 | ---- | M] () -- C:\Program Files (x86)\Everything\Everything.exe PRC - [2007-11-26 16:40:38 | 000,413,696 | ---- | M] (Eberhard Werle) -- C:\Program Files (x86)\Calibrize\CalibrizeResume.exe PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007-04-01 23:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-05-28 18:20:11 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Miso\Downloads\OTL.exe MOD - [2011-05-07 20:09:07 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\msvcr90.dll MOD - [2011-02-19 14:14:48 | 000,187,904 | ---- | M] () -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\raphook.dll MOD - [2010-08-20 22:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-04-19 19:04:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2010-10-28 03:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:[b]64bit:[/b] - [2010-06-29 10:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:[b]64bit:[/b] - [2009-08-10 23:41:38 | 000,093,336 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP1d\RpcAgentSrv.exe -- (SandraAgentSrv) SRV:[b]64bit:[/b] - [2009-07-13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011-04-21 16:54:38 | 000,352,656 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService) SRV - [2011-03-29 15:41:46 | 000,053,248 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R) SRV - [2011-03-18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon) SRV - [2011-02-05 23:10:40 | 000,096,256 | ---- | M] (PCFire) [On_Demand | Stopped] -- C:\Program Files (x86)\XM Tuner\XMTunerService.exe -- (XMTunerService) SRV - [2010-08-31 10:27:38 | 001,411,616 | ---- | M] (Hagel Technologies Ltd.) [Auto | Running] -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe -- (DUMeterSvc) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-10-16 10:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES) SRV - [2009-08-19 04:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.03\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2009-07-13 18:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2009-07-13 18:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2009-07-13 18:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2009-06-10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-05-21 04:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv) SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007-04-01 23:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv) SRV - [2007-02-22 19:53:16 | 002,217,416 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe -- (AcronisOSSReinstallSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-05-28 15:14:54 | 000,198,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:[b]64bit:[/b] - [2011-04-19 19:44:48 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2011-04-19 18:22:32 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2011-03-30 11:46:44 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2011-02-18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2010-11-09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:[b]64bit:[/b] - [2010-09-22 12:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss) DRV:[b]64bit:[/b] - [2010-08-24 10:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2010-08-24 10:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2010-07-15 08:44:20 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:[b]64bit:[/b] - [2010-07-15 08:44:20 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:[b]64bit:[/b] - [2010-07-12 11:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:[b]64bit:[/b] - [2010-05-26 11:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\7D89.tmp -- (MEMSWEEP2) DRV:[b]64bit:[/b] - [2010-05-15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant) DRV:[b]64bit:[/b] - [2010-03-17 01:14:02 | 000,302,632 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx) DRV:[b]64bit:[/b] - [2010-03-09 03:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2010-02-17 11:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV:[b]64bit:[/b] - [2010-02-17 11:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV:[b]64bit:[/b] - [2010-02-04 05:00:08 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv) DRV:[b]64bit:[/b] - [2010-01-22 12:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b]64bit:[/b] - [2010-01-22 12:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b]64bit:[/b] - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:[b]64bit:[/b] - [2009-09-22 18:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:[b]64bit:[/b] - [2009-09-22 18:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:[b]64bit:[/b] - [2009-09-22 18:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:[b]64bit:[/b] - [2009-09-22 18:32:35 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd) DRV:[b]64bit:[/b] - [2009-09-22 18:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:[b]64bit:[/b] - [2009-08-07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP1d\WNt500x64\sandra.sys -- (SANDRA) DRV:[b]64bit:[/b] - [2009-07-15 20:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2009-07-13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-30 10:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot) DRV:[b]64bit:[/b] - [2009-06-10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-06-04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009-05-20 02:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus) DRV:[b]64bit:[/b] - [2008-08-28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV - [2011-03-29 18:55:52 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2010-08-31 10:27:44 | 000,020,904 | ---- | M] (Hagel Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\DU Meter\DUMetr64.sys -- (DUMeterDrv) DRV - [2010-07-15 08:44:20 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2010-07-15 08:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.ca/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.scroogle.org/cgi-bin/scraper.