OTL logfile created on: 4/14/2012 5:12:32 PM - Run 3 OTL by OldTimer - Version 3.2.24.0 Folder = G:\ Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.96 Gb Total Physical Memory | 2.64 Gb Available Physical Memory | 89.25% Memory free 6.81 Gb Paging File | 6.71 Gb Available in Paging File | 98.54% Paging File free Paging file location(s): C:\pagefile.sys 4646 4691 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 228.75 Gb Total Space | 14.37 Gb Free Space | 6.28% Space Free | Partition Type: NTFS Drive G: | 3.76 Gb Total Space | 2.45 Gb Free Space | 65.04% Space Free | Partition Type: FAT32 Computer Name: LENOVO-832649CA | User Name: Sakush | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - G:\OTL.exe (OldTimer Tools) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - G:\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (SessionLauncher) -- File not found SRV - (HidServ) -- File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (Bitdefender) SRV - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Bitdefender) SRV - (SafeBox) -- C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe (Bitdefender) SRV - (Update Server) -- C:\Program Files\Common Files\BitDefender\Bitdefender Arrakis Server\bin\arrakis3.exe (BitDefender) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (S24EventMonitor) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (SUService) -- c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited) SRV - (CGVPNCliSrvc) -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH) SRV - (HssTrayService) -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe () SRV - (HotspotShieldService) -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe () SRV - (HssWd) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe () SRV - (HssSrv) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.) SRV - (MSR Service) -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe () SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten) SRV - (UserAccess) -- C:\WINDOWS\system32\UAService.exe () SRV - (WMConnectCDS) -- C:\Program Files\Windows Media Connect 2\wmccds.exe (Microsoft Corporation) SRV - (spupdsvc) -- C:\WINDOWS\system32\spupdsvc.exe (Microsoft Corporation) SRV - (TVT Backup Protection Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe () SRV - (TVT_UpdateMonitor) -- C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe (Lenovo Group Limited) SRV - (Roxio Upnp Server 10) -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions) SRV - (Roxio UPnP Renderer 10) -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions) SRV - (RoxLiveShare10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (Sonic Solutions) SRV - (RoxWatch10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe (Sonic Solutions) SRV - (RoxMediaDB10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions) SRV - (FNF5SVC) -- C:\Program Files\Lenovo\HOTKEY\FnF5svc.exe (Lenovo.) SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) SRV - (ThinkVantage Registry Monitor Service) -- c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (PMSveH) -- C:\Program Files\Lenovo\PMDriver\PMSveH.exe (Lenovo) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (avc3) -- C:\WINDOWS\system32\DRIVERS\avc3.sys (BitDefender) DRV - (bdselfpr) -- C:\Program Files\BitDefender\Bitdefender 2012\bdselfpr.sys (BitDefender LLC) DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd) DRV - (bdsandbox) -- C:\WINDOWS\system32\drivers\bdsandbox.sys (BitDefender SRL) DRV - (avckf) -- C:\WINDOWS\system32\drivers\avckf.sys (BitDefender) DRV - (trufos) -- C:\WINDOWS\system32\DRIVERS\trufos.sys (BitDefender S.R.L.) DRV - (Bdfndisf) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys (BitDefender LLC) DRV - (bdftdif) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC) DRV - (avchv) -- C:\WINDOWS\system32\drivers\avchv.sys (BitDefender) DRV - (bdfsfltr) -- C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys (BitDefender) DRV - (RegGuard) -- C:\WINDOWS\system32\drivers\regguard.sys (Greatis Software) DRV - (NETwNx32) ___ Intel(R) -- C:\WINDOWS\system32\drivers\NETwNx32.sys (Intel Corporation) DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys () DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bserd) -- C:\WINDOWS\system32\drivers\ss_bserd.sys (MCCI Corporation) DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (EverestDriver) -- C:\Documents and Settings\Sakush\Desktop\everest\Everest_Ultimate_Build_2253\kerneld.wnt () DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.) DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project) DRV - (BDVEDISK) -- C:\WINDOWS\system32\drivers\bdvedisk.sys (BitDefender) DRV - (taphss) -- C:\WINDOWS\system32\drivers\taphss.sys (AnchorFree Inc) DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.) DRV - (mdf15) -- C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys () DRV - (IntcHdmiAddService) Intel(R) -- C:\WINDOWS\system32\drivers\IntcHdmi.sys (Intel(R) Corporation) DRV - (NETw5x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation) DRV - (Cam5607) -- C:\WINDOWS\system32\drivers\BisonC07.sys (Bison Electronics. Inc. ) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (JMCR) -- C:\WINDOWS\system32\drivers\jmcr.sys (JMicron Technology Corporation) DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS () DRV - (tvtumon) -- C:\WINDOWS\system32\drivers\tvtumon.sys (Lenovo) DRV - (CnxtHdAudService) -- C:\WINDOWS\system32\drivers\CHDAU32.sys (Conexant Systems Inc.) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.) DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation) DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio) DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio) DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio) DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio) DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio) DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio) DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio) DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio) DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio) DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio) DRV - (PMHler) -- C:\WINDOWS\system32\drivers\PMHler.sys (Lenovo ) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/3000notebook [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Yahoo!" FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.2.0.5 FF - prefs.js..extensions.enabledItems: facepad@lazyrussian.com:0.7.5 FF - prefs.js..extensions.enabledItems: {b01bf10c-302a-11da-b67b-000d60ca027b}:2.6.1 FF - prefs.js..flock.keyword.provider: "Yahoo!" FF - HKLM\software\mozilla\Firefox\extensions\\fe_5.