Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unwanted Popup and redirects


  • Please log in to reply

#1
sbernstecker

sbernstecker

    New Member

  • Member
  • Pip
  • 1 posts
My computer just started popping up screens (web browser just opens) it is also doing some redirects. I have run these from Bootable disks AVG Scanner, Bitdefender scanner and also Microsoft Standalone Scanner and found nothing. I did install Webroot Spysweeper and it said it found Adware-Adon and it sid it quarantined stuff from my windows temp directory. I booted up with ERD and I deleted the contents from my user\temp directory and also from windows\temp directory and it seems that maybe the problem is gone but I want to make sure.

Here is my log file

OTL logfile created on: 2/26/2011 11:01:01 AM - Run 1
OTL by OldTimer - Version 3.2.22.0 Folder = C:\Users\King\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 70.00% Memory free
15.00 Gb Paging File | 13.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 887.35 Gb Free Space | 95.26% Space Free | Partition Type: NTFS
Drive D: | 111.81 Gb Total Space | 74.26 Gb Free Space | 66.41% Space Free | Partition Type: NTFS
Drive E: | 233.76 Gb Total Space | 226.30 Gb Free Space | 96.81% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 721.84 Gb Free Space | 77.49% Space Free | Partition Type: NTFS
Drive O: | 1863.01 Gb Total Space | 1535.28 Gb Free Space | 82.41% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive Z: | 3.00 Gb Total Space | 2.97 Gb Free Space | 99.02% Space Free | Partition Type: FAT32

Computer Name: KING-ULTIMATE | User Name: King | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/26 10:53:49 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\King\Desktop\OTL.exe
PRC - [2011/02/26 09:42:43 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2011/02/20 05:58:01 | 000,107,000 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2011/02/18 23:57:56 | 004,902,216 | ---- | M] (Firetrust) -- C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe
PRC - [2011/02/18 23:57:56 | 004,452,680 | ---- | M] () -- C:\Program Files (x86)\Firetrust\MailWasher\MailWasherProApp.exe
PRC - [2011/02/11 10:29:05 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2011/02/01 22:35:32 | 005,546,632 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2011/01/21 08:06:34 | 003,892,544 | ---- | M] (Andrea Paulu) -- C:\Program Files (x86)\PCNetSoftware\RAC Server\RACs.exe
PRC - [2010/12/17 20:40:30 | 000,154,312 | ---- | M] (Zecter Inc.) -- C:\Program Files (x86)\Zecter\ZumoDrive\zumodrive.exe
PRC - [2010/12/09 05:45:58 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010/12/06 07:37:40 | 000,390,728 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2010/12/03 14:35:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/09/29 19:30:32 | 002,139,400 | ---- | M] () -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
PRC - [2010/09/06 02:19:58 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/04/02 09:11:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/02/03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/12/03 00:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009/11/06 15:19:58 | 006,515,784 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe
PRC - [2009/11/06 12:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe
PRC - [2009/11/06 12:00:22 | 000,165,232 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SSU.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2008/11/17 17:06:24 | 000,210,208 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (SafeList) ==========

MOD - [2011/02/26 10:53:49 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\King\Desktop\OTL.exe
MOD - [2011/02/15 07:45:11 | 000,667,648 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00064_003\plugin_fragments.m32
MOD - [2011/02/15 07:45:11 | 000,286,720 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00064_003\plugin_nt.m32
MOD - [2011/02/15 07:45:11 | 000,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00064_003\plugin_extra.m32
MOD - [2011/02/15 07:45:11 | 000,155,648 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00064_003\plugin_base.m32
MOD - [2011/02/15 07:45:11 | 000,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00064_003\plugin_net.m32
MOD - [2011/02/15 07:45:10 | 000,249,864 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00064_003\midas32.dll
MOD - [2011/02/15 07:45:10 | 000,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00064_003\plugin_registry.m32
MOD - [2010/11/20 03:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009/12/08 19:03:42 | 000,116,224 | ---- | M] (BitDefender SRL) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00064_003\leaktests.m32


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/15 10:46:30 | 000,467,248 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV:64bit: - [2011/02/15 10:46:20 | 000,053,224 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV:64bit: - [2011/02/15 10:46:12 | 002,613,744 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV:64bit: - [2010/12/06 08:31:52 | 002,610,952 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV:64bit: - [2010/12/06 08:31:42 | 002,266,376 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine)
SRV:64bit: - [2010/10/28 05:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/10/27 02:51:38 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/02/26 09:42:43 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService)
SRV - [2011/02/11 10:29:05 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2011/01/21 08:06:34 | 003,892,544 | ---- | M] (Andrea Paulu) [Auto | Running] -- C:\Program Files (x86)\PCNetSoftware\RAC Server\RACs.exe -- (PCNetSoftware RAC Server)
SRV - [2010/12/06 07:37:56 | 001,112,240 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/09/29 19:30:32 | 002,139,400 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector)
SRV - [2010/09/06 02:19:58 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/06 12:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/02/11 10:29:07 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011/02/11 10:29:04 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV:64bit: - [2011/02/11 10:29:03 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011/01/28 05:06:02 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010/12/17 20:40:30 | 000,191,960 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs64.sys -- (CbFs)
DRV:64bit: - [2010/12/16 17:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/12/01 14:06:31 | 000,125,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 05:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/10/27 04:00:16 | 008,012,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/10/27 04:00:16 | 008,012,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/10/27 02:14:24 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/09/28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/31 12:32:44 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpdispm.sys -- (RDPDISPM)
DRV:64bit: - [2010/08/24 12:29:54 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2010/08/24 12:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/08/24 12:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010/08/20 17:42:04 | 000,099,408 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2010/07/09 14:08:16 | 000,388,168 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2010/06/30 03:27:08 | 000,035,840 | ---- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/06/28 11:55:44 | 001,040,976 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2010/06/28 11:55:38 | 000,692,816 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2010/05/13 15:52:08 | 000,162,896 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM)
DRV:64bit: - [2010/03/23 02:17:06 | 002,061,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/18 20:52:18 | 000,295,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k)
DRV:64bit: - [2010/03/18 20:52:10 | 000,259,672 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k)