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?lang=en-ca&OCID=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 61 25 F6 51 35 68 CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 68.101.24.2:27997 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-type: "${8}" FF - prefs.js..browser.startup.homepage: "http://vancouver.ca/engsvcs/streets/roadwork/cambie49.htm" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8 FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.8.16 FF - prefs.js..extensions.enabledItems: litmus-ff@f-secure.com:1.10 FF - prefs.js..extensions.enabledItems: en-CA@dictionaries.addons.mozilla.org:2.0.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.5 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.3 FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:7.2.5 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 3 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1 FF - prefs.js..extensions.enabledItems: {080955ad-b8bb-4500-806f-d2b9ad73d72e}:1.8.71 FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=en&q=" FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 4001 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 4001 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 4001 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 4001 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 4001 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 4001 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 4001 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 4001 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 4001 FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\Shaw Secure\NRS\litmus-ff@f-secure.com [2011-05-07 19:41:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-05-07 19:40:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-05-25 21:50:32 | 000,000,000 | ---D | M] [2011-05-07 19:58:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miso\AppData\Roaming\Mozilla\Extensions [2010-07-01 21:58:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miso\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010-08-03 13:24:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miso\AppData\Roaming\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a} [2011-05-26 20:39:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions [2011-05-07 19:58:58 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2011-05-07 19:58:58 | 000,000,000 | ---D | M] ("Walnut2 for Firefox") -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e} [2011-05-07 19:58:58 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-05-16 19:21:43 | 000,000,000 | ---D | M] (AniWeather) -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593} [2011-05-23 20:19:28 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-05-07 19:58:58 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2011-05-23 20:19:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-05-07 19:58:58 | 000,000,000 | ---D | M] (Canadian English Dictionary) -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions\en-CA@dictionaries.addons.mozilla.org [2011-05-07 19:58:58 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions\firefox@tvunetworks.com [2011-05-07 19:58:58 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Miso\AppData\Roaming\Mozilla\Firefox\Profiles\24jin7ad.default\extensions\tineye@ideeinc.com [2011-05-26 20:39:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011-05-07 19:40:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-05-07 19:40:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2011-05-07 19:40:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-05-07 19:40:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-05-07 19:40:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-05-07 19:40:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [2011-05-07 19:41:51 | 000,000,000 | ---D | M] ("Browsing Protection") -- C:\PROGRAM FILES (X86)\SHAW SECURE\NRS\LITMUS-FF@F-SECURE.COM [2011-05-07 19:41:52 | 000,000,000 | ---D | M] (Roboform Toolbar for Firefox) -- C:\PROGRAM FILES (X86)\SIBER SYSTEMS\AI ROBOFORM\FIREFOX [2011-04-14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll O1 HOSTS File: ([2011-02-06 01:31:28 | 000,000,711 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 adobe.activate.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 www.adobeereg.com O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O1 - Hosts: 127.0.0.1 creatives.livejasmin.com O1 - Hosts: 127.0.0.1 cdn.optmd.com O1 - Hosts: 127.0.0.1 www.hageltech.com O2:[b]64bit:[/b] - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found. O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found. O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found. O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Everything] C:\Program Files (x86)\Everything\Everything.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE (Corel Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [AtiTrayTools] C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe (Ray Adams) O4 - HKCU..\Run: [CalibrizeResume] C:\Program Files (x86)\Calibrize\CalibrizeResume.exe (Eberhard Werle) O4 - HKCU..\Run: [CGFLoader] C:\Program Files (x86)\Calibrize\CalibrizeLoader.exe (Colorjinn) O4 - HKCU..\Run: [DIMDownloading your update..1285781009224] C:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\DIM.EXE (Corel Corporation) O4 - HKCU..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe (Hagel Technologies Ltd.) O4 - HKCU..