[code] OTS logfile created on: 12/5/2011 9:32:49 AM - Run 1 OTS by OldTimer - Version 3.1.46.0 Folder = C:\Users\Heintje\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 72.00% Memory free 16.00 Gb Paging File | 13.00 Gb Available in Paging File | 84.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.07 Gb Total Space | 404.88 Gb Free Space | 89.76% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded Drive I: | 1862.36 Gb Total Space | 1619.93 Gb Free Space | 86.98% Space Free | Partition Type: FAT32 Computer Name: HEINTJE-PC Current User Name: Heintje Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\Heintje\Desktop\OTS.exe -> [2011/12/05 09:30:59 | 000,646,144 | ---- | M] (OldTimer Tools) mscorsvw.exe -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) shwiconxp9106.exe -> C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe -> [2009/07/17 17:07:58 | 000,237,568 | ---- | M] (Alcor Micro Corp.) pdvddxsrv.exe -> C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe -> [2009/06/24 21:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) docklogin.exe -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2009/06/09 11:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) acrotray.exe -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe -> [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) es1000server.exe -> C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Server.exe -> [2008/04/11 14:29:10 | 000,043,008 | ---- | M] (Electronics for Imaging, Inc.) es1000service.exe -> C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe -> [2008/04/11 14:29:10 | 000,009,216 | ---- | M] (Electronics for Imaging, Inc.) [Modules - No Company Name] [Win32 Services - Safe List] 64bit-(FLEXnet Licensing Service 64) [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -> [2011/12/03 10:55:18 | 001,038,088 | ---- | M] (Acresso Software Inc.) 64bit-(NisSrv) [On_Demand | Running] -> C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -> [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) 64bit-(MsMpSvc) [Auto | Running] -> C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) 64bit-(WinDefend) [On_Demand | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) 64bit-(AppMgmt) [On_Demand | Stopped] -> C:\Windows\SysNative\appmgmts.dll -> [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) 64bit-(AMD External Events Utility) [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2009/06/15 13:12:10 | 000,203,264 | ---- | M] (AMD) 64bit-(DockLoginService) [Auto | Running] -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2009/06/09 11:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) 64bit-(AERTFilters) [Auto | Running] -> C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -> [2009/03/31 17:01:34 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) (FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2011/12/03 10:54:09 | 000,655,624 | ---- | M] (Acresso Software Inc.) (clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Running] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) (RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2009/06/26 12:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) (Adobe Version Cue CS4) Adobe Version Cue CS4 [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -> [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) (EFI ES1000) EFI ES1000 [Auto | Running] -> C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe -> [2008/04/11 14:29:10 | 000,009,216 | ---- | M] (Electronics for Imaging, Inc.) [Driver Services - Safe List] 64bit-(NuidFltr) NUID filter driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nuidfltr.sys -> [2011/08/10 16:40:58 | 000,023,960 | ---- | M] (Microsoft Corporation) 64bit-(Point64) Microsoft IntelliPoint Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\point64.sys -> [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) 64bit-(dc3d) MS Hardware Device Detection Driver (USB) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\dc3d.sys -> [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) 64bit-(NisDrv) Microsoft Network Inspection System [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\NisDrvWFP.sys -> [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) 64bit-(k57nd60a) Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\k57nd60a.sys -> [2009/08/06 11:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation) 64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) 64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) 64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) 64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) 64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) 64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) 64bit-(PxHlpa64) PxHlpa64 [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\PxHlpa64.sys -> [2009/07/09 05:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) 64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/06/15 13:48:00 | 006,031,872 | ---- | M] (ATI Technologies Inc.) 64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) 64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) 64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) 64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) 64bit-(iaStor) iaStor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2009/06/04 21:54:36 | 000,408,600 | ---- | M] (Intel Corporation) 64bit-(adfs) adfs [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\adfs.sys -> [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) 64bit-(WDC_SAM) WD SCSI Pass Thru driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\wdcsam64.sys -> [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) (WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) (RxFilter) RxFilter [File_System | System | Stopped] -> C:\Windows\SysWOW64\drivers\RxFilter.sys -> [2009/06/26 11:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) (adfs) adfs [Kernel | Auto | Running] -> C:\Windows\SysWow64\drivers\adfs.sys -> [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Registry - All] < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\System32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 64bit-HKEY_USERS\S-1-5-19\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysNative\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/20 00:40:49 | 012,370,944 | ---- | M] (Microsoft Corporation) HKEY_USERS\S-1-5-19\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysWOW64\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/19 23:35:00 | 010,990,080 | ---- | M] (Microsoft Corporation) < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 64bit-HKEY_USERS\S-1-5-20\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysNative\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/20 00:40:49 | 012,370,944 | ---- | M] (Microsoft Corporation) HKEY_USERS\S-1-5-20\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysWOW64\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/19 23:35:00 | 010,990,080 | ---- | M] (Microsoft Corporation) < Internet Explorer Settings [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: Main\\"Default_Page_URL" -> http://g.msn.com/USCON/23 -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: Main\\"Local Page" -> C:\Windows\system32\blank.htm -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: Main\\"Start Page" -> http://www.google.ca/ -> 64bit-HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysNative\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/20 00:40:49 | 012,370,944 | ---- | M] (Microsoft Corporation) HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysWOW64\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/19 23:35:00 | 010,990,080 | ---- | M] (Microsoft Corporation) HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: "ProxyEnable" -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> < FireFox Extensions [User Folders] > -> < HOSTS File > ([2009/06/10 16:00:26 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> Reset Hosts < 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/12/22 15:56:11 | 000,043,520 | ---- | M] (Sun Microsystems, Inc.) < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 13:07:26 | 000,075,128 | ---- | M] (Adobe Systems Incorporated) {5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [Search Helper] -> [2009/01/14 18:49:24 | 000,092,504 | ---- | M] (Microsoft Corp.) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation) {AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe PDF Conversion Toolbar Helper] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/12/22 15:55:46 | 000,041,368 | ---- | M] (Sun Microsystems, Inc.) {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation) {F4971EE7-DAA0-4053-9964-665D8EE6A077} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [SmartSelect Class] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) < 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation) "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe PDF] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation) WebBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe PDF] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "IntelliPoint" -> C:\Program Files\Microsoft IntelliPoint\ipoint.exe ["C:\Program Files\Microsoft IntelliPoint\ipoint.exe"] -> [2011/08/01 15:59:06 | 002,417,032 | ---- | M] (Microsoft Corporation) "itype" -> C:\Program Files\Microsoft IntelliType Pro\itype.exe ["C:\Program Files\Microsoft IntelliType Pro\itype.exe"] -> [2011/08/10 16:40:58 | 001,873,256 | ---- | M] (Microsoft Corporation) "MSC" -> C:\Program Files\Microsoft Security Client\msseces.exe ["C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2011/06/15 14:35:24 | 001,436,736 | ---- | M] (Microsoft Corporation) "RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] -> [2009/05/23 03:20:30 | 007,833,120 | ---- | M] (Realtek Semiconductor) "Skytel" -> [C:\Program Files\Realtek\Audio\HDA\Skytel.exe] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "" -> [] -> File not found "Acrobat Assistant 8.0" -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe ["C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"] -> [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) "Adobe Acrobat Speed Launcher" -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe ["C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"] -> [2008/06/12 02:25:18 | 000,037,232 | ---- | M] (Adobe Systems Incorporated) "Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/02/27 18:10:28 | 000,035,696 | ---- | M] (Adobe Systems Incorporated) "Adobe_ID0ENQBO" -> C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE] -> [2008/08/15 05:46:20 | 000,378,224 | ---- | M] (Adobe Systems Incorporated) "AdobeCS4ServiceManager" -> C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe ["C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin] -> [2008/08/14 07:58:34 | 000,611,712 | ---- | M] (Adobe Systems Incorporated) "PDVDDXSrv" -> C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe ["C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"] -> [2009/06/24 21:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) "ShwiconXP9106" -> C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe] -> [2009/07/17 17:07:58 | 000,237,568 | ---- | M] (Alcor Micro Corp.) "StartCCC" -> c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2009/06/14 22:24:20 | 000,098,304 | ---- | M] (Advanced Micro Devices, Inc.) "SunJavaUpdateSched" -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe ["C:\Program Files (x86)\Java\jre6\bin\jusched.exe"] -> [2009/12/22 15:55:46 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) < RunOnceEx [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx -> "ContentMerger" -> c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe [c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe] -> [2009/06/26 12:09:14 | 000,019,952 | ---- | M] (Sonic Solutions) < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/13 20:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/13 20:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) < RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found < Run [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "RESTART_STICKY_NOTES" -> [C:\Windows\System32\StikyNot.exe] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoActiveDesktop" -> [1] -> File not found \\"NoActiveDesktopChanges" -> [1] -> File not found \\"ForceActiveDesktopOn" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [5] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found \\"EnableInstallerDetection" -> [1] -> File not found \\"EnableLUA" -> [1] -> File not found \\"EnableSecureUIAPaths" -> [1] -> File not found \\"EnableUIADesktopToggle" -> [0] -> File not found \\"EnableVirtualization" -> [1] -> File not found \\"PromptOnSecureDesktop" -> [1] -> File not found \\"ValidateAdminCodeSignatures" -> [0] -> File not found \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"scforceoption" -> [0] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found \\"FilterAdministratorToken" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats \UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" -> [1] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" -> [2] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" -> [7] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_DIB" -> [8] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" -> [9] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" -> [13] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" -> [17] -> File not found < 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\Software\Microsoft\Internet Explorer\MenuExt\ -> Append Link Target to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) Append to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) Convert Link Target to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) Convert to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\Software\Microsoft\Internet Explorer\MenuExt\ -> Append Link Target to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) Append to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) Convert Link Target to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) Convert to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation) {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation) < 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < 64bit-Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab [Java Plug-in 1.6.0_14] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.0.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {C5A5E279-4C9D-490D-8755-9D8C2A4DDBD8}\\DhcpNameServer -> 192.168.0.1 (Broadcom NetLink (TM) Gigabit Ethernet) -> < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> 64bit-*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\Windows\system32\userinit.exe -> C:\Windows\SysNative\userinit.exe -> [2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> 64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/13 20:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> userinit.exe -> C:\Windows\SysWow64\userinit.exe -> [2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\SysWow64\SystemPropertiesPerformance.exe -> [2009/07/13 20:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> 64bit-*SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> credssp.dll -> C:\Windows\SysNative\credssp.dll -> [2009/07/13 20:40:23 | 000,020,480 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> credssp.dll -> C:\Windows\SysWow64\credssp.dll -> [2009/07/13 20:15:07 | 000,016,896 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> 64bit-*LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> C:\Windows\SysNative\msv1_0.dll -> [2009/09/10 01:28:22 | 000,311,808 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> C:\Windows\SysWow64\msv1_0.dll -> [2009/09/10 00:52:05 | 000,257,024 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> 64bit-*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> C:\Windows\SysNative\kerberos.dll -> [2010/12/18 01:11:34 | 000,714,752 | ---- | M] (Microsoft Corporation) msv1_0 -> C:\Windows\SysNative\msv1_0.dll -> [2009/09/10 01:28:22 | 000,311,808 | ---- | M] (Microsoft Corporation) schannel -> C:\Windows\SysNative\schannel.dll -> [2010/08/21 01:36:49 | 000,340,992 | ---- | M] (Microsoft Corporation) wdigest -> C:\Windows\SysNative\wdigest.dll -> [2009/07/13 20:41:56 | 000,210,432 | ---- | M] (Microsoft Corporation) tspkg -> C:\Windows\SysNative\tspkg.dll -> [2009/07/13 20:41:55 | 000,086,016 | ---- | M] (Microsoft Corporation) pku2u -> C:\Windows\SysNative\pku2u.dll -> [2009/07/13 20:41:53 | 000,240,640 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> C:\Windows\SysWow64\kerberos.dll -> [2010/12/18 00:29:31 | 000,541,184 | ---- | M] (Microsoft Corporation) msv1_0 -> C:\Windows\SysWow64\msv1_0.dll -> [2009/09/10 00:52:05 | 000,257,024 | ---- | M] (Microsoft Corporation) schannel -> C:\Windows\SysWow64\schannel.dll -> [2010/08/21 00:36:24 | 000,224,256 | ---- | M] (Microsoft Corporation) wdigest -> C:\Windows\SysWow64\wdigest.dll -> [2009/07/13 20:16:18 | 000,171,520 | ---- | M] (Microsoft Corporation) tspkg -> C:\Windows\SysWow64\tspkg.dll -> [2009/07/13 20:16:16 | 000,065,024 | ---- | M] (Microsoft Corporation) pku2u -> C:\Windows\SysWow64\pku2u.dll -> [2009/07/13 20:16:12 | 000,186,880 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {095E0F49-5EF4-4DCE-81B7-F9CBF2040B89} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | {124217AE-8820-42CE-8B17-C15CF2194D3D} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave | {15947838-9374-416D-BC40-64FAA173A8D1} -> lport=3704 | profile=private | protocol=6 | dir=in | action=allow | name=adobe version cue cs4 server | {1777B2AE-4525-455D-882D-0680FAF46CFE} -> lport=5353 | profile=private | protocol=6 | dir=in | action=allow | name=adobe csi cs4 | {1CE543EE-00FF-44DB-AB7A-DDEA58DB99F5} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | {3133FE92-8D92-4815-A2E5-097C159C04CB} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {3351694E-591F-4482-8088-4777F7360F42} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | {3554250A-41D8-40A9-B8B8-8BD18203598F} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv | {37C2A58A-B811-4C08-A4C6-7BFF7EBA9848} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31289 | app=system | {4283A59C-2C11-48D8-B461-D0DDBDCF7C4B} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | {449F566D-1FED-448C-B8AE-F35D2EC012F8} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31285 | app=system | {54816172-EA81-49B1-99F8-0C830137082E} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {60ABB330-05CD-4345-A64F-1E20FE8C848C} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave | {615FF2C3-0679-40B5-B188-8734E3F9E189} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | {6262D80E-72C8-429E-89CE-4E087D773A8B} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave | {62CF289E-4EC3-4ADC-ADDE-8CD56DA025D5} -> lport=3703 | profile=private | protocol=6 | dir=in | action=allow | name=adobe version cue cs4 server | {62F635BB-A870-420E-AD6B-CC6924BAFB39} -> lport=51001 | profile=private | protocol=6 | dir=in | action=allow | name=adobe version cue cs4 server | {901FC0E8-0136-4BDA-A79C-3D7FCB2DA49B} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | {9125298D-36AD-48BB-918D-192BC7B4FD94} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave | {99E773A5-7D44-4CF1-BBA4-99354280A290} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {9C225DCC-54F6-4D39-95A5-2CF642B6A54E} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | {9C73E5C0-D9A4-4BB5-B1AC-F28CA9CD0686} -> lport=51000 | profile=private | protocol=6 | dir=in | action=allow | name=adobe version cue cs4 server | {AADDC092-A562-45EE-8DBA-57EE9514B2C8} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | {B4A842D6-70A5-46DB-B189-1BCE01D6AC54} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31277 | app=system | {D343A60B-494F-4D46-B796-3403700AC79A} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | {E03F43F7-BD16-4733-9D3E-796B0A623A94} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | {F1FB15C9-A3EF-438A-B08F-E92644CA8880} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {F516A9C6-D0D3-4A36-9C75-49A53A7601F8} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system | < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {0B11B61C-5751-47FF-A072-D9B94CD6324A} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31297 | app=%programfiles%\windows media player\wmplayer.exe | {194B84B7-B1DB-493E-A939-8D59E3B6AD7C} -> dir=in | action=allow | name=cyberlink powerdvd dx | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe | {1ABEBF33-77F1-45B8-865B-9D0E99145325} -> profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-31313 | app=%programfiles%\windows media player\wmpnetwk.exe | {2A782777-1D9A-47BB-B06B-4698FDD08B0F} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31003 | app=%programfiles%\windows media player\wmplayer.exe | {329E0801-7DD4-4C2B-810B-3E2841EFA843} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {37AF2AB5-C7CB-4225-8C13-1EF1A2BBA1BB} -> profile=private | protocol=17 | dir=in | action=allow | name=adobe version cue cs4 server | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe | {4D37DAE9-98E0-4C4D-86C2-CEC9447829EC} -> profile=private | protocol=6 | dir=in | action=allow | name=adobe csi cs4 | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | {54E2DF0D-5F00-4044-BFD0-4F7FE85E4013} -> dir=in | action=allow | name=cyberlink powerdvd dx resident program | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe | {557D73C4-C88E-4887-ACFA-3E9D9D1B8DCC} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31305 | app=%programfiles%\windows media player\wmpnetwk.exe | {5D5790BC-01C5-4590-8E06-DAAEECA47C9D} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | {6259DCE5-A66A-4364-A4A2-55474BD812C4} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | {79A9670E-4737-46A5-9F78-C9C7263F2F32} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {86475A40-0AF4-4CEE-995D-1B818DA5A893} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31011 | app=%programfiles%\windows media player\wmplayer.exe | {872D9AE8-10BF-4818-8C2B-C6111D244540} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31301 | app=%programfiles%\windows media player\wmplayer.exe | {8B98A53A-2CCB-42EB-8D32-2F2696F5A3AD} -> profile=private | protocol=6 | dir=in | action=allow | name=adobe version cue cs4 server | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe | {8E4437DA-A5CC-419C-88D8-65514A1A362D} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | {8F98E62B-A68E-4AD9-82BF-4E0B24C46C0F} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31317 | app=%programfiles%\windows media player\wmpnetwk.exe | {9E326FB7-535E-4127-B3BB-E2817EB7A0C6} -> dir=in | action=allow | name=windows live sync | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | {A359A936-1FEE-4B17-8C96-BD68030AA1FD} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31293 | app=%programfiles%\windows media player\wmplayer.exe | {A8677778-7117-4CB6-B551-087629EE825E} -> profile=domain | dir=in | action=allow | name=mcafee network agent | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | {AE31C8B1-13A1-48E2-A058-736DBA59ED0A} -> profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe | {AE936A5D-00B1-4749-8300-2E38F561C7BD} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31309 | app=%programfiles%\windows media player\wmpnetwk.exe | {B6B729F3-D536-4CD8-A777-13D8053B89F2} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost | {C8EDE9F7-6566-471C-B569-9A3D9126B329} -> profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-31007 | app=%programfiles%\windows media player\wmplayer.exe | {CB541C6E-21B6-4755-BE10-5620059A9D96} -> profile=private | protocol=17 | dir=in | action=allow | name=adobe csi cs4 | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | {CDC7D7A5-376C-4308-8855-7A9B3CF1EB58} -> profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-31281 | app=system | {E08E5825-D045-488C-902D-4C408CE9C1EA} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | {F8A9F517-FE09-4798-B118-D904AAF5BF85} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | {F9673B52-EFD9-442A-B8AA-4DAD555C61A6} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/13 18:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> 64bit-comfile [open] -> "%1" %* 64bit-exefile [open] -> "%1" %* comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> AppMgmt -> C:\Windows\SysNative\appmgmts.dll -> [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> 64bit-batfile [open] -> "%1" %* 64bit-cmdfile [open] -> "%1" %* 64bit-comfile [open] -> "%1" %* 64bit-exefile [open] -> "%1" %* 64bit-htmlfile [print] -> rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" 64bit-inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/13 20:39:13 | 000,010,240 | ---- | M] (Microsoft Corporation) 64bit-InternetShortcut [open] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l -> [2009/07/13 20:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) 64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2009/07/13 20:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) 64bit-piffile [open] -> "%1" %* 64bit-scrfile [config] -> "%1" 64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l 64bit-scrfile [open] -> "%1" /S 64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/13 20:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation) 64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) 64bit-Folder [open] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) 64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2009/07/13 20:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation) exefile [open] -> "%1" %* -> htmlfile [print] -> rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" -> inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/13 20:14:21 | 000,009,216 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/13 20:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) Folder [open] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) < 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {02AD9D20-03D2-4DE0-8793-E8253026AD86} -> EMCGadgets64 {05BFB060-4F22-4710-B0A2-2801A1B606C5} -> Microsoft Antimalware {257F446A-01ED-739C-16B8-237498DEDDDF} -> ccc-utility64 {26A24AE4-039D-4CA4-87B4-2F86416014FF} -> Java(TM) 6 Update 14 (64-bit) {295CFB7C-A57E-4313-93E7-68E7CE1D0332} -> Adobe WinSoft Linguistics Plugin x64 {2D74E972-5A85-44DC-9193-8A302BA8C181} -> Photoshop Camera Raw_x64 {42738DB0-FC3E-4672-A99B-9372F5696E30} -> Microsoft Security Client {60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} -> Roxio File Backup {624C7F0A-89B2-4C49-9CAB-9D69613EC95A} -> Microsoft IntelliPoint 8.2 {6631325A-9B1B-4EE7-8E64-8CC4A6F10643} -> Adobe Fonts All x64 {8219EDCB-CE5A-4348-B056-AAC0FE4E99D0} -> Microsoft IntelliType Pro 8.2 {8875A1C0-6308-4790-8CF6-D34E89880052} -> Adobe Linguistics CS4 x64 {887797BF-37A5-4199-B0C9-0D38D6196E9A} -> Adobe Anchor Service x64 CS4 {8C8D673B-20FB-43E6-BCB7-9B3F78F2E762} -> Adobe Type Support x64 CS4 {8DAA31EB-6830-4006-A99F-4DF8AB24714F} -> Adobe CSI CS4 x64 {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05} -> Dell Edoc Viewer {90BA8112-80B3-4617-A3C1-BD2771B60F74} -> Adobe CMaps x64 CS4 {95120000-00B9-0409-1000-0000000FF1CE} -> Microsoft Application Error Reporting {A3454894-144A-4D80-B605-C128FE0D7329} -> Adobe Drive CS4 x64 {B37A99DD-88E2-4ED0-80B4-1E054AB354BF} -> Adobe InDesign CS4 Icon Handler x64 {D40172D6-CE2D-4B72-BF5F-26A04A900B7B} -> Adobe Photoshop CS4 (64 Bit) {DB9C43F7-0B0F-4E43-9E6B-F945C71C469E} -> VD64Inst {DFFABE78-8173-4E97-9C5C-22FB26192FC5} -> Adobe PDF Library Files x64 CS4 {E60B7350-EA5F-41E0-9D6F-E508781E36D2} -> Dell Dock {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} -> Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile -> Microsoft .NET Framework 4 Client Profile Microsoft IntelliPoint 8.2 -> Microsoft IntelliPoint 8.2 Microsoft IntelliType Pro 8.2 -> Microsoft IntelliType Pro 8.2 Microsoft Security Client -> Microsoft Security Essentials < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {00ADFB20-AE75-46F4-AD2C-F48B15AC3100} -> Adobe Color NA Recommended Settings CS4 {0301AC02-D87B-27E9-9429-7E4BB52D9183} -> CCC Help German {03DEEAD2-F3B7-45BF-9006-A25D015F00D2} -> Adobe Flash Player 10 Plugin {05308C4E-7285-4066-BAE3-6B50DA6ED755} -> Adobe Update Manager CS4 {054EFA56-2AC1-48F4-A883-0AB89874B972} -> Adobe Extension Manager CS4 {055EE59D-217B-43A7-ABFF-507B966405D8} -> ATI Catalyst Control Center {08E81ABD-79F7-49C2-881F-FD6CB0975693} -> Roxio Central Data {098122AB-C605-4853-B441-C0A4EB359B75} -> DirectXInstallService {098727E1-775A-4450-B573-3F441F1CA243} -> kuler {0D6013AB-A0C7-41DC-973C-E93129C9A29F} -> Adobe Color JA Extra Settings CS4 {0F723FC1-7606-4867-866C-CE80AD292DAF} -> Adobe CSI CS4 {1350DD04-57AD-6278-3F4D-D4281EEE7C5C} -> Catalyst Control Center Graphics Full New {15BC8CD0-A65B-47D0-A2DD-90A824590FA8} -> Microsoft Works {15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B} -> Adobe SGM CS4 {1618734A-3957-4ADD-8199-F973763109A8} -> Adobe Anchor Service CS4 {16E16F01-2E2D-4248-A42F-76261C147B6C} -> Adobe Drive CS4 {16E6D2C1-7C90-4309-8EC4-D2212690AAA4} -> AdobeColorCommonSetRGB {178832DE-9DE0-4C87-9F82-9315A9B03985} -> Windows Live Writer {197A3012-8C85-4FD3-AB66-9EC7E13DB92E} -> Adobe AIR {1A6842E0-3047-BD62-9A28-5A7743D88E2A} -> Catalyst Control Center InstallProxy {1B7C06E1-4888-47A6-992A-0990B9683486} -> Adobe Version Cue CS4 Server {1DCA3EAA-6EB5-4563-A970-EA14D75037BA} -> Adobe InDesign CS4 {1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1} -> Adobe InDesign CS4 Icon Handler {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4} -> Roxio Central Tools {205C6BDD-7B73-42DE-8505-9A093F35A238} -> Windows Live Upload Tool {2168245A-B5AD-40D8-A641-48E3E070B5B6} -> Adobe Flash CS4 STI-en {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT {26A24AE4-039D-4CA4-87B4-2F83216014FF} -> Java(TM) 6 Update 14 {2BAF2B96-7560-48B4-87D4-10178DDBE217} -> Adobe InDesign CS4 Application Feature Set Files (Roman) {30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Roxio Update Manager {305CAF40-92F0-12ED-8B28-926B011788E4} -> CCC Help Spanish {30C8AA56-4088-426F-91D1-0EDFD3A25678} -> Adobe Dreamweaver CS4 {34D6DE28-4FD0-9CCA-CDB4-316F7B3B30B5} -> CCC Help Portuguese {35D94F92-1D3A-43C5-8605-EA268B1A7BD9} -> PDF Settings CS4 {39F6E2B4-CFE8-C30A-66E8-489651F0F34C} -> Adobe Media Player {3A4E8896-C2E7-4084-A4A4-B8FD1894E739} -> Adobe XMP Panels CS4 {3A6829EF-0791-4FDD-9382-C690DD0821B9} -> Adobe Flash Player 10 ActiveX {3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform {3D2C9DE6-9ADE-4252-A241-E43723B0CE02} -> Adobe Color - Photoshop Specific CS4 {3D5044A5-97B8-45C0-B956-BB2376569188} -> Windows Live Movie Maker {3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF} -> Adobe WinSoft Linguistics Plugin {428FDF9F-E010-4C4C-A8BB-156960AFCA1C} -> Adobe Fireworks CS4 {43509E18-076E-40FE-AF38-CA5ED400A5A9} -> Pixel Bender Toolkit {45338B07-A236-4270-9A77-EBB4115517B5} -> Windows Live Sign-in Assistant {4943EFF5-229F-435D-BEA9-BE3CAEA783A7} -> Adobe Service Manager Extension {4A52555C-032A-4083-BDD9-6A85ABFB39A8} -> Adobe SING CS4 {5089AEEE-052D-B75F-0B92-7CF981403025} -> Catalyst Control Center Graphics Light {537BF16E-7412-448C-95D8-846E85A1D817} -> Roxio Easy CD and DVD Burning {54741B98-6335-43A1-C716-25B0A3C4016C} -> Catalyst Control Center Graphics Previews Common {5570C7F0-43D0-4916-8A9E-AEDD52FA86F4} -> Adobe Color EU Extra Settings CS4 {5A06423A-210C-49FB-950E-CB0EB8C5CEC7} -> Roxio BackOnTrack {5B94A120-16E7-6034-7494-22285B471EDE} -> CCC Help Hungarian {60DB5894-B5A1-4B62-B0F3-669A22C0EE5D} -> Adobe Dynamiclink Support {612B5D2E-8084-4102-91DE-24281E4EFB2C} -> Roxio Easy CD and DVD Burning {63C24A08-70F3-4C8E-B9FB-9F21A903801D} -> Adobe Color Video Profiles CS CS4 {63E5CDBF-8214-4F03-84F8-CD3CE48639AD} -> Adobe Photoshop CS4 Support {6412CECE-8172-4BE5-935B-6CECACD2CA87} -> Windows Live Mail {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Roxio Express Labeler 3 {67F0E67A-8E93-4C2C-B29D-47C48262738A} -> Adobe Device Central CS4 {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} -> PowerDVD DX {68243FF8-83CA-466B-B2B8-9F99DA5479C4} -> AdobeColorCommonSetCMYK {6E9D082B-F681-64AB-48B4-F3EC05D3A83F} -> CCC Help Chinese Traditional {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83} -> Roxio Central Audio {793D1D88-6141-43DE-BE58-59BCE31B4090} -> Adobe Flash CS4 Extension - Flash Lite STI en {7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C} -> Adobe InDesign CS4 Common Base Files {7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045} -> Dell Getting Started Guide {81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} -> Windows Live Essentials {8186FF34-D389-4B7E-9A2F-C197585BCFBD} -> Adobe Media Encoder CS4 Importer {81CB0C83-5928-3387-AB23-10EC5F767FA8} -> CCC Help Turkish {820D3F45-F6EE-4AAF-81EF-CE21FF21D230} -> Adobe Type Support CS4 {837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable {83877DB1-8B77-45BC-AB43-2BAC22E093E0} -> Adobe Bridge CS4 {842B4B72-9E8F-4962-B3C1-1C422A5C4434} -> Suite Shared Configuration CS4 {846B1C55-76D0-0DA3-8C12-10596CBB15BD} -> CCC Help Italian {846D0802-8606-7452-85FF-A71EB1B8AD6D} -> Catalyst Control Center Localization All {84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1} -> Windows Live Sync {87532CAB-7932-4F84-8937-823337622807} -> Adobe Illustrator CS4 {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight {8A74E887-8F0F-4017-AF53-CBA42211AAA5} -> Microsoft Sync Framework Runtime Native v1.0 (x86) {8D337F77-BE7F-41A2-A7CB-D5A63FD7049B} -> Sonic CinePlayer Decoder Pack {8DCE118A-1F3C-B056-D2A8-F832523C357C} -> CCC Help English {90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system {931AB7EA-3656-4BB7-864D-022B09E3DD67} -> Adobe Linguistics CS4 {94D398EB-D2FD-4FD1-B8C4-592635E8A191} -> Adobe CMaps CS4 {95120000-00AF-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (English) {96B1A291-2654-4415-59B4-AC90D29C3E1E} -> Catalyst Control Center Core Implementation {995F1E2E-F542-4310-8E1D-9926F5A279B3} -> Windows Live Toolbar {9A968BD3-88AF-B4D0-CA9A-78F4EF9FA23B} -> CCC Help Chinese Standard {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} -> Microsoft Search Enhancement Pack {9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400} -> Multimedia Card Reader {A128921B-D03F-4BFB-8141-C365AA48D660} -> Adobe Setup {A2881E09-38DB-4F79-9135-00FDA01768A7} -> Adobe Creative Suite 4 Design Premium {A52D8A45-B3A1-0022-B096-A0033B03E01F} -> Catalyst Control Center Graphics Full Existing {A69D7B32-2BE9-42BF-B576-69B5E0FF7394} -> Catalyst Control Center - Branding {A85FD55B-891B-4314-97A5-EA96C0BD80B5} -> Windows Live Messenger {AC76BA86-1033-F400-7760-000000000004} -> Adobe Acrobat 9 Pro - English, Français, Deutsch {AC76BA86-7AD7-1033-7B44-A91000000001} -> Adobe Reader 9.1.2 {AE3BFAC5-A07A-7845-C576-0CB832E4B0AD} -> Skins {B29AD377-CC12-490A-A480-1452337C618D} -> Connect {B4ECB428-6A8D-8D53-4E76-1CEE7AC4BF32} -> CCC Help French {B65BA85C-0A27-4BC0-A22D-A66F0E5B9494} -> Adobe Photoshop CS4 {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD} -> Roxio Central Copy {B76D6D09-16D6-DF95-F7D7-2565E88B88BA} -> Catalyst Control Center Graphics Previews Vista {B9F4561A-924D-4510-A85A-BB0960C338CB} -> Adobe Asset Services CS4 {BB4E33EC-8181-4685-96F7-8554293DEC6A} -> Adobe Output Module {BD3E0D67-D90D-3CA6-DE34-22B56D425136} -> CCC Help Japanese {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} -> Microsoft Sync Framework Services Native v1.0 (x86) {C52E3EC1-048C-45E1-8D53-10B0C6509683} -> Adobe Default Language CS4 {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B} -> Acrobat.com {CAADA7C7-23DA-455C-BB38-0DA4BEBA2800} -> Command WorkStation 5.1.1.04 {CC75AB5C-2110-4A7F-AF52-708680D22FE8} -> Photoshop Camera Raw {D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA} -> Windows Live Photo Gallery {DEB90B8E-0DCB-48CE-B90E-8842A2BD643E} -> Adobe Media Encoder CS4 {E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update {EC877639-07AB-495C-BFD1-D63AF9140810} -> Roxio Activation Module {ED439A64-F018-4DD4-8BA5-328D85AB09AB} -> Roxio Central Core {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU] {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard {F0E64E2E-3A60-40D8-A55D-92F6831875DA} -> Adobe Search for Help {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver {F6BD194C-4190-4D73-B1B1-C48C99921BFE} -> Windows Live Call {F6E99614-F042-4459-82B7-8B38B2601356} -> Adobe Flash CS4 {F8B250A2-582A-6C80-108F-AA68E64A6F03} -> CCC Help Korean {F8EF2B3F-C345-4F20-8FE4-791A20333CD5} -> Adobe ExtendScript Toolkit CS4 {F93C84A6-0DC6-42AF-89FA-776F7C377353} -> Adobe PDF Library Files CS4 {FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794} -> Adobe Fonts All {FD040188-43B3-2C49-A8BF-5B0458031AED} -> ccc-core-static {FDB46DE7-9045-47BB-970A-3E4ED5369E03} -> EMC 10 Content Adobe AIR -> Adobe AIR Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe_55230b0b70661df0f212e88f0b655f7 -> Adobe Creative Suite 4 Design Premium com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Adobe Media Player com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Acrobat.com InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400} -> Multimedia Card Reader WinLiveSuite_Wave3 -> Windows Live Essentials [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Users\Heintje\Desktop\OTS.exe -> [2011/12/05 09:30:22 | 000,646,144 | ---- | C] (OldTimer Tools) PM4_64bit -> C:\Users\Heintje\Desktop\PM4_64bit -> [2011/12/05 08:21:15 | 000,000,000 | ---D | C] Xerox -> C:\Users\Heintje\AppData\Roaming\Xerox -> [2011/12/05 08:09:26 | 000,000,000 | ---D | C] Xerox -> C:\ProgramData\Xerox -> [2011/12/05 08:08:41 | 000,000,000 | ---D | C] Xerox -> C:\Xerox -> [2011/12/05 08:00:44 | 000,000,000 | ---D | C] Microsoft Security Client -> C:\Program Files (x86)\Microsoft Security Client -> [2011/12/05 07:35:52 | 000,000,000 | ---D | C] Microsoft Security Client -> C:\Program Files\Microsoft Security Client -> [2011/12/05 07:35:37 | 000,000,000 | ---D | C] netio.sys -> C:\Windows\SysNative\drivers\netio.sys -> [2011/12/05 07:35:22 | 000,374,664 | ---- | C] (Microsoft Corporation) MCPR.exe -> C:\Users\Heintje\Desktop\MCPR.exe -> [2011/12/05 07:11:38 | 001,832,544 | ---- | C] (McAfee, Inc.) Microsoft.NET -> C:\Program Files (x86)\Microsoft.NET -> [2011/12/05 07:01:02 | 000,000,000 | ---D | C] MSXML 4.0 -> C:\Program Files (x86)\MSXML 4.0 -> [2011/12/03 11:29:41 | 000,000,000 | ---D | C] Wat -> C:\Windows\SysWow64\Wat -> [2011/12/03 11:28:46 | 000,000,000 | ---D | C] Wat -> C:\Windows\SysNative\Wat -> [2011/12/03 11:28:46 | 000,000,000 | ---D | C] mseinstall.exe -> C:\Users\Heintje\Desktop\mseinstall.exe -> [2011/12/03 11:26:06 | 010,165,440 | ---- | C] (Microsoft Corporation) FLEXnet -> C:\ProgramData\FLEXnet -> [2011/12/03 11:10:36 | 000,000,000 | ---D | C] Adobe -> C:\Program Files\Adobe -> [2011/12/03 11:09:50 | 000,000,000 | ---D | C] ALM -> C:\ProgramData\ALM -> [2011/12/03 11:07:00 | 000,000,000 | ---D | C] AdobePDFUI.dll -> C:\Windows\SysNative\AdobePDFUI.dll -> [2011/12/03 11:02:39 | 000,024,416 | R--- | C] (Adobe Systems Inc.) CSC -> C:\Windows\CSC -> [2011/12/03 11:00:25 | 000,000,000 | ---D | C] System Volume Information -> C:\System Volume Information -> [2011/12/03 10:58:39 | 000,000,000 | -HSD | C] Adobe Media Player -> C:\Program Files (x86)\Adobe Media Player -> [2011/12/03 10:57:15 | 000,000,000 | ---D | C] Adobe -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe -> [2011/12/03 10:57:15 | 000,000,000 | ---D | C] Adobe AIR -> C:\Program Files (x86)\Common Files\Adobe AIR -> [2011/12/03 10:56:27 | 000,000,000 | ---D | C] Adobe Design Premium CS4 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS4 -> [2011/12/03 10:56:12 | 000,000,000 | ---D | C] Macrovision Shared -> C:\Program Files\Common Files\Macrovision Shared -> [2011/12/03 10:55:18 | 000,000,000 | ---D | C] Adobe -> C:\Program Files\Common Files\Adobe -> [2011/12/03 10:55:18 | 000,000,000 | ---D | C] Macrovision Shared -> C:\Program Files (x86)\Common Files\Macrovision Shared -> [2011/12/03 10:54:09 | 000,000,000 | ---D | C] Identities -> C:\Users\Heintje\AppData\Roaming\Identities -> [2011/12/03 10:03:30 | 000,000,000 | ---D | C] Contacts -> C:\Users\Heintje\Contacts -> [2011/12/03 10:03:29 | 000,000,000 | R--D | C] VirtualStore -> C:\Users\Heintje\AppData\Local\VirtualStore -> [2011/12/03 10:03:26 | 000,000,000 | ---D | C] wintrust.dll -> C:\Windows\SysNative\wintrust.dll -> [2011/12/03 10:03:23 | 000,220,672 | ---- | C] (Microsoft Corporation) cabview.dll -> C:\Windows\SysNative\cabview.dll -> [2011/12/03 10:03:22 | 000,139,264 | ---- | C] (Microsoft Corporation) cabview.dll -> C:\Windows\SysWow64\cabview.dll -> [2011/12/03 10:03:22 | 000,132,608 | ---- | C] (Microsoft Corporation) Microsoft -> C:\Users\Heintje\AppData\Roaming\Microsoft -> [2011/12/03 10:02:22 | 000,000,000 | --SD | C] Videos -> C:\Users\Heintje\Videos -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Startup -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Saved Games -> C:\Users\Heintje\Saved Games -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Pictures -> C:\Users\Heintje\Pictures -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Music -> C:\Users\Heintje\Music -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Maintenance -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Links -> C:\Users\Heintje\Links -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Favorites -> C:\Users\Heintje\Favorites -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Downloads -> C:\Users\Heintje\Downloads -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Documents -> C:\Users\Heintje\Documents -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Desktop -> C:\Users\Heintje\Desktop -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Accessories -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C] Temporary Internet Files -> C:\Users\Heintje\AppData\Local\Temporary Internet Files -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] Templates -> C:\Users\Heintje\Templates -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] Start Menu -> C:\Users\Heintje\Start Menu -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] SendTo -> C:\Users\Heintje\SendTo -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] Recent -> C:\Users\Heintje\Recent -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] PrintHood -> C:\Users\Heintje\PrintHood -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] NetHood -> C:\Users\Heintje\NetHood -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] My Videos -> C:\Users\Heintje\Documents\My Videos -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] My Pictures -> C:\Users\Heintje\Documents\My Pictures -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] My Music -> C:\Users\Heintje\Documents\My Music -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] My Documents -> C:\Users\Heintje\My Documents -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] Local Settings -> C:\Users\Heintje\Local Settings -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] History -> C:\Users\Heintje\AppData\Local\History -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] Cookies -> C:\Users\Heintje\Cookies -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] Application Data -> C:\Users\Heintje\Application Data -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] Application Data -> C:\Users\Heintje\AppData\Local\Application Data -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C] AppData -> C:\Users\Heintje\AppData -> [2011/12/03 10:02:22 | 000,000,000 | -H-D | C] Temp -> C:\Users\Heintje\AppData\Local\Temp -> [2011/12/03 10:02:22 | 000,000,000 | ---D | C] Microsoft -> C:\Users\Heintje\AppData\Local\Microsoft -> [2011/12/03 10:02:22 | 000,000,000 | ---D | C] Media Center Programs -> C:\Users\Heintje\AppData\Roaming\Media Center Programs -> [2011/12/03 10:02:22 | 000,000,000 | ---D | C] dfshim.dll -> C:\Windows\SysNative\dfshim.dll -> [2011/12/03 10:02:14 | 001,942,856 | ---- | C] (Microsoft Corporation) dfshim.dll -> C:\Windows\SysWow64\dfshim.dll -> [2011/12/03 10:02:14 | 001,130,824 | ---- | C] (Microsoft Corporation) PresentationHost.exe -> C:\Windows\SysNative\PresentationHost.exe -> [2011/12/03 10:02:14 | 000,320,352 | ---- | C] (Microsoft Corporation) PresentationHost.exe -> C:\Windows\SysWow64\PresentationHost.exe -> [2011/12/03 10:02:14 | 000,295,264 | ---- | C] (Microsoft Corporation) PresentationHostProxy.dll -> C:\Windows\SysNative\PresentationHostProxy.dll -> [2011/12/03 10:02:14 | 000,109,912 | ---- | C] (Microsoft Corporation) PresentationHostProxy.dll -> C:\Windows\SysWow64\PresentationHostProxy.dll -> [2011/12/03 10:02:14 | 000,099,176 | ---- | C] (Microsoft Corporation) netfxperf.dll -> C:\Windows\SysWow64\netfxperf.dll -> [2011/12/03 10:02:14 | 000,049,472 | ---- | C] (Microsoft Corporation) netfxperf.dll -> C:\Windows\SysNative\netfxperf.dll -> [2011/12/03 10:02:14 | 000,048,960 | ---- | C] (Microsoft Corporation) Microsoft Mouse -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse -> [2011/12/03 09:58:09 | 000,000,000 | ---D | C] Microsoft IntelliPoint -> C:\Program Files\Microsoft IntelliPoint -> [2011/12/03 09:57:54 | 000,000,000 | ---D | C] Fiery -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiery -> [2011/12/03 09:52:44 | 000,000,000 | ---D | C] IscDbc.dll -> C:\Windows\SysWow64\IscDbc.dll -> [2011/12/03 09:48:46 | 000,274,432 | ---- | C] (IBPhoenix Inc.) OdbcJdbcMT.dll -> C:\Windows\SysWow64\OdbcJdbcMT.dll -> [2011/12/03 09:48:46 | 000,262,144 | ---- | C] (IBPhoenix Inc) OdbcJdbc.dll -> C:\Windows\SysWow64\OdbcJdbc.dll -> [2011/12/03 09:48:46 | 000,253,952 | ---- | C] (IBPhoenix Inc) OdbcJdbcSetup.dll -> C:\Windows\SysWow64\OdbcJdbcSetup.dll -> [2011/12/03 09:48:46 | 000,155,648 | ---- | C] (IBPhoenix Inc.) Microsoft Keyboard -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard -> [2011/12/03 09:46:56 | 000,000,000 | ---D | C] Microsoft IntelliType Pro -> C:\Program Files\Microsoft IntelliType Pro -> [2011/12/03 09:46:14 | 000,000,000 | ---D | C] Adobe -> C:\Users\Heintje\AppData\Local\Adobe -> [2011/12/03 09:38:28 | 000,000,000 | ---D | C] aksusb.sys -> C:\Windows\SysWow64\drivers\aksusb.sys -> [2011/12/03 09:34:58 | 000,019,968 | ---- | C] (Aladdin Knowledge Systems) inf -> C:\Windows\SysWow64\inf -> [2011/12/03 09:34:58 | 000,000,000 | ---D | C] spool -> C:\Windows\SysWow64\spool -> [2011/12/03 09:34:51 | 000,000,000 | ---D | C] msfeeds.dll -> C:\Windows\SysNative\msfeeds.dll -> [2011/12/03 09:34:00 | 000,703,488 | ---- | C] (Microsoft Corporation) iepeers.dll -> C:\Windows\SysNative\iepeers.dll -> [2011/12/03 09:34:00 | 000,256,000 | ---- | C] (Microsoft Corporation) iepeers.dll -> C:\Windows\SysWow64\iepeers.dll -> [2011/12/03 09:33:59 | 000,185,856 | ---- | C] (Microsoft Corporation) licmgr10.dll -> C:\Windows\SysNative\licmgr10.dll -> [2011/12/03 09:33:59 | 000,057,856 | ---- | C] (Microsoft Corporation) licmgr10.dll -> C:\Windows\SysWow64\licmgr10.dll -> [2011/12/03 09:33:59 | 000,044,544 | ---- | C] (Microsoft Corporation) ieui.dll -> C:\Windows\SysNative\ieui.dll -> [2011/12/03 09:33:58 | 000,247,808 | ---- | C] (Microsoft Corporation) ieui.dll -> C:\Windows\SysWow64\ieui.dll -> [2011/12/03 09:33:58 | 000,176,640 | ---- | C] (Microsoft Corporation) url.dll -> C:\Windows\SysNative\url.dll -> [2011/12/03 09:33:58 | 000,134,144 | ---- | C] (Microsoft Corporation) url.dll -> C:\Windows\SysWow64\url.dll -> [2011/12/03 09:33:58 | 000,132,096 | ---- | C] (Microsoft Corporation) mshtmled.dll -> C:\Windows\SysNative\mshtmled.dll -> [2011/12/03 09:33:58 | 000,097,280 | ---- | C] (Microsoft Corporation) mshtmled.dll -> C:\Windows\SysWow64\mshtmled.dll -> [2011/12/03 09:33:58 | 000,067,072 | ---- | C] (Microsoft Corporation) msfeedssync.exe -> C:\Windows\SysWow64\msfeedssync.exe -> [2011/12/03 09:33:57 | 000,012,800 | ---- | C] (Microsoft Corporation) msfeedssync.exe -> C:\Windows\SysNative\msfeedssync.exe -> [2011/12/03 09:33:57 | 000,012,288 | ---- | C] (Microsoft Corporation) html.iec -> C:\Windows\SysNative\html.iec -> [2011/12/03 09:33:56 | 000,482,816 | ---- | C] (Microsoft Corporation) html.iec -> C:\Windows\SysWow64\html.iec -> [2011/12/03 09:33:56 | 000,386,048 | ---- | C] (Microsoft Corporation) winload.efi -> C:\Windows\SysNative\winload.efi -> [2011/12/03 09:33:45 | 000,640,896 | ---- | C] (Microsoft Corporation) winload.exe -> C:\Windows\SysNative\winload.exe -> [2011/12/03 09:33:45 | 000,603,976 | ---- | C] (Microsoft Corporation) winresume.efi -> C:\Windows\SysNative\winresume.efi -> [2011/12/03 09:33:45 | 000,556,928 | ---- | C] (Microsoft Corporation) winresume.exe -> C:\Windows\SysNative\winresume.exe -> [2011/12/03 09:33:45 | 000,518,160 | ---- | C] (Microsoft Corporation) kdusb.dll -> C:\Windows\SysNative\kdusb.dll -> [2011/12/03 09:33:45 | 000,020,352 | ---- | C] (Microsoft Corporation) kd1394.dll -> C:\Windows\SysNative\kd1394.dll -> [2011/12/03 09:33:45 | 000,019,328 | ---- | C] (Microsoft Corporation) kdcom.dll -> C:\Windows\SysNative\kdcom.dll -> [2011/12/03 09:33:45 | 000,017,792 | ---- | C] (Microsoft Corporation) dnsapi.dll -> C:\Windows\SysNative\dnsapi.dll -> [2011/12/03 09:33:33 | 000,356,352 | ---- | C] (Microsoft Corporation) dnscacheugc.exe -> C:\Windows\SysNative\dnscacheugc.exe -> [2011/12/03 09:33:32 | 000,030,208 | ---- | C] (Microsoft Corporation) dnscacheugc.exe -> C:\Windows\SysWow64\dnscacheugc.exe -> [2011/12/03 09:33:32 | 000,028,672 | ---- | C] (Microsoft Corporation) jscript.dll -> C:\Windows\SysNative\jscript.dll -> [2011/12/03 09:33:26 | 000,852,480 | ---- | C] (Microsoft Corporation) jscript.dll -> C:\Windows\SysWow64\jscript.dll -> [2011/12/03 09:33:26 | 000,716,800 | ---- | C] (Microsoft Corporation) vbscript.dll -> C:\Windows\SysNative\vbscript.dll -> [2011/12/03 09:33:26 | 000,612,352 | ---- | C] (Microsoft Corporation) prevhost.exe -> C:\Windows\SysWow64\prevhost.exe -> [2011/12/03 09:33:21 | 000,031,232 | ---- | C] (Microsoft Corporation) prevhost.exe -> C:\Windows\SysNative\prevhost.exe -> [2011/12/03 09:33:21 | 000,031,232 | ---- | C] (Microsoft Corporation) kernel32.dll -> C:\Windows\SysNative\kernel32.dll -> [2011/12/03 09:33:12 | 001,162,240 | ---- | C] (Microsoft Corporation) KernelBase.dll -> C:\Windows\SysNative\KernelBase.dll -> [2011/12/03 09:33:12 | 000,422,400 | ---- | C] (Microsoft Corporation) wow64win.dll -> C:\Windows\SysNative\wow64win.dll -> [2011/12/03 09:33:11 | 000,362,496 | ---- | C] (Microsoft Corporation) conhost.exe -> C:\Windows\SysNative\conhost.exe -> [2011/12/03 09:33:11 | 000,338,432 | ---- | C] (Microsoft Corporation) wow64.dll -> C:\Windows\SysNative\wow64.dll -> [2011/12/03 09:33:11 | 000,243,200 | ---- | C] (Microsoft Corporation) winsrv.dll -> C:\Windows\SysNative\winsrv.dll -> [2011/12/03 09:33:11 | 000,214,528 | ---- | C] (Microsoft Corporation) setup16.exe -> C:\Windows\SysWow64\setup16.exe -> [2011/12/03 09:33:10 | 000,025,600 | ---- | C] (Microsoft Corporation) ntvdm64.dll -> C:\Windows\SysNative\ntvdm64.dll -> [2011/12/03 09:33:10 | 000,016,384 | ---- | C] (Microsoft Corporation) ntvdm64.dll -> C:\Windows\SysWow64\ntvdm64.dll -> [2011/12/03 09:33:09 | 000,014,336 | ---- | C] (Microsoft Corporation) wow64cpu.dll -> C:\Windows\SysNative\wow64cpu.dll -> [2011/12/03 09:33:09 | 000,013,312 | ---- | C] (Microsoft Corporation) instnm.exe -> C:\Windows\SysWow64\instnm.exe -> [2011/12/03 09:33:09 | 000,007,680 | ---- | C] (Microsoft Corporation) api-ms-win-core-libraryloader-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll -> [2011/12/03 09:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-libraryloader-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll -> [2011/12/03 09:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) wow32.dll -> C:\Windows\SysWow64\wow32.dll -> [2011/12/03 09:33:08 | 000,005,120 | ---- | C] (Microsoft Corporation) api-ms-win-core-file-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll -> [2011/12/03 09:33:06 | 000,005,120 | -H-- | C] (Microsoft Corporation) api-ms-win-core-file-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll -> [2011/12/03 09:33:06 | 000,005,120 | -H-- | C] (Microsoft Corporation) api-ms-win-core-heap-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll -> [2011/12/03 09:33:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-string-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll -> [2011/12/03 09:33:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-security-base-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) api-ms-win-core-threadpool-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) api-ms-win-core-sysinfo-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-sysinfo-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-synch-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-synch-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-xstate-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-util-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-processthreads-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) api-ms-win-core-misc-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-rtlsupport-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-processenvironment-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-processenvironment-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-namedpipe-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-namedpipe-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-misc-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-memory-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-string-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-rtlsupport-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-profile-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-profile-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-localregistry-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-localregistry-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-memory-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-interlocked-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-heap-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-io-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-io-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-interlocked-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-security-base-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,006,144 | -H-- | C] (Microsoft Corporation) api-ms-win-core-threadpool-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) api-ms-win-core-processthreads-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) api-ms-win-core-xstate-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) api-ms-win-core-handle-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-handle-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-fibers-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-fibers-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-errorhandling-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-errorhandling-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-delayload-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-delayload-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-debug-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-debug-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-datetime-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-datetime-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-localization-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll -> [2011/12/03 09:33:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-localization-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll -> [2011/12/03 09:33:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) api-ms-win-core-util-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll -> [2011/12/03 09:33:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-console-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll -> [2011/12/03 09:33:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) api-ms-win-core-console-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll -> [2011/12/03 09:33:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) user.exe -> C:\Windows\SysWow64\user.exe -> [2011/12/03 09:32:57 | 000,002,048 | ---- | C] (Microsoft Corporation) xmllite.dll -> C:\Windows\SysNative\xmllite.dll -> [2011/12/03 09:31:20 | 000,199,680 | ---- | C] (Microsoft Corporation) lsasrv.dll -> C:\Windows\SysNative\lsasrv.dll -> [2011/12/03 09:31:00 | 001,446,912 | ---- | C] (Microsoft Corporation) taskschd.dll -> C:\Windows\SysNative\taskschd.dll -> [2011/12/03 09:30:48 | 001,169,408 | ---- | C] (Microsoft Corporation) wmicmiplugin.dll -> C:\Windows\SysNative\wmicmiplugin.dll -> [2011/12/03 09:30:48 | 000,524,288 | ---- | C] (Microsoft Corporation) taskschd.dll -> C:\Windows\SysWow64\taskschd.dll -> [2011/12/03 09:30:48 | 000,496,128 | ---- | C] (Microsoft Corporation) taskcomp.dll -> C:\Windows\SysNative\taskcomp.dll -> [2011/12/03 09:30:48 | 000,473,600 | ---- | C] (Microsoft Corporation) taskeng.exe -> C:\Windows\SysNative\taskeng.exe -> [2011/12/03 09:30:48 | 000,464,384 | ---- | C] (Microsoft Corporation) taskcomp.dll -> C:\Windows\SysWow64\taskcomp.dll -> [2011/12/03 09:30:47 | 000,305,152 | ---- | C] (Microsoft Corporation) schtasks.exe -> C:\Windows\SysNative\schtasks.exe -> [2011/12/03 09:30:47 | 000,285,696 | ---- | C] (Microsoft Corporation) schtasks.exe -> C:\Windows\SysWow64\schtasks.exe -> [2011/12/03 09:30:47 | 000,179,712 | ---- | C] (Microsoft Corporation) d3d10warp.dll -> C:\Windows\SysNative\d3d10warp.dll -> [2011/12/03 09:30:38 | 001,837,568 | ---- | C] (Microsoft Corporation) d2d1.dll -> C:\Windows\SysNative\d2d1.dll -> [2011/12/03 09:30:38 | 000,902,656 | ---- | C] (Microsoft Corporation) mf.dll -> C:\Windows\SysNative\mf.dll -> [2011/12/03 09:30:37 | 004,068,864 | ---- | C] (Microsoft Corporation) mf.dll -> C:\Windows\SysWow64\mf.dll -> [2011/12/03 09:30:37 | 003,181,568 | ---- | C] (Microsoft Corporation) WMVDECOD.DLL -> C:\Windows\SysNative\WMVDECOD.DLL -> [2011/12/03 09:30:37 | 001,888,256 | ---- | C] (Microsoft Corporation) DWrite.dll -> C:\Windows\SysNative\DWrite.dll -> [2011/12/03 09:30:37 | 001,540,608 | ---- | C] (Microsoft Corporation) ExplorerFrame.dll -> C:\Windows\SysNative\ExplorerFrame.dll -> [2011/12/03 09:30:35 | 001,863,680 | ---- | C] (Microsoft Corporation) WMVDECOD.DLL -> C:\Windows\SysWow64\WMVDECOD.DLL -> [2011/12/03 09:30:35 | 001,619,456 | ---- | C] (Microsoft Corporation) mfreadwrite.dll -> C:\Windows\SysNative\mfreadwrite.dll -> [2011/12/03 09:30:34 | 000,257,024 | ---- | C] (Microsoft Corporation) ExplorerFrame.dll -> C:\Windows\SysWow64\ExplorerFrame.dll -> [2011/12/03 09:30:33 | 001,495,040 | ---- | C] (Microsoft Corporation) dxgmms1.sys -> C:\Windows\SysNative\drivers\dxgmms1.sys -> [2011/12/03 09:30:33 | 000,265,088 | ---- | C] (Microsoft Corporation) XpsRasterService.dll -> C:\Windows\SysNative\XpsRasterService.dll -> [2011/12/03 09:30:33 | 000,229,888 | ---- | C] (Microsoft Corporation) mfreadwrite.dll -> C:\Windows\SysWow64\mfreadwrite.dll -> [2011/12/03 09:30:33 | 000,196,608 | ---- | C] (Microsoft Corporation) cdd.dll -> C:\Windows\SysNative\cdd.dll -> [2011/12/03 09:30:33 | 000,144,384 | ---- | C] (Microsoft Corporation) XpsRasterService.dll -> C:\Windows\SysWow64\XpsRasterService.dll -> [2011/12/03 09:30:33 | 000,135,168 | ---- | C] (Microsoft Corporation) mfps.dll -> C:\Windows\SysNative\mfps.dll -> [2011/12/03 09:30:32 | 000,206,848 | ---- | C] (Microsoft Corporation) mssrch.dll -> C:\Windows\SysNative\mssrch.dll -> [2011/12/03 09:30:09 | 002,228,224 | ---- | C] (Microsoft Corporation) mssrch.dll -> C:\Windows\SysWow64\mssrch.dll -> [2011/12/03 09:30:09 | 001,401,856 | ---- | C] (Microsoft Corporation) tquery.dll -> C:\Windows\SysNative\tquery.dll -> [2011/12/03 09:30:08 | 002,326,016 | ---- | C] (Microsoft Corporation) tquery.dll -> C:\Windows\SysWow64\tquery.dll -> [2011/12/03 09:30:08 | 001,553,920 | ---- | C] (Microsoft Corporation) mssph.dll -> C:\Windows\SysNative\mssph.dll -> [2011/12/03 09:30:08 | 000,491,520 | ---- | C] (Microsoft Corporation) mssvp.dll -> C:\Windows\SysNative\mssvp.dll -> [2011/12/03 09:30:06 | 000,779,264 | ---- | C] (Microsoft Corporation) mssvp.dll -> C:\Windows\SysWow64\mssvp.dll -> [2011/12/03 09:30:06 | 000,666,624 | ---- | C] (Microsoft Corporation) mssph.dll -> C:\Windows\SysWow64\mssph.dll -> [2011/12/03 09:30:06 | 000,337,408 | ---- | C] (Microsoft Corporation) SearchProtocolHost.exe -> C:\Windows\SysNative\SearchProtocolHost.exe -> [2011/12/03 09:30:06 | 000,249,856 | ---- | C] (Microsoft Corporation) SearchFilterHost.exe -> C:\Windows\SysNative\SearchFilterHost.exe -> [2011/12/03 09:30:06 | 000,113,664 | ---- | C] (Microsoft Corporation) msscntrs.dll -> C:\Windows\SysNative\msscntrs.dll -> [2011/12/03 09:30:06 | 000,075,264 | ---- | C] (Microsoft Corporation) mssphtb.dll -> C:\Windows\SysNative\mssphtb.dll -> [2011/12/03 09:30:05 | 000,288,256 | ---- | C] (Microsoft Corporation) msscntrs.dll -> C:\Windows\SysWow64\msscntrs.dll -> [2011/12/03 09:30:03 | 000,059,392 | ---- | C] (Microsoft Corporation) CertEnroll.dll -> C:\Windows\SysNative\CertEnroll.dll -> [2011/12/03 09:29:47 | 001,975,296 | ---- | C] (Microsoft Corporation) CertEnroll.dll -> C:\Windows\SysWow64\CertEnroll.dll -> [2011/12/03 09:29:47 | 001,320,960 | ---- | C] (Microsoft Corporation) wmp.dll -> C:\Windows\SysNative\wmp.dll -> [2011/12/03 09:29:38 | 014,627,840 | ---- | C] (Microsoft Corporation) wmp.dll -> C:\Windows\SysWow64\wmp.dll -> [2011/12/03 09:29:37 | 011,406,848 | ---- | C] (Microsoft Corporation) wmploc.DLL -> C:\Windows\SysNative\wmploc.DLL -> [2011/12/03 09:29:36 | 012,625,920 | ---- | C] (Microsoft Corporation) wmploc.DLL -> C:\Windows\SysWow64\wmploc.DLL -> [2011/12/03 09:29:36 | 012,625,408 | ---- | C] (Microsoft Corporation) CPFilters.dll -> C:\Windows\SysNative\CPFilters.dll -> [2011/12/03 09:29:24 | 000,961,024 | ---- | C] (Microsoft Corporation) EncDec.dll -> C:\Windows\SysNative\EncDec.dll -> [2011/12/03 09:29:24 | 000,723,968 | ---- | C] (Microsoft Corporation) sbe.dll -> C:\Windows\SysNative\sbe.dll -> [2011/12/03 09:29:23 | 001,118,720 | ---- | C] (Microsoft Corporation) sbe.dll -> C:\Windows\SysWow64\sbe.dll -> [2011/12/03 09:29:23 | 000,850,432 | ---- | C] (Microsoft Corporation) CPFilters.dll -> C:\Windows\SysWow64\CPFilters.dll -> [2011/12/03 09:29:23 | 000,642,048 | ---- | C] (Microsoft Corporation) EncDec.dll -> C:\Windows\SysWow64\EncDec.dll -> [2011/12/03 09:29:23 | 000,534,528 | ---- | C] (Microsoft Corporation) mpg2splt.ax -> C:\Windows\SysNative\mpg2splt.ax -> [2011/12/03 09:29:23 | 000,259,072 | ---- | C] (Microsoft Corporation) mpg2splt.ax -> C:\Windows\SysWow64\mpg2splt.ax -> [2011/12/03 09:29:22 | 000,199,680 | ---- | C] (Microsoft Corporation) odbcjt32.dll -> C:\Windows\SysWow64\odbcjt32.dll -> [2011/12/03 09:29:18 | 000,319,488 | ---- | C] (Microsoft Corporation) odbctrac.dll -> C:\Windows\SysNative\odbctrac.dll -> [2011/12/03 09:29:18 | 000,212,992 | ---- | C] (Microsoft Corporation) odbctrac.dll -> C:\Windows\SysWow64\odbctrac.dll -> [2011/12/03 09:29:18 | 000,163,840 | ---- | C] (Microsoft Corporation) odbccp32.dll -> C:\Windows\SysNative\odbccp32.dll -> [2011/12/03 09:29:18 | 000,163,840 | ---- | C] (Microsoft Corporation) odbccp32.dll -> C:\Windows\SysWow64\odbccp32.dll -> [2011/12/03 09:29:18 | 000,122,880 | ---- | C] (Microsoft Corporation) odbccu32.dll -> C:\Windows\SysNative\odbccu32.dll -> [2011/12/03 09:29:18 | 000,106,496 | ---- | C] (Microsoft Corporation) odbccr32.dll -> C:\Windows\SysNative\odbccr32.dll -> [2011/12/03 09:29:18 | 000,106,496 | ---- | C] (Microsoft Corporation) odbccu32.dll -> C:\Windows\SysWow64\odbccu32.dll -> [2011/12/03 09:29:18 | 000,086,016 | ---- | C] (Microsoft Corporation) odbccr32.dll -> C:\Windows\SysWow64\odbccr32.dll -> [2011/12/03 09:29:18 | 000,081,920 | ---- | C] (Microsoft Corporation) mfc40.dll -> C:\Windows\SysWow64\mfc40.dll -> [2011/12/03 09:29:13 | 000,954,752 | ---- | C] (Microsoft Corporation) mfc40u.dll -> C:\Windows\SysWow64\mfc40u.dll -> [2011/12/03 09:29:12 | 000,954,288 | ---- | C] (Microsoft Corporation) upnp.dll -> C:\Windows\SysNative\upnp.dll -> [2011/12/03 09:29:05 | 000,264,192 | ---- | C] (Microsoft Corporation) upnp.dll -> C:\Windows\SysWow64\upnp.dll -> [2011/12/03 09:29:05 | 000,204,288 | ---- | C] (Microsoft Corporation) davclnt.dll -> C:\Windows\SysNative\davclnt.dll -> [2011/12/03 09:29:04 | 000,100,864 | ---- | C] (Microsoft Corporation) wscapi.dll -> C:\Windows\SysNative\wscapi.dll -> [2011/12/03 09:29:04 | 000,062,976 | ---- | C] (Microsoft Corporation) wscapi.dll -> C:\Windows\SysWow64\wscapi.dll -> [2011/12/03 09:29:02 | 000,051,200 | ---- | C] (Microsoft Corporation) slwga.dll -> C:\Windows\SysNative\slwga.dll -> [2011/12/03 09:29:02 | 000,015,360 | ---- | C] (Microsoft Corporation) slwga.dll -> C:\Windows\SysWow64\slwga.dll -> [2011/12/03 09:29:02 | 000,014,336 | ---- | C] (Microsoft Corporation) ole32.dll -> C:\Windows\SysNative\ole32.dll -> [2011/12/03 09:28:17 | 002,085,376 | ---- | C] (Microsoft Corporation) drvinst.exe -> C:\Windows\SysWow64\drvinst.exe -> [2011/12/03 09:28:13 | 000,252,928 | ---- | C] (Microsoft Corporation) devrtl.dll -> C:\Windows\SysWow64\devrtl.dll -> [2011/12/03 09:28:13 | 000,044,544 | ---- | C] (Microsoft Corporation) msdri.dll -> C:\Windows\SysNative\msdri.dll -> [2011/12/03 09:28:03 | 000,552,960 | ---- | C] (Microsoft Corporation) d3d10_1core.dll -> C:\Windows\SysNative\d3d10_1core.dll -> [2011/12/03 09:27:55 | 000,320,512 | ---- | C] (Microsoft Corporation) d3d10_1.dll -> C:\Windows\SysNative\d3d10_1.dll -> [2011/12/03 09:27:55 | 000,197,120 | ---- | C] (Microsoft Corporation) psisdecd.dll -> C:\Windows\SysNative\psisdecd.dll -> [2011/12/03 09:27:40 | 000,613,888 | ---- | C] (Microsoft Corporation) psisdecd.dll -> C:\Windows\SysWow64\psisdecd.dll -> [2011/12/03 09:27:40 | 000,465,408 | ---- | C] (Microsoft Corporation) MSNP.ax -> C:\Windows\SysNative\MSNP.ax -> [2011/12/03 09:27:40 | 000,288,256 | ---- | C] (Microsoft Corporation) MSNP.ax -> C:\Windows\SysWow64\MSNP.ax -> [2011/12/03 09:27:40 | 000,204,288 | ---- | C] (Microsoft Corporation) psisrndr.ax -> C:\Windows\SysNative\psisrndr.ax -> [2011/12/03 09:27:40 | 000,108,032 | ---- | C] (Microsoft Corporation) Mpeg2Data.ax -> C:\Windows\SysNative\Mpeg2Data.ax -> [2011/12/03 09:27:40 | 000,104,960 | ---- | C] (Microsoft Corporation) psisrndr.ax -> C:\Windows\SysWow64\psisrndr.ax -> [2011/12/03 09:27:40 | 000,075,776 | ---- | C] (Microsoft Corporation) MSDvbNP.ax -> C:\Windows\SysNative\MSDvbNP.ax -> [2011/12/03 09:27:39 | 000,075,776 | ---- | C] (Microsoft Corporation) Mpeg2Data.ax -> C:\Windows\SysWow64\Mpeg2Data.ax -> [2011/12/03 09:27:39 | 000,072,704 | ---- | C] (Microsoft Corporation) MSDvbNP.ax -> C:\Windows\SysWow64\MSDvbNP.ax -> [2011/12/03 09:27:39 | 000,059,904 | ---- | C] (Microsoft Corporation) poqexec.exe -> C:\Windows\SysNative\poqexec.exe -> [2011/12/03 09:27:27 | 000,142,336 | ---- | C] (Microsoft Corporation) poqexec.exe -> C:\Windows\SysWow64\poqexec.exe -> [2011/12/03 09:27:26 | 000,123,904 | ---- | C] (Microsoft Corporation) quartz.dll -> C:\Windows\SysNative\quartz.dll -> [2011/12/03 09:27:23 | 001,572,352 | ---- | C] (Microsoft Corporation) quartz.dll -> C:\Windows\SysWow64\quartz.dll -> [2011/12/03 09:27:23 | 001,328,640 | ---- | C] (Microsoft Corporation) avifil32.dll -> C:\Windows\SysWow64\avifil32.dll -> [2011/12/03 09:27:22 | 000,091,648 | ---- | C] (Microsoft Corporation) mciavi32.dll -> C:\Windows\SysWow64\mciavi32.dll -> [2011/12/03 09:27:22 | 000,084,480 | ---- | C] (Microsoft Corporation) ntdll.dll -> C:\Windows\SysNative\ntdll.dll -> [2011/12/03 09:27:15 | 001,739,176 | ---- | C] (Microsoft Corporation) explorer.exe -> C:\Windows\explorer.exe -> [2011/12/03 09:26:49 | 002,870,272 | ---- | C] (Microsoft Corporation) explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2011/12/03 09:26:49 | 002,614,784 | ---- | C] (Microsoft Corporation) secproc_isv.dll -> C:\Windows\SysNative\secproc_isv.dll -> [2011/12/03 09:26:36 | 000,422,912 | ---- | C] (Microsoft Corporation) secproc.dll -> C:\Windows\SysNative\secproc.dll -> [2011/12/03 09:26:35 | 000,424,960 | ---- | C] (Microsoft Corporation) secproc.dll -> C:\Windows\SysWow64\secproc.dll -> [2011/12/03 09:26:35 | 000,369,152 | ---- | C] (Microsoft Corporation) secproc_isv.dll -> C:\Windows\SysWow64\secproc_isv.dll -> [2011/12/03 09:26:35 | 000,365,568 | ---- | C] (Microsoft Corporation) RMActivate_isv.exe -> C:\Windows\SysNative\RMActivate_isv.exe -> [2011/12/03 09:26:35 | 000,357,888 | ---- | C] (Microsoft Corporation) RMActivate.exe -> C:\Windows\SysNative\RMActivate.exe -> [2011/12/03 09:26:35 | 000,356,352 | ---- | C] (Microsoft Corporation) RMActivate_isv.exe -> C:\Windows\SysWow64\RMActivate_isv.exe -> [2011/12/03 09:26:35 | 000,324,608 | ---- | C] (Microsoft Corporation) RMActivate.exe -> C:\Windows\SysWow64\RMActivate.exe -> [2011/12/03 09:26:35 | 000,320,512 | ---- | C] (Microsoft Corporation) RMActivate_ssp.exe -> C:\Windows\SysNative\RMActivate_ssp.exe -> [2011/12/03 09:26:35 | 000,306,688 | ---- | C] (Microsoft Corporation) RMActivate_ssp_isv.exe -> C:\Windows\SysNative\RMActivate_ssp_isv.exe -> [2011/12/03 09:26:35 | 000,305,152 | ---- | C] (Microsoft Corporation) secproc_ssp_isv.dll -> C:\Windows\SysNative\secproc_ssp_isv.dll -> [2011/12/03 09:26:35 | 000,121,856 | ---- | C] (Microsoft Corporation) secproc_ssp.dll -> C:\Windows\SysNative\secproc_ssp.dll -> [2011/12/03 09:26:35 | 000,121,856 | ---- | C] (Microsoft Corporation) RMActivate_ssp.exe -> C:\Windows\SysWow64\RMActivate_ssp.exe -> [2011/12/03 09:26:34 | 000,280,064 | ---- | C] (Microsoft Corporation) RMActivate_ssp_isv.exe -> C:\Windows\SysWow64\RMActivate_ssp_isv.exe -> [2011/12/03 09:26:34 | 000,277,504 | ---- | C] (Microsoft Corporation) secproc_ssp_isv.dll -> C:\Windows\SysWow64\secproc_ssp_isv.dll -> [2011/12/03 09:26:34 | 000,085,504 | ---- | C] (Microsoft Corporation) secproc_ssp.dll -> C:\Windows\SysWow64\secproc_ssp.dll -> [2011/12/03 09:26:34 | 000,085,504 | ---- | C] (Microsoft Corporation) atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2011/12/03 09:26:29 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) atmfd.dll -> C:\Windows\SysWow64\atmfd.dll -> [2011/12/03 09:26:28 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) fontsub.dll -> C:\Windows\SysNative\fontsub.dll -> [2011/12/03 09:26:28 | 000,100,864 | ---- | C] (Microsoft Corporation) fontsub.dll -> C:\Windows\SysWow64\fontsub.dll -> [2011/12/03 09:26:28 | 000,070,656 | ---- | C] (Microsoft Corporation) atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2011/12/03 09:26:28 | 000,046,080 | ---- | C] (Adobe Systems) atmlib.dll -> C:\Windows\SysWow64\atmlib.dll -> [2011/12/03 09:26:28 | 000,034,304 | ---- | C] (Adobe Systems) comctl32.dll -> C:\Windows\SysNative\comctl32.dll -> [2011/12/03 09:26:18 | 000,633,856 | ---- | C] (Microsoft Corporation) XpsGdiConverter.dll -> C:\Windows\SysNative\XpsGdiConverter.dll -> [2011/12/03 09:26:04 | 000,476,160 | ---- | C] (Microsoft Corporation) XpsGdiConverter.dll -> C:\Windows\SysWow64\XpsGdiConverter.dll -> [2011/12/03 09:26:04 | 000,288,256 | ---- | C] (Microsoft Corporation) msasn1.dll -> C:\Windows\SysNative\msasn1.dll -> [2011/12/03 09:25:56 | 000,046,592 | ---- | C] (Microsoft Corporation) webio.dll -> C:\Windows\SysNative\webio.dll -> [2011/12/03 09:25:54 | 000,395,776 | ---- | C] (Microsoft Corporation) webio.dll -> C:\Windows\SysWow64\webio.dll -> [2011/12/03 09:25:54 | 000,314,368 | ---- | C] (Microsoft Corporation) t2embed.dll -> C:\Windows\SysNative\t2embed.dll -> [2011/12/03 09:25:51 | 000,148,992 | ---- | C] (Microsoft Corporation) t2embed.dll -> C:\Windows\SysWow64\t2embed.dll -> [2011/12/03 09:25:51 | 000,109,056 | ---- | C] (Microsoft Corporation) wmpmde.dll -> C:\Windows\SysNative\wmpmde.dll -> [2011/12/03 09:25:49 | 001,024,512 | ---- | C] (Microsoft Corporation) wmpmde.dll -> C:\Windows\SysWow64\wmpmde.dll -> [2011/12/03 09:25:49 | 000,738,816 | ---- | C] (Microsoft Corporation) i1iSis_x64.sys -> C:\Windows\SysNative\drivers\i1iSis_x64.sys -> [2011/12/03 09:25:03 | 000,051,600 | ---- | C] (Thesycon GmbH, Germany) i1io2_x64.sys -> C:\Windows\SysNative\drivers\i1io2_x64.sys -> [2011/12/03 09:25:03 | 000,051,600 | ---- | C] (Thesycon GmbH, Germany) i1_x64.sys -> C:\Windows\SysNative\drivers\i1_x64.sys -> [2011/12/03 09:25:03 | 000,051,600 | ---- | C] (Thesycon GmbH, Germany) i1display_x64.sys -> C:\Windows\SysNative\drivers\i1display_x64.sys -> [2011/12/03 09:25:03 | 000,007,808 | ---- | C] (GretagMacbeth LLC) EFI -> C:\Program Files (x86)\Common Files\EFI -> [2011/12/03 09:25:03 | 000,000,000 | ---D | C] Fiery -> C:\Program Files (x86)\Fiery -> [2011/12/03 09:24:34 | 000,000,000 | ---D | C] mfc42u.dll -> C:\Windows\SysNative\mfc42u.dll -> [2011/12/03 09:23:54 | 001,359,872 | ---- | C] (Microsoft Corporation) mfc42.dll -> C:\Windows\SysNative\mfc42.dll -> [2011/12/03 09:23:53 | 001,395,712 | ---- | C] (Microsoft Corporation) mfc42u.dll -> C:\Windows\SysWow64\mfc42u.dll -> [2011/12/03 09:23:53 | 001,164,288 | ---- | C] (Microsoft Corporation) mfc42.dll -> C:\Windows\SysWow64\mfc42.dll -> [2011/12/03 09:23:53 | 001,137,664 | ---- | C] (Microsoft Corporation) FXSCOVER.exe -> C:\Windows\SysNative\FXSCOVER.exe -> [2011/12/03 09:23:51 | 000,267,776 | ---- | C] (Microsoft Corporation) StructuredQuery.dll -> C:\Windows\SysNative\StructuredQuery.dll -> [2011/12/03 09:23:50 | 000,483,840 | ---- | C] (Microsoft Corporation) ntoskrnl.exe -> C:\Windows\SysNative\ntoskrnl.exe -> [2011/12/03 09:23:33 | 005,507,968 | ---- | C] (Microsoft Corporation) ntkrnlpa.exe -> C:\Windows\SysWow64\ntkrnlpa.exe -> [2011/12/03 09:23:32 | 003,957,120 | ---- | C] (Microsoft Corporation) ntoskrnl.exe -> C:\Windows\SysWow64\ntoskrnl.exe -> [2011/12/03 09:23:32 | 003,902,336 | ---- | C] (Microsoft Corporation) odbc32.dll -> C:\Windows\SysNative\odbc32.dll -> [2011/12/03 09:23:13 | 000,720,896 | ---- | C] (Microsoft Corporation) odbc32.dll -> C:\Windows\SysWow64\odbc32.dll -> [2011/12/03 09:23:13 | 000,573,440 | ---- | C] (Microsoft Corporation) winlogon.exe -> C:\Windows\SysNative\winlogon.exe -> [2011/12/03 09:23:09 | 000,389,632 | ---- | C] (Microsoft Corporation) XpsPrint.dll -> C:\Windows\SysWow64\XpsPrint.dll -> [2011/12/03 09:23:07 | 000,442,880 | ---- | C] (Microsoft Corporation) XpsPrint.dll -> C:\Windows\SysNative\XpsPrint.dll -> [2011/12/03 09:23:06 | 000,662,528 | ---- | C] (Microsoft Corporation) oleaut32.dll -> C:\Windows\SysNative\oleaut32.dll -> [2011/12/03 09:23:03 | 000,861,184 | ---- | C] (Microsoft Corporation) oleacc.dll -> C:\Windows\SysNative\oleacc.dll -> [2011/12/03 09:23:03 | 000,331,776 | ---- | C] (Microsoft Corporation) mstscax.dll -> C:\Windows\SysNative\mstscax.dll -> [2011/12/03 09:23:00 | 003,138,048 | ---- | C] (Microsoft Corporation) mstscax.dll -> C:\Windows\SysWow64\mstscax.dll -> [2011/12/03 09:23:00 | 002,690,560 | ---- | C] (Microsoft Corporation) mstsc.exe -> C:\Windows\SysNative\mstsc.exe -> [2011/12/03 09:22:59 | 001,097,216 | ---- | C] (Microsoft Corporation) mstsc.exe -> C:\Windows\SysWow64\mstsc.exe -> [2011/12/03 09:22:59 | 001,034,240 | ---- | C] (Microsoft Corporation) sscore.dll -> C:\Windows\SysWow64\sscore.dll -> [2011/12/03 09:22:56 | 000,009,728 | ---- | C] (Microsoft Corporation) rtutils.dll -> C:\Windows\SysNative\rtutils.dll -> [2011/12/03 09:22:54 | 000,052,224 | ---- | C] (Microsoft Corporation) consent.exe -> C:\Windows\SysNative\consent.exe -> [2011/12/03 09:22:51 | 000,112,000 | ---- | C] (Microsoft Corporation) iccvid.dll -> C:\Windows\SysWow64\iccvid.dll -> [2011/12/03 09:22:50 | 000,082,944 | ---- | C] (Radius Inc.) Diskdump.sys -> C:\Windows\SysNative\drivers\Diskdump.sys -> [2011/12/03 09:22:49 | 000,027,008 | ---- | C] (Microsoft Corporation) InstallShield -> C:\Users\Heintje\AppData\Roaming\InstallShield -> [2011/12/03 09:22:29 | 000,000,000 | ---D | C] CyberLink -> C:\Users\Heintje\AppData\Roaming\CyberLink -> [2011/12/03 09:19:15 | 000,000,000 | ---D | C] Macromedia -> C:\Users\Heintje\AppData\Roaming\Macromedia -> [2011/12/03 09:07:58 | 000,000,000 | ---D | C] Adobe -> C:\Users\Heintje\AppData\Roaming\Adobe -> [2011/12/03 09:07:37 | 000,000,000 | ---D | C] Dell -> C:\Users\Heintje\AppData\Roaming\Dell -> [2011/12/03 09:04:58 | 000,000,000 | ---D | C] Stardock_Corporation -> C:\Users\Heintje\AppData\Local\Stardock_Corporation -> [2011/12/03 09:04:42 | 000,000,000 | ---D | C] ATI -> C:\Users\Heintje\AppData\Roaming\ATI -> [2011/12/03 09:04:23 | 000,000,000 | ---D | C] ATI -> C:\Users\Heintje\AppData\Local\ATI -> [2011/12/03 09:04:23 | 000,000,000 | ---D | C] Searches -> C:\Users\Heintje\Searches -> [2011/12/03 09:03:53 | 000,000,000 | R--D | C] Administrative Tools -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools -> [2011/12/03 09:03:53 | 000,000,000 | R--D | C] User Pinned -> C:\Users\Heintje\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned -> [2011/12/03 09:03:53 | 000,000,000 | -H-D | C] [Files/Folders - Modified Within 30 Days] OTS.exe -> C:\Users\Heintje\Desktop\OTS.exe -> [2011/12/05 09:30:59 | 000,646,144 | ---- | M] (OldTimer Tools) spumonilpstd.otf -> C:\Users\Heintje\Desktop\spumonilpstd.otf -> [2011/12/05 09:04:12 | 000,045,548 | ---- | M] () E111Viva.ttf -> C:\Users\Heintje\Desktop\E111Viva.ttf -> [2011/12/05 08:37:36 | 000,062,308 | ---- | M] () centurystd-bookcondensed.otf -> C:\Users\Heintje\Desktop\centurystd-bookcondensed.otf -> [2011/12/05 08:36:13 | 000,031,160 | ---- | M] () PM4_64bit.zip -> C:\Users\Heintje\Desktop\PM4_64bit.zip -> [2011/12/05 08:20:57 | 000,016,331 | ---- | M] () X-GPD_5.216.19.0_PS_x64.exe -> C:\Users\Heintje\Desktop\X-GPD_5.216.19.0_PS_x64.exe -> [2011/12/05 08:00:10 | 029,562,288 | ---- | M] () PM4_APP.exe -> C:\Users\Heintje\Desktop\PM4_APP.exe -> [2011/12/05 08:00:01 | 000,535,472 | ---- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/12/05 07:45:05 | 000,014,016 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/12/05 07:45:05 | 000,014,016 | -H-- | M] () PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2011/12/05 07:44:07 | 000,729,688 | ---- | M] () perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2011/12/05 07:44:07 | 000,630,124 | ---- | M] () perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2011/12/05 07:44:07 | 000,111,208 | ---- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2011/12/05 07:37:32 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011/12/05 07:37:18 | 2140,495,871 | -HS- | M] () epplauncher.mif -> C:\Windows\epplauncher.mif -> [2011/12/05 07:36:14 | 000,002,154 | ---- | M] () PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2011/12/05 07:35:58 | 000,734,810 | ---- | M] () MCPR.exe -> C:\Users\Heintje\Desktop\MCPR.exe -> [2011/12/05 07:11:44 | 001,832,544 | ---- | M] (McAfee, Inc.) FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2011/12/05 06:54:23 | 002,975,664 | ---- | M] () mseinstall.exe -> C:\Users\Heintje\Desktop\mseinstall.exe -> [2011/12/03 11:26:06 | 010,165,440 | ---- | M] (Microsoft Corporation) Adobe Acrobat 9 Pro.lnk -> C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk -> [2011/12/03 11:02:23 | 000,002,023 | ---- | M] () license.rtf -> C:\Windows\SysWow64\license.rtf -> [2011/12/03 11:00:42 | 000,040,209 | ---- | M] () license.rtf -> C:\Windows\SysNative\license.rtf -> [2011/12/03 11:00:42 | 000,040,209 | ---- | M] () Msft_Kernel_point64_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf -> [2011/12/03 09:58:08 | 000,000,000 | -H-- | M] () Command WorkStation 5.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Command WorkStation 5.lnk -> [2011/12/03 09:52:53 | 000,002,564 | ---- | M] () Command WorkStation 5.lnk -> C:\Users\Public\Desktop\Command WorkStation 5.lnk -> [2011/12/03 09:52:44 | 000,002,546 | ---- | M] () IscDbc.dll -> C:\Windows\SysWow64\IscDbc.dll -> [2011/12/03 09:48:46 | 000,274,432 | ---- | M] (IBPhoenix Inc.) OdbcJdbcMT.dll -> C:\Windows\SysWow64\OdbcJdbcMT.dll -> [2011/12/03 09:48:46 | 000,262,144 | ---- | M] (IBPhoenix Inc) OdbcJdbc.dll -> C:\Windows\SysWow64\OdbcJdbc.dll -> [2011/12/03 09:48:46 | 000,253,952 | ---- | M] (IBPhoenix Inc) OdbcJdbcSetup.dll -> C:\Windows\SysWow64\OdbcJdbcSetup.dll -> [2011/12/03 09:48:46 | 000,155,648 | ---- | M] (IBPhoenix Inc.) ODBCINST.INI -> C:\Windows\ODBCINST.INI -> [2011/12/03 09:48:46 | 000,000,401 | ---- | M] () Msft_Kernel_NuidFltr_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf -> [2011/12/03 09:46:41 | 000,000,000 | -H-- | M] () Msft_Kernel_dc3d_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf -> [2011/12/03 09:38:04 | 000,000,000 | -H-- | M] () Launch Internet Explorer Browser.lnk -> C:\Users\Heintje\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2011/12/03 09:07:22 | 000,001,443 | ---- | M] () Msft_Kernel_NuidFltr_01005.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf -> [2011/12/03 09:04:54 | 000,000,000 | -H-- | M] () Dell Dock.lnk -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk -> [2011/12/03 09:04:45 | 000,001,984 | ---- | M] () 22 C:\Users\Heintje\AppData\Local\Temp\*.tmp files -> C:\Users\Heintje\AppData\Local\Temp\*.tmp -> 22 C:\Users\Heintje\AppData\Local\Temp\*.tmp files -> C:\Users\Heintje\AppData\Local\Temp\*.tmp -> 11 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> [Files - No Company Name] spumonilpstd.otf -> C:\Users\Heintje\Desktop\spumonilpstd.otf -> [2011/12/05 09:04:11 | 000,045,548 | ---- | C] () E111Viva.ttf -> C:\Users\Heintje\Desktop\E111Viva.ttf -> [2011/12/05 08:37:35 | 000,062,308 | ---- | C] () centurystd-bookcondensed.otf -> C:\Users\Heintje\Desktop\centurystd-bookcondensed.otf -> [2011/12/05 08:36:12 | 000,031,160 | ---- | C] () PM4_64bit.zip -> C:\Users\Heintje\Desktop\PM4_64bit.zip -> [2011/12/05 08:20:57 | 000,016,331 | ---- | C] () X-GPD_5.216.19.0_PS_x64.exe -> C:\Users\Heintje\Desktop\X-GPD_5.216.19.0_PS_x64.exe -> [2011/12/05 08:00:09 | 029,562,288 | ---- | C] () PM4_APP.exe -> C:\Users\Heintje\Desktop\PM4_APP.exe -> [2011/12/05 07:59:56 | 000,535,472 | ---- | C] () epplauncher.mif -> C:\Windows\epplauncher.mif -> [2011/12/05 07:36:14 | 000,002,154 | ---- | C] () PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2011/12/05 07:35:58 | 000,734,810 | ---- | C] () Microsoft Security Essentials.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> [2011/12/05 07:35:43 | 000,001,899 | ---- | C] () Adobe Acrobat 9 Pro.lnk -> C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk -> [2011/12/03 11:02:23 | 000,002,023 | ---- | C] () Acrobat.com.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk -> [2011/12/03 10:58:46 | 000,001,011 | ---- | C] () hiberfil.sys -> C:\hiberfil.sys -> [2011/12/03 10:58:38 | 2140,495,871 | -HS- | C] () Dell Help Documentation.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk -> [2011/12/03 10:03:08 | 000,001,979 | ---- | C] () Shows Desktop.lnk -> C:\Users\Heintje\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> [2011/12/03 10:02:22 | 000,000,290 | ---- | C] () Window Switcher.lnk -> C:\Users\Heintje\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> [2011/12/03 10:02:22 | 000,000,272 | ---- | C] () Msft_Kernel_point64_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf -> [2011/12/03 09:58:08 | 000,000,000 | -H-- | C] () Command WorkStation 5.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Command WorkStation 5.lnk -> [2011/12/03 09:52:53 | 000,002,564 | ---- | C] () Command WorkStation 5.lnk -> C:\Users\Public\Desktop\Command WorkStation 5.lnk -> [2011/12/03 09:52:44 | 000,002,546 | ---- | C] () UnInCWS5.ISS -> C:\Windows\UnInCWS5.ISS -> [2011/12/03 09:52:44 | 000,000,263 | R--- | C] () ODBCINST.INI -> C:\Windows\ODBCINST.INI -> [2011/12/03 09:48:46 | 000,000,401 | ---- | C] () UnInsIV30.iss -> C:\Windows\UnInsIV30.iss -> [2011/12/03 09:48:13 | 000,000,382 | ---- | C] () Msft_Kernel_NuidFltr_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf -> [2011/12/03 09:46:41 | 000,000,000 | -H-- | C] () UnInsDBP30.iss -> C:\Windows\UnInsDBP30.iss -> [2011/12/03 09:38:34 | 000,000,253 | ---- | C] () Msft_Kernel_dc3d_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf -> [2011/12/03 09:38:04 | 000,000,000 | -H-- | C] () UnInsHar30_CXP.ISS -> C:\Windows\UnInsHar30_CXP.ISS -> [2011/12/03 09:24:36 | 000,000,255 | ---- | C] () Launch Internet Explorer Browser.lnk -> C:\Users\Heintje\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2011/12/03 09:07:22 | 000,001,443 | ---- | C] () Msft_Kernel_NuidFltr_01005.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf -> [2011/12/03 09:04:54 | 000,000,000 | -H-- | C] () Dell Dock.lnk -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk -> [2011/12/03 09:04:45 | 000,001,984 | ---- | C] () Internet Explorer (64-bit).lnk -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> [2011/12/03 09:04:09 | 000,001,415 | ---- | C] () Internet Explorer.lnk -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> [2011/12/03 09:03:56 | 000,001,449 | ---- | C] () APOMngr.DLL -> C:\Windows\SysWow64\APOMngr.DLL -> [2009/12/22 17:52:30 | 000,146,432 | ---- | C] () CmdRtr.DLL -> C:\Windows\SysWow64\CmdRtr.DLL -> [2009/12/22 17:52:30 | 000,072,704 | ---- | C] () ativpsrm.bin -> C:\Windows\ativpsrm.bin -> [2009/12/22 17:51:54 | 000,000,000 | ---- | C] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/14 00:38:36 | 000,067,584 | --S- | C] () NOISE.DAT -> C:\Windows\SysWow64\NOISE.DAT -> [2009/07/13 21:35:51 | 000,000,741 | ---- | C] () dssec.dat -> C:\Windows\SysWow64\dssec.dat -> [2009/07/13 21:34:42 | 000,215,943 | ---- | C] () mib.bin -> C:\Windows\mib.bin -> [2009/07/13 19:10:29 | 000,043,131 | ---- | C] () BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/13 18:42:10 | 000,064,000 | ---- | C] () msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 16:03:59 | 000,364,544 | ---- | C] () mlang.dat -> C:\Windows\SysWow64\mlang.dat -> [2009/06/10 16:26:10 | 000,673,088 | ---- | C] () [File - Lop Check] Xerox -> C:\Users\Heintje\AppData\Roaming\Xerox -> [2011/12/05 08:09:26 | 000,000,000 | ---D | M] SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2009/07/14 00:08:49 | 000,003,698 | ---- | M] () [File - Purity Scan] < End of report > [/code]