DRV:64bit: - [2010/03/18 20:52:02 | 001,360,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV:64bit: - [2010/03/18 20:51:50 | 000,147,544 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010/03/18 20:51:34 | 000,290,392 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010/03/18 20:51:26 | 000,016,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010/03/18 20:51:18 | 000,221,272 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010/03/18 20:51:00 | 000,026,328 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctgame.sys -- (ctgame)
DRV:64bit: - [2010/03/18 20:50:52 | 000,866,264 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2010/03/18 20:50:42 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010/03/18 20:40:10 | 000,141,912 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTERFXFX.sys -- (CTERFXFX.SYS)
DRV:64bit: - [2010/03/18 20:40:10 | 000,141,912 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTERFXFX.sys -- (CTERFXFX)
DRV:64bit: - [2010/03/18 20:40:02 | 000,681,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTSBLFX.sys -- (CTSBLFX.SYS)
DRV:64bit: - [2010/03/18 20:40:02 | 000,681,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTSBLFX.sys -- (CTSBLFX)
DRV:64bit: - [2010/03/18 20:39:54 | 000,706,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTAUDFX.sys -- (CTAUDFX.SYS)
DRV:64bit: - [2010/03/18 20:39:54 | 000,706,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTAUDFX.sys -- (CTAUDFX)
DRV:64bit: - [2010/03/18 20:39:44 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\COMMONFX.sys -- (COMMONFX.SYS)
DRV:64bit: - [2010/03/18 20:39:44 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\COMMONFX.sys -- (COMMONFX)
DRV:64bit: - [2009/11/06 12:00:36 | 000,135,280 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ssidrv.sys -- (ssidrv)
DRV:64bit: - [2009/11/06 12:00:34 | 000,037,488 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ssfs0bbc.sys -- (ssfs0bbc)
DRV:64bit: - [2009/09/28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/08/09 16:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/04/10 04:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV:64bit: - [2007/04/10 04:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL)
DRV:64bit: - [2007/04/10 04:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV:64bit: - [2007/04/10 04:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV:64bit: - [2007/04/10 04:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV:64bit: - [2007/04/10 04:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV:64bit: - [2007/04/10 04:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV:64bit: - [2007/02/15 19:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2010/12/01 14:06:31 | 000,125,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/04/02 09:11:16 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/01/20 19:54:25] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2007/03/20 12:50:30 | 000,008,208 | ---- | M] (Miloslav Novotný N+P) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\PCNetSoftware\RAC Server\RACDriver.sys -- (RACDriver)
DRV - [2007/02/15 19:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9D 9B 62 D5 C0 B8 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: fontsize@firefox.clarisblue.com:0.1.20100123.1
FF - prefs.js..extensions.enabledItems: multipletab@piro.sakura.ne.jp:0.6.2011020301
FF - prefs.js..extensions.enabledItems: sortplaces@andyhalford.com:1.7.2
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:7.2.3
FF - prefs.js..extensions.enabledItems: quickdrag@mozilla.ktechcomputing.com:2.0.2.1
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.9.1
FF - prefs.js..extensions.enabledItems: ietab@ip.cn:1.95.20100933
FF - prefs.js..extensions.enabledItems: silvermelxt@pardal.de:1.3.6
FF - prefs.js..extensions.enabledItems: {cd617375-6743-4ee8-bac4-fbf10f35729e}:2.8.1
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.8
FF - prefs.js..extensions.enabledItems: gmailnoads@mywebber.com:3.3.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems: {5384767E-00D9-40E9-B72F-9CC39D655D6F}:1.4.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.5.23s
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91
FF - prefs.js..extensions.enabledItems: silvermel@pardal.de:1.3.6
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011/01/20 14:17:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2011/02/20 05:58:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/20 14:58:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/19 23:02:45 | 000,000,000 | ---D | M]

[2011/01/20 13:33:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\King\AppData\Roaming\Mozilla\Extensions
[2011/02/26 10:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions
[2011/01/20 15:51:29 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2011/01/20 15:51:29 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2011/01/20 15:51:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/19 19:19:36 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2011/01/20 15:51:43 | 000,000,000 | ---D | M] (IE View) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2011/01/20 15:51:43 | 000,000,000 | ---D | M] ("RightToClick") -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}
[2011/01/20 15:51:44 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/01/20 15:51:44 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2011/01/20 15:51:45 | 000,000,000 | ---D | M] () -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}
[2011/01/20 15:51:17 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\DeviceDetection@logitech.com
[2011/01/20 15:51:18 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\elemhidehelper@adblockplus.org
[2011/01/20 15:51:18 | 000,000,000 | ---D | M] (Font Size) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\fontsize@firefox.clarisblue.com
[2011/01/28 05:32:31 | 000,000,000 | ---D | M] (Webmail Ad Blocker) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\gmailnoads@mywebber.com
[2011/01/20 15:51:23 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\ietab@ip.cn
[2011/02/07 21:25:06 | 000,000,000 | ---D | M] ("Multiple Tab Handler") -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\multipletab@piro.sakura.ne.jp
[2011/01/20 15:51:23 | 000,000,000 | ---D | M] (Personas) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\personas@christopher.beard
[2011/01/20 15:51:24 | 000,000,000 | ---D | M] (QuickDrag) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\quickdrag@mozilla.ktechcomputing.com
[2011/01/20 15:51:24 | 000,000,000 | ---D | M] (Silvermel) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\silvermel@pardal.de
[2011/01/20 15:51:24 | 000,000,000 | ---D | M] (Silvermel and Charamel XT) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\silvermelxt@pardal.de
[2011/02/25 09:06:51 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\SkipScreen@SkipScreen
[2011/01/20 15:51:28 | 000,000,000 | ---D | M] (FastestFox) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\smarterwiki@wikiatic.com
[2011/01/20 15:51:29 | 000,000,000 | ---D | M] (SortPlaces) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\sortplaces@andyhalford.com
[2011/01/20 15:51:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2011/01/20 16:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\qakri54s.default\extensions
[2011/01/20 13:35:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\qakri54s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/02/13 10:02:19 | 000,001,196 | ---- | M] () -- C:\Users\King\AppData\Roaming\Mozilla\Firefox\Profiles\fsarezmq.default\searchplugins\winamp-search.xml
[2011/02/26 10:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/01/31 07:01:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/20 05:58:24 | 000,000,000 | ---D | M] (Roboform Toolbar for Firefox) -- C:\PROGRAM FILES (X86)\SIBER SYSTEMS\AI ROBOFORM\FIREFOX
[2011/01/20 14:17:23 | 000,000,000 | ---D | M] ("BitDefender Antiphishing Toolbar") -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2011\BDAPHFFEXT