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_5.0 [2012/01/21 20:16:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Flock 2.5.5\extensions\\Components: C:\Program Files\Flock\components [2011/02/02 21:01:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Flock 2.5.5\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/02/02 21:03:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Flock 2.6.1\extensions\\Components: C:\Program Files\Flock\components [2011/02/02 21:01:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Flock 2.6.1\extensions\\Plugins: C:\Program Files\Flock\plugins [2011/02/02 21:03:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/25 18:52:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/09 18:43:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF - HKLM\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2012/01/21 20:16:50 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2012/03/27 02:34:50 | 000,000,000 | ---D | M] [2010/02/03 10:59:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Extensions [2010/02/03 10:59:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b} [2012/04/13 19:42:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions [2010/06/03 20:20:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012/03/02 19:46:53 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012/03/09 12:10:50 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions\anttoolbar@ant.com [2010/08/23 18:59:58 | 000,000,000 | ---D | M] (FacePAD: Facebook Photo Album Downloader) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions\facepad@lazyrussian.com [2012/04/13 19:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sakush\Application Data\Mozilla\Firefox\Profiles\e7xrt2jw.default\extensions\staged [2012/04/09 18:43:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/04/09 18:43:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2010/08/22 22:24:39 | 000,000,000 | ---D | M] (FacePAD: Facebook Photo Album Downloader) -- C:\DOCUMENTS AND SETTINGS\SAKUSH\APPLICATION DATA\FLOCK\BROWSER\PROFILES\W46NR51B.DEFAULT\EXTENSIONS\FACEPAD@LAZYRUSSIAN.COM [2009/11/11 03:15:41 | 000,000,000 | ---D | M] (Download Accelerator Plus Integration) -- C:\PROGRAM FILES\DAP\DAPFLOCK [2012/03/13 10:24:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2012/04/09 18:43:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2012/03/13 10:23:32 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml [2012/03/13 10:23:32 | 000,002,040 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\twitter.xml O1 HOSTS File: ([2008/04/14 17:45:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll () O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.) O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. O4 - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender) O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LPManager] C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [PMHandler] C:\Program Files\Lenovo\PMDriver\PMHandler.exe (Lenovo) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE (Conexant) O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe (Lenovo Group Limited) O4 - HKLM..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab) O4 - HKLM..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFaceIII\PManage.exe () O4 - HKLM..\Run: [WD Spindown Utility] C:\Program Files\Western Digital Technologies\Spindown\ExSpinDn.exe (Western Digital Technologies, Inc.) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [UnHackMe Monitor] C:\Program Files\UnHackMe\hackmon.exe (Greatis Software) O4 - HKLM..\RunOnce: [NoIE4StubProcessing] File not found O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found O4 - HKLM..\RunOnceEx: [Title] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 159 O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm () O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm () O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKCU Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\PicNotify: DllName - PicNotify.dll - C:\WINDOWS\System32\PicNotify.dll () O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Sakush/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg O24 - Desktop Components:1 (My Current Home Page) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/07/22 03:47:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1064bdda-9c46-11de-9831-001e652f4cc6}\Shell\AutoRun\command - "" = E:\3c.exe O33 - MountPoints2\{1064bdda-9c46-11de-9831-001e652f4cc6}\Shell\open\Command - "" = E:\3c.exe O33 - MountPoints2\{19b77e2a-2e63-11df-98a6-001e652f4cc6}\Shell\AutoRun\command - "" = sovittamrakar.exe O33 - MountPoints2\{19b77e2a-2e63-11df-98a6-001e652f4cc6}\Shell\explore\Command - "" = sovittamrakar.exe O33 - MountPoints2\{19b77e2a-2e63-11df-98a6-001e652f4cc6}\Shell\open\Command - "" = sovittamrakar.exe O33 - MountPoints2\{355e9736-1609-11df-989b-001e652f4cc6}\Shell\AutoRun\command - "" = G:\sovittamrakar.exe O33 - MountPoints2\{355e9736-1609-11df-989b-001e652f4cc6}\Shell\explore\Command - "" = G:\sovittamrakar.exe O33 - MountPoints2\{355e9736-1609-11df-989b-001e652f4cc6}\Shell\open\Command - "" = G:\sovittamrakar.exe O33 - MountPoints2\{3b9af8e2-9a9c-11de-982a-001e652f4cc6}\Shell\Auto\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8e2-9a9c-11de-982a-001e652f4cc6}\Shell\AutoRun\command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8e2-9a9c-11de-982a-001e652f4cc6}\Shell\Explore\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8e2-9a9c-11de-982a-001e652f4cc6}\Shell\Find\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8e2-9a9c-11de-982a-001e652f4cc6}\Shell\Format...\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8e2-9a9c-11de-982a-001e652f4cc6}\Shell\open\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8f4-9a9c-11de-982a-001e652f4cc6}\Shell\Auto\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8f4-9a9c-11de-982a-001e652f4cc6}\Shell\AutoRun\command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8f4-9a9c-11de-982a-001e652f4cc6}\Shell\Explore\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8f4-9a9c-11de-982a-001e652f4cc6}\Shell\Find\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8f4-9a9c-11de-982a-001e652f4cc6}\Shell\Format...