\Run: [HostsMan] C:\Program Files (x86)\HostsMan\hm.exe (abelhadigital.com) O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O4 - Startup: C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\procexp.exe (Sysinternals - www.sysinternals.com) O4 - Startup: C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\procexp64.exe (Sysinternals - www.sysinternals.com) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DelayedDesktopSwitchTimeout = 5 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRealMode = 0 O8:[b]64bit:[/b] - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8:[b]64bit:[/b] - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8:[b]64bit:[/b] - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.) O8:[b]64bit:[/b] - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta () O8:[b]64bit:[/b] - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8:[b]64bit:[/b] - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.) O8 - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta () O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Device Detection) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {43E3F87D-DE7F-4087-BD4F-0DC854981158} http://download.microsoft.com/download/7/3/8/7384c441-3721-41ee-ae15-b678888f00dd/clearadj.CAB (CTAdjust Class) O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://vanmappub.vancouver.ca/download/mgaxctrl.cab (Autodesk MapGuide ActiveX Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Value error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://towercam.arts.ubc.ca/activex/AxisCamControl.cab (CamImage Class) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://costco.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/devicesoftware/AxLoader.cab (RIM AxLoader) O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab (CTAdjust Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-05-06 05:26:23 | 000,000,309 | R--- | M] () - I:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{8fb13163-71bd-11df-b7c6-485b393e06ec}\Shell - "" = AutoRun O33 - MountPoints2\{8fb13163-71bd-11df-b7c6-485b393e06ec}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- [2007-10-23 00:45:39 | 001,336,632 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-05-28 18:17:55 | 000,972,104 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\procexp64.exe [2011-05-28 16:16:14 | 000,000,000 | ---D | C] -- C:\Program Files\BitDefender [2011-05-28 16:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender [2011-05-28 15:28:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis [2011-05-28 15:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis [2011-05-28 15:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis [2011-05-28 15:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis [2011-05-28 14:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [2011-05-28 13:28:02 | 000,972,104 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Miso\Desktop\procexp64.exe [2011-05-27 00:12:42 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011-05-27 00:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011-05-27 00:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2011-05-27 00:11:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011-05-27 00:11:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2011-05-26 20:23:43 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Local\Tudou [2011-05-26 20:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tudou [2011-05-25 21:46:33 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\GetRightToGo [2011-05-25 21:46:33 | 000,000,000 | ---D | C] -- C:\Users\Miso\Documents\Downloads [2011-05-25 21:26:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011-05-25 21:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011-05-25 21:26:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011-05-25 21:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011-05-25 21:25:11 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011-05-25 21:25:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011-05-24 23:33:38 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\mIRC [2011-05-24 23:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC [2011-05-24 23:33:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC [2011-05-19 23:34:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2011-05-19 17:58:05 | 000,000,000 | ---D | C] -- C:\Users\Miso\Desktop\D3060020A_1 [2011-05-17 22:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin GPS Plugin [2011-05-17 22:30:36 | 006,253,600 | ---- | C] (Igor Pavlov) -- C:\Users\Miso\Desktop\CommunicatorPlugin_293.exe [2011-05-15 19:52:31 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\atitray [2011-05-15 19:52:29 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ATI Tray Tools [2011-05-15 19:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ray Adams [2011-05-15 19:10:52 | 000,000,000 | ---D | C] -- C:\adobeTemp [2011-05-15 19:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2011-05-15 18:43:22 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc [2011-05-15 18:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc [2011-05-15 15:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [2011-05-15 14:25:37 | 000,000,000 | R--D | C] -- C:\Users\Miso\Desktop\ink shortcut folder [2011-05-15 13:59:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2011-05-15 13:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Accelerator Plus (DAP) [2011-05-15 12:33:18 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\Foxit Software [2011-05-15 12:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2011-05-14 23:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011-05-14 20:40:15 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011-05-14 11:24:25 | 000,000,000 | ---D | C] -- C:\Users\Miso\Documents\Windows Live Mail [2011-05-14 11:07:29 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\Windows Live Writer [2011-05-14 11:07:29 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Local\Windows Live Writer [2011-05-09 21:41:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC [2011-05-09 