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/12/09 05:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2011/02/26 09:48:02 | 000,000,888 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 www.novastor.com
O1 - Hosts: 127.0.0.1 services.novastor.com
O1 - Hosts: 127.0.0.1 webservice.novastor.com
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SpySweeper] C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [EPSON99E8F8 (Artisan 835)] File not found
O4 - HKCU..\Run: [GoodSync] C:\Program Files\Siber Systems\GoodSync\GoodSync.exe ()
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [ZumoDrive] C:\Program Files (x86)\Zecter\ZumoDrive\ZumoLauncher.lnk ()
O4 - Startup: C:\Users\King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk = C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe (Firetrust)
O4 - Startup: C:\Users\King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\User Utility.lnk = C:\Program Files (x86)\NETGEAR Live Parental Controls User Utility\NETGEARUserUtility.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: cleverreach.com ([novastor] http in Local intranet)
O15 - HKCU\..Trusted Domains: google-analytics.com ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Local intranet)
O15 - HKCU\..Trusted Domains: novastor.com ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: novastor.com ([]https in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O30:64bit: - LSA: Authentication Packages - (ows\w) - File not found
O30 - LSA: Authentication Packages - (ows\w) - File not found
O30:64bit: - LSA: Security Packages - (椀渀搀漀眀猀) - File not found
O30:64bit: - LSA: Security Packages - (ᘀ堀㄀) - File not found
O30 - LSA: Security Packages - (椀渀搀漀眀猀) - File not found
O30 - LSA: Security Packages - (ᘀ堀㄀) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/24 07:43:27 | 000,000,100 | ---- | M] () - Z:\pmp_usb.ini -- [ FAT32 ]
O32 - AutoRun File - [2011/02/21 22:15:11 | 000,000,423 | ---- | M] () - Z:\winamp_metadata.dat -- [ FAT32 ]
O32 - AutoRun File - [2011/02/21 22:15:11 | 000,000,052 | ---- | M] () - Z:\winamp_metadata.idx -- [ FAT32 ]
O34 - HKLM BootExecute: (PDBoot.exe) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/26 10:53:48 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\King\Desktop\OTL.exe
[2011/02/26 10:36:34 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\King\Desktop\HijackThis.exe
[2011/02/26 09:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot
[2011/02/26 09:42:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSSOAP
[2011/02/26 09:42:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2011/02/26 09:42:11 | 001,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\Windows\WRSetup.dll
[2011/02/26 09:42:11 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Webroot
[2011/02/26 09:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Webroot
[2011/02/26 09:42:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webroot
[2011/02/26 00:33:22 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\{A47162D6-52CE-4815-9F3A-C3B2198C55F9}
[2011/02/25 19:42:22 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\EMCO
[2011/02/25 17:15:30 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\AVS4YOU
[2011/02/25 17:12:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/02/25 17:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2011/02/25 17:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011/02/25 17:11:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2011/02/25 16:28:33 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2011/02/25 12:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011/02/25 12:00:41 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\SysWow64\lameACM.acm
[2011/02/25 12:00:41 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011/02/25 12:00:41 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2011/02/25 12:00:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2011/02/25 09:23:54 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\dvdcss
[2011/02/25 09:21:41 | 000,000,000 | ---D | C] -- C:\Users\King\Documents\Aiseesoft Studio
[2011/02/25 09:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Aiseesoft Studio
[2011/02/25 09:20:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
[2011/02/25 09:20:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aiseesoft Studio
[2011/02/23 23:03:19 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\{A28F3FC6-1A1F-41F9-9EF7-10ADE4B9BF9C}
[2011/02/23 19:20:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011/02/23 18:39:51 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011/02/23 18:38:49 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011/02/23 18:37:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/02/23 08:44:21 | 000,000,000 | ---D | C] -- C:\Windows\Digital Blasphemy
[2011/02/23 08:42:13 | 000,000,000 | ---D | C] -- C:\Users\King\Desktop\Digital Blasphemy Members Wallpaper Collection
[2011/02/21 08:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ScanSoft
[2011/02/21 08:02:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance OmniPage 17
[2011/02/21 08:01:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nuance
[2011/02/21 07:48:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firetrust
[2011/02/20 22:53:54 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\{08F51E46-DDFC-458E-BBAD-1A13B769EEAD}
[2011/02/20 13:08:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/02/20 12:39:32 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\ScanSoft
[2011/02/20 11:05:14 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\FLEXnet
[2011/02/20 11:05:11 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Zeon
[2011/02/20 11:05:10 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\ScanSoft
[2011/02/20 10:53:28 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\{5D50DC81-51BD-4B88-A94D-94BF2BBC1ECC}
[2011/02/20 10:52:09 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Nuance
[2011/02/20 10:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011/02/20 05:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinBubble
[2011/02/20 05:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2011/02/20 05:43:02 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\WindowsForUs
[2011/02/20 05:42:27 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinBubble
[2011/02/20 05:40:22 | 000,000,000 | ---D | C] -- C:\Users\King\Desktop\WinBubble2037
[2011/02/20 05:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2011/02/20 05:00:24 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2011/02/19 23:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/02/19 23:02:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/02/19 23:01:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/02/19 23:01:21 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/02/19 22:59:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
[2011/02/19 22:59:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/02/19 22:56:56 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/02/19 22:53:02 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\{DF8ACFE9-4281-4812-886C-2C7F6C63FCE2}
[2011/02/19 22:49:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EpsonNet
[2011/02/19 22:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2011/02/19 22:33:28 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\install
[2011/02/19 20:52:26 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Leader Technologies
[2011/02/19 20:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LTCM Client
[2011/02/19 20:39:18 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\ABBYY
[2011/02/19 20:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY
[2011/02/19 20:33:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2011/02/19 19:51:50 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Epson
[2011/02/19 19:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet
[2011/02/19 19:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EPSON
[2011/02/19 19:49:45 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\InstallShield
