OTL logfile created on: 3/16/2012 10:03:24 AM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = F:\Spyware Cleanup
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 3.36 Gb Available Physical Memory | 83.98% Memory free
8.00 Gb Paging File | 7.37 Gb Available in Paging File | 92.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 688.90 Gb Total Space | 301.54 Gb Free Space | 43.77% Space Free | Partition Type: NTFS
Drive D: | 9.74 Gb Total Space | 1.31 Gb Free Space | 13.49% Space Free | Partition Type: NTFS
Drive F: | 1.92 Gb Total Space | 1.59 Gb Free Space | 82.91% Space Free | Partition Type: FAT32
 
Computer Name: VINCENT-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/03/12 10:01:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- F:\Spyware Cleanup\OTL.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2008/07/24 16:22:40 | 000,118,272 | ---- | M] (WDC) [Auto | Stopped] -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe)
SRV - [2012/03/12 10:00:18 | 008,116,368 | ---- | M] (SurfRight B.V.) [Auto | Stopped] -- F:\Spyware Cleanup\HitmanPro36_x64.exe -- (HitmanPro36CrusaderBoot) HitmanPro 3.6 Crusader (Boot)
SRV - [2012/01/19 09:18:50 | 003,337,216 | ---- | M] (Hide My IP) [On_Demand | Stopped] -- C:\Program Files (x86)\Hide My IP\HideMyIpSrv.exe -- (HideMyIpSRV)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/23 18:40:12 | 000,127,352 | ---- | M] (CinemaNow, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/01 15:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Stopped] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/07/12 20:36:12 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/06/29 20:54:16 | 000,073,728 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2007/04/05 21:35:40 | 001,543,614 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\iPod Access for Windows\iPAHelper.exe -- (iPAHelper.exe)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/03/16 08:25:52 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro36.sys -- (hitmanpro35)
DRV:[b]64bit:[/b] - [2011/12/04 17:23:57 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:[b]64bit:[/b] - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2010/12/16 18:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:[b]64bit:[/b] - [2010/01/31 20:29:31 | 000,058,936 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nchvsc64.sys -- (NCHVSC64) SoundTap Recorder (64 Bit)
DRV:[b]64bit:[/b] - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (VST64_DPV)
DRV:[b]64bit:[/b] - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (winachsf)
DRV:[b]64bit:[/b] - [2009/06/10 17:01:11 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTBS26.SYS -- (VST64HWBS2)
DRV:[b]64bit:[/b] - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 16:32:49 | 000,214,784 | ---- | M] (ViXS Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xcbdaVx64.sys -- (xcbdaNtscV) ViXS Tuner Card (NTSC)
DRV:[b]64bit:[/b] - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2007/10/03 12:18:20 | 000,136,704 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:[b]64bit:[/b] - [2007/07/12 12:35:44 | 000,381,976 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2007/02/15 20:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV:[b]64bit:[/b] - [2006/11/16 17:26:44 | 000,019,248 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pdiports.sys -- (PdiPorts)
DRV - [2011/12/04 17:23:57 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/02/15 20:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files (x86)\Elf_1.12\prxtbElf0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {afdbd48a-9ab9-41da-a160-24fbcd7a35e7} - C:\Program Files (x86)\zultrax\prxtbzul0.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1588530587-3061208615-2322206526-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
 
 
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:[b]64bit:[/b] - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Elf 1.12 Toolbar) - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files (x86)\Elf_1.12\prxtbElf0.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files (x86)\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Zultrax Toolbar) - {afdbd48a-9ab9-41da-a160-24fbcd7a35e7} - C:\Program Files (x86)\zultrax\prxtbzul0.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files (x86)\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Elf 1.12 Toolbar) - {38542454-dfb6-44f5-b052-d4e071a3d073} - C:\Program Files (x86)\Elf_1.12\prxtbElf0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (Zultrax Toolbar) - {afdbd48a-9ab9-41da-a160-24fbcd7a35e7} - C:\Program Files (x86)\zultrax\prxtbzul0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files (x86)\AskTBar\bar\1.bin\ASKTBAR.DLL File not found
O4:[b]64bit:[/b] - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking10\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [DT HPW] C:\Program Files (x86)\Portrait Displays\HP My Display\DTHtml.exe (Portrait Displays, Inc)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (OsdMaestro)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [Recordpad] C:\Program Files (x86)\NCH Swift Sound\Recordpad\recordpad.exe (NCH Software)
O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1588530587-3061208615-2322206526-500..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1588530587-3061208615-2322206526-500..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Administrator\AppData [2012/03/14 16:19:09 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Administrator\Application Data [2012/03/14 16:19:09 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Administrator\Cookies [2012/03/14 16:19:09 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Administrator\Desktop [2012/03/16 09:42:39 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Administrator\Documents [2012/03/14 16:19:09 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Administrator\Downloads [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Administrator\Favorites [2012/03/15 09:01:00 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Administrator\Links [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Administrator\Local Settings [2012/03/14 16:19:09 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Administrator\Music [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Administrator\My Documents [2012/03/14 16:19:09 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Administrator\NetHood [2012/03/14 16:19:09 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Administrator\NTUSER.DAT ()