21:41:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC [2011-05-09 21:28:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2011-05-09 21:28:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2011-05-08 15:43:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2011-05-07 22:29:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4 [2011-05-07 22:21:04 | 003,887,480 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\procexp.exe [2011-05-07 21:57:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2011-05-07 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices [2011-05-07 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices [2011-05-07 21:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2011-05-07 21:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2011-05-07 21:57:06 | 000,000,000 | ---D | C] -- C:\inetpub [2011-05-07 19:35:56 | 000,000,000 | --SD | C] -- C:\Users\Miso\AppData\Roaming\Microsoft [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\Videos [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\Saved Games [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\Pictures [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\Music [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\Links [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\Favorites [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\Downloads [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\My Documents [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\Desktop [2011-05-07 19:35:56 | 000,000,000 | R--D | C] -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\AppData\Local\Temporary Internet Files [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\Templates [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\Start Menu [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\SendTo [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\Recent [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\PrintHood [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\NetHood [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\Documents\My Videos [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\Documents\My Pictures [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\Documents\My Music [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\My Documents [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\Local Settings [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\AppData\Local\History [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\Cookies [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\Application Data [2011-05-07 19:35:56 | 000,000,000 | -HSD | C] -- C:\Users\Miso\AppData\Local\Application Data [2011-05-07 19:35:56 | 000,000,000 | -H-D | C] -- C:\Users\Miso\AppData [2011-05-07 19:35:56 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Local\Temp [2011-05-07 19:35:56 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Local\Microsoft [2011-05-07 19:35:56 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\Media Center Programs [2011-05-07 19:33:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011-05-07 19:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011-05-07 19:32:32 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2011-05-07 15:03:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2011-05-07 13:50:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2011-05-07 13:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2011-05-07 13:50:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd [2011-05-07 00:15:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Magical Jelly Bean [2011-05-07 00:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder [2011-05-05 18:00:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2011-05-04 23:07:45 | 000,000,000 | ---D | C] -- C:\Windows\Fonts\.svn [2011-04-30 12:23:32 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\Jaran Nilsen [2011-04-30 12:23:29 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iTunes Agent [2011-04-30 12:23:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes Agent [2011-04-30 11:35:29 | 000,000,000 | ---D | C] -- C:\Users\Miso\Desktop\4 GB MicroSD [2011-04-30 00:27:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Geeks3D [2011-04-29 23:34:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec [2011-04-29 23:34:22 | 000,000,000 | ---D | C] -- C:\Users\Miso\Documents\SelfMV [2011-04-29 21:39:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011-04-29 21:29:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\System32 [2011-04-29 21:25:53 | 000,000,000 | ---D | C] -- C:\Users\Miso\AppData\Local\Samsung [2011-04-29 21:24:51 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll [2010-12-30 00:14:19 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Miso\AppData\Roaming\pcouffin.sys [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [15 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Users\Miso\Documents\*.tmp files -> C:\Users\Miso\Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-05-28 18:21:24 | 000,000,012 | -H-- | M] () -- C:\dvmexp.idx [2011-05-28 18:19:19 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-05-28 18:19:19 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-05-28 18:17:55 | 000,972,104 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\procexp64.exe [2011-05-28 18:11:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-05-28 18:11:03 | 529,879,039 | -HS- | M] () -- C:\hiberfil.sys [2011-05-28 17:19:29 | 000,240,727 | ---- | M] () -- C:\ProgramData\bdinstall.bin [2011-05-28 15:14:50 | 000,001,324 | ---- | M] () -- C:\Users\Public\Desktop\Acronis Disk Director Suite.lnk [2011-05-28 15:13:58 | 000,851,860 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-05-28 15:13:58 | 000,720,390 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-05-28 