OTL logfile created on: 11/18/2011 7:04:38 AM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = M:\ 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 6.00 Gb Total Physical Memory | 4.18 Gb Available Physical Memory | 69.74% Memory free 12.00 Gb Paging File | 9.95 Gb Available in Paging File | 82.91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931.35 Gb Total Space | 830.33 Gb Free Space | 89.15% Space Free | Partition Type: NTFS Drive E: | 931.51 Gb Total Space | 418.97 Gb Free Space | 44.98% Space Free | Partition Type: NTFS Drive M: | 931.51 Gb Total Space | 104.72 Gb Free Space | 11.24% Space Free | Partition Type: NTFS Drive T: | 931.51 Gb Total Space | 12.19 Gb Free Space | 1.31% Space Free | Partition Type: NTFS Computer Name: MIKE2011 | User Name: Mike | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/11/17 22:10:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- M:\OTL.exe PRC - [2011/06/10 10:54:30 | 000,419,104 | ---- | M] (GameStop Corporation) -- C:\Program Files (x86)\Impulse\Now\ImpulseNow.exe PRC - [2011/06/10 10:53:57 | 002,389,280 | ---- | M] (GameStop) -- C:\Program Files (x86)\Impulse\Impulse.exe PRC - [2010/06/28 21:50:36 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe PRC - [2010/04/26 21:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010/02/02 23:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2009/06/03 23:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/10/13 17:15:49 | 000,485,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VDialog\8645c9450d6a8b3692f073f5f9661a24\VDialog.ni.dll MOD - [2011/10/13 17:15:48 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\c769f5b96717dba342e08220b1ffad85\VistaBridgeLibrary.ni.dll MOD - [2011/10/13 17:15:47 | 007,060,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Impulse\3087557f462c2e0d0f10fecc14012d7f\Impulse.ni.exe MOD - [2011/10/13 17:15:45 | 000,524,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Web\731bad8205f5140607e3c542123707e1\Sd.Web.ni.dll MOD - [2011/10/13 17:15:45 | 000,036,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WBOCXLib\b109eca53daa848df7025de11e2447bb\WBOCXLib.ni.dll MOD - [2011/10/13 17:15:44 | 000,899,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\sd.central.cvp.serv#\71760d75f1065b96304d5e7aa6ebffaa\sd.central.cvp.server.ni.dll MOD - [2011/10/13 17:15:44 | 000,326,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\7a1c4251ad21b525e1392409beb3fb3d\MyDock.Util.ni.dll MOD - [2011/10/13 17:15:44 | 000,050,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\StardockCentralDSkin\b002b2d49997835935de29b3f46be52f\StardockCentralDSkin.ni.dll MOD - [2011/10/13 17:15:43 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd\8b778019f7addbcf4c19b72a6fe3780c\Sd.ni.dll MOD - [2011/10/13 17:15:42 | 000,804,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Irc\8bb29d8d9d37140915c1af0dd1c79568\Sd.Irc.ni.dll MOD - [2011/10/13 17:15:42 | 000,155,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.UI\1636a91e72f1ffcdcb39acecc248e845\Sd.UI.ni.dll MOD - [2011/10/13 17:15:41 | 001,746,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WindowsAP#\92cd1862206140136f2b50b4ce117faa\Microsoft.WindowsAPICodePack.Shell.ni.dll MOD - [2011/10/13 17:15:40 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll MOD - [2011/10/13 17:15:38 | 000,290,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WindowsAP#\8b5ec95e5c2c2aad094aea82b79c8433\Microsoft.WindowsAPICodePack.ni.dll MOD - [2011/10/13 17:15:38 | 000,098,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Uninstall\9cc87a67b3d1529fa21aa2560373426f\Sd.Uninstall.ni.dll MOD - [2011/10/13 17:15:37 | 000,352,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.InstallManager\d1d46c1bd894b56ef75159ada19216e3\Sd.InstallManager.ni.dll MOD - [2011/10/13 17:15:37 | 000,129,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Central.Archive\6ff90d6be4d68e06efc12e725affea4f\Sd.Central.Archive.ni.dll MOD - [2011/10/13 17:15:37 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\ccf5601d576f9ba8f728cf91034eb0eb\Interop.IWshRuntimeLibrary.ni.dll MOD - [2011/10/13 17:15:37 | 000,056,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Stardock.Central.Se#\01d4599cd1af815fed935c9aeba32a18\Stardock.Central.Security.ni.dll MOD - [2011/10/13 17:15:34 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\32f68764be7200d3796b55e377311245\Microsoft.VisualBasic.ni.dll MOD - [2011/10/13 17:15:33 | 010,530,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Gibraltar.Agent\1ff4602823abab2a2067efd70278a241\Gibraltar.Agent.ni.dll MOD - [2011/10/13 17:15:28 | 001,759,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Common\0c2630404558836a10dfb04f1842f2bc\Sd.Common.ni.dll MOD - [2011/10/13 17:15:27 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\AxInterop.Shockwave#\eb6c3b2e1d0ecff58ca8b123a42312b5\AxInterop.ShockwaveFlashObjects.ni.dll MOD - [2011/10/13 17:15:27 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.ShockwaveFl#\64a1ae0c6353904de5827aa46ac9ce9f\Interop.ShockwaveFlashObjects.ni.dll MOD - [2011/10/13 17:15:24 | 