[2011/02/19 19:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2011/02/19 19:49:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2011/02/19 19:48:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson Software
[2011/02/19 19:48:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2011/02/15 22:40:14 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\{C6484B69-10D1-470C-9583-D209497CAA7E}
[2011/02/15 22:40:14 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\{388C8A93-4B14-4E97-A348-31F2F671881D}
[2011/02/15 08:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2011/02/15 08:15:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Manager
[2011/02/13 11:57:05 | 000,000,000 | ---D | C] -- C:\Users\King\Documents\Webcam
[2011/02/13 11:57:05 | 000,000,000 | ---D | C] -- C:\Users\King\Documents\Scanned Documents
[2011/02/13 11:57:04 | 000,000,000 | ---D | C] -- C:\Users\King\Documents\Fax
[2011/02/13 10:33:02 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\{6172C3B7-15D6-4079-816C-0D162FFCA5C8}
[2011/02/13 10:28:22 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/02/13 10:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/02/13 10:26:58 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/02/12 21:53:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
[2011/02/12 17:07:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\install
[2011/02/12 16:45:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011/02/12 04:44:48 | 000,032,824 | ---- | C] (Resplendence Software Projects Sp) -- C:\Windows\SysWow64\rrMon.sys
[2011/02/12 04:44:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrar Registry Manager
[2011/02/12 04:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\Registrar Registry Manager
[2011/02/12 04:12:36 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\{2E6BA64E-1F85-4745-A0A4-581CFB6CEF73}
[2011/02/11 10:29:07 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\5B41AD37-7799-4DDC-8119-03117E92DF01
[2011/02/11 09:48:10 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/02/11 09:19:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2011/02/11 09:19:23 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2011/02/11 09:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2011/02/11 09:19:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Toolbar
[2011/02/11 09:18:46 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Winamp
[2011/02/11 09:18:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011/02/10 12:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO
[2011/02/10 12:17:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EMCO
[2011/02/10 08:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/02/10 08:20:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/02/10 08:06:46 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\{8EFAB0BB-E212-4C2F-A960-7A304B47C742}
[2011/02/10 08:06:31 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Windows Live Writer
[2011/02/10 08:06:31 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\Windows Live Writer
[2011/02/10 08:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/02/10 08:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/02/10 07:59:02 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\Windows Live
[2011/02/10 07:59:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/02/09 08:44:28 | 000,321,536 | ---- | C] (Hewlett Packard Corporation) -- C:\Windows\SysWow64\hpcc3111.dll
[2011/02/08 17:22:16 | 000,000,000 | ---D | C] -- C:\Users\King\Desktop\PFConfig 1.0.295 + serials
[2011/02/06 13:59:15 | 000,035,840 | ---- | C] (Avanquest Software) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS
[2011/02/06 13:58:10 | 000,000,000 | ---D | C] -- C:\Netgear
[2011/02/06 09:44:22 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\COMODO
[2011/02/06 09:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2011/02/05 15:14:51 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NETGEAR Live Parental Controls
[2011/02/05 15:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NETGEAR Live Parental Controls User Utility
[2011/02/05 14:56:16 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Netgear Live Parental Controls
[2011/02/05 14:56:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Live Parental Controls
[2011/02/05 14:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NETGEAR Live Parental Controls Management Utility
[2011/02/05 10:04:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011/02/03 22:14:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011/02/03 21:49:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2011/02/03 21:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Seagate
[2011/02/03 21:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2011/02/03 21:47:33 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2011/02/01 16:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unlocker
[2011/02/01 09:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TreeCardGames
[2011/02/01 09:04:43 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\MahJong Suite
[2011/02/01 09:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite
[2011/02/01 09:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MahJong Suite
[2011/01/31 15:33:21 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/01/31 09:26:16 | 000,000,000 | ---D | C] -- C:\bd_logs
[2011/01/31 07:06:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Converter Plus
[2011/01/31 07:06:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audio Converter Plus
[2011/01/31 07:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/01/31 07:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/01/31 06:09:05 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dBpowerAMP Music Converter
[2011/01/31 06:03:22 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\dBpoweramp
[2011/01/31 06:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3File
[2011/01/31 06:01:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3File
[2011/01/31 05:57:26 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\AccurateRip
[2011/01/31 05:57:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp Music Converter
[2011/01/31 05:57:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Illustrate
[2011/01/30 10:34:17 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Local\NovaStor
[2011/01/29 20:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/01/29 20:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/01/29 20:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/01/29 20:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/01/29 18:42:37 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\ZumoDrive
[2011/01/29 18:42:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZumoDrive
[2011/01/29 18:42:33 | 000,191,960 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\drivers\cbfs64.sys
[2011/01/29 18:42:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zecter
[2011/01/29 18:41:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/01/29 14:45:18 | 000,000,000 | ---D | C] -- C:\Windows\Standalone System Sweeper
[2011/01/28 05:06:15 | 000,000,000 | ---D | C] -- C:\Users\King\AppData\Roaming\FC5F455C-DAA4-48E8-A735-81915BF98BA0
[2011/01/27 18:04:36 | 000,000,000 | ---D | C] -- C:\Windows\Acronis
[2010/03/18 19:18:32 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2010/03/18 18:59:50 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2035/02/10 06:28:16 | 000,000,094 | ---- | M] () -- C:\Windows\winin.ini
[2011/02/26 10:57:03 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011/02/26 10:53:49 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\King\Desktop\OTL.exe
[2011/02/26 10:49:11 | 000,013,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/26 10:49:11 | 000,013,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/26 10:40:07 | 000,000,244 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011/02/26 10:39:51 | 000,001,786 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_L6DA32D192B6241D5A676AFECA022B45E.job
[2011/02/26 10:39:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/26 10:36:35 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\King\Desktop\HijackThis.exe