O4 - Startup: C:\Users\Administrator\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Administrator\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Administrator\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
O4 - Startup: C:\Users\Administrator\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Administrator\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Administrator\ntuser.ini ()
O4 - Startup: C:\Users\Administrator\Pictures [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Administrator\PrintHood [2012/03/14 16:19:09 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Administrator\Recent [2012/03/14 16:19:09 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Administrator\Saved Games [2009/07/13 22:34:59 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Administrator\SendTo [2012/03/14 16:19:09 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Administrator\Start Menu [2012/03/14 16:19:09 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Administrator\Templates [2012/03/14 16:19:09 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Administrator\Videos [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Administrator\{69745955-7a8e-4cd1-a493-3a8fd3cb879a} [2012/03/14 22:08:56 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\.zreglib ()
O4 - Startup: C:\Users\All Users\Acoustica [2010/01/31 14:35:50 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Adobe [2012/03/14 21:04:12 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Apple [2012/03/14 21:48:22 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Apple Computer [2012/03/14 22:08:49 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Application Data [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Ask [2011/12/17 13:10:26 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Avery [2012/03/14 21:48:43 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\CanonBJ [2012/03/14 21:48:43 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\All Users\CanonIJScan [2012/03/14 22:08:49 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\All Users\CinemaNow [2012/03/14 22:08:49 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\CyberLink [2010/01/31 14:36:08 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Desktop [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Documents [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Elaborate Bytes [2012/03/14 22:08:49 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\eSellerate [2012/03/14 22:08:49 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Favorites [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Findley Designs [2008/06/29 12:22:55 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Google [2010/01/31 14:36:08 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Hewlett-Packard [2012/03/14 22:08:49 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\HitmanPro [2012/03/16 08:25:46 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\HP [2012/03/14 21:48:50 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\InstallShield [2012/03/14 22:08:49 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Intuit [2012/03/14 21:48:51 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\LightScribe [2010/01/31 14:36:16 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Macrovision [2012/03/14 22:08:50 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Microsoft [2012/03/14 21:49:24 | 000,000,000 | --SD | M]
O4 - Startup: C:\Users\All Users\Microsoft Help [2012/03/14 22:08:50 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\muvee Technologies [2010/01/31 14:36:48 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\NCH Swift Sound [2010/01/31 20:30:31 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Nero [2012/03/14 22:08:54 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Norton [2012/03/14 22:08:54 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\NOS [2012/03/14 22:08:54 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Nuance [2012/03/14 21:49:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\NVIDIA [2012/03/14 19:19:38 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Office Genuine Advantage [2010/01/31 14:36:51 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\PC-Doctor [2010/01/31 14:36:51 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\PhotoShow Shared Assets [2010/01/31 14:36:55 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\RapidSolution [2012/03/14 22:08:55 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Roxio [2010/10/16 11:55:45 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\ScanSoft [2012/03/14 22:08:55 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Seagate [2010/01/31 14:36:58 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\SlySoft [2012/03/14 21:49:42 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\SmartSound Software Inc [2010/01/31 14:36:58 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Sonic [2010/10/16 11:51:53 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Start Menu [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Sun [2010/06/12 11:34:59 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\SUPERAntiSpyware.com [2012/03/14 15:20:28 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Symantec [2012/03/16 09:45:16 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\TEMP [2012/03/02 04:32:48 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Templates [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\The Print Shop [2010/06/26 09:59:27 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Uninstall [2012/03/14 22:08:55 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\WildTangent [2012/03/14 22:08:56 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\yahoo! [2012/03/14 22:08:56 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\All Users\Yahoo! Companion [2010/01/31 