000,726,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\f8d6066153dfbe0b75a6364dc8a96e6b\ICSharpCode.SharpZipLib.ni.dll MOD - [2011/10/13 17:13:37 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a512243ee9900e621fb8cd990a9c679d\System.Web.Services.ni.dll MOD - [2011/10/13 17:13:14 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll MOD - [2011/10/13 17:13:09 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll MOD - [2011/10/13 17:12:51 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll MOD - [2011/10/13 17:12:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll MOD - [2011/10/13 17:12:48 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011/10/13 17:12:43 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/06/10 10:54:31 | 000,029,984 | ---- | M] () -- C:\Program Files (x86)\Impulse\Now\SDSecurity.dll MOD - [2009/06/03 23:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/06/03 23:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011/08/24 05:59:48 | 002,528,096 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:[b]64bit:[/b] - [2011/08/17 19:25:38 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:[b]64bit:[/b] - [2011/04/27 16:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2011/04/27 16:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2010/01/13 10:11:48 | 000,331,752 | ---- | M] (XIMETA, Inc.) [Auto | Stopped] -- C:\Program Files\NDAS\System\ndassvc.exe -- (ndassvc) SRV:[b]64bit:[/b] - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2008/07/29 12:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90) SRV - [2011/10/13 17:44:24 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/05/21 05:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011/02/28 17:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2011/01/07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/01/18 21:31:26 | 000,072,304 | R--- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X) SRV - [2009/12/15 15:07:16 | 000,025,832 | ---- | M] (BioWare) [Auto | Stopped] -- C:\Program Files (x86)\Electronic Arts\Dragon Age Origins\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV:[b]64bit:[/b] - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV:[b]64bit:[/b] - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2011/04/27 14:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/11/11 18:10:49 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2010/04/26 20:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b]64bit:[/b] - [2010/04/26 20:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b]64bit:[/b] - [2010/03/04 08:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010/01/27 03:58:38 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:[b]64bit:[/b] - [2010/01/13 10:12:14 | 000,738,792 | ---- | M] (XIMETA, Inc.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lfsfilt.sys -- (lfsfilt) DRV:[b]64bit:[/b] - [2010/01/13 10:12:10 | 000,151,528 | ---- | M] (XIMETA, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lpx6x.sys -- (lpx) DRV:[b]64bit:[/b] - [2010/01/13 10:12:08 | 000,497,640 | ---- | M] (XIMETA, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndasbus.sys -- (ndasbus) DRV:[b]64bit:[/b] - [2010/01/13 10:12:04 | 000,607,720 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ndasfat.sys -- (ndasfat) DRV:[b]64bit:[/b] - [2010/01/13 10:12:02 | 000,746,472 | ---- | M] (XIMETA, Inc.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\ndasfs.sys -- (ndasfs) DRV:[b]64bit:[/b] - [2010/01/13 10:11:54 | 001,053,160 | ---- | M] (XIMETA, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ndasrofs.sys -- (ndasrofs) DRV:[b]64bit:[/b] - [2010/01/13 10:11:48 | 000,486,888 | ---- | M] (XIMETA, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndasscsi.sys -- (ndasscsi) DRV:[b]64bit:[/b] - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:[b]64bit:[/b] - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) DRV - [2011/01/13 17:21:49 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010/06/28 21:50:22 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/03/16 21:29:29] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/;_ylt=AvdZ42hLP_UIrkyF0Pf8XjJG2vAI" FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110704 FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.23.0.5 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: support@ancestry.com:1.0.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mike\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mike\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/28 05:49:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/28 05:49:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/08/17 18:16:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011/01/21 20:15:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions [2011/01/21 20:15:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/11/17 07:38:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6aex7o4k.default\extensions [2011/08/20 07:56:36 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6aex7o4k.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011/07/10 19:39:08 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6aex7o4k.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/02/06 11:14:01 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6aex7o4k.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2011/08/20 07:56:37 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6aex7o4k.default\extensions\DeviceDetection@logitech.com [2011/03/09 21:37:13 | 000,000,000 | ---D | M] (Ancestry.com Advanced Image Viewer) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\6aex7o4k.default\extensions\support@ancestry.com [2011/06/17 06:41:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/03/08 20:02:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/04/23 18:54:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011/06/17 06:41:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mike\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Mike\AppData\Local\Google\Chrome\Application\15.0.874.106\gears.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mike\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2011/03/18 21:39:07 | 000,001,113 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 iw2.slysoft.com O1 - Hosts: 127.0.0.1 h3.slysoft.com O1 - Hosts: 127.0.0.1 update.slysoft.com O1 - Hosts: 127.0.0.1 slysoft.com O1 - Hosts: 127.0.0.1 sb2slysoft.com O1 - Hosts: 127.0.0.1 ns6.gandi.net O1 - Hosts: 127.0.0.1 ev1slysoft.com O1 - Hosts: 127.0.0.1 iw2.slysoft.com O1 - Hosts: 127.0.0.1 reverse.privatedns.com O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime File not found O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Impulse Now.lnk = C:\Program Files (x86)\Impulse\Now\ImpulseNow.exe (GameStop Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.71.230 68.87.73.246 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10FE36D1-6491-41B0-8B71-106B5899B16E}: DhcpNameServer = 68.87.71.230 68.87.73.246 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) -C:\Windows\SysWOW64\guard32.dll (COMODO) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\D\Shell - "" = AutoRun O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/11/11 14:39:50 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Auslogics [2011/11/11 14:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics [2011/11/11 14:28:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics [2011/10/24 18:30:23 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\LEGO Creations [2011/10/24 18:30:23 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\LEGO Company [2011/10/24 18:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company [2011/10/24 18:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LEGO Company [2011/10/22 15:13:43 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeitOne [2011/10/22 15:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MakeitOne [2011/10/22 15:13:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MakeitOne [2011/10/21 05:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/10/21 05:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/10/21 05:43:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011/10/21 05:43:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011/10/21 05:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/10/21 05:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011/10/21 05:40:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/11/18 09:01:11 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/11/18 09:00:51 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1888492754-3244777765-1062032002-1001UA.job [2011/11/18 08:16:51 | 000,018,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/11/18 08:16:16 | 000,018,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/11/18 07:17:59 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 458ed6c8-2011-4952-9740-3cb2b9799221.job [2011/11/18 06:19:41 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/11/18 00:59:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1888492754-3244777765-1062032002-1001Core.job [2011/11/18 00:21:41 | 004,886,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/11/17 23:02:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/11/17 22:15:56 | 535,633,919 | -HS- | M] () -- C:\hiberfil.sys [2011/11/16 00:14:08 | 000,876,338 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/11/16 00:14:08 | 000,728,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/11/16 00:14:08 | 000,147,498 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/11/15 19:47:11 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/10/29 21:31:23 | 000,002,008 | -H-- | M] () -- C:\Users\Mike\Documents\Default.rdp [2011/10/26 17:00:12 | 000,002,396 | ---- | M] () -- C:\Users\Mike\Desktop\Google Chrome.lnk [2011/10/25 01:00:00 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 9f64da95-393f-4f4f-a13d-50adb58649bb.job [2011/10/24 18:30:16 | 000,002,174 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\LEGO Digital Designer.lnk [2011/10/24 18:30:16 | 000,002,150 | ---- | M] () -- C:\Users\Public\Desktop\LEGO Digital Designer.lnk [2011/10/22 15:13:43 | 000,131,584 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall.exe [2011/10/22 15:13:43 | 000,000,628 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-MakeitOne MP3 Album Maker.dat [2011/10/22 15:13:33 | 000,028,898 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-MakeitOne MP3 Album Maker.bmp [2011/10/22 15:06:42 | 000,069,632 | ---- | M] () -- C:\Windows\SysWow64\realbap1.dll [2011/10/22 15:06:42 | 000,045,568 | ---- | M] () -- C:\Windows\SysWow64\realbsf1.dll [2011/10/21 05:45:49 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/10/20 19:37:22 | 000,000,113 | ---- | M] () -- C:\Users\Mike\Desktop\DigiExpress = iPod Touch 4th gen replacement screen assembly.URL [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/10/24 18:30:16 | 000,002,174 | ---- | C] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\LEGO Digital Designer.lnk [2011/10/24 18:30:16 | 000,002,150 | ---- | C] () -- C:\Users\Public\Desktop\LEGO Digital Designer.lnk [2011/10/22 15:13:43 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe [2011/10/22 15:13:43 | 000,028,898 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-MakeitOne MP3 Album Maker.bmp [2011/10/22 15:13:43 | 000,000,628 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-MakeitOne MP3 Album Maker.dat [2011/10/21 05:45:49 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/10/20 19:37:22 | 000,000,113 | ---- | C] () -- C:\Users\Mike\Desktop\DigiExpress = iPod Touch 4th gen replacement screen assembly.URL [2011/07/02 13:35:33 | 000,069,632 | ---- | C] () -- C:\Windows\realbap1.dll [2011/07/02 13:35:33 | 000,045,568 | ---- | C] () -- C:\Windows\realbsf1.dll [2011/06/26 09:33:38 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\realbap1.dll [2011/06/26 09:33:38 | 000,045,568 | ---- | C] () -- C:\Windows\SysWow64\realbsf1.dll [2011/05/12 06:11:07 | 000,000,448 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/03/18 21:58:02 | 001,627,136 | ---- | C] () -- C:\Windows\SysWow64\fftw3.dll [2011/03/18 21:58:02 | 001,527,650 | ---- | C] () -- C:\Windows\SysWow64\libfftw3f-3.dll [2011/03/18 21:58:02 | 000,140,288 | ---- | C] () -- C:\Windows\SysWow64\avsfilter.dll [2011/03/18 21:58:02 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\avisynth_c.dll [2011/03/18 21:58:02 | 000,004,608 | ---- | C] () -- C:\Windows\SysWow64\AvsRecursion.dll [2011/03/17 19:09:31 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2011/03/06 14:39:15 | 000,000,535 | ---- | C] () -- C:\Windows\ODBCINST.INI [2011/02/24 21:29:52 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011/02/24 21:29:52 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011/01/27 13:47:25 | 000,007,602 | ---- | C] () -- C:\Users\Mike\AppData\Local\resmon.resmoncfg [2011/01/25 19:26:08 | 000,039,735 | ---- | C] () -- C:\Windows\DIIUnin.dat [2011/01/23 17:02:38 | 000,000,548 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\AutoGK.ini [2011/01/23 09:38:22 | 000,000,198 | ---- | C] () -- C:\Windows\Quicken.ini [2011/01/22 08:53:39 | 000,000,422 | ---- | C] () -- C:\Windows\ODBC.INI [2011/01/21 22:57:05 | 000,338,944 | ---- | C] () -- C:\Windows\SysWow64\lffpx7.dll [2011/01/21 22:57:04 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\lfkodak.dll [2011/01/21 22:00:41 | 000,868,794 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/01/13 17:21:42 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2011/01/13 17:16:02 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys [2011/01/13 16:36:57 | 000,072,304 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe [2009/08/27 02:04:14 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe [2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\Windows\SysWow64\REPUTIL.DLL [color=#E56717]========== LOP Check ==========[/color] [2011/11/11 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Auslogics [2011/03/12 15:58:05 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011/03/29 06:20:19 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\HandBrake [2011/10/24 18:30:23 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\LEGO Company [2011/03/29 20:14:16 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\mkvtoolnix [2011/01/25 20:58:35 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Mp3tag [2011/01/22 17:12:35 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\runic games [2011/01/24 22:55:34 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011/09/24 19:12:05 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Stardock [2011/09/29 06:13:50 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\The Master Genealogist v7 [2011/01/21 20:15:51 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Thunderbird [2011/03/17 18:52:56 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\XMedia Recode [2011/11/07 06:39:17 | 000,028,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011/11/18 07:17:59 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 458ed6c8-2011-4952-9740-3cb2b9799221.job [2011/10/25 01:00:00 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9f64da95-393f-4f4f-a13d-50adb58649bb.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 494 bytes -> C:\Users\Mike\Documents\eBayWinSingular.eml:OECustomProperty @Alternate Data Stream - 494 bytes -> C:\Users\Mike\Documents\eBayWinMultiple.eml:OECustomProperty < End of report >