[2011/02/26 09:48:02 | 000,000,888 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\HOSTS
[2011/02/26 09:43:45 | 000,036,016 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000006-00000000-00000006-00001102-00000004-10021102}.rfx
[2011/02/26 09:43:45 | 000,036,016 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000006-00000000-00000006-00001102-00000004-10021102}.rfx
[2011/02/26 09:43:45 | 000,032,088 | ---- | M] () -- C:\Windows\SysNative\BMXCtrlState-{00000006-00000000-00000006-00001102-00000004-10021102}.rfx
[2011/02/26 09:43:45 | 000,032,088 | ---- | M] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000006-00000000-00000006-00001102-00000004-10021102}.rfx
[2011/02/26 09:43:45 | 000,011,564 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000006-00000000-00000006-00001102-00000004-10021102}.rfx
[2011/02/26 09:42:13 | 000,017,264 | ---- | M] () -- C:\Windows\SysNative\SsiEfr.exe
[2011/02/26 09:41:58 | 000,000,164 | ---- | M] () -- C:\Windows\install.dat
[2011/02/25 19:10:31 | 000,429,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/02/25 09:20:42 | 000,001,350 | ---- | M] () -- C:\Users\King\Desktop\Aiseesoft Blu-ray Ripper.lnk
[2011/02/25 09:05:14 | 000,000,043 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011/02/25 09:00:01 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GoodSync - Document Folder.job
[2011/02/24 21:04:40 | 000,000,676 | ---- | M] () -- C:\Users\King\Documents\Phone Book2.csv
[2011/02/23 19:56:57 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/02/23 19:56:57 | 000,626,844 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/02/23 19:56:57 | 000,107,160 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/02/23 08:55:38 | 000,026,657 | -H-- | M] () -- C:\Users\King\AppData\Roaming\Kinglog.dat
[2011/02/21 23:59:21 | 003,202,858 | ---- | M] () -- C:\Users\King\Documents\Artisan 835 quick guide.pdf
[2011/02/21 16:20:28 | 000,000,402 | ---- | M] () -- C:\Users\King\Documents\Phone Book1.csv
[2011/02/21 08:03:12 | 000,000,403 | ---- | M] () -- C:\Windows\MAXLINK.INI
[2011/02/21 07:49:02 | 000,001,112 | ---- | M] () -- C:\Users\King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk
[2011/02/20 20:12:13 | 001,772,697 | ---- | M] () -- C:\Users\King\Documents\OP17_User_Guide.pdf
[2011/02/20 13:00:19 | 004,931,577 | ---- | M] () -- C:\Windows\{00000006-00000000-00000006-00001102-00000004-10021102}.CDF
[2011/02/20 13:00:19 | 004,931,577 | ---- | M] () -- C:\Windows\{00000006-00000000-00000006-00001102-00000004-10021102}.BAK
[2011/02/20 05:59:57 | 000,000,438 | RHS- | M] () -- C:\Users\King\ntuser.pol
[2011/02/20 05:41:43 | 000,614,213 | ---- | M] () -- C:\Users\King\Desktop\WinBubble.zip
[2011/02/20 05:00:24 | 000,000,306 | ---- | M] () -- C:\Windows\setup.iss
[2011/02/19 22:53:44 | 000,000,210 | ---- | M] () -- C:\Users\King\Documents\Phone Book.csv
[2011/02/19 22:50:34 | 000,000,115 | ---- | M] () -- C:\Windows\EPART835.ini
[2011/02/19 22:41:11 | 000,000,057 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2011/02/19 21:04:15 | 000,000,000 | ---- | M] () -- C:\Windows\EEventManager.INI
[2011/02/19 20:53:35 | 000,057,845 | ---- | M] () -- C:\Users\King\AppData\Roaming\King3SQLite3.dll
[2011/02/15 10:46:14 | 000,102,712 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdhv.sys
[2011/02/10 08:46:08 | 000,000,184 | ---- | M] () -- C:\Windows\AutoKMS.ini
[2011/02/08 17:19:38 | 006,295,216 | ---- | M] () -- C:\Users\King\Desktop\PFConfig_1.0.295_Rapidsharezone.net.rar
[2011/02/06 15:38:39 | 000,000,688 | ---- | M] () -- C:\Users\King\Desktop\DL - Stored - Shortcut.lnk
[2011/02/06 14:13:13 | 000,006,041 | ---- | M] () -- C:\Users\King\Documents\Router_Setup.html
[2011/02/05 15:25:20 | 000,002,310 | ---- | M] () -- C:\Users\King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\User Utility.lnk
[2011/02/05 10:04:08 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011/02/05 10:04:07 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011/02/05 10:04:01 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2011/01/31 22:56:48 | 000,012,502 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2011/01/31 22:56:40 | 003,835,624 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/01/31 22:56:40 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.bmp
[2011/01/31 22:56:39 | 000,018,038 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/01/31 22:56:18 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.bmp
[2011/01/31 15:33:15 | 589,750,459 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/01/31 06:12:03 | 000,002,450 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Batch Ripper.dat
[2011/01/31 06:12:00 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Batch Ripper.bmp
[2011/01/31 06:11:12 | 000,001,850 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBPowerAMP Mp2 and BwfMp2 codec.dat
[2011/01/31 06:11:11 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBPowerAMP Mp2 and BwfMp2 codec.bmp
[2011/01/31 06:11:10 | 000,001,230 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Wave64 Codec.dat
[2011/01/31 06:11:09 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Wave64 Codec.bmp
[2011/01/31 06:11:08 | 000,002,234 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBPoweramp tooLame MP2 codec.dat
[2011/01/31 06:11:07 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBPoweramp tooLame MP2 codec.bmp
[2011/01/31 06:11:07 | 000,011,479 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBPowerAMP Real Audio (Helix) Encoder.dat
[2011/01/31 06:11:03 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBPowerAMP Real Audio (Helix) Encoder.bmp
[2011/01/31 06:11:01 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Dalet Codec.bmp
[2011/01/31 06:11:01 | 000,001,212 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Dalet Codec.dat
[2011/01/31 06:10:59 | 000,003,014 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp WavPack Codec.dat
[2011/01/31 06:10:54 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp WavPack Codec.bmp
[2011/01/31 06:10:52 | 000,003,071 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
[2011/01/31 06:10:46 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.bmp
[2011/01/31 06:10:45 | 000,003,159 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.dat
[2011/01/31 06:10:39 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.bmp
[2011/01/31 06:10:38 | 000,003,113 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
[2011/01/31 06:10:32 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Monkeys Audio Codec.bmp
[2011/01/31 06:10:30 | 000,002,993 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp FLAC Codec.dat
[2011/01/31 06:10:25 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp FLAC Codec.bmp
[2011/01/31 06:10:24 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.bmp
[2011/01/31 06:10:24 | 000,002,849 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.dat
[2011/01/31 06:09:38 | 000,003,190 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2011/01/31 06:09:29 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp
[2011/01/31 06:09:05 | 000,003,317 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpowerAMP Windows Media Audio 9 Codec.dat
[2011/01/31 06:08:54 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpowerAMP Windows Media Audio 9 Codec.bmp
[2011/01/31 06:08:14 | 000,003,423 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp TTA Codec.dat
[2011/01/31 06:08:06 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp TTA Codec.bmp
[2011/01/31 06:07:42 | 000,002,986 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Speex Codec.dat
[2011/01/31 06:07:33 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Speex Codec.bmp
[2011/01/31 06:07:27 | 000,003,417 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Shorten Codec.dat
[2011/01/31 06:07:19 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Shorten Codec.bmp
[2011/01/31 06:07:12 | 000,088,576 | ---- | M] () -- C:\Windows\SysWow64\OptimFROG.dll
[2011/01/31 06:07:12 | 000,003,473 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp OptimFROG Codec.dat