14:38:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\ZoomBrowser [2010/10/16 09:39:33 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3} [2010/01/31 14:38:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\{35733029-9859-49C7-8475-1E78E2AAE413} [2010/01/31 14:38:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2012/03/14 21:50:20 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\{CD649BED-8A0E-48BE-B3B6-0F5055BED534} [2010/01/31 14:38:26 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\AppData\AppData [2012/03/12 17:29:34 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\AppData\LocalLow [2010/01/31 14:38:26 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Default\AppData [2012/03/14 21:50:22 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Default\Application Data [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Desktop [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Documents [2009/07/14 01:08:56 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Downloads [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Favorites [2010/01/31 14:55:50 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Links [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Local Settings [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Music [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\My Documents [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NetHood [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG1 ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG2 ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Default\Pictures [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\PrintHood [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Recent [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Saved Games [2009/07/13 22:34:59 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Default\SendTo [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Start Menu [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Templates [2009/07/14 01:08:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Videos [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\{69745955-7a8e-4cd1-a493-3a8fd3cb879a} [2012/03/14 22:08:56 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Public\AppData [2012/03/12 17:29:34 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Public\CyberLink [2012/03/14 22:08:56 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Public\Desktop [2012/03/14 22:09:53 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Documents [2012/03/14 22:09:53 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Downloads [2012/03/14 22:09:57 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Favorites [2009/07/13 22:34:59 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Libraries [2012/03/14 22:09:53 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Music [2012/03/14 22:09:57 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Pictures [2012/03/14 22:09:57 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Recorded TV [2012/03/14 22:09:57 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Videos [2012/03/14 22:09:57 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Vincent\AppData [2012/03/14 21:51:56 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Vincent\Application Data [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\Contacts [2012/03/14 22:09:05 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Vincent\Cookies [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\Desktop [2012/03/14 22:09:05 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Vincent\My Documents [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\Downloads [2012/03/14 22:09:06 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Vincent\Favorites [2012/03/14 22:09:06 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Vincent\JavaMediaPlayer_audiolevel.cfg ()
O4 - Startup: C:\Users\Vincent\Links [2012/03/14 22:09:06 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Vincent\Local Settings [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\Music [2012/03/14 22:09:06 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Vincent\My Documents [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\NetHood [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\ntuser.dat ()
O4 - Startup: C:\Users\Vincent\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Vincent\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Vincent\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
O4 - Startup: C:\Users\Vincent\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Vincent\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{6bd780da-6c59-11e1-b012-001fc62a90db}.TM.blf ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{6bd780da-6c59-11e1-b012-001fc62a90db}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{6bd780da-6c59-11e1-b012-001fc62a90db}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{8eb98edc-6e2b-11e1-be60-001fc62a90db}.TM.blf ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{8eb98edc-6e2b-11e1-be60-001fc62a90db}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{8eb98edc-6e2b-11e1-be60-001fc62a90db}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{ad7d2fda-6d1c-11e1-90dd-001fc62a90db}.TM.blf ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{ad7d2fda-6d1c-11e1-90dd-001fc62a90db}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{ad7d2fda-6d1c-11e1-90dd-001fc62a90db}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{fe544edc-6d43-11e1-8cf6-001fc62a90db}.TM.blf ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{fe544edc-6d43-11e1-8cf6-001fc62a90db}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Vincent\ntuser.dat{fe544edc-6d43-11e1-8cf6-001fc62a90db}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Vincent\ntuser.ini ()
O4 - Startup: C:\Users\Vincent\Pictures [2012/03/14 22:09:06 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Vincent\PrintHood [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\Recent [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\Saved Games [2012/03/14 22:09:06 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Vincent\Searches [2012/03/14 22:09:06 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Vincent\SendTo [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\Start Menu [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\Sti_Trace.log ()