\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{3b9af8f4-9a9c-11de-982a-001e652f4cc6}\Shell\open\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{61f02bb7-d256-11de-9868-001e652f4cc6}\Shell\AutoRun\command - "" = E:\curice/elena.exe O33 - MountPoints2\{61f02bb7-d256-11de-9868-001e652f4cc6}\Shell\explore\command - "" = E:\curice/elena.exe O33 - MountPoints2\{61f02bb7-d256-11de-9868-001e652f4cc6}\Shell\open\command - "" = E:\curice/elena.exe O33 - MountPoints2\{885d63f4-2c84-11df-98a5-001e652f4cc6}\Shell\AutoRun\command - "" = COKOLADA//topljena.exe O33 - MountPoints2\{8c2a7210-1fcf-11df-98a2-001e652f4cc6}\Shell\AutoRun\command - "" = F:\ALKOHOLU///zdravooo.exe O33 - MountPoints2\{8c2a7210-1fcf-11df-98a2-001e652f4cc6}\Shell\explore\command - "" = F:\ALKOHOLU///zdravooo.exe O33 - MountPoints2\{8c2a7210-1fcf-11df-98a2-001e652f4cc6}\Shell\open\command - "" = F:\ALKOHOLU///zdravooo.exe O33 - MountPoints2\{aa965ed8-24a2-11df-98a3-001e652f4cc6}\Shell\AutoRun\command - "" = F:\sovittamrakar.exe O33 - MountPoints2\{aa965ed8-24a2-11df-98a3-001e652f4cc6}\Shell\explore\Command - "" = F:\sovittamrakar.exe O33 - MountPoints2\{aa965ed8-24a2-11df-98a3-001e652f4cc6}\Shell\open\Command - "" = F:\sovittamrakar.exe O33 - MountPoints2\{be3384ff-991c-11de-9828-001e652f4cc6}\Shell\Auto\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{be3384ff-991c-11de-9828-001e652f4cc6}\Shell\AutoRun\command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{be3384ff-991c-11de-9828-001e652f4cc6}\Shell\Explore\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{be3384ff-991c-11de-9828-001e652f4cc6}\Shell\Find\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{be3384ff-991c-11de-9828-001e652f4cc6}\Shell\Format...\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{be3384ff-991c-11de-9828-001e652f4cc6}\Shell\open\Command - "" = wscript.exe killvirus.vbs O33 - MountPoints2\{cefbc302-ce13-11de-985d-001e652f4cc6}\Shell\AutoRun\command - "" = F:\sovittamrakar.exe O33 - MountPoints2\{cefbc302-ce13-11de-985d-001e652f4cc6}\Shell\explore\Command - "" = F:\sovittamrakar.exe O33 - MountPoints2\{cefbc302-ce13-11de-985d-001e652f4cc6}\Shell\open\Command - "" = F:\sovittamrakar.exe O33 - MountPoints2\{cfd3b392-f9e3-11de-988b-001e652f4cc6}\Shell\AutoRun\command - "" = F:\SLATKO/torta.exe O33 - MountPoints2\{cfd3b392-f9e3-11de-988b-001e652f4cc6}\Shell\explore\command - "" = F:\SLATKO/torta.exe O33 - MountPoints2\{cfd3b392-f9e3-11de-988b-001e652f4cc6}\Shell\open\command - "" = F:\SLATKO/torta.exe O33 - MountPoints2\{fb199afd-9c1d-11de-9830-001e652f4cc6}\Shell\AutoRun\command - "" = F:\tmp/bak.exe O33 - MountPoints2\{fb199afd-9c1d-11de-9830-001e652f4cc6}\Shell\explore\command - "" = F:\tmp/bak.exe O33 - MountPoints2\{fb199afd-9c1d-11de-9830-001e652f4cc6}\Shell\open\command - "" = F:\tmp/bak.exe O33 - MountPoints2\{fe7fb16b-17ec-11df-989e-001e652f4cc6}\Shell\AutoRun\command - "" = sovittamrakar.exe O33 - MountPoints2\{fe7fb16b-17ec-11df-989e-001e652f4cc6}\Shell\explore\Command - "" = sovittamrakar.exe O33 - MountPoints2\{fe7fb16b-17ec-11df-989e-001e652f4cc6}\Shell\open\Command - "" = sovittamrakar.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (Partizan) - C:\WINDOWS\System32\Partizan.exe (Greatis Software) O34 - HKLM BootExecute: (ootExecute settings...) - File not found O34 - HKLM BootExecute: (ount) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/04/14 15:47:26 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools 2011 [2012/04/14 15:21:48 | 000,039,192 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\Partizan.exe [2012/04/14 15:21:48 | 000,035,816 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\drivers\Partizan.sys [2012/04/14 15:17:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sakush\IETldCache [2012/04/14 15:07:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2012/04/14 15:07:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2012/04/13 20:26:40 | 000,000,000 | ---D | C] -- C:\Rock Star Supernova [2012/04/13 11:00:15 | 000,000,000 | ---D | C] -- C:\Mission Impossible III (2006) [2012/04/13 10:59:25 | 000,000,000 | ---D | C] -- C:\Mission Impossible II (2000) [2012/04/13 10:58:50 | 000,000,000 | ---D | C] -- C:\Mission Impossible (1996) [2012/04/09 21:18:20 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdm.sys [2012/04/09 21:18:20 | 000,100,224 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bserd.sys [2012/04/09 21:18:20 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bmdfl.sys [2012/04/09 21:18:20 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bcmnt.sys [2012/04/09 21:18:19 | 000,098,432 | ---- | C] (MCCI) -- C:\WINDOWS\System32\drivers\ss_bbus.sys [2012/04/09 21:18:19 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ss_bwhnt.sys [2012/04/09 19:38:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy [2012/04/09 18:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun [2012/04/09 18:43:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012/04/09 18:26:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Local Settings\Application Data\Samsung [2012/04/09 18:20:34 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll [2012/04/09 18:20:01 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll [2012/04/09 18:20:01 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys [2012/04/09 18:17:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Local Settings\Application Data\Downloaded Installations [2012/04/09 16:49:11 | 003,785,056 | ---- | C] (BlueStack Systems, Inc.) -- C:\Documents and Settings\Sakush\Desktop\BlueStacks-ThinInstaller_0.6.3.2212.exe [2012/04/09 16:49:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Local Settings\Application Data\BlueStacksSetup [2012/04/09 16:49:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Local Settings\Application Data\BlueStacks [2012/04/05 21:14:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Desktop\New Folder (2) [2012/04/03 20:40:03 | 000,000,000 | ---D | C] -- C:\Mission Impossible Ghost Protocol (2011) [2012/04/01 22:55:36 | 000,000,000 | ---D | C] -- C:\BitDefender Total Security 2012 (x86x64) include Patch{h33t}{mad dog} [2012/04/01 20:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Application Data\Intel [2012/04/01 20:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Intel [2012/04/01 20:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Intel [2012/04/01 20:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel [2012/04/01 20:49:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel PROSet Wireless [2012/04/01 20:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2012/04/01 20:48:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012/04/01 20:39:16 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2012/04/01 20:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Application Data\SystemRequirementsLab [2012/03/31 07:26:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Desktop\Joaquin [2012/03/30 22:23:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Desktop\Stones [2012/03/29 23:49:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Desktop\Management Information System [2012/03/28 22:11:08 | 000,325,552 | ---- | C] ((주)마크애니) -- C:\WINDOWS\MASetupCaller.dll [2012/03/28 22:11:08 | 000,090,112 | ---- | C] ((주)마크애니) -- C:\WINDOWS\MAMCityDownload.ocx [2012/03/28 22:11:06 | 000,569,344 | ---- | C] ((c) MusicCity) -- C:\WINDOWS\System32\muzdecode.ax [2012/03/28 22:11:06 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.dll [2012/03/28 22:11:06 | 000,352,256 | ---- | C] (Sample Corporation) -- C:\WINDOWS\System32\MSLUR71.dll [2012/03/28 22:11:06 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- C:\WINDOWS\System32\muzoggsp.ax [2012/03/28 22:11:06 | 000,245,760 | ---- | C] (Teruten Inc.) -- C:\WINDOWS\System32\MSCLib.dll [2012/03/28 22:11:06 | 000,200,704 | ---- | C] ( (c) MusicCity) -- C:\WINDOWS\System32\muzwmts.dll [2012/03/28 22:11:06 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.exe [2012/03/28 22:11:06 | 000,155,648 | ---- | C] (Teruten Inc.) -- C:\WINDOWS\System32\MSFLib.dll [2012/03/28 22:11:06 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzaf1.dll [2012/03/28 22:11:06 | 000,131,072 | ---- | C] ((c) MusicCity) -- C:\WINDOWS\System32\muzmpgsp.ax [2012/03/28 22:11:06 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- C:\WINDOWS\System32\muzeffect.ax [2012/03/28 22:11:06 | 000,118,784 | ---- | C] ((주)마크애니) -- C:\WINDOWS\System32\MaDRM.dll [2012/03/28 22:11:06 | 000,110,592 | ---- | C] ((c) MusicCity) -- C:\WINDOWS\System32\muzmp4sp.ax [2012/03/28 22:11:06 | 000,057,344 | ---- | C] (Marktek) -- C:\WINDOWS\System32\MK_Lyric.dll [2012/03/28 22:11:06 | 000,057,344 | ---- | C] (Marktek Inc.) -- C:\WINDOWS\System32\MTXSYNCICON.dll [2012/03/28 22:11:06 | 000,049,152 | ---- | C] ((주) 마크애니) -- C:\WINDOWS\System32\MaJGUILib.dll [2012/03/28 22:11:06 | 000,045,320 | ---- | C] (MARKANY) -- C:\WINDOWS\System32\MAMACExtract.dll [2012/03/28 22:11:06 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\WINDOWS\System32\MaXMLProto.dll [2012/03/28 22:11:06 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\WINDOWS\System32\MACXMLProto.dll [2012/03/28 22:11:06 | 000,040,960 | ---- | C] (Telechips Inc.,) -- C:\WINDOWS\System32\MTTELECHIP.dll [2012/03/28 22:11:06 | 000,024,576 | ---- | C] ((주)마크애니) -- C:\WINDOWS\System32\MASetupCleaner.exe [2012/03/28 22:08:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Desktop\Operation management [2012/03/28 16:12:53 | 000,000,000 | ---D | C] -- C:\Stacy Schiff - Cleopatra_A Life [2012/03/28 16:11:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Desktop\Dizz e book [2012/03/28 16:04:30 | 000,000,000 | ---D | C] -- C:\The Silmarillion (444) [2012/03/28 15:55:19 | 000,000,000 | ---D | C] -- C:\The Silmarillion (AudioBook & E-Book) [2012/03/27 02:48:40 | 000,000,000 | ---D | C] -- C:\Nrwcf [2012/03/27 02:35:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BDLogging [2012/03/27 02:09:12 | 000,611,520 | ---- | C] (BitDefender) -- C:\WINDOWS\System32\drivers\avc3.sys [2012/03/27 02:08:40 | 000,063,056 | ---- | C] (BitDefender SRL) -- C:\WINDOWS\System32\drivers\bdsandbox.sys [2012/03/27 02:07:08 | 000,447,208 | ---- | C] (BitDefender) -- C:\WINDOWS\System32\drivers\avckf.sys [2012/03/27 02:04:25 | 000,000,000 | ---D | C] -- C:\F1 - 2012 [2012/03/26 23:29:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Local Settings\Application Data\bdch [2012/03/26 23:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bitdefender 2012 [2012/03/26 23:23:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Application Data\Bitdefender [2012/03/26 23:20:56 | 000,360,976 | ---- | C] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys [2012/03/26 23:20:56 | 000,340,624 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys [2012/03/26 00:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital Technologies [2012/03/26 00:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Start Menu\Programs\WD Spindown or Stop Utility [2012/03/24 16:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\My Documents\FM12_temp [2012/03/23 16:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\My Documents\VP Back Up [2012/03/20 21:11:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Desktop\Om [2012/03/20 05:54:42 | 000,000,000 | ---D | C] -- C:\Santana - Supernatural (1999) [CD Rip] 320 vtwin88cube [2012/03/17 21:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sakush\Desktop\OverlaysChangerRepack1.0 [2011/06/16 23:03:31 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/04/14 16:59:10 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/04/14 16:58:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/04/14 16:27:11 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2955907764-2073543447-3033106246-1008UA.job [2012/04/14 15:48:54 | 000,000,086 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\Buy jv16 PowerTools.url [2012/04/14 15:47:44 | 000,000,022 | -HS- | M] () -- C:\WINDOWS\System5537 Data.Repository [2012/04/14 15:47:44 | 000,000,022 | -HS- | M] () -- C:\Documents and Settings\Sakush\Application Data\Sys2662.Config.Repository.bin [2012/04/14 15:21:48 | 000,039,192 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\Partizan.exe [2012/04/14 15:21:48 | 000,035,816 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\Partizan.sys [2012/04/14 15:17:57 | 000,000,822 | ---- | M] () -- C:\Documents and Settings\Sakush\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/04/14 15:08:22 | 000,000,873 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf [2012/04/14 14:38:01 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2012/04/14 00:55:18 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Sakush\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/04/13 23:26:07 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/04/12 13:27:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2955907764-2073543447-3033106246-1008Core.job [2012/04/11 17:55:10 | 004,166,808 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\Ben Arfa Wonder Goal for Newcastle 2-1 Blackburn - Official Highlights and Goals FA Cup 3rd 07-01-12.mp4 [2012/04/11 17:42:08 | 001,195,538 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\Hatem Ben Arfa Goal vs Bolton HD(2).mp4 [2012/04/09 20:20:04 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/04/09 20:19:37 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2012/04/09 20:19:37 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2012/04/09 19:46:37 | 025,740,256 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\wmp11-windowsxp-x86-enu.exe.dap [2012/04/09 19:39:06 | 000,000,440 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol [2012/04/09 18:20:42 | 000,001,669 | ---- | M] () -- C:\Documents and Settings\Sakush\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk [2012/04/09 10:58:31 | 003,785,056 | ---- | M] (BlueStack Systems, Inc.) -- C:\Documents and Settings\Sakush\Desktop\BlueStacks-ThinInstaller_0.6.3.2212.exe [2012/04/09 10:52:10 | 384,418,649 | ---- | M] () -- C:\Game.of.Thrones.S02E02.HDTV.x264-ASAP.mp4 [2012/04/08 13:48:54 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/04/06 05:41:15 | 000,048,041 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\557740_465013274977_511754977_1729949_1268780589_n.jpg [2012/04/06 04:16:45 | 1963,042,257 | ---- | M] () -- C:\Sternberg's Diagnostic Surgical Pathology, 5th ed. 2010, Pg.chm [2012/04/05 12:58:49 | 000,000,323 | ---- | M] () -- C:\WINDOWS\System32\checkdnsid.xml [2012/04/04 21:22:29 | 112,525,928 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\weekly.exe.dap [2012/04/03 19:59:57 | 013,352,488 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\2012-Kookaburra-Brochure-Low-Res.pdf [2012/04/02 19:06:35 | 000,002,529 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\WD Spindown or Stop Utility.lnk [2012/04/01 20:51:34 | 000,531,862 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012/04/01 20:51:34 | 000,098,524 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012/04/01 01:54:17 | 043,942,094 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\Karim Benzema Van Bastenesque Wonder Goal V Osasusa [1080p].mp4 [2012/03/30 22:39:01 | 000,611,520 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\avc3.sys [2012/03/29 22:10:25 | 000,059,874 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\VP90.JPG [2012/03/28 22:11:22 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\WINDOWS\System32\Redemption.dll [2012/03/28 22:11:08 | 000,325,552 | ---- | M] ((주)마크애니) -- C:\WINDOWS\MASetupCaller.dll [2012/03/28 22:11:08 | 000,090,112 | ---- | M] ((주)마크애니) -- C:\WINDOWS\MAMCityDownload.ocx [2012/03/28 22:11:08 | 000,030,568 | ---- | M] () -- C:\WINDOWS\MusiccityDownload.exe [2012/03/28 22:11:06 | 000,974,848 | ---- | M] () -- C:\WINDOWS\System32\cis-2.4.dll [2012/03/28 22:11:06 | 000,569,344 | ---- | M] ((c) MusicCity) -- C:\WINDOWS\System32\muzdecode.ax [2012/03/28 22:11:06 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.dll [2012/03/28 22:11:06 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\WINDOWS\System32\MSLUR71.dll [2012/03/28 22:11:06 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- C:\WINDOWS\System32\muzoggsp.ax [2012/03/28 22:11:06 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\WINDOWS\System32\MSCLib.dll [2012/03/28 22:11:06 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\WINDOWS\System32\muzwmts.dll [2012/03/28 22:11:06 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzapp.exe [2012/03/28 22:11:06 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\WINDOWS\System32\MSFLib.dll [2012/03/28 22:11:06 | 000,143,360 | ---- | M] () -- C:\WINDOWS\System32\3DAudio.ax [2012/03/28 22:11:06 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\WINDOWS\System32\muzaf1.dll [2012/03/28 22:11:06 | 000,131,072 | ---- | M] ((c) MusicCity) -- C:\WINDOWS\System32\muzmpgsp.ax [2012/03/28 22:11:06 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- C:\WINDOWS\System32\muzeffect.ax [2012/03/28 22:11:06 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\WINDOWS\System32\MaDRM.dll [2012/03/28 22:11:06 | 000,110,592 | ---- | M] ((c) MusicCity) -- C:\WINDOWS\System32\muzmp4sp.ax [2012/03/28 22:11:06 | 000,081,920 | ---- | M] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2012/03/28 22:11:06 | 000,065,536 | ---- | M] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2012/03/28 22:11:06 | 000,057,344 | ---- | M] (Marktek) -- C:\WINDOWS\System32\MK_Lyric.dll [2012/03/28 22:11:06 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\WINDOWS\System32\MTXSYNCICON.dll [2012/03/28 22:11:06 | 000,057,344 | ---- | M] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2012/03/28 22:11:06 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\WINDOWS\System32\MaJGUILib.dll [2012/03/28 22:11:06 | 000,045,320 | ---- | M] (MARKANY) -- C:\WINDOWS\System32\MAMACExtract.dll [2012/03/28 22:11:06 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\WINDOWS\System32\MaXMLProto.dll [2012/03/28 22:11:06 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\WINDOWS\System32\MACXMLProto.dll [2012/03/28 22:11:06 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\WINDOWS\System32\MTTELECHIP.dll [2012/03/28 22:11:06 | 000,024,576 | ---- | M] ((주)마크애니) -- C:\WINDOWS\System32\MASetupCleaner.exe [2012/03/28 22:11:02 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll [2012/03/28 22:11:02 | 000,020,032 | ---- | M] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys [2012/03/27 02:08:40 | 000,063,056 | ---- | M] (BitDefender SRL) -- C:\WINDOWS\System32\drivers\bdsandbox.sys [2012/03/27 02:07:08 | 000,447,208 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\avckf.sys [2012/03/27 02:02:30 | 000,340,624 | ---- | M] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys [2012/03/26 23:54:13 | 000,113,616 | ---- | M] (BitDefender LLC) -- C:\WINDOWS\System32\drivers\bdfndisf.sys [2012/03/26 23:54:03 | 000,240,184 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\avchv.sys [2012/03/26 23:53:59 | 000,360,976 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys [2012/03/26 23:24:50 | 000,528,423 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1332783350.bdinstall.bin [2012/03/26 23:23:44 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_avchv_01009.Wdf [2012/03/26 23:23:35 | 000,001,920 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Bitdefender Total Security 2012.lnk [2012/03/26 22:56:53 | 000,021,611 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1332781903.bdinstall.bin [2012/03/26 22:53:59 | 001,540,166 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin [2012/03/25 18:53:00 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\Sakush\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2012/03/23 12:34:48 | 000,238,983 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\143863.jpg [2012/03/22 21:31:59 | 000,108,869 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\Bwa Karobaar 22 March 2012.jpg [2012/03/20 19:39:29 | 000,547,425 | ---- | M] () -- C:\Documents and Settings\Sakush\Desktop\Nepali_National_Anthem_New_SanjaalDotCom.mp3 [2012/03/19 23:04:00 | 000,071,000 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\421672_368203796543029_100000602341277_1315852_860064429_n.jpg [2012/03/19 23:03:47 | 000,074,806 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\427238_368782003151875_100000602341277_1316927_302775405_n.jpg [2012/03/19 23:01:43 | 000,134,994 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\423164_369700533060022_100000602341277_1318857_1263757118_n.jpg [2012/03/19 23:01:24 | 000,071,330 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\409387_370177059679036_1368194151_n.jpg [2012/03/19 23:01:10 | 000,059,663 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\419004_369098019786940_100000602341277_1317546_1427279519_n.jpg [2012/03/19 22:59:13 | 000,106,928 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\419681_371155639581178_100000602341277_1323565_1197523863_n.jpg [2012/03/19 22:58:55 | 000,119,667 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\417246_371828992847176_100000602341277_1325417_534628001_n.jpg [2012/03/19 22:58:27 | 000,100,667 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\426105_372214282808647_100000602341277_1326116_1879986617_n.jpg [2012/03/19 22:58:18 | 000,144,135 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\423331_373355882694487_100000602341277_1329458_1447430968_n.jpg [2012/03/15 21:12:43 | 001,079,407 | ---- | M] () -- C:\Documents and Settings\Sakush\My Documents\Invisible Children FY11-Audited Financial Statements.pdf [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/04/14 15:48:54 | 000,000,086 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\Buy jv16 PowerTools.url [2012/04/14 15:47:44 | 000,000,022 | -HS- | C] () -- C:\WINDOWS\System5537 Data.Repository [2012/04/14 15:47:44 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\Sakush\Application Data\Sys2662.Config.Repository.bin [2012/04/14 15:17:57 | 000,000,822 | ---- | C] () -- C:\Documents and Settings\Sakush\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/04/14 15:08:22 | 000,000,873 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf [2012/04/11 17:54:30 | 004,166,808 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\Ben Arfa Wonder Goal for Newcastle 2-1 Blackburn - Official Highlights and Goals FA Cup 3rd 07-01-12.mp4 [2012/04/11 17:41:56 | 001,195,538 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\Hatem Ben Arfa Goal vs Bolton HD(2).mp4 [2012/04/09 19:46:33 | 025,740,256 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\wmp11-windowsxp-x86-enu.exe.dap [2012/04/09 19:39:06 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol [2012/04/09 18:20:42 | 000,001,669 | ---- | C] () -- C:\Documents and Settings\Sakush\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk [2012/04/09 08:21:58 | 384,418,649 | ---- | C] () -- C:\Game.of.Thrones.S02E02.HDTV.x264-ASAP.mp4 [2012/04/06 05:41:15 | 000,048,041 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\557740_465013274977_511754977_1729949_1268780589_n.jpg [2012/04/05 21:03:36 | 1963,042,257 | ---- | C] () -- C:\Sternberg's Diagnostic Surgical Pathology, 5th ed. 2010, Pg.chm [2012/04/04 21:22:26 | 112,525,928 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\weekly.exe.dap [2012/04/04 19:48:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/04/03 19:59:56 | 013,352,488 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\2012-Kookaburra-Brochure-Low-Res.pdf [2012/04/02 20:51:29 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/04/01 02:06:22 | 043,942,094 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\Karim Benzema Van Bastenesque Wonder Goal V Osasusa [1080p].mp4 [2012/03/29 22:10:25 | 000,059,874 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\VP90.JPG [2012/03/28 22:11:08 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2012/03/28 22:11:06 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2012/03/28 22:11:06 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\3DAudio.ax [2012/03/28 22:11:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2012/03/28 22:11:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2012/03/28 22:11:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2012/03/26 23:46:18 | 000,000,323 | ---- | C] () -- C:\WINDOWS\System32\checkdnsid.xml [2012/03/26 23:24:50 | 000,528,423 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1332783350.bdinstall.bin [2012/03/26 23:23:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_avchv_01009.Wdf [2012/03/26 23:23:35 | 000,001,920 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Bitdefender Total Security 2012.lnk [2012/03/26 22:56:53 | 000,021,611 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1332781903.bdinstall.bin [2012/03/26 00:11:42 | 000,002,529 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\WD Spindown or Stop Utility.lnk [2012/03/23 12:34:47 | 000,238,983 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\143863.jpg [2012/03/22 21:31:59 | 000,108,869 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\Bwa Karobaar 22 March 2012.jpg [2012/03/20 19:38:56 | 000,547,425 | ---- | C] () -- C:\Documents and Settings\Sakush\Desktop\Nepali_National_Anthem_New_SanjaalDotCom.mp3 [2012/03/19 23:03:59 | 000,071,000 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\421672_368203796543029_100000602341277_1315852_860064429_n.jpg [2012/03/19 23:03:47 | 000,074,806 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\427238_368782003151875_100000602341277_1316927_302775405_n.jpg [2012/03/19 23:01:43 | 000,134,994 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\423164_369700533060022_100000602341277_1318857_1263757118_n.jpg [2012/03/19 23:01:24 | 000,071,330 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\409387_370177059679036_1368194151_n.jpg [2012/03/19 23:01:09 | 000,059,663 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\419004_369098019786940_100000602341277_1317546_1427279519_n.jpg [2012/03/19 22:59:13 | 000,106,928 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\419681_371155639581178_100000602341277_1323565_1197523863_n.jpg [2012/03/19 22:58:55 | 000,119,667 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\417246_371828992847176_100000602341277_1325417_534628001_n.jpg [2012/03/19 22:58:26 | 000,100,667 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\426105_372214282808647_100000602341277_1326116_1879986617_n.jpg [2012/03/19 22:58:18 | 000,144,135 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\423331_373355882694487_100000602341277_1329458_1447430968_n.jpg [2012/03/15 21:12:43 | 001,079,407 | ---- | C] () -- C:\Documents and Settings\Sakush\My Documents\Invisible Children FY11-Audited Financial Statements.pdf [2011/06/16 23:03:30 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config [2011/02/21 18:41:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\imblacklist.dat [2011/02/21 14:08:15 | 001,540,166 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\bdinstall.bin [2010/11/22 18:15:54 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\Tr_sttool.dat [2010/11/22 18:15:53 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\bsrmgcv.dll [2010/11/22 18:15:53 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\bsrmgps.dll [2010/11/22 18:15:53 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\bsrgvas.dll [2010/11/22 18:15:29 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\bsratwmv.dll [2010/11/22 18:15:28 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\bsratswf.dll [2010/11/11 21:31:05 | 004,932,426 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2955907764-2073543447-3033106246-1008-0.dat [2010/11/07 14:08:35 | 000,359,226 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2010/11/06 22:17:11 | 000,096,409 | ---- | C] () -- C:\Documents and Settings\Sakush\Application Data\Sakushlog.dat [2010/08/14 00:26:56 | 001,244,008 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010/08/13 22:01:22 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2010/08/13 22:01:22 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010/08/13 22:01:10 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Sakush\Application Data\$_hpcst$.hpc [2010/08/02 02:01:09 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010/07/11 00:56:10 | 000,000,571 | ---- | C] () -- C:\WINDOWS\eReg.dat [2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe [2010/06/03 17:25:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat [2010/02/10 11:15:04 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\Sakush\Application Data\bdfvconp.ini [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\wsbl.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_unmip.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\phar_histprot.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_white.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_summ.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_black.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords2.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_webproxy.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_video.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_tabloids.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_socialnetworks.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_searchengines.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_regionaltlds.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_pornography.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlineshop.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinepay.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_onlinedating.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_news.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_im.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_illegal.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_hate.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_games.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_gambling.dat [2010/02/08 08:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pc_drugs.dat [2009/12/06 22:35:32 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI [2009/12/06 07:07:59 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat [2009/12/06 07:07:59 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\aspdict-en.dat [2009/12/04 17:28:33 | 000,000,132 | ---- | C] () -- C:\WINDOWS\System32\rezumatenoi.dat [2009/11/11 02:19:07 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009/10/10 06:49:40 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009/10/10 01:33:31 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\imapdd.dll [2009/10/10 01:33:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\imapdb.exe [2009/10/10 01:33:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\imapd.exe [2009/09/25 22:22:07 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\UAService.exe [2009/09/25 22:22:07 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt.dll [2009/09/21 21:52:33 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009/09/11 22:09:30 | 000,000,208 | ---- | C] () -- C:\WINDOWS\POD.INI [2009/09/11 22:08:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2009/09/07 12:58:24 | 000,068,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\rotscxmktkmnqt.sys [2009/09/04 02:32:11 | 000,110,592 | ---- | C] () -- C:\Documents and Settings\Sakush\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/03 19:54:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/07/13 11:51:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2009/07/13 11:36:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\desktopset.exe [2009/07/13 11:33:24 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2009/07/13 11:33:24 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2009/07/13 11:33:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2009/07/13 11:33:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2009/07/13 11:33:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2009/07/13 11:33:24 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2009/07/13 11:32:54 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL [2009/07/13 11:32:54 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini [2009/07/13 11:28:49 | 009,338,880 | ---- | C] () -- C:\WINDOWS\System32\Facev.dll [2009/07/13 11:28:49 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\picn.dll [2009/07/13 11:28:49 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\image.dll [2009/07/13 11:28:48 | 000,655,360 | ---- | C] () -- C:\WINDOWS\System32\EncIcons.dll [2009/07/13 11:28:48 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\SimpleExt.dll [2009/07/13 11:28:48 | 000,241,752 | ---- | C] () -- C:\WINDOWS\System32\IcnOvrly.dll [2009/07/13 11:28:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\FunFrm.dll [2009/07/13 11:28:47 | 009,502,720 | ---- | C] () -- C:\WINDOWS\System32\FaceVerify.dll [2009/07/13 11:28:47 | 001,974,272 | ---- | C] () -- C:\WINDOWS\System32\Imagereog.dll [2009/07/13 11:28:47 | 001,564,672 | ---- | C] () -- C:\WINDOWS\System32\MainOp.dll [2009/07/13 11:28:47 | 001,167,360 | ---- | C] () -- C:\WINDOWS\System32\PicNotify.dll [2009/07/13 11:28:47 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\Apblend.dll [2009/07/13 11:28:47 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\SetDev.dll [2009/07/13 11:28:47 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\VideoOp.dll [2009/07/13 11:28:47 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Momo.dll [2009/07/13 11:28:47 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\DevFilt.dll [2009/07/13 11:28:45 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\3DImageRenderer.dll [2009/07/13 11:23:12 | 000,982,240 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin [2009/07/13 11:23:12 | 000,439,308 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin [2009/07/13 11:23:12 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4977.dll [2009/07/13 11:17:26 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M3000Twn.ini [2009/07/13 11:14:32 | 000,000,138 | ---- | C] () -- C:\WINDOWS\System32\Softkbd.exe.config [2008/07/22 21:07:09 | 000,000,350 | RHS- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2008/07/22 04:35:02 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008/07/22 04:35:00 | 000,531,862 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008/07/22 04:35:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008/07/22 04:35:00 | 000,098,524 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008/07/22 04:35:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008/07/22 04:34:59 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2008/07/22 04:34:59 | 000,004,547 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2008/07/22 04:34:58 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008/07/22 04:34:55 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008/07/22 04:34:55 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008/07/22 04:34:50 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008/07/22 04:34:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008/07/22 03:49:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2008/07/22 03:45:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008/07/21 20:40:48 | 000,004,307 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008/07/21 20:40:02 | 000,399,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2004/12/20 15:53:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2004/12/20 15:48:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2004/09/10 19:21:12 | 000,327,680 | ---- | C] () -- C:\WINDOWS\System32\QFClient2.dll [2002/12/15 03:31:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\oggDS.dll [2002/12/15 03:31:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2002/12/15 03:31:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2002/12/15 02:31:04 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2002/11/15 17:56:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll [color=#E56717]========== LOP Check ==========[/color] [2011/02/21 14:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4fdb0000-3fd7-41bd-4053-3d24a308378b [2011/02/21 14:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\aa080000-27c5-4bde-4bdc-603f579e61b6 [2011/02/25 16:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bdch [2012/03/27 02:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BDLogging [2012/03/26 23:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender [2010/09/10 22:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2009/09/06 12:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET [2012/01/19 10:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit [2009/07/13 11:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo [2012/01/21 20:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2012/01/21 20:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2012/01/21 20:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2009/07/13 11:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor [2009/07/13 11:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr [2012/04/09 18:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung [2009/11/11 03:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit [2009/11/29 17:41:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive [2012/04/09 19:47:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/03/01 01:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software [2009/07/13 11:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall [2011/06/15 18:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VeriFace [2010/02/20 12:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent [2011/06/15 22:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zbshareware Lab [2011/02/02 21:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/11/11 03:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2010/03/01 01:19:57 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2012/03/26 23:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Bitdefender [2011/02/04 15:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\cald3 [2010/09/10 22:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\DAEMON Tools Lite [2009/10/11 23:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\dxdlls [2012/03/27 04:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Esnyzi [2010/02/03 10:59:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Flock [2009/10/03 15:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\InterVideo [2009/09/03 22:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Leadertech [2012/02/29 23:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Maxthon3 [2011/11/11 21:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Mefy [2012/01/21 20:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Nokia [2012/01/21 20:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Nokia Suite [2009/09/25 22:22:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\oald7 [2012/01/21 20:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\PC Suite [2011/02/21 14:23:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\QuickScan [2012/04/09 18:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Samsung [2011/12/05 22:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Sports Interactive [2012/04/01 20:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\SystemRequirementsLab [2012/02/26 22:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\TeamViewer [2011/02/19 16:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\temp [2010/03/01 01:21:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\TuneUp Software [2012/04/13 23:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\uTorrent [2011/06/15 22:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sakush\Application Data\Zbshareware Lab [2012/03/14 03:00:27 | 000,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2011/02/21 15:01:45 | 000,000,000 | ---- | M] ()(C:\Documents and Settings\Sakush\?????) -- C:\Documents and Settings\Sakush\獷楬汢捯污 [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 @Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D74B6CF5 < End of report >