[2011/01/31 06:07:03 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp OptimFROG Codec.bmp
[2011/01/31 06:06:56 | 000,004,389 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Ogg Vorbis aoTuV Encoder.dat
[2011/01/31 06:06:42 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Ogg Vorbis aoTuV Encoder.bmp
[2011/01/31 06:06:10 | 000,003,289 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Musepack Codec.dat
[2011/01/31 06:06:01 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Musepack Codec.bmp
[2011/01/31 06:05:14 | 000,002,655 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Midi Decoder.dat
[2011/01/31 06:05:06 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Midi Decoder.bmp
[2011/01/31 06:04:58 | 000,001,265 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4b Audio book Encoder.dat
[2011/01/31 06:04:50 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4b Audio book Encoder.bmp
[2011/01/31 06:04:44 | 000,003,181 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Utilities.dat
[2011/01/31 06:04:35 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Utilities.bmp
[2011/01/31 06:04:24 | 000,003,627 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Nero AAC Encoder.dat
[2011/01/31 06:04:16 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Nero AAC Encoder.bmp
[2011/01/31 06:04:10 | 000,003,297 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Codec.dat
[2011/01/31 06:03:57 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Codec.bmp
[2011/01/31 06:03:22 | 000,002,744 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DirectShow Decoder.dat
[2011/01/31 06:03:13 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DirectShow Decoder.bmp
[2011/01/31 06:02:48 | 000,003,024 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp CLI Encoder.dat
[2011/01/31 06:02:45 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp CLI Encoder.bmp
[2011/01/31 06:02:15 | 000,001,086 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp AIFF Codec.dat
[2011/01/31 06:02:12 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp AIFF Codec.bmp
[2011/01/31 06:02:04 | 000,003,334 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp AAC Encoder.dat
[2011/01/31 06:01:56 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp AAC Encoder.bmp
[2011/01/31 05:59:59 | 000,002,869 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Tag From Filename] Codec.dat
[2011/01/31 05:59:56 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Tag From Filename] Codec.bmp
[2011/01/31 05:59:50 | 000,002,900 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ReplayGain] Codec.dat
[2011/01/31 05:59:46 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ReplayGain] Codec.bmp
[2011/01/31 05:59:42 | 000,003,002 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.dat
[2011/01/31 05:59:38 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.bmp
[2011/01/31 05:59:32 | 000,002,862 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Length Split] Codec.dat
[2011/01/31 05:59:28 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Length Split] Codec.bmp
[2011/01/31 05:59:24 | 000,002,903 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ID Tag Update] Codec.dat
[2011/01/31 05:59:20 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ID Tag Update] Codec.bmp
[2011/01/31 05:59:16 | 000,002,999 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Channel Split] Codec.dat
[2011/01/31 05:59:12 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Channel Split] Codec.bmp
[2011/01/31 05:59:01 | 000,002,871 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Audio Info] Codec.dat
[2011/01/31 05:58:58 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Audio Info] Codec.bmp
[2011/01/31 05:58:39 | 000,002,879 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.dat
[2011/01/31 05:58:34 | 000,033,846 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.bmp
[2011/01/30 12:18:24 | 000,001,464 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2011/01/30 10:36:09 | 000,000,097 | RHS- | M] () -- C:\ProgramData\1.12.0.lic
[2011/01/29 18:42:35 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\ZumoDrive.lnk
[2011/01/27 18:04:36 | 000,000,161 | ---- | M] () -- C:\Windows\SysNative\autopart.opt
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/26 09:47:51 | 000,001,786 | ---- | C] () -- C:\Windows\tasks\wrSpySweeper_L6DA32D192B6241D5A676AFECA022B45E.job
[2011/02/26 09:42:14 | 000,017,264 | ---- | C] () -- C:\Windows\SysNative\SsiEfr.exe
[2011/02/26 09:41:54 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2011/02/25 17:29:55 | 000,000,282 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011/02/25 17:29:52 | 000,000,244 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011/02/25 12:00:42 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/02/25 12:00:42 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/02/25 12:00:41 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/02/25 12:00:41 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2011/02/25 09:20:41 | 000,001,350 | ---- | C] () -- C:\Users\King\Desktop\Aiseesoft Blu-ray Ripper.lnk
[2011/02/24 21:04:39 | 000,000,676 | ---- | C] () -- C:\Users\King\Documents\Phone Book2.csv
[2011/02/23 18:40:14 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011/02/23 18:39:50 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011/02/23 18:39:14 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2011/02/23 18:39:00 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2011/02/23 18:38:58 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011/02/23 18:38:57 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011/02/23 18:38:57 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011/02/21 23:59:21 | 003,202,858 | ---- | C] () -- C:\Users\King\Documents\Artisan 835 quick guide.pdf
[2011/02/21 16:20:27 | 000,000,402 | ---- | C] () -- C:\Users\King\Documents\Phone Book1.csv
[2011/02/21 08:03:12 | 000,000,403 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2011/02/20 20:12:13 | 001,772,697 | ---- | C] () -- C:\Users\King\Documents\OP17_User_Guide.pdf
[2011/02/20 05:41:42 | 000,614,213 | ---- | C] () -- C:\Users\King\Desktop\WinBubble.zip
[2011/02/20 05:00:06 | 000,000,306 | ---- | C] () -- C:\Windows\setup.iss
[2011/02/19 22:53:44 | 000,000,210 | ---- | C] () -- C:\Users\King\Documents\Phone Book.csv
[2011/02/19 21:04:15 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011/02/19 20:53:35 | 000,057,845 | ---- | C] () -- C:\Users\King\AppData\Roaming\King3SQLite3.dll
[2011/02/19 19:51:13 | 000,000,119 | ---- | C] () -- C:\Windows\SysWow64\epson.sep
[2011/02/19 19:49:47 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/02/19 19:49:47 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/02/19 19:49:47 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/02/19 19:49:47 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/02/19 19:49:47 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/02/19 19:49:47 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/02/19 19:49:47 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/02/19 19:49:47 | 000,012,669 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_EN.cfg
[2011/02/19 19:49:47 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/02/19 19:49:47 | 000,006,478 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_PT.cfg
[2011/02/19 19:49:47 | 000,006,478 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_BP.cfg
[2011/02/19 19:49:47 | 000,006,366 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_FR.cfg
[2011/02/19 19:49:47 | 000,006,366 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_CF.cfg
[2011/02/19 19:49:47 | 000,006,226 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_ES.cfg
[2011/02/19 19:49:47 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/02/19 19:49:47 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/02/19 19:49:47 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/02/19 19:49:47 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/02/19 19:49:47 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/02/19 19:49:47 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/02/19 19:49:47 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/02/19 19:49:47 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/02/19 19:29:54 | 000,000,115 | ---- | C] () -- C:\Windows\EPART835.ini