O4 - Startup: C:\Users\Vincent\Templates [2010/01/31 14:25:34 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Vincent\Videos [2012/03/14 22:09:06 | 000,000,000 | R--D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar64.dll (LastPass)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPBar.dll (LastPass)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\HMIPCore.dll (Hide My IP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\HMIPCore.dll (Hide My IP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\HMIPCore.dll (Hide My IP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\HMIPCore.dll (Hide My IP)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWow64\HMIPCore.dll (Hide My IP)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E6C176C-A2FA-4ED1-9311-0C4F2F822321}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91D95F1B-7719-4933-84DA-BEAA18F26D43}: DhcpNameServer = 192.168.2.1
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/03/16 08:25:52 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/03/14 16:19:15 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/03/14 16:19:09 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Templates
[2012/03/14 16:19:09 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Start Menu
[2012/03/14 16:19:09 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\SendTo
[2012/03/14 16:19:09 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Recent
[2012/03/14 16:19:09 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\PrintHood
[2012/03/14 16:19:09 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\NetHood
[2012/03/14 16:19:09 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\My Documents
[2012/03/14 16:19:09 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Local Settings
[2012/03/14 16:19:09 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Cookies
[2012/03/14 16:19:09 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Application Data
[2012/03/14 16:19:08 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Videos
[2012/03/14 16:19:08 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Pictures
[2012/03/14 16:19:08 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Music
[2012/03/14 16:19:08 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Links
[2012/03/14 16:19:08 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Favorites
[2012/03/14 16:19:08 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Downloads
[2012/03/14 16:19:08 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Documents
[2012/03/14 16:19:08 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Desktop
[2012/03/14 16:19:08 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData
[2012/03/14 16:19:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Saved Games
[2012/03/14 16:19:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\{69745955-7a8e-4cd1-a493-3a8fd3cb879a}
[2012/03/14 15:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/03/14 15:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/03/14 12:37:07 | 000,000,000 | ---D | C] -- C:\FRST
[2012/03/14 11:51:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/03/13 11:22:38 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/03/12 17:18:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/28 16:55:48 | 000,000,000 | ---D | C] -- \GRBData
[2012/02/25 15:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentControl2
[2012/02/23 17:10:29 | 000,000,000 | ---D | C] -- \VIRUSES
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/03/16 10:05:43 | 000,796,132 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/16 10:05:43 | 000,673,774 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/16 10:05:43 | 000,124,904 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/16 09:49:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/16 09:48:11 | 3220,664,320 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/16 08:25:52 | 000,027,424 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys
[2012/03/16 08:25:52 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/03/16 08:25:52 | 000,001,216 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2012/03/15 09:01:00 | 000,001,439 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/15 08:57:48 | 000,001,890 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/03/15 08:57:48 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/02/18 13:14:56 | 000,012,336 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/18 13:14:56 | 000,012,336 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/03/16 08:25:52 | 000,001,216 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2012/03/16 08:13:21 | 000,027,424 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys
[2012/03/15 09:01:00 | 000,001,439 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/14 16:19:09 | 000,000,290 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/03/14 16:19:09 | 000,000,272 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/04/03 03:02:33 | 000,747,070 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/10/16 11:51:40 | 000,000,414 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/10/16 11:48:09 | 000,000,083 | --S- | C] () -- C:\ProgramData\.zreglib
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/08/26 14:26:24 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\pt243F.DLL
[2008/08/07 11:12:33 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2008/05/18 08:53:49 | 000,000,171 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2008/05/14 19:27:38 | 000,002,304 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys
[2008/05/14 19:05:28 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/02/25 09:38:18 | 000,102,481 | ---- | C] () -- C:\Windows\hpqins13.dat
[2008/02/25 09:26:58 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/02/25 09:26:58 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2007/08/23 18:30:00 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2004/01/30 16:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\SysWow64\unicows.dll
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:F35A93AD

< End of report >