15:13:58 | 000,143,272 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-05-28 14:20:40 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk [2011-05-28 13:28:02 | 000,972,104 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Miso\Desktop\procexp64.exe [2011-05-27 12:53:07 | 000,000,984 | ---- | M] () -- C:\Users\Miso\AppData\Local\7F68A003.il [2011-05-27 12:53:07 | 000,000,280 | ---- | M] () -- C:\Users\Miso\AppData\Local\IndexIE_7F68A003.il [2011-05-27 11:14:22 | 000,561,100 | ---- | M] () -- C:\Users\Miso\Desktop\TMpptc054.pdf [2011-05-25 21:32:42 | 000,249,128 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat [2011-05-25 21:26:24 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011-05-24 23:33:38 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk [2011-05-23 22:26:31 | 000,001,433 | ---- | M] () -- C:\Users\Miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011-05-23 22:23:52 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2011-05-23 22:23:52 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2011-05-23 15:21:54 | 000,275,753 | ---- | M] () -- C:\Users\Miso\Documents\Daisy@mike's - Pacific Urban ReView board.mht [2011-05-23 15:16:30 | 000,377,681 | ---- | M] () -- C:\Users\Miso\Documents\Olive at Mike's - Pacific Urban ReView board.mht [2011-05-23 15:15:20 | 000,335,755 | ---- | M] () -- C:\Users\Miso\Documents\Olive just mind blowing___fckin crazy experience-778---0296 - Pacific Urban ReView board.mht [2011-05-23 15:14:19 | 001,698,119 | ---- | M] () -- C:\Users\Miso\Documents\Ava by Fraser and 41st - Pacific Urban ReView board.mht [2011-05-23 15:11:19 | 000,269,687 | ---- | M] () -- C:\Users\Miso\Documents\Jessica in Burnaby - Pacific Urban ReView board.mht [2011-05-19 23:15:39 | 000,000,182 | ---- | M] () -- C:\Windows\SysWow64\~.inf [2011-05-19 22:28:45 | 000,214,016 | ---- | M] () -- C:\Users\Miso\Documents\Portland, Oregon, United States.est [2011-05-19 21:16:42 | 000,015,376 | ---- | M] () -- C:\Users\Miso\Documents\Portland2.gdb [2011-05-19 18:20:02 | 376,381,191 | ---- | M] () -- C:\Users\Miso\Desktop\D3060020A.JCV [2011-05-19 17:57:29 | 223,857,012 | ---- | M] () -- C:\Users\Miso\Desktop\D3060020A.JCV.rar [2011-05-18 12:39:21 | 000,005,614 | ---- | M] () -- C:\Users\Miso\Desktop\ShippingEOE[1].pdf [2011-05-17 22:30:39 | 006,253,600 | ---- | M] (Igor Pavlov) -- C:\Users\Miso\Desktop\CommunicatorPlugin_293.exe [2011-05-15 19:27:15 | 000,049,290 | ---- | M] () -- C:\Users\Miso\Documents\cc_20110515_192712.reg [2011-05-15 19:14:25 | 000,172,806 | ---- | M] () -- C:\Users\Miso\Documents\cc_20110515_191421.reg [2011-05-15 19:13:16 | 000,000,000 | ---- | M] () -- C:\MAPISVC.INF [2011-05-15 18:43:22 | 000,000,949 | ---- | M] () -- C:\Users\Miso\Desktop\MagicDisc.lnk [2011-05-15 17:01:25 | 000,001,517 | ---- | M] () -- C:\Users\Miso\Desktop\Cirque du Soleil - Ka.avi - Shortcut.lnk [2011-05-15 15:02:10 | 000,001,226 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk [2011-05-15 15:00:12 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\StudioTax 2010.lnk [2011-05-15 14:59:46 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Digital Image Suite 2006 Editor.lnk [2011-05-15 14:52:34 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011-05-15 13:58:34 | 000,001,541 | ---- | M] () -- C:\Users\Miso\Desktop\Streets 2010.lnk [2011-05-15 13:57:41 | 000,002,531 | ---- | M] () -- C:\Users\Miso\Desktop\Pinnacle Studio 14.lnk [2011-05-15 13:46:45 | 000,001,658 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk [2011-05-15 13:44:33 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2011-05-15 13:28:32 | 000,002,186 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011-05-14 11:03:15 | 005,079,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-05-14 10:29:48 | 000,001,504 | ---- | M] () -- C:\Users\Miso\Desktop\CalibrizeResume.exe - Shortcut.lnk [2011-05-14 00:31:54 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2011-05-12 22:20:48 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-05-12 22:20:48 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-05-10 21:32:45 | 000,089,721 | ---- | M] () -- C:\Users\Miso\Documents\portland,.gdb [2011-05-09 21:39:29 | 000,186,048 | ---- | M] () -- C:\Users\Miso\Desktop\National Household Survey.mht [2011-05-07 22:57:12 | 000,073,824 | ---- | M] () -- C:\Users\Miso\Documents\cc_20110507_225709.reg [2011-05-07 22:29:13 | 000,001,239 | ---- | M] () -- C:\Users\Public\Desktop\Quick Care.lnk [2011-05-07 22:29:12 | 000,001,217 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk [2011-05-07 22:27:52 | 000,016,574 | ---- | M] () -- C:\Users\Miso\Documents\cc_20110507_222749.reg [2011-05-07 22:00:28 | 000,796,304 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-05-07 20:15:30 | 000,040,833 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011-05-07 20:15:30 | 000,040,833 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011-05-07 20:08:54 | 000,022,840 | ---- | M] () -- C:\Windows\SysNative\emptyregdb.dat [2011-05-07 19:33:42 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2011-05-07 18:41:30 | 000,004,074 | ---- | M] () -- C:\Users\Miso\Desktop\Windows Compatibility Report.htm [2011-05-07 18:39:10 | 000,001,890 | ---- | M] () -- C:\Windows\diagwrn.xml [2011-05-07 18:39:10 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml [2011-05-07 01:04:29 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf [2011-05-07 01:04:29 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LHidFilt_01005.Wdf [2011-05-07 00:15:39 | 000,000,994 | ---- | M] () -- C:\Users\Public\Desktop\KeyFinder.lnk [2011-05-06 23:57:34 | 000,107,836 | ---- | M] () -- C:\Users\Miso\Documents\bookmark.htm [2011-05-06 23:56:30 | 000,024,681 | ---- | M] () -- C:\Users\Miso\Desktop\bookmarks-2011-05-06.json [2011-05-06 11:16:35 | 000,104,894 | ---- | M] () -- C:\Users\Miso\Documents\cc_20110506_111627.reg [2011-05-04 23:13:23 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies mini.lnk [2011-05-04 23:08:09 | 000,002,108 | ---- | M] () -- C:\Users\Miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies mini.lnk [2011-05-02 23:16:12 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-05-02 23:03:50 | 000,001,953 | ---- | M] () -- C:\Users\Miso\Desktop\Mozilla Firefox.lnk [2011-05-02 12:16:04 | 003,097,130 | ---- | M] () -- C:\Users\Miso\Desktop\captivate userguide2746.pdf [2011-04-30 13:12:27 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk [2011-04-30 12:23:29 | 000,001,051 | ---- | M] () -- C:\Users\Miso\Desktop\iTunes Agent.lnk [2011-04-30 00:27:43 | 000,001,300 | ---- | M] () -- C:\Users\Miso\Desktop\FurMark.lnk [2011-04-29 23:14:05 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2011-04-29 23:12:11 | 000,001,973 | ---- | M] () -- C:\Users\Miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk [2011-04-29 22:01:24 | 003,097,130 | ---- | M] () -- C:\Users\Miso\Desktop\UserGuide_i896Froyo_EN.pdf [2011-04-29 22:01:12 | 003,000,160 | ---- | M] () -- C:\Users\Miso\Desktop\i896_UserGuide_EN.pdf [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [15 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [1 C:\Users\Miso\Documents\*.tmp files -> C:\Users\Miso\Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-05-28 16:07:39 | 000,240,727 | ---- | C] () -- C:\ProgramData\bdinstall.bin [2011-05-28 15:26:34 | 000,000,012 | -H-- | C] () -- C:\dvmexp.idx [2011-05-28 15:14:50 | 000,001,324 | ---- | C] () -- C:\Users\Public\Desktop\Acronis Disk Director Suite.lnk [2011-05-28 14:20:40 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk [2011-05-27 11:06:00 | 000,561,100 | ---- | C] () -- C:\Users\Miso\Desktop\TMpptc054.pdf [2011-05-25 21:50:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011-05-25 21:26:24 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011-05-24 23:33:38 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk [2011-05-23 22:23:52 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2011-05-23 22:23:52 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2011-05-23 15:21:53 | 000,275,753 | ---- | C] () -- C:\Users\Miso\Documents\Daisy@mike's - Pacific Urban ReView board.mht [2011-05-23 15:16:29 | 000,377,681 | ---- | C] () -- C:\Users\Miso\Documents\Olive at Mike's - Pacific Urban ReView board.mht [2011-05-23 15:15:18 | 000,335,755 | ---- | C] () -- C:\Users\Miso\Documents\Olive just mind blowing___fckin crazy experience-778---0296 - Pacific Urban ReView board.mht [2011-05-23 15:14:18 | 001,698,119 | ---- | C] () -- C:\Users\Miso\Documents\Ava by Fraser and 41st - Pacific Urban ReView board.mht [2011-05-23 15:11:18 | 000,269,687 | ---- | C] () -- C:\Users\Miso\Documents\Jessica in Burnaby - Pacific Urban ReView board.mht [2011-05-19 23:48:06 | 963,012,908 | ---- | C] () -- C:\Users\Miso\Desktop\CRPD319.avi [2011-05-19 18:04:23 | 108,967,929 | ---- | C] () -- C:\Users\Miso\Desktop\D3060010A.JCV [2011-05-19 17:56:31 | 376,381,191 | ---- | C] () -- C:\Users\Miso\Desktop\D3060020A.JCV [2011-05-19 17:48:26 | 223,857,012 | ---- | C] () -- C:\Users\Miso\Desktop\D3060020A.JCV.rar [2011-05-18 12:39:53 | 000,005,614 | ---- | C] () -- C:\Users\Miso\Desktop\ShippingEOE[1].pdf [2011-05-17 22:54:21 | 000,015,376 | ---- | C] () -- C:\Users\Miso\Documents\Portland2.gdb [2011-05-15 19:27:14 | 000,049,290 | ---- | C] () -- C:\Users\Miso\Documents\cc_20110515_192712.reg [2011-05-15 19:14:23 | 000,172,806 | ---- | C] () -- C:\Users\Miso\Documents\cc_20110515_191421.reg [2011-05-15 19:13:16 | 000,000,000 | ---- | C] () -- C:\MAPISVC.INF [2011-05-15 18:44:30 | 820,123,648 | ---- | C] () -- C:\Users\Miso\Desktop\14.0.4763.1000_ProofingToolsKitCompilation_none_ship_x64_en-us_dvd.iso [2011-05-15 17:01:25 | 000,001,517 | ---- | C] () -- C:\Users\Miso\Desktop\Cirque du Soleil - Ka.avi - Shortcut.lnk [2011-05-15 15:02:10 | 000,001,226 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk [2011-05-15 13:58:34 | 000,001,541 | ---- | C] () -- C:\Users\Miso\Desktop\Streets 2010.lnk [2011-05-15 13:57:41 | 000,002,531 | ---- | C] () -- C:\Users\Miso\Desktop\Pinnacle Studio 14.lnk [2011-05-15 13:46:45 | 000,001,658 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk [2011-05-14 23:54:24 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2011-05-14 10:29:48 | 000,001,504 | ---- | C] () -- C:\Users\Miso\Desktop\CalibrizeResume.exe - Shortcut.lnk [2011-05-10 21:32:45 | 000,089,721 | ---- | C] () -- C:\Users\Miso\Documents\portland,.gdb [2011-05-09 21:39:28 | 000,186,048 | ---- | C] () -- C:\Users\Miso\Desktop\National Household Survey.mht [2011-05-08 00:47:14 | 000,000,984 | ---- | C] () -- C:\Users\Miso\AppData\Local\7F68A003.il [2011-05-08 00:47:14 | 000,000,280 | ---- | C] () -- C:\Users\Miso\AppData\Local\IndexIE_7F68A003.il [2011-05-07 22:57:11 | 000,073,824 | ---- | C] () -- C:\Users\Miso\Documents\cc_20110507_225709.reg [2011-05-07 22:29:13 | 000,001,239 | ---- | C] () -- C:\Users\Public\Desktop\Quick Care.lnk [2011-05-07 22:29:12 | 000,001,217 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk [2011-05-07 22:27:51 | 000,016,574 | ---- | C] () -- C:\Users\Miso\Documents\cc_20110507_222749.reg [2011-05-07 22:00:25 | 000,796,304 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-05-07 20:26:38 | 000,001,439 | ---- | C] () -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011-05-07 20:26:38 | 000,001,405 | ---- | C] () -- C:\Users\Miso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011-05-07 20:16:58 | 529,879,039 | -HS- | C] () -- C:\hiberfil.sys [2011-05-07 19:35:56 | 000,000,290 | ---- | C] () -- C:\Users\Miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2011-05-07 19:35:56 | 000,000,272 | ---- | C] () -- C:\Users\Miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2011-05-07 19:35:32 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2011-05-07 19:35:29 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2011-05-07 19:33:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-05-07 01:04:29 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf [2011-05-07 01:04:29 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LHidFilt_01005.Wdf [2011-05-07 00:15:39 | 000,000,994 | ---- | C] () -- C:\Users\Public\Desktop\KeyFinder.lnk [2011-05-06 23:57:30 | 000,107,836 | ---- | C] () -- C:\Users\Miso\Documents\bookmark.htm [2011-05-06 23:56:30 | 000,024,681 | ---- | C] () -- C:\Users\Miso\Desktop\bookmarks-2011-05-06.json [2011-05-06 11:16:28 | 000,104,894 | ---- | C] () -- C:\Users\Miso\Documents\cc_20110506_111627.reg [2011-05-04 23:08:09 | 000,002,108 | ---- | C] () -- C:\Users\Miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies mini.lnk [2011-05-04 23:08:09 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies mini.lnk [2011-05-02 23:03:50 | 000,001,953 | ---- | C] () -- C:\Users\Miso\Desktop\Mozilla Firefox.lnk [2011-05-02 12:16:02 | 003,097,130 | ---- | C] () -- C:\Users\Miso\Desktop\captivate userguide2746.pdf [2011-04-30 12:23:29 | 000,001,051 | ---- | C] () -- C:\Users\Miso\Desktop\iTunes Agent.lnk [2011-04-30 00:27:43 | 000,001,300 | ---- | C] () -- C:\Users\Miso\Desktop\FurMark.lnk [2011-04-29 22:01:24 | 003,097,130 | ---- | C] () -- C:\Users\Miso\Desktop\UserGuide_i896Froyo_EN.pdf [2011-04-29 22:01:12 | 003,000,160 | ---- | C] () -- C:\Users\Miso\Desktop\i896_UserGuide_EN.pdf [2011-04-29 21:25:44 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2011-04-29 21:24:55 | 000,001,973 | ---- | C] () -- C:\Users\Miso\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk [2011-04-05 22:09:48 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011-03-17 10:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011-02-11 22:30:29 | 000,042,664 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys [2011-02-08 23:24:50 | 000,000,760 | ---- | C] () -- C:\Users\Miso\AppData\Roaming\setup_ldm.iss [2011-01-29 17:00:24 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011-01-29 17:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011-01-29 17:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011-01-29 17:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011-01-29 17:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2010-12-30 00:14:19 | 000,099,384 | ---- | C] () -- C:\Users\Miso\AppData\Roaming\inst.exe [2010-12-30 00:14:19 | 000,007,859 | ---- | C] () -- C:\Users\Miso\AppData\Roaming\pcouffin.cat [2010-12-30 00:14:19 | 000,001,167 | ---- | C] () -- C:\Users\Miso\AppData\Roaming\pcouffin.inf [2010-12-16 13:25:58 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010-12-12 00:53:08 | 000,000,000 | ---- | C] () -- C:\Windows\cedt.INI [2010-09-11 19:29:16 | 001,774,720 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2010-09-11 19:29:16 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2010-09-11 19:29:16 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2010-09-11 19:29:16 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2010-09-11 19:29:16 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2010-09-04 23:46:32 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\uuddc32.dll [2010-09-04 11:28:04 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI [2010-07-18 20:32:16 | 000,000,049 | ---- | C] () -- C:\Users\Miso\AppData\Roaming\MapReverseConverter.dat [2010-07-12 20:24:07 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010-07-12 18:10:36 | 000,016,596 | ---- | C] () -- C:\Windows\MSTMON_Y.INI [2010-07-12 18:10:36 | 000,012,244 | ---- | C] () -- C:\Windows\MSUMLT_Y.INI [2010-07-03 16:35:24 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin [2010-06-29 22:58:21 | 000,000,049 | ---- | C] () -- C:\Windows\ZoneLib-DisplayNames.ini [2010-06-26 22:22:39 | 000,003,721 | ---- | C] () -- C:\Windows\SymmTime.ini [2010-06-25 23:57:25 | 000,000,149 | ---- | C] () -- C:\Windows\QUICKEN.INI [2010-06-20 11:04:34 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe [2010-06-20 11:04:34 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe [2010-06-18 20:28:47 | 000,000,019 | ---- | C] () -- C:\Windows\clofghls.dll [2010-06-18 18:46:57 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI [2010-06-13 22:48:56 | 000,249,128 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010-06-13 12:08:16 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI [2010-06-12 19:59:15 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini [2010-06-12 19:59:14 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll [2010-06-06 20:40:13 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini [2010-06-06 18:39:25 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-06-04 16:42:01 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys [2010-06-04 16:25:23 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2010-06-04 16:25:23 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2010-06-04 16:13:30 | 000,047,746 | ---- | C] () -- C:\Windows\Ascd_log.ini [2010-06-04 16:10:12 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010-06-04 16:10:09 | 000,031,979 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2010-02-08 07:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\SysWow64\vfprintpthelper.dll [2009-10-06 00:16:00 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009-07-13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009-04-02 05:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2008-12-01 18:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll [2008-05-15 14:19:54 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\ViaClassCoInstaller.dll [2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys [2004-11-18 21:10:42 | 000,014,740 | ---- | C] () -- C:\Windows\MSTMON_Q.INI [2004-11-18 21:10:42 | 000,011,521 | ---- | C] () -- C:\Windows\MSUMLT_Q.INI [color=#E56717]========== LOP Check ==========[/color] [2011-05-07 19:56:25 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\abelhadigital.com [2011-05-07 19:56:28 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\anpo.republika.pl [2011-05-07 19:58:11 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Auslogics [2011-05-07 19:58:11 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\AutoSync for Yahoo [2011-05-07 19:58:11 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\BHOK IT Consulting [2011-05-07 19:58:11 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Canneverbe Limited [2011-05-07 19:58:11 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011-05-07 19:58:43 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\CheeseSoft [2011-05-07 19:58:43 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\com.adobe.DC3Module.AdobeADC [2011-05-07 19:58:43 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011-05-07 19:58:43 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\com.Desktop.FlyCast.7C0C57158F17768D90610B2E569AA275F34D83AB.1 [2011-05-07 19:58:45 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1 [2011-05-07 19:58:45 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\eFax Messenger [2010-06-30 21:38:06 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\EurekaLog [2011-03-26 00:33:54 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\f-secure [2011-05-07 19:58:45 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\fltk.org [2011-05-07 19:58:45 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Forte [2011-05-15 12:33:18 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Foxit Software [2011-05-07 19:58:46 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\FreeAudioPack [2011-05-07 19:58:46 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\FreeCDRipper [2011-05-07 19:58:46 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\freephoneline.ca [2011-05-07 19:58:46 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\FrostWire [2011-05-07 19:58:47 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\GARMIN [2011-05-25 21:46:41 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\GetRightToGo [2011-05-07 19:58:47 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\GHISLER [2011-05-07 19:58:47 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\GoodSync [2011-05-07 19:58:47 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\HD Tune Pro [2010-06-09 18:44:41 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\ieSpell [2011-05-07 19:58:47 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\ImgBurn [2011-05-07 22:29:09 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\IObit [2011-05-07 19:58:48 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\IrfanView [2011-05-07 19:58:48 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\j2 Global [2011-05-07 19:58:48 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\JAM Software [2011-05-07 19:58:48 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Jaran Nilsen [2011-05-07 19:58:48 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\JonDo [2011-05-07 19:58:48 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Leadertech [2011-05-07 19:58:59 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\NCH Swift Sound [2011-05-07 19:58:59 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\NewsLeecher [2011-05-07 19:58:59 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Nonoh [2011-05-07 19:59:00 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Opera [2011-05-07 19:59:00 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\PC Suite [2010-06-12 20:05:36 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\proDAD [2011-05-07 19:59:00 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\PureInbox [2011-05-07 19:59:02 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1 [2011-05-07 19:59:02 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Samsung [2011-05-07 19:59:05 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011-05-07 19:59:05 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Thunderbird [2011-05-07 19:59:06 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Trillian [2011-05-28 01:56:27 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\uTorrent [2010-12-30 00:15:13 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Vso [2011-05-14 11:07:29 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Windows Live Writer [2011-05-07 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Xerox [2011-05-07 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\XnView [2011-05-07 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\Miso\AppData\Roaming\Zoner [2011-02-13 11:44:34 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job [2011-02-11 23:47:36 | 000,000,376 | ---- | M] () -- C:\Windows\Tasks\PerfectOptimizer_Home.Job [2009-07-13 22:08:49 | 000,015,010 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2011-04-17 00:13:31 | 000,974,343 | ---- | M] ()(C:\Users\Miso\Desktop\Videos Posted by Fans of APA?????????? ????????????!???????!_php.mht) -- C:\Users\Miso\Desktop\Videos Posted by Fans of APA中華民國保護動物協會 大家一起把這個女的找出來!她應該要下地獄!_php.mht [2011-04-17 00:13:28 | 000,974,343 | ---- | C] ()(C:\Users\Miso\Desktop\Videos Posted by Fans of APA?????????? ????????????!???????!_php.mht) -- C:\Users\Miso\Desktop\Videos Posted by Fans of APA中華民國保護動物協會 大家一起把這個女的找出來!她應該要下地獄!_php.mht [2010-07-31 00:13:49 | 000,830,317 | -H-- | M] ()(C:\Users\Miso\Desktop\??couple 2009's favorite photos and videos Flickr.mht) -- C:\Users\Miso\Desktop\萌えcouple 2009's favorite photos and videos Flickr.mht [2010-07-31 00:13:48 | 000,830,317 | -H-- | C] ()(C:\Users\Miso\Desktop\??couple 2009's favorite photos and videos Flickr.mht) -- C:\Users\Miso\Desktop\萌えcouple 2009's favorite photos and videos Flickr.mht < End of report >