[2011/02/15 17:49:54 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\GoodSync - Document Folder.job
[2011/02/13 10:27:46 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/02/13 10:27:29 | 000,001,334 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/02/12 04:44:45 | 000,120,376 | ---- | C] () -- C:\Windows\SysWow64\rrsec.dll
[2011/02/12 04:44:45 | 000,097,888 | ---- | C] () -- C:\Windows\SysWow64\rrsec2k.exe
[2011/02/10 08:46:08 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011/02/10 08:03:39 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/02/08 17:18:55 | 006,295,216 | ---- | C] () -- C:\Users\King\Desktop\PFConfig_1.0.295_Rapidsharezone.net.rar
[2011/02/07 07:51:28 | 000,006,041 | ---- | C] () -- C:\Users\King\Documents\Router_Setup.html
[2011/02/07 07:51:28 | 000,001,644 | ---- | C] () -- C:\Users\King\Documents\Firefox Sync Key.html
[2011/02/06 15:38:39 | 000,000,688 | ---- | C] () -- C:\Users\King\Desktop\DL - Stored - Shortcut.lnk
[2011/02/05 15:25:20 | 000,002,310 | ---- | C] () -- C:\Users\King\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\User Utility.lnk
[2011/02/05 10:21:45 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/02/05 10:07:52 | 004,931,577 | ---- | C] () -- C:\Windows\{00000006-00000000-00000006-00001102-00000004-10021102}.BAK
[2011/02/05 10:04:08 | 004,931,577 | ---- | C] () -- C:\Windows\{00000006-00000000-00000006-00001102-00000004-10021102}.CDF
[2011/02/05 10:04:05 | 000,032,088 | ---- | C] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000006-00000000-00000006-00001102-00000004-10021102}.rfx
[2011/02/05 10:04:01 | 000,190,976 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2011/02/05 10:04:01 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/02/05 10:04:01 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2011/02/05 10:04:01 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/02/05 10:04:01 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2011/02/01 09:04:29 | 000,001,004 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite
[2011/01/31 15:33:15 | 589,750,459 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/01/31 06:12:03 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Batch Ripper.bmp
[2011/01/31 06:12:03 | 000,002,450 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Batch Ripper.dat
[2011/01/31 06:09:38 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp
[2011/01/31 06:09:38 | 000,003,190 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2011/01/31 06:09:05 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpowerAMP Windows Media Audio 9 Codec.bmp
[2011/01/31 06:09:05 | 000,003,317 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpowerAMP Windows Media Audio 9 Codec.dat
[2011/01/31 06:08:14 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp TTA Codec.bmp
[2011/01/31 06:08:14 | 000,003,423 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp TTA Codec.dat
[2011/01/31 06:07:42 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Speex Codec.bmp
[2011/01/31 06:07:42 | 000,002,986 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Speex Codec.dat
[2011/01/31 06:07:27 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Shorten Codec.bmp
[2011/01/31 06:07:27 | 000,003,417 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Shorten Codec.dat
[2011/01/31 06:07:12 | 000,088,576 | ---- | C] () -- C:\Windows\SysWow64\OptimFROG.dll
[2011/01/31 06:07:12 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp OptimFROG Codec.bmp
[2011/01/31 06:07:12 | 000,003,473 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp OptimFROG Codec.dat
[2011/01/31 06:06:56 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Ogg Vorbis aoTuV Encoder.bmp
[2011/01/31 06:06:56 | 000,004,389 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Ogg Vorbis aoTuV Encoder.dat
[2011/01/31 06:06:10 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Musepack Codec.bmp
[2011/01/31 06:06:10 | 000,003,289 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Musepack Codec.dat
[2011/01/31 06:05:14 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Midi Decoder.bmp
[2011/01/31 06:05:14 | 000,002,655 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Midi Decoder.dat
[2011/01/31 06:04:58 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4b Audio book Encoder.bmp
[2011/01/31 06:04:58 | 000,001,265 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4b Audio book Encoder.dat
[2011/01/31 06:04:44 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Utilities.bmp
[2011/01/31 06:04:44 | 000,003,181 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Utilities.dat
[2011/01/31 06:04:24 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Nero AAC Encoder.bmp
[2011/01/31 06:04:24 | 000,003,627 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Nero AAC Encoder.dat
[2011/01/31 06:04:10 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Codec.bmp
[2011/01/31 06:04:10 | 000,003,297 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Codec.dat
[2011/01/31 06:03:22 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DirectShow Decoder.bmp
[2011/01/31 06:03:22 | 000,002,744 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DirectShow Decoder.dat
[2011/01/31 06:02:48 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp CLI Encoder.bmp
[2011/01/31 06:02:48 | 000,003,024 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp CLI Encoder.dat
[2011/01/31 06:02:15 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp AIFF Codec.bmp
[2011/01/31 06:02:15 | 000,001,086 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp AIFF Codec.dat
[2011/01/31 06:02:04 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp AAC Encoder.bmp
[2011/01/31 06:02:04 | 000,003,334 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp AAC Encoder.dat
[2011/01/31 06:01:04 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBPowerAMP Mp2 and BwfMp2 codec.bmp
[2011/01/31 06:01:04 | 000,001,850 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBPowerAMP Mp2 and BwfMp2 codec.dat
[2011/01/31 06:01:02 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Wave64 Codec.bmp
[2011/01/31 06:01:02 | 000,001,230 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Wave64 Codec.dat
[2011/01/31 06:01:00 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBPoweramp tooLame MP2 codec.bmp
[2011/01/31 06:01:00 | 000,002,234 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBPoweramp tooLame MP2 codec.dat
[2011/01/31 06:00:59 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBPowerAMP Real Audio (Helix) Encoder.bmp
[2011/01/31 06:00:59 | 000,011,479 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBPowerAMP Real Audio (Helix) Encoder.dat
[2011/01/31 06:00:52 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Dalet Codec.bmp
[2011/01/31 06:00:52 | 000,001,212 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Dalet Codec.dat
[2011/01/31 06:00:49 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp WavPack Codec.bmp
[2011/01/31 06:00:49 | 000,003,014 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp WavPack Codec.dat
[2011/01/31 06:00:42 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.bmp
[2011/01/31 06:00:42 | 000,003,071 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
[2011/01/31 06:00:34 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.bmp
[2011/01/31 06:00:34 | 000,003,159 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.dat
[2011/01/31 06:00:28 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Monkeys Audio Codec.bmp
[2011/01/31 06:00:27 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
[2011/01/31 06:00:20 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp FLAC Codec.bmp
[2011/01/31 06:00:20 | 000,002,993 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp FLAC Codec.dat
[2011/01/31 05:59:59 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Tag From Filename] Codec.bmp
[2011/01/31 05:59:59 | 000,002,869 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Tag From Filename] Codec.dat
[2011/01/31 05:59:50 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ReplayGain] Codec.bmp
[2011/01/31 05:59:50 | 000,002,900 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ReplayGain] Codec.dat
[2011/01/31 05:59:42 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.bmp
[2011/01/31 05:59:42 | 000,003,002 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Multi Encoder] Codec.dat
[2011/01/31 05:59:32 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Length Split] Codec.bmp
[2011/01/31 05:59:32 | 000,002,862 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Length Split] Codec.dat
[2011/01/31 05:59:24 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ID Tag Update] Codec.bmp
[2011/01/31 05:59:24 | 000,002,903 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [ID Tag Update] Codec.dat
[2011/01/31 05:59:16 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Channel Split] Codec.bmp
[2011/01/31 05:59:16 | 000,002,999 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Channel Split] Codec.dat
[2011/01/31 05:59:08 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.bmp
[2011/01/31 05:59:08 | 000,002,849 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.dat
[2011/01/31 05:59:01 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Audio Info] Codec.bmp
[2011/01/31 05:59:01 | 000,002,871 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Audio Info] Codec.dat
[2011/01/31 05:58:39 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.bmp
[2011/01/31 05:58:39 | 000,002,879 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp [Arrange Audio] Codec.dat
[2011/01/31 05:57:24 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.bmp
[2011/01/31 05:57:24 | 000,012,502 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2011/01/31 05:57:17 | 003,835,624 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/01/31 05:57:17 | 000,033,846 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.bmp
[2011/01/31 05:57:17 | 000,018,038 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/01/30 10:34:18 | 000,001,464 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2011/01/30 10:33:35 | 000,000,097 | RHS- | C] () -- C:\ProgramData\1.12.0.lic
[2011/01/29 18:42:35 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\ZumoDrive.lnk
[2011/01/27 18:04:36 | 000,000,161 | ---- | C] () -- C:\Windows\SysNative\autopart.opt
[2011/01/25 18:39:23 | 000,008,962 | ---- | C] () -- C:\ProgramData\search_result.xml
[2011/01/24 09:00:33 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/01/21 18:31:03 | 000,000,094 | ---- | C] () -- C:\Windows\winin.ini
[2011/01/21 16:25:05 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011/01/20 19:38:30 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/01/20 19:38:28 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\cdga.dll
[2011/01/20 18:14:21 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/01/20 17:17:05 | 000,000,090 | ---- | C] () -- C:\Windows\SysWow64\ftm31.dat
[2011/01/20 16:57:52 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/20 15:12:41 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2011/01/20 14:13:38 | 000,070,372 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011/01/20 13:33:48 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/01/20 11:28:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/17 18:17:02 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/07/08 09:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010/03/18 19:59:54 | 000,050,439 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010/03/18 19:19:58 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CTBurst.dll
[2010/03/18 19:17:50 | 000,037,888 | ---- | C] () -- C:\Windows\SysWow64\psconv.exe
[2010/03/18 19:07:54 | 000,386,852 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2010/03/18 19:07:54 | 000,051,787 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2010/03/18 18:59:56 | 000,313,207 | ---- | C] () -- C:\Windows\SysWow64\ctstatic.dat
[2010/03/18 18:59:56 | 000,053,932 | ---- | C] () -- C:\Windows\SysWow64\ctdaught.dat
[2010/03/18 18:59:54 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2009/11/06 12:00:28 | 000,031,088 | ---- | C] () -- C:\Windows\SysWow64\wrLZMA.dll
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/08 15:10:56 | 000,000,307 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/08/13 20:45:02 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\ctmmactl.dll
[2007/04/12 08:10:28 | 000,105,728 | ---- | C] () -- C:\Windows\SysWow64\APOMgrH.dll
[2007/04/09 12:55:14 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2005/04/07 21:16:43 | 000,026,657 | -H-- | C] () -- C:\Users\King\AppData\Roaming\Kinglog.dat

========== LOP Check ==========

[2011/02/11 10:29:07 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\5B41AD37-7799-4DDC-8119-03117E92DF01
[2011/01/28 05:21:41 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Acronis
[2011/01/20 14:17:24 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\BitDefender
[2011/02/12 04:52:09 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\dBpoweramp
[2011/02/25 19:42:22 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\EMCO
[2011/02/20 05:06:37 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Epson
[2011/01/28 05:06:15 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\FC5F455C-DAA4-48E8-A735-81915BF98BA0
[2011/01/20 17:17:03 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Firetrust
[2011/01/20 19:04:49 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Forte
[2011/01/20 16:59:40 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Genie-Soft
[2011/01/25 08:16:53 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\GetRightToGo
[2011/02/26 00:32:32 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\GoodSync
[2011/01/25 11:18:50 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\ImgBurn
[2011/02/20 17:52:27 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\install
[2011/01/24 08:31:00 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Kaczynski Software
[2011/02/19 20:52:26 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Leader Technologies
[2011/01/20 21:27:32 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Leadertech
[2011/01/24 09:02:49 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Leawo
[2011/02/01 09:11:05 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\MahJong Suite
[2011/01/24 09:02:50 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Moyea
[2011/02/05 15:14:53 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Netgear Live Parental Controls
[2011/02/20 10:52:09 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Nuance
[2011/01/20 14:14:59 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\QuickScan
[2011/01/20 20:51:10 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\RipIt4Me
[2011/01/20 13:37:44 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\RoboForm
[2011/02/20 11:05:10 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\ScanSoft
[2011/01/20 21:08:09 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\URSoft
[2011/02/10 08:16:55 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Windows Live Writer
[2011/02/20 11:05:11 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\Zeon
[2011/02/26 10:43:58 | 000,000,000 | ---D | M] -- C:\Users\King\AppData\Roaming\ZumoDrive
[2011/02/25 09:00:01 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\GoodSync - Document Folder.job
[2009/07/14 00:08:49 | 000,014,140 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/02/26 10:39:51 | 000,001,786 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeper_L6DA32D192B6241D5A676AFECA022B45E.job
[2011/02/26 10:40:07 | 000,000,244 | -H-- | M] () -- C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011/02/26 10:57:03 | 000,000,282 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:1CE11B51
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:9B013599

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP