Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

pum.bad.proxy - Keep on reappearing after cleaning it.

Started by bluewr , May 19 2011 11:56 PM

  • This topic is locked This topic is locked

#1
bluewr
Posted 19 May 2011 - 11:56 PM

bluewr

    Member

  • Member
  • PipPip
  • 33 posts
Attached File  OTL.Txt   171.62KB   146 downloadsI did a check twice on malbyte anti-malware, and got the same malware twice, it still appear after I"ve fixed it with
pum.bad.proxy

I did a scan with OTL and here is the result

OTL logfile created on: 2011/05/20 13:40:54 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sizustar\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000411 | Country: Japan | Language: JPN | Date Format: yyyy/MM/dd

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 81.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): c:\pagefile.sys 8191 8191 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.35 Gb Total Space | 272.24 Gb Free Space | 58.50% Space Free | Partition Type: NTFS
Drive D: | 466.16 Gb Total Space | 415.24 Gb Free Space | 89.08% Space Free | Partition Type: NTFS
Drive E: | 1397.26 Gb Total Space | 719.28 Gb Free Space | 51.48% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 113.05 Gb Free Space | 37.92% Space Free | Partition Type: NTFS

Computer Name: SIZUSTAR-PC | User Name: Sizustar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/20 12:26:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sizustar\Desktop\OTL.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2011/04/08 13:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/04/01 06:17:51 | 002,860,800 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2011/03/02 04:56:03 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgam.exe
PRC - [2011/01/20 17:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/09/25 02:07:12 | 000,131,072 | ---- | M] (South Bay Software) -- C:\Program Files (x86)\AutoSizer\AutoSizer.exe
PRC - [2010/01/27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (SafeList) ==========

MOD - [2011/05/20 12:26:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sizustar\Desktop\OTL.exe
MOD - [2010/11/20 03:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010/09/25 02:07:12 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\AutoSizer\AutoSizer.dll
MOD - [2009/07/14 09:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/05 01:55:09 | 000,128,384 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/03/15 15:18:32 | 002,610,952 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV:64bit: - [2011/03/15 15:18:22 | 002,266,376 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine)
SRV:64bit: - [2010/10/28 18:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/09/24 13:17:16 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/09/24 13:17:16 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2010/09/24 13:17:10 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/04/08 13:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/04/01 06:17:51 | 002,860,800 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2service.exe -- (a2AntiMalware)
SRV - [2011/03/02 04:56:03 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2011/02/21 15:58:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/09/20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/03 23:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/03/02 04:56:03 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2011/03/02 04:44:38 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/01/19 17:47:18 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV:64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV:64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV:64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV:64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/09/25 01:17:22 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/09/23 03:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2010/08/25 01:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/08/25 01:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010/07/09 13:19:02 | 000,021,480 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/05/26 10:39:08 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\6E9B.tmp -- (MEMSWEEP2)
DRV:64bit: - [2010/02/18 02:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/18 02:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/08/14 14:48:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\skfiltv.sys -- (skfiltv)
DRV:64bit: - [2008/02/01 18:15:04 | 000,043,520 | ---- | M] (ASUSTek Computer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ipgdnd60.sys -- (ipgd)
DRV - [2011/03/12 17:46:36 | 000,085,800 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2011/02/21 16:14:38 | 000,014,592 | ---- | M] (Philips PTCL) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\MassDfu.sys -- (DFU)
DRV - [2010/12/18 19:03:58 | 000,025,280 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2009/09/24 18:44:14 | 000,070,168 | ---- | M] (TSS - www.trinity-ss.com) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\TSSFSFD.sys -- (TSS_FSFILTER)
DRV - [2009/09/24 18:44:14 | 000,070,168 | ---- | M] (TSS - www.trinity-ss.com) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TSSFSFD.sys -- (DynamicEDController)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:51293

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "http://my.daemon-sea....com/startpage"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: [email protected]:4.51
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: [email protected]:2.6.7
FF - prefs.js..extensions.enabledItems: nicofox@littlebtc:0.4b1
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.4.0024
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 51293
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/26 16:38:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/29 19:37:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/16 14:22:46 | 000,000,000 | ---D | M]

[2010/09/25 01:20:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Extensions
[2011/05/16 14:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Firefox\Profiles\2yaoxcwj.default\extensions
[2011/04/10 10:41:15 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Firefox\Profiles\2yaoxcwj.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011/04/01 10:41:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Firefox\Profiles\2yaoxcwj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/04/23 04:26:25 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Firefox\Profiles\2yaoxcwj.default\extensions\[email protected]
[2011/03/02 04:44:34 | 000,002,059 | ---- | M] () -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Firefox\Profiles\2yaoxcwj.default\searchplugins\daemon-search.xml
[2011/03/22 16:54:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\SIZUSTAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2YAOXCWJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\SIZUSTAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2YAOXCWJ.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2011/04/29 19:36:59 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010/10/21 06:11:42 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010/01/01 16:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/05/16 21:30:17 | 000,433,276 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14938 more lines...
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKCU..\Run: [AutoSizer] C:\Program Files (x86)\AutoSizer\AutoSizer.exe (South Bay Software)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (Reg Error: Key error.)
O16 - DPF: {2AA793B8-230D-4EE1-9158-21ADA1421950} http://download.powe...tw/fsplayer.cab (Reg Error: Key error.)
O16 - DPF: {2B658B62-1B6F-4CFF-8A7C-225B7BB15336} http://www.dotbook.j...TimeCrochet.cab (CrochetCtrl Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {931C1175-E08E-4ADA-9AED-4A2828AE1011} http://trinity.dlsit...ex/pbebkick.cab (PbEbkick Control)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.micr...44/igdtoolx.cab (Reg Error: Key error.)
O16 - DPF: {C8F5F737-2683-40B8-BFB6-47B15AC20A79} https://gash.gamania....1/lcjggame.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.16.0.cab (SysInfo Class)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/01 04:30:10 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll ()
Drivers32:64bit: vidc.mpeg - bdmpegv64.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\SysWow64\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\Windows\SysWow64\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Windows\SysWow64\I263_32.drv (Intel Corporation)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
Drivers32: VIDC.VP70 - C:\Windows\SysWow64\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig:64bit - StartUpFolder: C:^Users^Sizustar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Broadband Connection - 捷徑.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Sizustar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . 製品の登録.lnk - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe - (Leader Technologies/Logitech)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Aim - hkey= - key= - C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
MsConfig:64bit - StartUpReg: AVG9_TRAY - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: EADM - hkey= - key= - C:\Program Files (x86)\Electronic Arts\EADM\EADMUI.exe (Electronic Arts)
MsConfig:64bit - StartUpReg: EvtMgr6 - hkey= - key= - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: hpqSRMon - hkey= - key= - C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
MsConfig:64bit - StartUpReg: TurboV - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Wisdom-soft ScreenHunter 5.1 Free - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Zune Launcher - hkey= - key= - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)

SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: hitmanpro35 - Reg Error: Value error.
SafeBootNet:64bit: hitmanpro35.sys - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: hitmanpro35 - Reg Error: Value error.
SafeBootNet: hitmanpro35.sys - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A59B76D1-5E3B-4893-BB7F-AF69B2570A73} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FE600E50-2C69-46D5-ACAA-2B617006245C} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

========== Files/Folders - Created Within 30 Days ==========

[2011/05/20 12:26:06 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Sizustar\Desktop\OTL.exe
[2011/05/20 07:24:18 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\asufe101
[2011/05/20 07:24:14 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\TORMENTRIP
[2011/05/16 22:48:04 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\tohovsneko110513
[2011/05/16 22:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BLUEWATER
[2011/05/16 22:18:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BLUEWATER
[2011/05/16 21:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2011/05/16 21:12:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2011/05/16 20:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/05/16 09:15:34 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Roaming\SUPERAntiSpyware.com
[2011/05/16 09:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/05/16 09:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/05/16 09:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/05/13 22:30:48 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\Eroquis_gallery
[2011/05/13 14:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SomePDF
[2011/05/13 14:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SomePDF
[2011/05/13 04:30:34 | 000,000,000 | -H-D | C] -- C:\Users\Sizustar\Desktop\[Originals]
[2011/05/11 23:13:27 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Local\Easy Clone Detective
[2011/05/11 23:12:29 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Refero Group
[2011/05/11 23:12:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Refero Group
[2011/05/11 23:12:29 | 000,000,000 | ---D | C] -- C:\Windows\Easy Clone Detective
[2011/05/11 21:24:40 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/05/11 21:24:40 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/05/11 21:24:39 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011/05/11 21:24:39 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011/05/11 21:24:38 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/05/11 21:24:37 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/05/11 21:24:37 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/05/08 00:43:27 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\Vorpal_Rabbit_1_0_0_2
[2011/05/05 04:24:16 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Roaming\AVG
[2011/05/05 04:21:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/05/05 04:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2011/05/05 01:51:19 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/05/05 01:05:01 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Roaming\AVG10
[2011/05/05 01:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/05/05 01:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/05/05 01:04:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2011/05/05 00:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/05/03 20:41:51 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\hana_circle
[2011/05/01 22:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\lame3.98.2
[2011/04/30 22:37:35 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Documents\iSkysoft DRM Removal
[2011/04/30 22:37:06 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys
[2011/04/30 22:37:04 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys
[2011/04/30 22:37:02 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys
[2011/04/30 22:37:00 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys
[2011/04/30 22:36:57 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys
[2011/04/30 22:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft
[2011/04/30 22:36:54 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\SysWow64\iconv.dll
[2011/04/30 22:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iSkysoft
[2011/04/28 08:02:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2011/04/28 01:11:02 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/04/28 01:11:02 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011/04/28 01:11:02 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011/04/28 01:11:02 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/04/28 01:11:02 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011/04/28 01:11:02 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011/04/28 01:11:02 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/04/28 01:10:59 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/04/28 01:10:59 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/04/28 01:10:58 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/28 01:10:58 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/04/28 01:10:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011/04/28 01:10:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/04/26 21:39:00 | 000,189,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011/04/26 21:39:00 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011/04/26 21:39:00 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011/04/26 21:38:57 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/04/24 20:57:03 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\pncrt.dll
[2011/04/24 20:57:03 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\drv43260.dll
[2011/04/24 20:57:03 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\drv33260.dll
[2011/04/24 20:57:03 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\sipr3260.dll
[2011/04/24 20:57:03 | 000,065,536 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\cook.dll
[2011/04/24 06:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
[2011/04/24 06:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011/04/24 06:35:53 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\SysWow64\lameACM.acm
[2011/04/24 06:35:53 | 000,630,784 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2011/04/24 06:35:53 | 000,391,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\I263_32.drv
[2011/04/24 06:35:53 | 000,287,744 | ---- | C] (Kristal StudioDFileDescription) -- C:\Windows\SysWow64\divxa32.acm
[2011/04/24 06:35:53 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011/04/24 06:35:53 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\mp3fhg.acm
[2011/04/24 06:35:53 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2011/04/24 06:35:53 | 000,122,368 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011/04/24 06:35:53 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\Windows\SysWow64\huffyuv.dll
[2011/04/24 06:31:42 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll.bak
[2011/04/20 20:43:06 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Local\uTorrent
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/20 13:42:04 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/20 13:42:04 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/20 13:34:55 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011/05/20 13:34:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/20 13:34:43 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/20 13:20:25 | 000,001,060 | ---- | M] () -- C:\Windows\SysNative\PDBootState
[2011/05/20 12:31:04 | 000,001,387 | ---- | M] () -- C:\Users\Sizustar\Desktop\noproxy.reg
[2011/05/20 12:26:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sizustar\Desktop\OTL.exe
[2011/05/20 07:23:50 | 020,333,879 | ---- | M] () -- C:\Users\Sizustar\Desktop\TORMENTRIP.zip
[2011/05/20 07:23:29 | 017,506,724 | ---- | M] () -- C:\Users\Sizustar\Desktop\asufe101.zip
[2011/05/19 16:00:13 | 115,347,518 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/05/19 15:44:28 | 000,181,546 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305471061148.jpg
[2011/05/19 15:30:40 | 000,064,879 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305722752751.jpg
[2011/05/19 15:27:22 | 000,089,643 | ---- | M] () -- C:\Users\Sizustar\Desktop\2ds45qp.jpg
[2011/05/19 00:22:24 | 000,367,892 | ---- | M] () -- C:\Users\Sizustar\Desktop\4komaa00.jpg
[2011/05/18 20:43:58 | 000,049,965 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305595023594.jpg
[2011/05/18 19:44:16 | 002,188,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/18 19:44:16 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/18 19:44:16 | 000,398,716 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2011/05/18 19:44:16 | 000,396,450 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2011/05/18 19:44:16 | 000,361,570 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2011/05/18 19:44:16 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2011/05/18 19:44:16 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2011/05/18 19:44:16 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/18 19:44:16 | 000,104,050 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2011/05/17 09:40:53 | 000,020,040 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/05/17 01:02:43 | 000,066,930 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305478116764.jpg
[2011/05/16 22:46:17 | 015,640,514 | ---- | M] () -- C:\Users\Sizustar\Desktop\tohovsneko110513.zip
[2011/05/16 22:19:47 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\DiaGnosis2.lnk
[2011/05/16 22:03:31 | 000,161,091 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305541100664.jpg
[2011/05/16 21:30:17 | 000,433,276 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/05/16 21:16:26 | 000,433,303 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[2011/05/16 19:03:51 | 000,063,373 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305507516408.jpg
[2011/05/16 14:34:15 | 000,006,638 | ---- | M] () -- C:\Users\Sizustar\AppData\Roaming\0EDE.18C
[2011/05/16 14:33:13 | 058,273,855 | ---- | M] () -- C:\Users\Sizustar\Desktop\RJ077472.zip
[2011/05/16 12:34:18 | 026,845,822 | ---- | M] () -- C:\Users\Sizustar\Documents\【東方】『幻想万華鏡』予告編 満福神社×幽閉サテライト【アニメ】 - [sm14400995].mp4
[2011/05/16 09:15:22 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/16 08:17:39 | 060,579,845 | ---- | M] () -- C:\Users\Sizustar\Documents\【第6回MMD杯本選】恋天使ルシフェル.mp4
[2011/05/16 08:04:25 | 050,744,207 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】魔王エンジェルにまっさらブルージーンズを踊ってもらった.mp4
[2011/05/16 08:01:08 | 068,736,850 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】BREEZE【魔王エンジェル】.mp4
[2011/05/16 07:54:35 | 039,453,402 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】魔王エンジェルにNostalogicを踊ってもらった【修正版】.mp4
[2011/05/16 07:52:33 | 010,237,078 | ---- | M] () -- C:\Users\Sizustar\Documents\【3DCG】くるっと・おどって・初音ミク【ねんどろいど】.flv
[2011/05/16 07:43:50 | 472,907,776 | ---- | M] () -- C:\Users\Sizustar\Desktop\[KiaiNeko] H-Manga Collection.part1.rar
[2011/05/16 07:41:56 | 341,635,270 | ---- | M] () -- C:\Users\Sizustar\Desktop\[KiaiNeko] H-Manga Collection.part2.rar
[2011/05/16 07:40:02 | 024,412,373 | ---- | M] () -- C:\Users\Sizustar\Documents\【MikuMikuDance】助手よ素直になるがいい【Steins;Gate】.mp4
[2011/05/16 07:38:06 | 025,748,404 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】折紙さんが見切れないハレ晴レユカイ【と助手とホビロン】.mp4
[2011/05/16 07:37:06 | 021,085,786 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】松前緒花の「Ievan Polkka」(ミクは・・・)【第3回ラジP杯】.mp4
[2011/05/16 07:29:02 | 045,234,406 | ---- | M] () -- C:\Users\Sizustar\Documents\春香・美希 Bad Apple!!.mp4
[2011/05/16 07:19:37 | 016,196,926 | ---- | M] () -- C:\Users\Sizustar\Documents\和曲似合いそうな歌い手集めて「凛として咲く花の如く」歌ってみた.mp4
[2011/05/16 07:14:41 | 097,315,165 | ---- | M] () -- C:\Users\Sizustar\Documents\【東方MMD】お嬢様がNostalogicを踊るはずだったのだけど【ちょっとPV風味】.mp4
[2011/05/16 06:57:39 | 048,459,185 | ---- | M] () -- C:\Users\Sizustar\Documents\魔法少女まどか☆マギカ -the ultimate modification-.mp4
[2011/05/16 03:15:37 | 000,125,737 | ---- | M] () -- C:\Users\Sizustar\Documents\1305417382835.jpg
[2011/05/16 03:15:31 | 000,118,941 | ---- | M] () -- C:\Users\Sizustar\Documents\1305417026623.jpg
[2011/05/16 03:15:21 | 000,110,964 | ---- | M] () -- C:\Users\Sizustar\Documents\1305415767642.jpg
[2011/05/16 03:13:11 | 000,361,571 | ---- | M] () -- C:\Users\Sizustar\Documents\1305445135069.gif
[2011/05/15 20:02:27 | 000,423,459 | ---- | M] () -- C:\Users\Sizustar\Documents\1305449679532.jpg
[2011/05/15 20:02:10 | 000,079,016 | ---- | M] () -- C:\Users\Sizustar\Documents\1305448473372.jpg
[2011/05/14 18:17:06 | 000,304,497 | ---- | M] () -- C:\Users\Sizustar\Documents\1305303779911.jpg
[2011/05/14 07:19:48 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/05/14 06:31:36 | 000,950,611 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 08.jpg
[2011/05/14 06:31:35 | 000,969,618 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 07.jpg
[2011/05/14 06:31:31 | 001,025,414 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 06.jpg
[2011/05/14 06:31:29 | 000,987,552 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 05.jpg
[2011/05/14 06:31:27 | 001,083,287 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 04.jpg
[2011/05/14 06:31:25 | 001,071,435 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 03.jpg
[2011/05/14 06:31:17 | 001,126,169 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 02.jpg
[2011/05/14 06:31:13 | 001,072,869 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 01.jpg
[2011/05/14 05:04:38 | 000,358,258 | ---- | M] () -- C:\Users\Sizustar\Documents\1305315838683.gif
[2011/05/14 05:01:28 | 000,068,701 | ---- | M] () -- C:\Users\Sizustar\Documents\709.jpg
[2011/05/13 14:20:13 | 000,001,265 | ---- | M] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\Some PDF Image Extractr.lnk
[2011/05/13 14:20:13 | 000,001,077 | ---- | M] () -- C:\Users\Sizustar\Desktop\Some PDF Image Extractr.lnk
[2011/05/13 05:35:17 | 000,433,303 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110516-211626.backup
[2011/05/13 04:30:47 | 000,457,256 | ---- | M] () -- C:\Users\Sizustar\Documents\1305219526827.jpg
[2011/05/13 04:30:34 | 000,463,939 | ---- | M] () -- C:\Users\Sizustar\Documents\1305219617028.jpg
[2011/05/11 23:12:29 | 000,002,159 | ---- | M] () -- C:\Users\Sizustar\Desktop\Easy Clone Detective.lnk
[2011/05/11 21:20:31 | 000,000,972 | ---- | M] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk
[2011/05/11 21:20:31 | 000,000,948 | ---- | M] () -- C:\Users\Sizustar\Desktop\Bandicam.lnk
[2011/05/09 21:22:07 | 001,512,209 | ---- | M] () -- C:\Users\Sizustar\Documents\18641737.png
[2011/05/09 17:50:40 | 009,554,139 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】東方キャラ達に『ハッピーシンセサイザ』踊ってもらった.flv
[2011/05/09 17:49:54 | 009,559,266 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】みんなに『ハッピーシンセサイザ』踊ってもらった.flv
[2011/05/09 02:28:28 | 000,114,723 | ---- | M] () -- C:\Users\Sizustar\Documents\18532002_p3.jpg
[2011/05/09 02:28:25 | 000,101,106 | ---- | M] () -- C:\Users\Sizustar\Documents\18532002_p2.jpg
[2011/05/09 02:28:20 | 000,120,254 | ---- | M] () -- C:\Users\Sizustar\Documents\18532002_p0.jpg
[2011/05/09 02:28:19 | 000,110,753 | ---- | M] () -- C:\Users\Sizustar\Documents\18532002_p1.jpg
[2011/05/09 02:26:39 | 000,020,678 | ---- | M] () -- C:\Users\Sizustar\Documents\18681769_p2.png
[2011/05/09 02:26:24 | 000,073,644 | ---- | M] () -- C:\Users\Sizustar\Documents\18681769_p0.png
[2011/05/09 02:26:24 | 000,051,358 | ---- | M] () -- C:\Users\Sizustar\Documents\18681769_p1.png
[2011/05/06 02:10:05 | 000,433,197 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110513-053517.backup
[2011/05/05 18:58:24 | 000,024,576 | ---- | M] () -- C:\Users\Sizustar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/05 11:22:46 | 000,001,145 | ---- | M] () -- C:\Users\Sizustar\Desktop\神楽早春賦.lnk
[2011/05/05 04:21:06 | 000,001,161 | ---- | M] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2011/05/05 04:21:06 | 000,001,137 | ---- | M] () -- C:\Users\Sizustar\Desktop\AVG PC Tuneup 2011.lnk
[2011/05/05 02:51:35 | 000,126,392 | ---- | M] () -- C:\Users\Sizustar\Documents\241085%20-%20Boomer%20JoPereira%20Louis%20left_4_dead%20zoey.jpg
[2011/05/05 01:04:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\avg\incavi.avm
[2011/05/05 01:04:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\avg\iavichjw.avm
[2011/05/04 23:50:33 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/05/04 21:05:34 | 002,230,672 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/04 13:54:12 | 000,302,080 | ---- | M] () -- C:\Users\Sizustar\Desktop\gmer.exe
[2011/05/03 16:25:38 | 000,000,056 | ---- | M] () -- C:\Windows\kgt2k.INI
[2011/05/02 17:58:31 | 000,033,371 | ---- | M] () -- C:\Users\Sizustar\Documents\image.jpeg
[2011/05/02 07:30:17 | 000,025,615 | ---- | M] () -- C:\Users\Sizustar\Documents\gamportal2turretdoll530.jpg
[2011/05/02 05:57:51 | 000,437,014 | ---- | M] () -- C:\Users\Sizustar\Documents\1303810964794.jpg
[2011/05/02 05:42:18 | 000,392,880 | ---- | M] () -- C:\Users\Sizustar\Documents\27.jpg
[2011/05/02 05:40:56 | 000,331,092 | ---- | M] () -- C:\Users\Sizustar\Documents\16.jpg
[2011/05/01 23:02:15 | 000,057,727 | ---- | M] () -- C:\Users\Sizustar\Documents\Kon.jpg
[2011/05/01 21:31:42 | 000,148,371 | ---- | M] () -- C:\Users\Sizustar\Documents\f7e2fce5.jpg
[2011/05/01 21:31:41 | 000,059,413 | ---- | M] () -- C:\Users\Sizustar\Documents\a9ca51a0.jpg
[2011/05/01 15:58:27 | 008,995,515 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】東方モデルをミニスカで【ハッピーシンセサイザ】.flv
[2011/05/01 15:39:50 | 000,496,803 | ---- | M] () -- C:\Users\Sizustar\Documents\1304224434344.jpg
[2011/04/30 22:36:55 | 000,001,171 | ---- | M] () -- C:\Users\Sizustar\Desktop\iSkysoft DRM Removal.lnk
[2011/04/30 22:20:26 | 000,001,500 | ---- | M] () -- C:\Users\Sizustar\Desktop\wmplayer.exe - Shortcut.lnk
[2011/04/30 12:56:42 | 000,310,984 | ---- | M] () -- C:\Users\Sizustar\Documents\1304094452752.jpg
[2011/04/30 12:41:42 | 000,020,012 | ---- | M] () -- C:\Users\Sizustar\Documents\img1f73137bzik3zj.jpg
[2011/04/30 06:40:07 | 000,818,225 | ---- | M] () -- C:\Users\Sizustar\Documents\18299616.jpg
[2011/04/30 04:31:37 | 001,252,646 | ---- | M] () -- C:\Users\Sizustar\Documents\The%20Avengers%2018.jpg
[2011/04/30 04:29:36 | 001,818,372 | ---- | M] () -- C:\Users\Sizustar\Documents\The%20Avengers%2016.jpg
[2011/04/30 04:29:17 | 001,090,343 | ---- | M] () -- C:\Users\Sizustar\Documents\The%20Avengers%20%2015.jpg
[2011/04/30 04:28:27 | 000,525,590 | ---- | M] () -- C:\Users\Sizustar\Documents\The%20Avengers%2014.jpg
[2011/04/30 04:28:21 | 001,211,011 | ---- | M] () -- C:\Users\Sizustar\Documents\The%20Avengers%201%20-%20Page%2013.jpg
[2011/04/29 20:47:19 | 000,074,035 | ---- | M] () -- C:\Users\Sizustar\Documents\Transformers-3-Dark-of-the-Moon-Teaser-Poster-Clear_1291759448_1298047467_1302887052.jpg
[2011/04/29 19:37:11 | 000,002,052 | ---- | M] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/29 17:00:52 | 000,376,002 | ---- | M] () -- C:\Users\Sizustar\Documents\hana_m00.jpg
[2011/04/28 23:58:33 | 000,192,627 | ---- | M] () -- C:\Users\Sizustar\Documents\18467814.jpg
[2011/04/27 06:45:30 | 000,046,361 | ---- | M] () -- C:\Users\Sizustar\Documents\18336267_m.jpg
[2011/04/27 06:30:24 | 000,029,581 | ---- | M] () -- C:\Users\Sizustar\Documents\2132446298_full.jpg
[2011/04/26 21:38:57 | 000,521,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011/04/26 21:38:57 | 000,189,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011/04/26 21:38:57 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011/04/26 21:38:57 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011/04/26 21:37:05 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2011/04/24 09:09:04 | 000,091,731 | ---- | M] () -- C:\Users\Sizustar\Documents\1303369309370.jpg
[2011/04/24 01:50:58 | 000,241,779 | ---- | M] () -- C:\Users\Sizustar\Documents\rspc9030.png
[2011/04/23 09:07:03 | 000,514,354 | ---- | M] () -- C:\Users\Sizustar\Documents\12825701.jpg
[2011/04/23 08:54:40 | 021,342,466 | ---- | M] () -- C:\Users\Sizustar\Documents\【手書き】家に帰ると妻がいつも死んだふりをしています。.flv
[2011/04/23 04:59:20 | 000,083,110 | ---- | M] () -- C:\Users\Sizustar\Documents\1303379198437.jpg
[2011/04/23 04:57:00 | 000,470,301 | ---- | M] () -- C:\Users\Sizustar\Documents\1303489211059.png
[2011/04/23 04:52:53 | 000,115,758 | ---- | M] () -- C:\Users\Sizustar\Documents\2yjwow1.jpg
[2011/04/22 23:45:05 | 000,179,467 | ---- | M] () -- C:\Users\Sizustar\Documents\130344254283.jpg
[2011/04/21 06:56:43 | 000,086,883 | ---- | M] () -- C:\Users\Sizustar\Documents\150183%20-%20Hunter_x_Hunter%20Nefelpitou%20Ponzu.jpg
[2011/04/21 00:26:30 | 000,491,306 | ---- | M] () -- C:\Users\Sizustar\Documents\1303313230035.png
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/20 12:34:52 | 000,302,080 | ---- | C] () -- C:\Users\Sizustar\Desktop\gmer.exe
[2011/05/20 12:31:04 | 000,001,387 | ---- | C] () -- C:\Users\Sizustar\Desktop\noproxy.reg
[2011/05/20 07:23:43 | 020,333,879 | ---- | C] () -- C:\Users\Sizustar\Desktop\TORMENTRIP.zip
[2011/05/20 07:23:23 | 017,506,724 | ---- | C] () -- C:\Users\Sizustar\Desktop\asufe101.zip
[2011/05/19 16:06:33 | 000,064,879 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305722752751.jpg
[2011/05/19 16:00:13 | 115,347,518 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/05/19 15:44:42 | 000,181,546 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305471061148.jpg
[2011/05/19 15:27:28 | 000,089,643 | ---- | C] () -- C:\Users\Sizustar\Desktop\2ds45qp.jpg
[2011/05/19 00:20:42 | 000,367,892 | ---- | C] () -- C:\Users\Sizustar\Desktop\4komaa00.jpg
[2011/05/18 20:44:08 | 000,049,965 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305595023594.jpg
[2011/05/17 01:02:51 | 000,066,930 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305478116764.jpg
[2011/05/16 22:46:16 | 015,640,514 | ---- | C] () -- C:\Users\Sizustar\Desktop\tohovsneko110513.zip
[2011/05/16 22:19:47 | 000,001,911 | ---- | C] () -- C:\Users\Public\Desktop\DiaGnosis2.lnk
[2011/05/16 22:03:41 | 000,161,091 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305541100664.jpg
[2011/05/16 20:59:53 | 000,020,040 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/05/16 19:04:02 | 000,063,373 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305507516408.jpg
[2011/05/16 17:04:02 | 026,845,822 | ---- | C] () -- C:\Users\Sizustar\Documents\【東方】『幻想万華鏡』予告編 満福神社×幽閉サテライト【アニメ】 - [sm14400995].mp4
[2011/05/16 14:33:05 | 058,273,855 | ---- | C] () -- C:\Users\Sizustar\Desktop\RJ077472.zip
[2011/05/16 09:15:22 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/16 08:17:36 | 060,579,845 | ---- | C] () -- C:\Users\Sizustar\Documents\【第6回MMD杯本選】恋天使ルシフェル.mp4
[2011/05/16 08:04:23 | 050,744,207 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】魔王エンジェルにまっさらブルージーンズを踊ってもらった.mp4
[2011/05/16 07:56:56 | 068,736,850 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】BREEZE【魔王エンジェル】.mp4
[2011/05/16 07:54:34 | 039,453,402 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】魔王エンジェルにNostalogicを踊ってもらった【修正版】.mp4
[2011/05/16 07:52:33 | 010,237,078 | ---- | C] () -- C:\Users\Sizustar\Documents\【3DCG】くるっと・おどって・初音ミク【ねんどろいど】.flv
[2011/05/16 07:39:37 | 024,412,373 | ---- | C] () -- C:\Users\Sizustar\Documents\【MikuMikuDance】助手よ素直になるがいい【Steins;Gate】.mp4
[2011/05/16 07:38:06 | 025,748,404 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】折紙さんが見切れないハレ晴レユカイ【と助手とホビロン】.mp4
[2011/05/16 07:37:05 | 021,085,786 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】松前緒花の「Ievan Polkka」(ミクは・・・)【第3回ラジP杯】.mp4
[2011/05/16 07:36:40 | 341,635,270 | ---- | C] () -- C:\Users\Sizustar\Desktop\[KiaiNeko] H-Manga Collection.part2.rar
[2011/05/16 07:36:35 | 472,907,776 | ---- | C] () -- C:\Users\Sizustar\Desktop\[KiaiNeko] H-Manga Collection.part1.rar
[2011/05/16 07:28:59 | 045,234,406 | ---- | C] () -- C:\Users\Sizustar\Documents\春香・美希 Bad Apple!!.mp4
[2011/05/16 07:17:56 | 016,196,926 | ---- | C] () -- C:\Users\Sizustar\Documents\和曲似合いそうな歌い手集めて「凛として咲く花の如く」歌ってみた.mp4
[2011/05/16 07:14:36 | 097,315,165 | ---- | C] () -- C:\Users\Sizustar\Documents\【東方MMD】お嬢様がNostalogicを踊るはずだったのだけど【ちょっとPV風味】.mp4
[2011/05/16 07:03:30 | 009,512,862 | ---- | C] () -- C:\Users\Sizustar\Documents\和曲似合いそうな歌い手集めて「凛として咲く花の如く」歌ってみた).flv
[2011/05/16 06:57:36 | 048,459,185 | ---- | C] () -- C:\Users\Sizustar\Documents\魔法少女まどか☆マギカ -the ultimate modification-.mp4
[2011/05/16 03:15:59 | 000,361,571 | ---- | C] () -- C:\Users\Sizustar\Documents\1305445135069.gif
[2011/05/16 03:15:39 | 000,125,737 | ---- | C] () -- C:\Users\Sizustar\Documents\1305417382835.jpg
[2011/05/16 03:15:33 | 000,118,941 | ---- | C] () -- C:\Users\Sizustar\Documents\1305417026623.jpg
[2011/05/16 03:15:24 | 000,110,964 | ---- | C] () -- C:\Users\Sizustar\Documents\1305415767642.jpg
[2011/05/16 01:26:03 | 000,006,638 | ---- | C] () -- C:\Users\Sizustar\AppData\Roaming\0EDE.18C
[2011/05/15 20:02:35 | 000,423,459 | ---- | C] () -- C:\Users\Sizustar\Documents\1305449679532.jpg
[2011/05/15 20:02:18 | 000,079,016 | ---- | C] () -- C:\Users\Sizustar\Documents\1305448473372.jpg
[2011/05/14 18:17:14 | 000,304,497 | ---- | C] () -- C:\Users\Sizustar\Documents\1305303779911.jpg
[2011/05/14 16:04:49 | 000,027,123 | ---- | C] () -- C:\Users\Sizustar\Documents\snapshot20080705212834.jpg
[2011/05/14 16:04:35 | 000,152,609 | ---- | C] () -- C:\Users\Sizustar\Documents\090624-maccros-12.jpg
[2011/05/14 16:04:30 | 000,152,358 | ---- | C] () -- C:\Users\Sizustar\Documents\090624-maccros-11.jpg
[2011/05/14 06:45:19 | 000,950,611 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 08.jpg
[2011/05/14 06:45:07 | 000,969,618 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 07.jpg
[2011/05/14 06:45:02 | 001,025,414 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 06.jpg
[2011/05/14 06:44:54 | 000,987,552 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 05.jpg
[2011/05/14 06:44:48 | 001,083,287 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 04.jpg
[2011/05/14 06:44:43 | 001,071,435 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 03.jpg
[2011/05/14 06:44:36 | 001,126,169 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 02.jpg
[2011/05/14 06:44:30 | 001,072,869 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 01.jpg
[2011/05/14 05:05:08 | 000,358,258 | ---- | C] () -- C:\Users\Sizustar\Documents\1305315838683.gif
[2011/05/14 05:01:38 | 000,068,701 | ---- | C] () -- C:\Users\Sizustar\Documents\709.jpg
[2011/05/13 14:20:13 | 000,001,265 | ---- | C] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\Some PDF Image Extractr.lnk
[2011/05/13 14:20:13 | 000,001,077 | ---- | C] () -- C:\Users\Sizustar\Desktop\Some PDF Image Extractr.lnk
[2011/05/13 04:28:50 | 000,463,939 | ---- | C] () -- C:\Users\Sizustar\Documents\1305219617028.jpg
[2011/05/13 04:28:02 | 000,457,256 | ---- | C] () -- C:\Users\Sizustar\Documents\1305219526827.jpg
[2011/05/11 23:12:29 | 000,002,159 | ---- | C] () -- C:\Users\Sizustar\Desktop\Easy Clone Detective.lnk
[2011/05/09 21:40:20 | 001,512,209 | ---- | C] () -- C:\Users\Sizustar\Documents\18641737.png
[2011/05/09 17:50:40 | 009,554,139 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】東方キャラ達に『ハッピーシンセサイザ』踊ってもらった.flv
[2011/05/09 17:49:54 | 009,559,266 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】みんなに『ハッピーシンセサイザ』踊ってもらった.flv
[2011/05/09 02:28:46 | 000,114,723 | ---- | C] () -- C:\Users\Sizustar\Documents\18532002_p3.jpg
[2011/05/09 02:28:44 | 000,101,106 | ---- | C] () -- C:\Users\Sizustar\Documents\18532002_p2.jpg
[2011/05/09 02:28:41 | 000,110,753 | ---- | C] () -- C:\Users\Sizustar\Documents\18532002_p1.jpg
[2011/05/09 02:28:39 | 000,120,254 | ---- | C] () -- C:\Users\Sizustar\Documents\18532002_p0.jpg
[2011/05/09 02:26:57 | 000,073,644 | ---- | C] () -- C:\Users\Sizustar\Documents\18681769_p0.png
[2011/05/09 02:26:54 | 000,051,358 | ---- | C] () -- C:\Users\Sizustar\Documents\18681769_p1.png
[2011/05/09 02:26:50 | 000,020,678 | ---- | C] () -- C:\Users\Sizustar\Documents\18681769_p2.png
[2011/05/05 11:32:28 | 004,325,376 | ---- | C] () -- C:\Windows\SysWow64\KaguraGSS.scr
[2011/05/05 11:22:46 | 000,001,145 | ---- | C] () -- C:\Users\Sizustar\Desktop\神楽早春賦.lnk
[2011/05/05 04:21:06 | 000,001,161 | ---- | C] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2011/05/05 04:21:06 | 000,001,137 | ---- | C] () -- C:\Users\Sizustar\Desktop\AVG PC Tuneup 2011.lnk
[2011/05/05 02:51:56 | 000,126,392 | ---- | C] () -- C:\Users\Sizustar\Documents\241085%20-%20Boomer%20JoPereira%20Louis%20left_4_dead%20zoey.jpg
[2011/05/04 21:05:38 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/05/04 21:05:34 | 002,230,672 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/03 16:25:38 | 000,000,056 | ---- | C] () -- C:\Windows\kgt2k.INI
[2011/05/02 18:00:34 | 000,033,371 | ---- | C] () -- C:\Users\Sizustar\Documents\image.jpeg
[2011/05/02 07:31:39 | 000,025,615 | ---- | C] () -- C:\Users\Sizustar\Documents\gamportal2turretdoll530.jpg
[2011/05/02 05:58:36 | 000,437,014 | ---- | C] () -- C:\Users\Sizustar\Documents\1303810964794.jpg
[2011/05/02 05:42:17 | 000,392,880 | ---- | C] () -- C:\Users\Sizustar\Documents\27.jpg
[2011/05/02 05:40:56 | 000,331,092 | ---- | C] () -- C:\Users\Sizustar\Documents\16.jpg
[2011/05/01 23:02:19 | 000,057,727 | ---- | C] () -- C:\Users\Sizustar\Documents\Kon.jpg
[2011/05/01 21:40:07 | 000,059,413 | ---- | C] () -- C:\Users\Sizustar\Documents\a9ca51a0.jpg
[2011/05/01 21:39:44 | 000,148,371 | ---- | C] () -- C:\Users\Sizustar\Documents\f7e2fce5.jpg
[2011/05/01 15:58:27 | 008,995,515 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】東方モデルをミニスカで【ハッピーシンセサイザ】.flv
[2011/05/01 15:41:42 | 000,496,803 | ---- | C] () -- C:\Users\Sizustar\Documents\1304224434344.jpg
[2011/04/30 22:36:55 | 000,001,171 | ---- | C] () -- C:\Users\Sizustar\Desktop\iSkysoft DRM Removal.lnk
[2011/04/30 22:36:54 | 000,675,840 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax
[2011/04/30 22:36:54 | 000,496,640 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2011/04/30 22:36:54 | 000,153,600 | ---- | C] () -- C:\Windows\SysWow64\WS_ATLMovie.dll
[2011/04/30 22:20:26 | 000,001,500 | ---- | C] () -- C:\Users\Sizustar\Desktop\wmplayer.exe - Shortcut.lnk
[2011/04/30 12:56:52 | 000,310,984 | ---- | C] () -- C:\Users\Sizustar\Documents\1304094452752.jpg
[2011/04/30 12:41:46 | 000,020,012 | ---- | C] () -- C:\Users\Sizustar\Documents\img1f73137bzik3zj.jpg
[2011/04/30 06:40:42 | 000,818,225 | ---- | C] () -- C:\Users\Sizustar\Documents\18299616.jpg
[2011/04/30 04:31:38 | 001,252,646 | ---- | C] () -- C:\Users\Sizustar\Documents\The%20Avengers%2018.jpg
[2011/04/30 04:31:21 | 001,818,372 | ---- | C] () -- C:\Users\Sizustar\Documents\The%20Avengers%2016.jpg
[2011/04/30 04:31:17 | 001,090,343 | ---- | C] () -- C:\Users\Sizustar\Documents\The%20Avengers%20%2015.jpg
[2011/04/30 04:31:11 | 000,525,590 | ---- | C] () -- C:\Users\Sizustar\Documents\The%20Avengers%2014.jpg
[2011/04/30 04:30:05 | 001,211,011 | ---- | C] () -- C:\Users\Sizustar\Documents\The%20Avengers%201%20-%20Page%2013.jpg
[2011/04/29 20:47:23 | 000,074,035 | ---- | C] () -- C:\Users\Sizustar\Documents\Transformers-3-Dark-of-the-Moon-Teaser-Poster-Clear_1291759448_1298047467_1302887052.jpg
[2011/04/29 17:01:59 | 000,376,002 | ---- | C] () -- C:\Users\Sizustar\Documents\hana_m00.jpg
[2011/04/28 23:58:39 | 000,192,627 | ---- | C] () -- C:\Users\Sizustar\Documents\18467814.jpg
[2011/04/27 06:45:47 | 000,046,361 | ---- | C] () -- C:\Users\Sizustar\Documents\18336267_m.jpg
[2011/04/27 06:30:29 | 000,029,581 | ---- | C] () -- C:\Users\Sizustar\Documents\2132446298_full.jpg
[2011/04/27 05:51:22 | 000,284,459 | ---- | C] () -- C:\Users\Sizustar\Desktop\1284133142.jpg
[2011/04/24 09:09:16 | 000,091,731 | ---- | C] () -- C:\Users\Sizustar\Documents\1303369309370.jpg
[2011/04/24 06:35:53 | 002,712,064 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011/04/24 06:35:53 | 000,631,808 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/04/24 06:35:53 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/04/24 06:35:53 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/04/24 06:35:53 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2011/04/24 06:35:53 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/04/24 01:52:26 | 000,241,779 | ---- | C] () -- C:\Users\Sizustar\Documents\rspc9030.png
[2011/04/23 09:03:14 | 000,514,354 | ---- | C] () -- C:\Users\Sizustar\Documents\12825701.jpg
[2011/04/23 08:51:18 | 021,342,466 | ---- | C] () -- C:\Users\Sizustar\Documents\【手書き】家に帰ると妻がいつも死んだふりをしています。.flv
[2011/04/23 04:59:27 | 000,083,110 | ---- | C] () -- C:\Users\Sizustar\Documents\1303379198437.jpg
[2011/04/23 04:57:05 | 000,470,301 | ---- | C] () -- C:\Users\Sizustar\Documents\1303489211059.png
[2011/04/23 04:53:23 | 000,115,758 | ---- | C] () -- C:\Users\Sizustar\Documents\2yjwow1.jpg
[2011/04/23 04:08:05 | 000,384,328 | ---- | C] () -- C:\Users\Sizustar\Desktop\1301228225916.jpg
[2011/04/22 23:45:15 | 000,179,467 | ---- | C] () -- C:\Users\Sizustar\Documents\130344254283.jpg
[2011/04/21 06:57:26 | 000,086,883 | ---- | C] () -- C:\Users\Sizustar\Documents\150183%20-%20Hunter_x_Hunter%20Nefelpitou%20Ponzu.jpg
[2011/04/21 00:27:50 | 000,491,306 | ---- | C] () -- C:\Users\Sizustar\Documents\1303313230035.png
[2011/04/19 15:06:52 | 000,000,036 | ---- | C] () -- C:\Users\Sizustar\AppData\Local\housecall.guid.cache
[2011/04/19 14:47:21 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/04/19 14:47:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/04/19 14:47:21 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/04/19 14:47:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/04/19 14:47:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/04/01 18:42:53 | 000,000,459 | ---- | C] () -- C:\Users\Sizustar\AppData\Roaming\Syscfg.ini
[2011/03/12 02:45:00 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011/03/02 04:57:48 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011/03/02 04:57:48 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/02/21 15:57:49 | 000,128,512 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/02/21 15:57:49 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/02/21 15:57:49 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2011/02/21 15:57:49 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2011/02/21 08:36:24 | 000,704,000 | ---- | C] () -- C:\Windows\is-INQ5J.exe
[2010/12/09 03:14:53 | 000,673,280 | ---- | C] () -- C:\Windows\is-6H2JS.exe
[2010/11/12 01:36:14 | 000,007,610 | ---- | C] () -- C:\Users\Sizustar\AppData\Local\Resmon.ResmonCfg
[2010/11/06 01:09:43 | 000,003,673 | ---- | C] () -- C:\Windows\SysWow64\10.inf1031.dat
[2010/10/30 00:48:13 | 000,003,738 | ---- | C] () -- C:\Windows\SysWow64\30.inf3037.dat
[2010/10/23 00:47:14 | 000,003,737 | ---- | C] () -- C:\Windows\SysWow64\10.inf1028.dat
[2010/10/18 15:48:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2010/09/28 16:41:16 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/09/26 16:34:34 | 000,209,793 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010/09/26 16:34:34 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010/09/26 15:46:33 | 000,024,576 | ---- | C] () -- C:\Users\Sizustar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/26 00:07:31 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\RGSS102J.dll
[2010/09/26 00:07:31 | 000,778,752 | ---- | C] () -- C:\Windows\SysWow64\RGSS102E.dll
[2010/09/26 00:07:31 | 000,685,056 | ---- | C] () -- C:\Windows\SysWow64\RGSS103J.dll
[2010/09/26 00:07:30 | 000,771,584 | ---- | C] () -- C:\Windows\SysWow64\RGSS100J.dll
[2010/09/25 09:21:37 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010/09/25 01:19:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/09/02 15:33:54 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2010/09/02 15:32:52 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 13:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 10:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 08:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 05:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/01/05 15:44:10 | 000,053,248 | ---- | C] () -- C:\Windows\bdoscandel.exe
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2005/08/18 15:28:30 | 000,273,408 | ---- | C] () -- C:\Windows\SysWow64\unlha32.dll

========== Files - Unicode (All) ==========
[2011/05/19 12:57:40 | 013,127,272 | ---- | M] ()(C:\Users\Sizustar\Desktop\[ACT-SJHx?橙][ToLoveRu_Darkness][番外篇][危?的妹控路?].zip) -- C:\Users\Sizustar\Desktop\[ACT-SJHx飞橙][ToLoveRu_Darkness][番外篇][危险的妹控路线].zip
[2011/05/19 12:55:12 | 013,127,272 | ---- | C] ()(C:\Users\Sizustar\Desktop\[ACT-SJHx?橙][ToLoveRu_Darkness][番外篇][危?的妹控路?].zip) -- C:\Users\Sizustar\Desktop\[ACT-SJHx飞橙][ToLoveRu_Darkness][番外篇][危险的妹控路线].zip
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?j|t,e°T) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\¤j¦t¸ê°T

========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
  • 0

Advertisements

#2
Render
Posted 20 May 2011 - 09:52 AM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi, bluewr! Welcome to GeeksToGo! My nick name is Render and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :)

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.

Please note:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.

Please do the following:

Step 1

We need to run an OTL Fix

  • Please reopen Posted Image on your desktop.
  • Copy (select all lines inside quote box and press CTRL+C) and Paste (press CTRL+V) the following code into the Posted Image textbox.

    :OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:51293
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 51293
    O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
    O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()

    :Files
    ipconfig /flushdns /c

    :Reg

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Click on Posted Image button.
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click on Posted Image button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.

Step 2

  • Please download aswMBR.exe to your desktop.
  • Double click the aswMBR.exe to run it.

    Posted Image
  • Click the Scan button to start scan.

    Posted Image
  • On completion of the scan click Save log, save it to your desktop and post in your next reply.

Step 3

Posted Image OTL Custom Scan

  • Double click on the Posted Image icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top, make sure Stadard output is selected.
  • Select Scan all users
  • Under the Extra Registry section, check Use SafeList
  • Check the boxes beside LOP Check and Purity Check.
  • Copy (select all lines inside quote box and press CTRL+C) and Paste (press CTRL+V) the following code into the Posted Image textbox.

    netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

When completed the above, please post back the following in the order asked for:
  • OTL fix log
  • aswMBR log
  • OTL log
  • Extras log

  • 0

#3
bluewr
Posted 20 May 2011 - 11:15 AM

bluewr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
OTL fix log

All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 51293 removed from network.proxy.http_port
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Sizustar
->Temp folder emptied: 60167185 bytes
->Temporary Internet Files folder emptied: 235334592 bytes
->Java cache emptied: 44604 bytes
->FireFox cache emptied: 280876490 bytes
->Flash cache emptied: 148037 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41044 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 24576 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 62045654 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84793 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 76272059 bytes

Total Files Cleaned = 682.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Sizustar
->Flash cache emptied: 0 bytes

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Error creating restore point.

OTL by OldTimer - Version 3.2.22.3 log created on 05212011_001210

Files\Folders moved on Reboot...
C:\Users\Sizustar\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTN3DDME\ads[8].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTN3DDME\search[1].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W36J7XQK\301157-pumbadproxy-keep-on-reappearing-after-cleaning-it[1].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W36J7XQK\ads[2].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W36J7XQK\ads[3].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T9JUEG57\ads[4].htm moved successfully.
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T9JUEG57\iframe[1].htm not found!
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFBTQG7W\adsCA41EPE9.htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFBTQG7W\adsCA4DD39S.htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFBTQG7W\ads[7].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PNJ0TV8C\adsCAMW2A1Q.htm moved successfully.
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ON11RS3P\cm[1].htm not found!
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ON11RS3P\cm[2].htm not found!
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ON11RS3P\htmlbanner[1].htm not found!
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ON11RS3P\iframe3[1].htm not found!
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ON11RS3P\like[2].htm moved successfully.
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ON11RS3P\st[1] not found!
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWBITE84\ads[4].htm not found!
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWBITE84\ads[5].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWBITE84\ads[6].htm moved successfully.
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWBITE84\cm[1].htm not found!
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWBITE84\cm[2].htm not found!
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWBITE84\cm[3].htm not found!
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWBITE84\デート所望[1].htm not found!
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HSSBVMOD\search[1].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FN017Q9V\ads[8].htm moved successfully.
File\Folder C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FN017Q9V\like[2].htm not found!
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FN017Q9V\深謝の知恵袋 秋葉人[1].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BNTD13S3\ads[2].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4UPB3WWB\37-virus-spyware-malware-removal[1].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4UPB3WWB\a5b2a9f2[1].htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JZWPAP7\adsCAF9AHM4.htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JZWPAP7\adsCAK3KG10.htm moved successfully.
C:\Users\Sizustar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JZWPAP7\ads[9].htm moved successfully.

Registry entries deleted on Reboot...


aswMBR log

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-21 01:03:45
-----------------------------
01:03:45.023 OS Version: Windows x64 6.1.7601 Service Pack 1
01:03:45.023 Number of processors: 4 586 0x403
01:03:45.023 ComputerName: SIZUSTAR-PC UserName: Sizustar
01:03:46.458 Initialize success
01:04:21.324 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
01:04:21.339 Disk 0 Vendor: WDC_WD1001FALS-00J7B0 05.00K05 Size: 953869MB BusType: 3
01:04:21.339 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-4
01:04:21.339 Disk 1 Vendor: ST31500341AS CC1H Size: 1430799MB BusType: 3
01:04:21.339 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T1L0-6
01:04:21.355 Disk 2 Vendor: WDC_WD3200SD-01KNB0 08.05J08 Size: 305245MB BusType: 3
01:04:23.383 Disk 0 MBR read successfully
01:04:23.383 Disk 0 MBR scan
01:04:23.383 Disk 0 Windows 7 default MBR code
01:04:23.399 Service scanning
01:04:24.366 Disk 0 trace - called modules:
01:04:24.366 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8006ae92c0]<<
01:04:24.381 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d2c060]
01:04:24.381 3 CLASSPNP.SYS[fffff88001bca43f] -> nt!IofCallDriver -> [0xfffffa800784f670]
01:04:24.397 5 ACPI.sys[fffff88000db37a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0xfffffa8007861680]
01:04:24.397 \Driver\atapi[0xfffffa80078478b0] -> IRP_MJ_CREATE -> 0xfffffa8006ae92c0
01:04:24.413 Scan finished successfully
01:04:35.442 Disk 0 MBR has been saved successfully to "C:\Users\Sizustar\Desktop\MBR.dat"
01:04:35.442 The log file has been saved successfully to "C:\Users\Sizustar\Desktop\aswMBR.txt"



OTL log

OTL logfile created on: 2011/05/21 1:05:51 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sizustar\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000411 | Country: Japan | Language: JPN | Date Format: yyyy/MM/dd

8.00 Gb Total Physical Memory | 7.00 Gb Available Physical Memory | 82.00% Memory free
16.00 Gb Paging File | 15.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): c:\pagefile.sys 8191 8191 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.35 Gb Total Space | 272.62 Gb Free Space | 58.59% Space Free | Partition Type: NTFS
Drive D: | 466.16 Gb Total Space | 415.24 Gb Free Space | 89.08% Space Free | Partition Type: NTFS
Drive E: | 1397.26 Gb Total Space | 719.28 Gb Free Space | 51.48% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 113.05 Gb Free Space | 37.92% Space Free | Partition Type: NTFS

Computer Name: SIZUSTAR-PC | User Name: Sizustar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/20 12:26:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sizustar\Desktop\OTL.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2011/04/08 13:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/04/01 06:17:51 | 002,860,800 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2011/03/02 04:56:03 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgam.exe
PRC - [2010/09/25 02:07:12 | 000,131,072 | ---- | M] (South Bay Software) -- C:\Program Files (x86)\AutoSizer\AutoSizer.exe
PRC - [2010/01/27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (SafeList) ==========

MOD - [2011/05/20 12:26:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sizustar\Desktop\OTL.exe
MOD - [2010/11/20 03:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010/09/25 02:07:12 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\AutoSizer\AutoSizer.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/05 01:55:09 | 000,128,384 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/03/15 15:18:32 | 002,610,952 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV:64bit: - [2011/03/15 15:18:22 | 002,266,376 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine)
SRV:64bit: - [2010/10/28 18:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/09/24 13:17:16 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/09/24 13:17:16 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2010/09/24 13:17:10 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/04/08 13:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/04/01 06:17:51 | 002,860,800 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2service.exe -- (a2AntiMalware)
SRV - [2011/03/02 04:56:03 | 000,090,112 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2011/02/21 15:58:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/27 16:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/09/20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/03 23:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/03/02 04:56:03 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2011/03/02 04:44:38 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/01/19 17:47:18 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV:64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV:64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV:64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV:64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/09/25 01:17:22 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/09/23 03:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2010/08/25 01:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/08/25 01:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010/07/09 13:19:02 | 000,021,480 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/02/18 02:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/18 02:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/08/14 14:48:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\skfiltv.sys -- (skfiltv)
DRV:64bit: - [2008/02/01 18:15:04 | 000,043,520 | ---- | M] (ASUSTek Computer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ipgdnd60.sys -- (ipgd)
DRV - [2011/03/12 17:46:36 | 000,085,800 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2011/02/21 16:14:38 | 000,014,592 | ---- | M] (Philips PTCL) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\MassDfu.sys -- (DFU)
DRV - [2010/12/18 19:03:58 | 000,025,280 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2009/09/24 18:44:14 | 000,070,168 | ---- | M] (TSS - www.trinity-ss.com) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\TSSFSFD.sys -- (TSS_FSFILTER)
DRV - [2009/09/24 18:44:14 | 000,070,168 | ---- | M] (TSS - www.trinity-ss.com) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TSSFSFD.sys -- (DynamicEDController)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2649771325-447262740-1830322281-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
IE - HKU\S-1-5-21-2649771325-447262740-1830322281-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ja
IE - HKU\S-1-5-21-2649771325-447262740-1830322281-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2649771325-447262740-1830322281-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:51293


========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "http://my.daemon-sea....com/startpage"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: [email protected]:4.51
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: [email protected]:2.6.7
FF - prefs.js..extensions.enabledItems: nicofox@littlebtc:0.4b1
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.4.0024
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: ""
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/26 16:38:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/29 19:37:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/16 14:22:46 | 000,000,000 | ---D | M]

[2010/09/25 01:20:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Extensions
[2011/05/16 14:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Firefox\Profiles\2yaoxcwj.default\extensions
[2011/04/10 10:41:15 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Firefox\Profiles\2yaoxcwj.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011/04/01 10:41:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Firefox\Profiles\2yaoxcwj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/04/23 04:26:25 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Firefox\Profiles\2yaoxcwj.default\extensions\[email protected]
[2011/03/02 04:44:34 | 000,002,059 | ---- | M] () -- C:\Users\Sizustar\AppData\Roaming\Mozilla\Firefox\Profiles\2yaoxcwj.default\searchplugins\daemon-search.xml
[2011/03/22 16:54:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\SIZUSTAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2YAOXCWJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\SIZUSTAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2YAOXCWJ.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2011/04/29 19:36:59 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010/10/21 06:11:42 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010/01/01 16:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/05/21 00:12:11 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-2649771325-447262740-1830322281-1000\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-21-2649771325-447262740-1830322281-1000..\Run: [AutoSizer] C:\Program Files (x86)\AutoSizer\AutoSizer.exe (South Bay Software)
O4 - HKU\S-1-5-21-2649771325-447262740-1830322281-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2649771325-447262740-1830322281-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2649771325-447262740-1830322281-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2649771325-447262740-1830322281-1001..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-2649771325-447262740-1830322281-1001..\RunOnce: [spchecker] C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2649771325-447262740-1830322281-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2649771325-447262740-1830322281-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-2649771325-447262740-1830322281-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2649771325-447262740-1830322281-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-21-2649771325-447262740-1830322281-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (Reg Error: Key error.)
O16 - DPF: {2AA793B8-230D-4EE1-9158-21ADA1421950} http://download.powe...tw/fsplayer.cab (Reg Error: Key error.)
O16 - DPF: {2B658B62-1B6F-4CFF-8A7C-225B7BB15336} http://www.dotbook.j...TimeCrochet.cab (CrochetCtrl Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {931C1175-E08E-4ADA-9AED-4A2828AE1011} http://trinity.dlsit...ex/pbebkick.cab (PbEbkick Control)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.micr...44/igdtoolx.cab (Reg Error: Key error.)
O16 - DPF: {C8F5F737-2683-40B8-BFB6-47B15AC20A79} https://gash.gamania....1/lcjggame.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.16.0.cab (SysInfo Class)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/01 04:30:10 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/05/21 00:12:34 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\Sizustar\Desktop\aswMBR.exe
[2011/05/21 00:12:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/20 15:11:43 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\Ragnarok
[2011/05/20 12:26:06 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Sizustar\Desktop\OTL.exe
[2011/05/20 07:24:18 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\asufe101
[2011/05/20 07:24:14 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\TORMENTRIP
[2011/05/16 22:48:04 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\tohovsneko110513
[2011/05/16 22:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BLUEWATER
[2011/05/16 22:18:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BLUEWATER
[2011/05/16 21:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2011/05/16 21:12:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2011/05/16 20:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/05/16 09:15:34 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Roaming\SUPERAntiSpyware.com
[2011/05/16 09:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/05/16 09:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/05/16 09:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/05/13 22:30:48 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\Eroquis_gallery
[2011/05/13 14:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SomePDF
[2011/05/13 14:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SomePDF
[2011/05/13 04:30:34 | 000,000,000 | -H-D | C] -- C:\Users\Sizustar\Desktop\[Originals]
[2011/05/11 23:13:27 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Local\Easy Clone Detective
[2011/05/11 23:12:29 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Refero Group
[2011/05/11 23:12:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Refero Group
[2011/05/11 23:12:29 | 000,000,000 | ---D | C] -- C:\Windows\Easy Clone Detective
[2011/05/11 21:24:40 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/05/11 21:24:40 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/05/11 21:24:39 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011/05/11 21:24:39 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011/05/11 21:24:38 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/05/11 21:24:37 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/05/11 21:24:37 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/05/08 00:43:27 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\Vorpal_Rabbit_1_0_0_2
[2011/05/05 04:24:16 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Roaming\AVG
[2011/05/05 04:21:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/05/05 04:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2011/05/05 01:51:19 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/05/05 01:05:01 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\AppData\Roaming\AVG10
[2011/05/05 01:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/05/05 01:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/05/05 01:04:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2011/05/05 00:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/05/03 20:41:51 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Desktop\hana_circle
[2011/05/01 22:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\lame3.98.2
[2011/04/30 22:37:35 | 000,000,000 | ---D | C] -- C:\Users\Sizustar\Documents\iSkysoft DRM Removal
[2011/04/30 22:37:06 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys
[2011/04/30 22:37:04 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys
[2011/04/30 22:37:02 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys
[2011/04/30 22:37:00 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys
[2011/04/30 22:36:57 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys
[2011/04/30 22:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft
[2011/04/30 22:36:54 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\SysWow64\iconv.dll
[2011/04/30 22:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iSkysoft
[2011/04/28 08:02:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2011/04/28 01:11:02 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/04/28 01:11:02 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011/04/28 01:11:02 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011/04/28 01:11:02 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/04/28 01:11:02 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011/04/28 01:11:02 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011/04/28 01:11:02 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/04/28 01:10:59 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/04/28 01:10:59 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/04/28 01:10:58 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/28 01:10:58 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/04/28 01:10:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011/04/28 01:10:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/04/26 21:39:00 | 000,189,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011/04/26 21:39:00 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011/04/26 21:39:00 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011/04/26 21:38:57 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/04/24 20:57:03 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\pncrt.dll
[2011/04/24 20:57:03 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\drv43260.dll
[2011/04/24 20:57:03 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\drv33260.dll
[2011/04/24 20:57:03 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\sipr3260.dll
[2011/04/24 20:57:03 | 000,065,536 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\cook.dll
[2011/04/24 06:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
[2011/04/24 06:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011/04/24 06:35:53 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\SysWow64\lameACM.acm
[2011/04/24 06:35:53 | 000,630,784 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2011/04/24 06:35:53 | 000,391,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\I263_32.drv
[2011/04/24 06:35:53 | 000,287,744 | ---- | C] (Kristal StudioDFileDescription) -- C:\Windows\SysWow64\divxa32.acm
[2011/04/24 06:35:53 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011/04/24 06:35:53 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\mp3fhg.acm
[2011/04/24 06:35:53 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2011/04/24 06:35:53 | 000,122,368 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011/04/24 06:35:53 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\Windows\SysWow64\huffyuv.dll
[2011/04/24 06:31:42 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll.bak

========== Files - Modified Within 30 Days ==========

[2011/05/21 01:04:35 | 000,000,512 | ---- | M] () -- C:\Users\Sizustar\Desktop\MBR.dat
[2011/05/21 00:57:52 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/21 00:57:52 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/21 00:50:39 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011/05/21 00:50:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/21 00:50:29 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/21 00:12:35 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Sizustar\Desktop\aswMBR.exe
[2011/05/21 00:12:11 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/05/20 22:51:28 | 000,487,427 | ---- | M] () -- C:\Users\Sizustar\Desktop\4koma02.jpg
[2011/05/20 22:49:55 | 000,485,009 | ---- | M] () -- C:\Users\Sizustar\Desktop\4koma01.jpg
[2011/05/20 15:11:42 | 062,330,572 | ---- | M] () -- C:\Users\Sizustar\Desktop\Ragnarok.exe
[2011/05/20 13:20:25 | 000,001,060 | ---- | M] () -- C:\Windows\SysNative\PDBootState
[2011/05/20 12:31:04 | 000,001,387 | ---- | M] () -- C:\Users\Sizustar\Desktop\noproxy.reg
[2011/05/20 12:26:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sizustar\Desktop\OTL.exe
[2011/05/20 07:23:50 | 020,333,879 | ---- | M] () -- C:\Users\Sizustar\Desktop\TORMENTRIP.zip
[2011/05/20 07:23:29 | 017,506,724 | ---- | M] () -- C:\Users\Sizustar\Desktop\asufe101.zip
[2011/05/19 16:00:13 | 115,347,518 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/05/19 15:44:28 | 000,181,546 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305471061148.jpg
[2011/05/19 15:30:40 | 000,064,879 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305722752751.jpg
[2011/05/19 15:27:22 | 000,089,643 | ---- | M] () -- C:\Users\Sizustar\Desktop\2ds45qp.jpg
[2011/05/19 00:22:24 | 000,367,892 | ---- | M] () -- C:\Users\Sizustar\Desktop\4komaa00.jpg
[2011/05/18 20:43:58 | 000,049,965 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305595023594.jpg
[2011/05/18 19:44:16 | 002,188,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/18 19:44:16 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/18 19:44:16 | 000,398,716 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2011/05/18 19:44:16 | 000,396,450 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2011/05/18 19:44:16 | 000,361,570 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2011/05/18 19:44:16 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2011/05/18 19:44:16 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2011/05/18 19:44:16 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/18 19:44:16 | 000,104,050 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2011/05/17 09:40:53 | 000,020,040 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/05/17 01:02:43 | 000,066,930 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305478116764.jpg
[2011/05/16 22:46:17 | 015,640,514 | ---- | M] () -- C:\Users\Sizustar\Desktop\tohovsneko110513.zip
[2011/05/16 22:19:47 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\DiaGnosis2.lnk
[2011/05/16 22:03:31 | 000,161,091 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305541100664.jpg
[2011/05/16 21:16:26 | 000,433,303 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[2011/05/16 19:03:51 | 000,063,373 | ---- | M] () -- C:\Users\Sizustar\Desktop\1305507516408.jpg
[2011/05/16 14:34:15 | 000,006,638 | ---- | M] () -- C:\Users\Sizustar\AppData\Roaming\0EDE.18C
[2011/05/16 14:33:13 | 058,273,855 | ---- | M] () -- C:\Users\Sizustar\Desktop\RJ077472.zip
[2011/05/16 12:34:18 | 026,845,822 | ---- | M] () -- C:\Users\Sizustar\Documents\【東方】『幻想万華鏡』予告編 満福神社×幽閉サテライト【アニメ】 - [sm14400995].mp4
[2011/05/16 09:15:22 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/16 08:17:39 | 060,579,845 | ---- | M] () -- C:\Users\Sizustar\Documents\【第6回MMD杯本選】恋天使ルシフェル.mp4
[2011/05/16 08:04:25 | 050,744,207 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】魔王エンジェルにまっさらブルージーンズを踊ってもらった.mp4
[2011/05/16 08:01:08 | 068,736,850 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】BREEZE【魔王エンジェル】.mp4
[2011/05/16 07:54:35 | 039,453,402 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】魔王エンジェルにNostalogicを踊ってもらった【修正版】.mp4
[2011/05/16 07:52:33 | 010,237,078 | ---- | M] () -- C:\Users\Sizustar\Documents\【3DCG】くるっと・おどって・初音ミク【ねんどろいど】.flv
[2011/05/16 07:43:50 | 472,907,776 | ---- | M] () -- C:\Users\Sizustar\Desktop\[KiaiNeko] H-Manga Collection.part1.rar
[2011/05/16 07:41:56 | 341,635,270 | ---- | M] () -- C:\Users\Sizustar\Desktop\[KiaiNeko] H-Manga Collection.part2.rar
[2011/05/16 07:40:02 | 024,412,373 | ---- | M] () -- C:\Users\Sizustar\Documents\【MikuMikuDance】助手よ素直になるがいい【Steins;Gate】.mp4
[2011/05/16 07:38:06 | 025,748,404 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】折紙さんが見切れないハレ晴レユカイ【と助手とホビロン】.mp4
[2011/05/16 07:37:06 | 021,085,786 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】松前緒花の「Ievan Polkka」(ミクは・・・)【第3回ラジP杯】.mp4
[2011/05/16 07:29:02 | 045,234,406 | ---- | M] () -- C:\Users\Sizustar\Documents\春香・美希 Bad Apple!!.mp4
[2011/05/16 07:19:37 | 016,196,926 | ---- | M] () -- C:\Users\Sizustar\Documents\和曲似合いそうな歌い手集めて「凛として咲く花の如く」歌ってみた.mp4
[2011/05/16 07:14:41 | 097,315,165 | ---- | M] () -- C:\Users\Sizustar\Documents\【東方MMD】お嬢様がNostalogicを踊るはずだったのだけど【ちょっとPV風味】.mp4
[2011/05/16 06:57:39 | 048,459,185 | ---- | M] () -- C:\Users\Sizustar\Documents\魔法少女まどか☆マギカ -the ultimate modification-.mp4
[2011/05/16 03:15:37 | 000,125,737 | ---- | M] () -- C:\Users\Sizustar\Documents\1305417382835.jpg
[2011/05/16 03:15:31 | 000,118,941 | ---- | M] () -- C:\Users\Sizustar\Documents\1305417026623.jpg
[2011/05/16 03:15:21 | 000,110,964 | ---- | M] () -- C:\Users\Sizustar\Documents\1305415767642.jpg
[2011/05/16 03:13:11 | 000,361,571 | ---- | M] () -- C:\Users\Sizustar\Documents\1305445135069.gif
[2011/05/15 20:02:27 | 000,423,459 | ---- | M] () -- C:\Users\Sizustar\Documents\1305449679532.jpg
[2011/05/15 20:02:10 | 000,079,016 | ---- | M] () -- C:\Users\Sizustar\Documents\1305448473372.jpg
[2011/05/14 18:17:06 | 000,304,497 | ---- | M] () -- C:\Users\Sizustar\Documents\1305303779911.jpg
[2011/05/14 07:19:48 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/05/14 06:31:36 | 000,950,611 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 08.jpg
[2011/05/14 06:31:35 | 000,969,618 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 07.jpg
[2011/05/14 06:31:31 | 001,025,414 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 06.jpg
[2011/05/14 06:31:29 | 000,987,552 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 05.jpg
[2011/05/14 06:31:27 | 001,083,287 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 04.jpg
[2011/05/14 06:31:25 | 001,071,435 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 03.jpg
[2011/05/14 06:31:17 | 001,126,169 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 02.jpg
[2011/05/14 06:31:13 | 001,072,869 | ---- | M] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 01.jpg
[2011/05/14 05:04:38 | 000,358,258 | ---- | M] () -- C:\Users\Sizustar\Documents\1305315838683.gif
[2011/05/14 05:01:28 | 000,068,701 | ---- | M] () -- C:\Users\Sizustar\Documents\709.jpg
[2011/05/13 14:20:13 | 000,001,265 | ---- | M] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\Some PDF Image Extractr.lnk
[2011/05/13 14:20:13 | 000,001,077 | ---- | M] () -- C:\Users\Sizustar\Desktop\Some PDF Image Extractr.lnk
[2011/05/13 05:35:17 | 000,433,303 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110516-211626.backup
[2011/05/13 04:30:47 | 000,457,256 | ---- | M] () -- C:\Users\Sizustar\Documents\1305219526827.jpg
[2011/05/13 04:30:34 | 000,463,939 | ---- | M] () -- C:\Users\Sizustar\Documents\1305219617028.jpg
[2011/05/11 23:12:29 | 000,002,159 | ---- | M] () -- C:\Users\Sizustar\Desktop\Easy Clone Detective.lnk
[2011/05/11 21:20:31 | 000,000,972 | ---- | M] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk
[2011/05/11 21:20:31 | 000,000,948 | ---- | M] () -- C:\Users\Sizustar\Desktop\Bandicam.lnk
[2011/05/09 21:22:07 | 001,512,209 | ---- | M] () -- C:\Users\Sizustar\Documents\18641737.png
[2011/05/09 17:50:40 | 009,554,139 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】東方キャラ達に『ハッピーシンセサイザ』踊ってもらった.flv
[2011/05/09 17:49:54 | 009,559,266 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】みんなに『ハッピーシンセサイザ』踊ってもらった.flv
[2011/05/09 02:28:28 | 000,114,723 | ---- | M] () -- C:\Users\Sizustar\Documents\18532002_p3.jpg
[2011/05/09 02:28:25 | 000,101,106 | ---- | M] () -- C:\Users\Sizustar\Documents\18532002_p2.jpg
[2011/05/09 02:28:20 | 000,120,254 | ---- | M] () -- C:\Users\Sizustar\Documents\18532002_p0.jpg
[2011/05/09 02:28:19 | 000,110,753 | ---- | M] () -- C:\Users\Sizustar\Documents\18532002_p1.jpg
[2011/05/09 02:26:39 | 000,020,678 | ---- | M] () -- C:\Users\Sizustar\Documents\18681769_p2.png
[2011/05/09 02:26:24 | 000,073,644 | ---- | M] () -- C:\Users\Sizustar\Documents\18681769_p0.png
[2011/05/09 02:26:24 | 000,051,358 | ---- | M] () -- C:\Users\Sizustar\Documents\18681769_p1.png
[2011/05/06 02:10:05 | 000,433,197 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110513-053517.backup
[2011/05/05 18:58:24 | 000,024,576 | ---- | M] () -- C:\Users\Sizustar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/05 11:22:46 | 000,001,145 | ---- | M] () -- C:\Users\Sizustar\Desktop\神楽早春賦.lnk
[2011/05/05 04:21:06 | 000,001,161 | ---- | M] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2011/05/05 04:21:06 | 000,001,137 | ---- | M] () -- C:\Users\Sizustar\Desktop\AVG PC Tuneup 2011.lnk
[2011/05/05 02:51:35 | 000,126,392 | ---- | M] () -- C:\Users\Sizustar\Documents\241085%20-%20Boomer%20JoPereira%20Louis%20left_4_dead%20zoey.jpg
[2011/05/05 01:04:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\avg\incavi.avm
[2011/05/05 01:04:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\avg\iavichjw.avm
[2011/05/04 23:50:33 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/05/04 21:05:34 | 002,230,672 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/04 13:54:12 | 000,302,080 | ---- | M] () -- C:\Users\Sizustar\Desktop\gmer.exe
[2011/05/03 16:25:38 | 000,000,056 | ---- | M] () -- C:\Windows\kgt2k.INI
[2011/05/02 17:58:31 | 000,033,371 | ---- | M] () -- C:\Users\Sizustar\Documents\image.jpeg
[2011/05/02 07:30:17 | 000,025,615 | ---- | M] () -- C:\Users\Sizustar\Documents\gamportal2turretdoll530.jpg
[2011/05/02 05:57:51 | 000,437,014 | ---- | M] () -- C:\Users\Sizustar\Documents\1303810964794.jpg
[2011/05/02 05:42:18 | 000,392,880 | ---- | M] () -- C:\Users\Sizustar\Documents\27.jpg
[2011/05/02 05:40:56 | 000,331,092 | ---- | M] () -- C:\Users\Sizustar\Documents\16.jpg
[2011/05/01 23:02:15 | 000,057,727 | ---- | M] () -- C:\Users\Sizustar\Documents\Kon.jpg
[2011/05/01 21:31:42 | 000,148,371 | ---- | M] () -- C:\Users\Sizustar\Documents\f7e2fce5.jpg
[2011/05/01 21:31:41 | 000,059,413 | ---- | M] () -- C:\Users\Sizustar\Documents\a9ca51a0.jpg
[2011/05/01 15:58:27 | 008,995,515 | ---- | M] () -- C:\Users\Sizustar\Documents\【MMD】東方モデルをミニスカで【ハッピーシンセサイザ】.flv
[2011/05/01 15:39:50 | 000,496,803 | ---- | M] () -- C:\Users\Sizustar\Documents\1304224434344.jpg
[2011/04/30 22:36:55 | 000,001,171 | ---- | M] () -- C:\Users\Sizustar\Desktop\iSkysoft DRM Removal.lnk
[2011/04/30 22:20:26 | 000,001,500 | ---- | M] () -- C:\Users\Sizustar\Desktop\wmplayer.exe - Shortcut.lnk
[2011/04/30 12:56:42 | 000,310,984 | ---- | M] () -- C:\Users\Sizustar\Documents\1304094452752.jpg
[2011/04/30 12:41:42 | 000,020,012 | ---- | M] () -- C:\Users\Sizustar\Documents\img1f73137bzik3zj.jpg
[2011/04/30 06:40:07 | 000,818,225 | ---- | M] () -- C:\Users\Sizustar\Documents\18299616.jpg
[2011/04/30 04:31:37 | 001,252,646 | ---- | M] () -- C:\Users\Sizustar\Documents\The%20Avengers%2018.jpg
[2011/04/30 04:29:36 | 001,818,372 | ---- | M] () -- C:\Users\Sizustar\Documents\The%20Avengers%2016.jpg
[2011/04/30 04:29:17 | 001,090,343 | ---- | M] () -- C:\Users\Sizustar\Documents\The%20Avengers%20%2015.jpg
[2011/04/30 04:28:27 | 000,525,590 | ---- | M] () -- C:\Users\Sizustar\Documents\The%20Avengers%2014.jpg
[2011/04/30 04:28:21 | 001,211,011 | ---- | M] () -- C:\Users\Sizustar\Documents\The%20Avengers%201%20-%20Page%2013.jpg
[2011/04/29 20:47:19 | 000,074,035 | ---- | M] () -- C:\Users\Sizustar\Documents\Transformers-3-Dark-of-the-Moon-Teaser-Poster-Clear_1291759448_1298047467_1302887052.jpg
[2011/04/29 19:37:11 | 000,002,052 | ---- | M] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/29 17:00:52 | 000,376,002 | ---- | M] () -- C:\Users\Sizustar\Documents\hana_m00.jpg
[2011/04/28 23:58:33 | 000,192,627 | ---- | M] () -- C:\Users\Sizustar\Documents\18467814.jpg
[2011/04/27 06:45:30 | 000,046,361 | ---- | M] () -- C:\Users\Sizustar\Documents\18336267_m.jpg
[2011/04/27 06:30:24 | 000,029,581 | ---- | M] () -- C:\Users\Sizustar\Documents\2132446298_full.jpg
[2011/04/26 21:38:57 | 000,521,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011/04/26 21:38:57 | 000,189,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011/04/26 21:38:57 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011/04/26 21:38:57 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011/04/26 21:37:05 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2011/04/24 09:09:04 | 000,091,731 | ---- | M] () -- C:\Users\Sizustar\Documents\1303369309370.jpg
[2011/04/24 01:50:58 | 000,241,779 | ---- | M] () -- C:\Users\Sizustar\Documents\rspc9030.png
[2011/04/23 09:07:03 | 000,514,354 | ---- | M] () -- C:\Users\Sizustar\Documents\12825701.jpg
[2011/04/23 08:54:40 | 021,342,466 | ---- | M] () -- C:\Users\Sizustar\Documents\【手書き】家に帰ると妻がいつも死んだふりをしています。.flv
[2011/04/23 04:59:20 | 000,083,110 | ---- | M] () -- C:\Users\Sizustar\Documents\1303379198437.jpg
[2011/04/23 04:57:00 | 000,470,301 | ---- | M] () -- C:\Users\Sizustar\Documents\1303489211059.png
[2011/04/23 04:52:53 | 000,115,758 | ---- | M] () -- C:\Users\Sizustar\Documents\2yjwow1.jpg
[2011/04/22 23:45:05 | 000,179,467 | ---- | M] () -- C:\Users\Sizustar\Documents\130344254283.jpg
[2011/04/21 06:56:43 | 000,086,883 | ---- | M] () -- C:\Users\Sizustar\Documents\150183%20-%20Hunter_x_Hunter%20Nefelpitou%20Ponzu.jpg

========== Files Created - No Company Name ==========

[2011/05/21 01:04:35 | 000,000,512 | ---- | C] () -- C:\Users\Sizustar\Desktop\MBR.dat
[2011/05/20 22:47:51 | 000,487,427 | ---- | C] () -- C:\Users\Sizustar\Desktop\4koma02.jpg
[2011/05/20 22:42:20 | 000,485,009 | ---- | C] () -- C:\Users\Sizustar\Desktop\4koma01.jpg
[2011/05/20 15:09:58 | 062,330,572 | ---- | C] () -- C:\Users\Sizustar\Desktop\Ragnarok.exe
[2011/05/20 12:34:52 | 000,302,080 | ---- | C] () -- C:\Users\Sizustar\Desktop\gmer.exe
[2011/05/20 12:31:04 | 000,001,387 | ---- | C] () -- C:\Users\Sizustar\Desktop\noproxy.reg
[2011/05/20 07:23:43 | 020,333,879 | ---- | C] () -- C:\Users\Sizustar\Desktop\TORMENTRIP.zip
[2011/05/20 07:23:23 | 017,506,724 | ---- | C] () -- C:\Users\Sizustar\Desktop\asufe101.zip
[2011/05/19 16:06:33 | 000,064,879 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305722752751.jpg
[2011/05/19 16:00:13 | 115,347,518 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/05/19 15:44:42 | 000,181,546 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305471061148.jpg
[2011/05/19 15:27:28 | 000,089,643 | ---- | C] () -- C:\Users\Sizustar\Desktop\2ds45qp.jpg
[2011/05/19 00:20:42 | 000,367,892 | ---- | C] () -- C:\Users\Sizustar\Desktop\4komaa00.jpg
[2011/05/18 20:44:08 | 000,049,965 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305595023594.jpg
[2011/05/17 01:02:51 | 000,066,930 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305478116764.jpg
[2011/05/16 22:46:16 | 015,640,514 | ---- | C] () -- C:\Users\Sizustar\Desktop\tohovsneko110513.zip
[2011/05/16 22:19:47 | 000,001,911 | ---- | C] () -- C:\Users\Public\Desktop\DiaGnosis2.lnk
[2011/05/16 22:03:41 | 000,161,091 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305541100664.jpg
[2011/05/16 20:59:53 | 000,020,040 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/05/16 19:04:02 | 000,063,373 | ---- | C] () -- C:\Users\Sizustar\Desktop\1305507516408.jpg
[2011/05/16 17:04:02 | 026,845,822 | ---- | C] () -- C:\Users\Sizustar\Documents\【東方】『幻想万華鏡』予告編 満福神社×幽閉サテライト【アニメ】 - [sm14400995].mp4
[2011/05/16 14:33:05 | 058,273,855 | ---- | C] () -- C:\Users\Sizustar\Desktop\RJ077472.zip
[2011/05/16 09:15:22 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/05/16 08:17:36 | 060,579,845 | ---- | C] () -- C:\Users\Sizustar\Documents\【第6回MMD杯本選】恋天使ルシフェル.mp4
[2011/05/16 08:04:23 | 050,744,207 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】魔王エンジェルにまっさらブルージーンズを踊ってもらった.mp4
[2011/05/16 07:56:56 | 068,736,850 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】BREEZE【魔王エンジェル】.mp4
[2011/05/16 07:54:34 | 039,453,402 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】魔王エンジェルにNostalogicを踊ってもらった【修正版】.mp4
[2011/05/16 07:52:33 | 010,237,078 | ---- | C] () -- C:\Users\Sizustar\Documents\【3DCG】くるっと・おどって・初音ミク【ねんどろいど】.flv
[2011/05/16 07:39:37 | 024,412,373 | ---- | C] () -- C:\Users\Sizustar\Documents\【MikuMikuDance】助手よ素直になるがいい【Steins;Gate】.mp4
[2011/05/16 07:38:06 | 025,748,404 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】折紙さんが見切れないハレ晴レユカイ【と助手とホビロン】.mp4
[2011/05/16 07:37:05 | 021,085,786 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】松前緒花の「Ievan Polkka」(ミクは・・・)【第3回ラジP杯】.mp4
[2011/05/16 07:36:40 | 341,635,270 | ---- | C] () -- C:\Users\Sizustar\Desktop\[KiaiNeko] H-Manga Collection.part2.rar
[2011/05/16 07:36:35 | 472,907,776 | ---- | C] () -- C:\Users\Sizustar\Desktop\[KiaiNeko] H-Manga Collection.part1.rar
[2011/05/16 07:28:59 | 045,234,406 | ---- | C] () -- C:\Users\Sizustar\Documents\春香・美希 Bad Apple!!.mp4
[2011/05/16 07:17:56 | 016,196,926 | ---- | C] () -- C:\Users\Sizustar\Documents\和曲似合いそうな歌い手集めて「凛として咲く花の如く」歌ってみた.mp4
[2011/05/16 07:14:36 | 097,315,165 | ---- | C] () -- C:\Users\Sizustar\Documents\【東方MMD】お嬢様がNostalogicを踊るはずだったのだけど【ちょっとPV風味】.mp4
[2011/05/16 07:03:30 | 009,512,862 | ---- | C] () -- C:\Users\Sizustar\Documents\和曲似合いそうな歌い手集めて「凛として咲く花の如く」歌ってみた).flv
[2011/05/16 06:57:36 | 048,459,185 | ---- | C] () -- C:\Users\Sizustar\Documents\魔法少女まどか☆マギカ -the ultimate modification-.mp4
[2011/05/16 03:15:59 | 000,361,571 | ---- | C] () -- C:\Users\Sizustar\Documents\1305445135069.gif
[2011/05/16 03:15:39 | 000,125,737 | ---- | C] () -- C:\Users\Sizustar\Documents\1305417382835.jpg
[2011/05/16 03:15:33 | 000,118,941 | ---- | C] () -- C:\Users\Sizustar\Documents\1305417026623.jpg
[2011/05/16 03:15:24 | 000,110,964 | ---- | C] () -- C:\Users\Sizustar\Documents\1305415767642.jpg
[2011/05/16 01:26:03 | 000,006,638 | ---- | C] () -- C:\Users\Sizustar\AppData\Roaming\0EDE.18C
[2011/05/15 20:02:35 | 000,423,459 | ---- | C] () -- C:\Users\Sizustar\Documents\1305449679532.jpg
[2011/05/15 20:02:18 | 000,079,016 | ---- | C] () -- C:\Users\Sizustar\Documents\1305448473372.jpg
[2011/05/14 18:17:14 | 000,304,497 | ---- | C] () -- C:\Users\Sizustar\Documents\1305303779911.jpg
[2011/05/14 16:04:49 | 000,027,123 | ---- | C] () -- C:\Users\Sizustar\Documents\snapshot20080705212834.jpg
[2011/05/14 16:04:35 | 000,152,609 | ---- | C] () -- C:\Users\Sizustar\Documents\090624-maccros-12.jpg
[2011/05/14 16:04:30 | 000,152,358 | ---- | C] () -- C:\Users\Sizustar\Documents\090624-maccros-11.jpg
[2011/05/14 06:45:19 | 000,950,611 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 08.jpg
[2011/05/14 06:45:07 | 000,969,618 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 07.jpg
[2011/05/14 06:45:02 | 001,025,414 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 06.jpg
[2011/05/14 06:44:54 | 000,987,552 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 05.jpg
[2011/05/14 06:44:48 | 001,083,287 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 04.jpg
[2011/05/14 06:44:43 | 001,071,435 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 03.jpg
[2011/05/14 06:44:36 | 001,126,169 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 02.jpg
[2011/05/14 06:44:30 | 001,072,869 | ---- | C] () -- C:\Users\Sizustar\Documents\Nova, Mistress of Blades 01.jpg
[2011/05/14 05:05:08 | 000,358,258 | ---- | C] () -- C:\Users\Sizustar\Documents\1305315838683.gif
[2011/05/14 05:01:38 | 000,068,701 | ---- | C] () -- C:\Users\Sizustar\Documents\709.jpg
[2011/05/13 14:20:13 | 000,001,265 | ---- | C] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\Some PDF Image Extractr.lnk
[2011/05/13 14:20:13 | 000,001,077 | ---- | C] () -- C:\Users\Sizustar\Desktop\Some PDF Image Extractr.lnk
[2011/05/13 04:28:50 | 000,463,939 | ---- | C] () -- C:\Users\Sizustar\Documents\1305219617028.jpg
[2011/05/13 04:28:02 | 000,457,256 | ---- | C] () -- C:\Users\Sizustar\Documents\1305219526827.jpg
[2011/05/11 23:12:29 | 000,002,159 | ---- | C] () -- C:\Users\Sizustar\Desktop\Easy Clone Detective.lnk
[2011/05/09 21:40:20 | 001,512,209 | ---- | C] () -- C:\Users\Sizustar\Documents\18641737.png
[2011/05/09 17:50:40 | 009,554,139 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】東方キャラ達に『ハッピーシンセサイザ』踊ってもらった.flv
[2011/05/09 17:49:54 | 009,559,266 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】みんなに『ハッピーシンセサイザ』踊ってもらった.flv
[2011/05/09 02:28:46 | 000,114,723 | ---- | C] () -- C:\Users\Sizustar\Documents\18532002_p3.jpg
[2011/05/09 02:28:44 | 000,101,106 | ---- | C] () -- C:\Users\Sizustar\Documents\18532002_p2.jpg
[2011/05/09 02:28:41 | 000,110,753 | ---- | C] () -- C:\Users\Sizustar\Documents\18532002_p1.jpg
[2011/05/09 02:28:39 | 000,120,254 | ---- | C] () -- C:\Users\Sizustar\Documents\18532002_p0.jpg
[2011/05/09 02:26:57 | 000,073,644 | ---- | C] () -- C:\Users\Sizustar\Documents\18681769_p0.png
[2011/05/09 02:26:54 | 000,051,358 | ---- | C] () -- C:\Users\Sizustar\Documents\18681769_p1.png
[2011/05/09 02:26:50 | 000,020,678 | ---- | C] () -- C:\Users\Sizustar\Documents\18681769_p2.png
[2011/05/05 11:32:28 | 004,325,376 | ---- | C] () -- C:\Windows\SysWow64\KaguraGSS.scr
[2011/05/05 11:22:46 | 000,001,145 | ---- | C] () -- C:\Users\Sizustar\Desktop\神楽早春賦.lnk
[2011/05/05 04:21:06 | 000,001,161 | ---- | C] () -- C:\Users\Sizustar\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2011/05/05 04:21:06 | 000,001,137 | ---- | C] () -- C:\Users\Sizustar\Desktop\AVG PC Tuneup 2011.lnk
[2011/05/05 02:51:56 | 000,126,392 | ---- | C] () -- C:\Users\Sizustar\Documents\241085%20-%20Boomer%20JoPereira%20Louis%20left_4_dead%20zoey.jpg
[2011/05/04 21:05:38 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/05/04 21:05:34 | 002,230,672 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/03 16:25:38 | 000,000,056 | ---- | C] () -- C:\Windows\kgt2k.INI
[2011/05/02 18:00:34 | 000,033,371 | ---- | C] () -- C:\Users\Sizustar\Documents\image.jpeg
[2011/05/02 07:31:39 | 000,025,615 | ---- | C] () -- C:\Users\Sizustar\Documents\gamportal2turretdoll530.jpg
[2011/05/02 05:58:36 | 000,437,014 | ---- | C] () -- C:\Users\Sizustar\Documents\1303810964794.jpg
[2011/05/02 05:42:17 | 000,392,880 | ---- | C] () -- C:\Users\Sizustar\Documents\27.jpg
[2011/05/02 05:40:56 | 000,331,092 | ---- | C] () -- C:\Users\Sizustar\Documents\16.jpg
[2011/05/01 23:02:19 | 000,057,727 | ---- | C] () -- C:\Users\Sizustar\Documents\Kon.jpg
[2011/05/01 21:40:07 | 000,059,413 | ---- | C] () -- C:\Users\Sizustar\Documents\a9ca51a0.jpg
[2011/05/01 21:39:44 | 000,148,371 | ---- | C] () -- C:\Users\Sizustar\Documents\f7e2fce5.jpg
[2011/05/01 15:58:27 | 008,995,515 | ---- | C] () -- C:\Users\Sizustar\Documents\【MMD】東方モデルをミニスカで【ハッピーシンセサイザ】.flv
[2011/05/01 15:41:42 | 000,496,803 | ---- | C] () -- C:\Users\Sizustar\Documents\1304224434344.jpg
[2011/04/30 22:36:55 | 000,001,171 | ---- | C] () -- C:\Users\Sizustar\Desktop\iSkysoft DRM Removal.lnk
[2011/04/30 22:36:54 | 000,675,840 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax
[2011/04/30 22:36:54 | 000,496,640 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2011/04/30 22:36:54 | 000,153,600 | ---- | C] () -- C:\Windows\SysWow64\WS_ATLMovie.dll
[2011/04/30 22:20:26 | 000,001,500 | ---- | C] () -- C:\Users\Sizustar\Desktop\wmplayer.exe - Shortcut.lnk
[2011/04/30 12:56:52 | 000,310,984 | ---- | C] () -- C:\Users\Sizustar\Documents\1304094452752.jpg
[2011/04/30 12:41:46 | 000,020,012 | ---- | C] () -- C:\Users\Sizustar\Documents\img1f73137bzik3zj.jpg
[2011/04/30 06:40:42 | 000,818,225 | ---- | C] () -- C:\Users\Sizustar\Documents\18299616.jpg
[2011/04/30 04:31:38 | 001,252,646 | ---- | C] () -- C:\Users\Sizustar\Documents\The%20Avengers%2018.jpg
[2011/04/30 04:31:21 | 001,818,372 | ---- | C] () -- C:\Users\Sizustar\Documents\The%20Avengers%2016.jpg
[2011/04/30 04:31:17 | 001,090,343 | ---- | C] () -- C:\Users\Sizustar\Documents\The%20Avengers%20%2015.jpg
[2011/04/30 04:31:11 | 000,525,590 | ---- | C] () -- C:\Users\Sizustar\Documents\The%20Avengers%2014.jpg
[2011/04/30 04:30:05 | 001,211,011 | ---- | C] () -- C:\Users\Sizustar\Documents\The%20Avengers%201%20-%20Page%2013.jpg
[2011/04/29 20:47:23 | 000,074,035 | ---- | C] () -- C:\Users\Sizustar\Documents\Transformers-3-Dark-of-the-Moon-Teaser-Poster-Clear_1291759448_1298047467_1302887052.jpg
[2011/04/29 17:01:59 | 000,376,002 | ---- | C] () -- C:\Users\Sizustar\Documents\hana_m00.jpg
[2011/04/28 23:58:39 | 000,192,627 | ---- | C] () -- C:\Users\Sizustar\Documents\18467814.jpg
[2011/04/27 06:45:47 | 000,046,361 | ---- | C] () -- C:\Users\Sizustar\Documents\18336267_m.jpg
[2011/04/27 06:30:29 | 000,029,581 | ---- | C] () -- C:\Users\Sizustar\Documents\2132446298_full.jpg
[2011/04/27 05:51:22 | 000,284,459 | ---- | C] () -- C:\Users\Sizustar\Desktop\1284133142.jpg
[2011/04/24 09:09:16 | 000,091,731 | ---- | C] () -- C:\Users\Sizustar\Documents\1303369309370.jpg
[2011/04/24 06:35:53 | 002,712,064 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011/04/24 06:35:53 | 000,631,808 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/04/24 06:35:53 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/04/24 06:35:53 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/04/24 06:35:53 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2011/04/24 06:35:53 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/04/24 01:52:26 | 000,241,779 | ---- | C] () -- C:\Users\Sizustar\Documents\rspc9030.png
[2011/04/23 09:03:14 | 000,514,354 | ---- | C] () -- C:\Users\Sizustar\Documents\12825701.jpg
[2011/04/23 08:51:18 | 021,342,466 | ---- | C] () -- C:\Users\Sizustar\Documents\【手書き】家に帰ると妻がいつも死んだふりをしています。.flv
[2011/04/23 04:59:27 | 000,083,110 | ---- | C] () -- C:\Users\Sizustar\Documents\1303379198437.jpg
[2011/04/23 04:57:05 | 000,470,301 | ---- | C] () -- C:\Users\Sizustar\Documents\1303489211059.png
[2011/04/23 04:53:23 | 000,115,758 | ---- | C] () -- C:\Users\Sizustar\Documents\2yjwow1.jpg
[2011/04/23 04:08:05 | 000,384,328 | ---- | C] () -- C:\Users\Sizustar\Desktop\1301228225916.jpg
[2011/04/22 23:45:15 | 000,179,467 | ---- | C] () -- C:\Users\Sizustar\Documents\130344254283.jpg
[2011/04/21 06:57:26 | 000,086,883 | ---- | C] () -- C:\Users\Sizustar\Documents\150183%20-%20Hunter_x_Hunter%20Nefelpitou%20Ponzu.jpg
[2011/04/19 15:06:52 | 000,000,036 | ---- | C] () -- C:\Users\Sizustar\AppData\Local\housecall.guid.cache
[2011/04/19 14:47:21 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/04/19 14:47:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/04/19 14:47:21 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/04/19 14:47:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/04/19 14:47:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/04/01 18:42:53 | 000,000,459 | ---- | C] () -- C:\Users\Sizustar\AppData\Roaming\Syscfg.ini
[2011/03/12 02:45:00 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011/03/02 04:57:48 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011/03/02 04:57:48 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/02/21 15:57:49 | 000,128,512 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/02/21 15:57:49 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/02/21 15:57:49 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2011/02/21 15:57:49 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2011/02/21 08:36:24 | 000,704,000 | ---- | C] () -- C:\Windows\is-INQ5J.exe
[2010/12/09 03:14:53 | 000,673,280 | ---- | C] () -- C:\Windows\is-6H2JS.exe
[2010/11/12 01:36:14 | 000,007,610 | ---- | C] () -- C:\Users\Sizustar\AppData\Local\Resmon.ResmonCfg
[2010/11/06 01:09:43 | 000,003,673 | ---- | C] () -- C:\Windows\SysWow64\10.inf1031.dat
[2010/10/30 00:48:13 | 000,003,738 | ---- | C] () -- C:\Windows\SysWow64\30.inf3037.dat
[2010/10/23 00:47:14 | 000,003,737 | ---- | C] () -- C:\Windows\SysWow64\10.inf1028.dat
[2010/10/18 15:48:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2010/09/28 16:41:16 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/09/26 16:34:34 | 000,209,793 | ---- | C] () -- C:\Windows\hpoins18.dat
[2010/09/26 16:34:34 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2010/09/26 15:46:33 | 000,024,576 | ---- | C] () -- C:\Users\Sizustar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/26 00:07:31 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\RGSS102J.dll
[2010/09/26 00:07:31 | 000,778,752 | ---- | C] () -- C:\Windows\SysWow64\RGSS102E.dll
[2010/09/26 00:07:31 | 000,685,056 | ---- | C] () -- C:\Windows\SysWow64\RGSS103J.dll
[2010/09/26 00:07:30 | 000,771,584 | ---- | C] () -- C:\Windows\SysWow64\RGSS100J.dll
[2010/09/25 09:21:37 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010/09/25 01:19:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/09/02 15:33:54 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2010/09/02 15:32:52 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 13:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 10:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 08:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 05:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/01/05 15:44:10 | 000,053,248 | ---- | C] () -- C:\Windows\bdoscandel.exe
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2005/08/18 15:28:30 | 000,273,408 | ---- | C] () -- C:\Windows\SysWow64\unlha32.dll

========== LOP Check ==========

[2010/12/22 17:12:35 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\.minecraft
[2010/09/25 01:30:51 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\acccore
[2010/09/25 02:05:25 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\ACD Systems
[2010/09/25 02:07:19 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\AutoSizer
[2011/05/05 11:18:25 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\AVG
[2011/05/05 01:05:01 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\AVG10
[2011/04/19 14:43:33 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\AVG9
[2010/12/31 23:25:23 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\BANDISOFT
[2010/10/24 10:05:04 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\DAEMON Tools Lite
[2011/03/20 02:33:48 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\Dojin Circle Kirarin
[2011/05/19 01:26:09 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\foobar2000
[2010/10/21 06:12:10 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\Foxit
[2010/09/26 11:19:07 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\Foxit Software
[2011/02/24 15:44:47 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\GARMIN
[2010/10/25 01:24:44 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\GlarySoft
[2011/02/21 15:51:07 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\Leadertech
[2010/12/10 16:18:09 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\PC Suite
[2010/11/12 00:18:29 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\runic games
[2011/04/13 23:38:30 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\Sony
[2011/03/16 21:39:27 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\T-Time Preferences
[2010/10/24 06:18:49 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\TECH GIAN
[2011/03/17 16:13:51 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\Trinity
[2010/12/09 03:15:43 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\TweakNow PowerPack 2010
[2010/11/12 18:00:32 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\TweakNow PowerPack Professional
[2011/04/01 18:43:13 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\UDown
[2011/05/20 13:20:30 | 000,000,000 | ---D | M] -- C:\Users\Sizustar\AppData\Roaming\uTorrent
[2011/03/02 14:53:22 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Files - Unicode (All) ==========
[2011/05/19 12:57:40 | 013,127,272 | ---- | M] ()(C:\Users\Sizustar\Desktop\[ACT-SJHx?橙][ToLoveRu_Darkness][番外篇][危?的妹控路?].zip) -- C:\Users\Sizustar\Desktop\[ACT-SJHx飞橙][ToLoveRu_Darkness][番外篇][危险的妹控路线].zip
[2011/05/19 12:55:12 | 013,127,272 | ---- | C] ()(C:\Users\Sizustar\Desktop\[ACT-SJHx?橙][ToLoveRu_Darkness][番外篇][危?的妹控路?].zip) -- C:\Users\Sizustar\Desktop\[ACT-SJHx飞橙][ToLoveRu_Darkness][番外篇][危险的妹控路线].zip
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?j|t,e°T) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\¤j¦t¸ê°T

========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >


Extra Log

OTL Extras logfile created on: 2011/05/21 1:05:51 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sizustar\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000411 | Country: Japan | Language: JPN | Date Format: yyyy/MM/dd

8.00 Gb Total Physical Memory | 7.00 Gb Available Physical Memory | 82.00% Memory free
16.00 Gb Paging File | 15.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): c:\pagefile.sys 8191 8191 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.35 Gb Total Space | 272.62 Gb Free Space | 58.59% Space Free | Partition Type: NTFS
Drive D: | 466.16 Gb Total Space | 415.24 Gb Free Space | 89.08% Space Free | Partition Type: NTFS
Drive E: | 1397.26 Gb Total Space | 719.28 Gb Free Space | 51.48% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 113.05 Gb Free Space | 37.92% Space Free | Partition Type: NTFS

Computer Name: SIZUSTAR-PC | User Name: Sizustar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [ACDSee Pro 3.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 3.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java™ 6 Update 25 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 270.61
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.1.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7607FC8-72AD-486D-B6B7-A402D5876309}" = PerfectDisk 11 Professional
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DC7333D1-596A-404D-876D-446E6D27BA20}" = AVG 2011
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF74BAA3-4185-437E-92CC-A442BAF0FE83}" = AVG 2011
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"AVG" = AVG 2011
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.57.1
"ffdshow64_is1" = ffdshow x64 v1.1.3760 [2011-02-18]
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"sp6" = Logitech SetPoint 6.20
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0044AEC7-8924-4FB1-B4F7-FD14A5FEA9E4}" = RPGツクール2003 ランタイムパッケージ
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F895695-33CC-4203-9C47-25EF2AC9441C}" = Media Go
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1B280FAF-AE10-4E31-A41A-DB3917D651DC}" = ACDSee Pro 3
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3260D61B-DCA6-4ec6-8A41-DCCE01BC6EE4}" = c4100_Help
"{33F7A957-A66D-45A1-BADF-6576083B14E2}" = RPGツクール2000 ランタイムパッケージ
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FCBE08B-EB47-448E-8566-CE38E8B8D065}" = System Requirements Lab CYRI
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{736CFC1B-FB22-48C4-895B-BFF6E8F7ECCA}" = アマツカミの巫女 妖狐戦奇譚
"{75D84EF7-0D8C-4E70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{7D62ABA3-35EC-623E-2C5F-1B3332CB705B}" = Media Go Video Playback Engine 1.64.101.02270
"{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme
"{81BF3DDF-C290-485D-9A0F-DBD3A4BBD0C8}" = AccessData FTK Imager
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{93C430F3-57D1-43D5-939D-86408336BEAF}" = Pirates Buster for e-Book/Application (Decoder for Eisys)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
"{B6916E4B-FD07-47E7-B906-B3F734F08E29}" = C4100
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER ゥ v2011.build.47 (March 12, 2011) version v2011.build.47
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C0DE8FC0-670E-4E3D-89DE-71B93F4126CC}" = DiaGnosis2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"³Â±NºXÄ¥HelloJacky" = ³Â±NºXÄ¥HelloJacky
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_7" = AIM 7
"AudioCS" = Creative オーデイオコントロールパネル
"AutoSizer" = AutoSizer
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BOSS" = BOSS
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"Critical Bad End3" = Critical Bad End3
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"EA Installer.1850990614" = EA Installer
"EADM" = EA Download Manager
"Easy Clone Detective1.4" = Easy Clone Detective
"FileHippo.com" = FileHippo.com Update Checker
"foobar2000" = foobar2000 v1.1.6
"Foxit Reader" = Foxit Reader
"GoldWave v5.58" = GoldWave v5.58
"Host OpenAL" = Host OpenAL
"InstallShield_{C0DE8FC0-670E-4E3D-89DE-71B93F4126CC}" = DiaGnosis2
"iSkysoft DRM Removal_is1" = iSkysoft DRM Removal(Build 1.0.5.1)
"JDHOICKKIPEJICONICOJICMGICKLFP" = 冬が終わるとき_
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MKV To AVI With Subtitle_is1" = MKV To AVI With Subtitle version 2.0
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PDF Image Extraction Wizard 1.1_is1" = PDF Image Extraction Wizard 1.1
"RealAlt_is1" = Real Alternative 2.0.2
"RGSS-RTP Standard_is1" = RGSS-RTP Standard
"RPGƒcƒN[ƒ‹VX RTP_is1" = RPGƒcƒN[ƒ‹VX RTP
"RPGツクールVX RTP_is1" = RPGツクールVX RTP
"SmileDownloader_is1" = SmileDownloader Version 1.32
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Some PDF Image Extract_is1" = Some PDF Image Extractr 1.5
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"SpeedFan" = SpeedFan (remove only)
"Steam App 12150" = Max Payne 2: The Fall of Max Payne
"Steam App 16450" = F.E.A.R. 2: Project Origin
"Steam App 500" = Left 4 Dead
"Steam App 73050" = Magicka - Demo
"SystemRequirementsLab" = System Requirements Lab
"uTorrent" = µTorrent
"WinRAR archiver" = WinRAR archiver
"神楽幻想譚_is1" = 神楽幻想譚
"神楽幻想譚スクリーンセーバー_is1" = 神楽幻想譚スクリーンセーバー
"神楽早春賦_is1" = 神楽早春賦
"東方スカイアリーナ・幻想郷空戦姫" = 東方スカイアリーナ・幻想郷空戦姫
"東方活劇綺談~第参幕 体験版" = 東方活劇綺談~第参幕 Web体験版

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2649771325-447262740-1830322281-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2649771325-447262740-1830322281-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2011/05/13 18:25:53 | Computer Name = Sizustar-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: Flash10p.ocx, version: 10.3.181.5, time
stamp: 0x4da50fe2 Exception code: 0xc0000005 Fault offset: 0x00156b2a Faulting process
id: 0x5b4 Faulting application start time: 0x01cc11bcb2ae4518 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\Macromed\Flash\Flash10p.ocx Report Id: f5fd9788-7daf-11e0-94d4-00221510c6d8

Error - 2011/05/13 19:39:21 | Computer Name = Sizustar-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 2011/05/15 13:35:38 | Computer Name = Sizustar-PC | Source = MsiInstaller | ID = 1002
Description =

Error - 2011/05/16 9:04:51 | Computer Name = Sizustar-PC | Source = Application Error | ID = 1000
Description = Faulting application name: HitmanPro35_x64.exe, version: 3.5.8.121,
time stamp: 0x4dbe942a Faulting module name: ntdll.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7c8f9 Exception code: 0xc0000005 Fault offset: 0x0000000000053332
Faulting
process id: 0xcd4 Faulting application start time: 0x01cc13c91654b490 Faulting application
path: C:\Users\Sizustar\Desktop\HitmanPro35_x64.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 15832690-7fbd-11e0-8182-00221510c6d8

Error - 2011/05/16 21:47:10 | Computer Name = Sizustar-PC | Source = Application Error | ID = 1000
Description = Faulting application name: HitmanPro35_x64.exe, version: 3.5.8.121,
time stamp: 0x4dbe942a Faulting module name: ntdll.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7c8f9 Exception code: 0xc0000005 Fault offset: 0x0000000000053332
Faulting
process id: 0x144c Faulting application start time: 0x01cc143372ba4780 Faulting application
path: C:\Users\Sizustar\Desktop\HitmanPro35_x64.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 94043b20-8027-11e0-b0ff-00221510c6d8

Error - 2011/05/16 23:04:24 | Computer Name = Sizustar-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 2011/05/19 0:49:53 | Computer Name = Sizustar-PC | Source = WPDMTPDriver | ID = 80836
Description =

Error - 2011/05/19 0:49:56 | Computer Name = Sizustar-PC | Source = WPDMTPDriver | ID = 80836
Description =

Error - 2011/05/19 9:59:07 | Computer Name = Sizustar-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 2011/05/20 2:17:21 | Computer Name = Sizustar-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

[ System Events ]
Error - 2011/05/16 19:00:44 | Computer Name = Sizustar-PC | Source = Service Control Manager | ID = 7000
Description = The MEMSWEEP2 service failed to start due to the following error:
%%1275

Error - 2011/05/16 19:00:44 | Computer Name = Sizustar-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Windows\system32\6E9B.tmp has been blocked from loading due
to incompatibility with this system. Please contact your software vendor for a
compatible version of the driver.

Error - 2011/05/16 19:00:44 | Computer Name = Sizustar-PC | Source = Service Control Manager | ID = 7000
Description = The MEMSWEEP2 service failed to start due to the following error:
%%1275

Error - 2011/05/20 1:34:56 | Computer Name = Sizustar-PC | Source = Service Control Manager | ID = 7000
Description = The ThreatFire service failed to start due to the following error:
%%2

Error - 2011/05/20 1:34:56 | Computer Name = Sizustar-PC | Source = Service Control Manager | ID = 7000
Description = The TriSecurity System - Filter Driver service failed to start due
to the following error: %%2

Error - 2011/05/20 1:35:00 | Computer Name = Sizustar-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TfFsMon TfSysMon

Error - 2011/05/20 12:12:10 | Computer Name = Sizustar-PC | Source = Service Control Manager | ID = 7031
Description = The Emsisoft Anti-Malware 5.0 - Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
0 milliseconds: Restart the service.

Error - 2011/05/20 12:50:42 | Computer Name = Sizustar-PC | Source = Service Control Manager | ID = 7000
Description = The ThreatFire service failed to start due to the following error:
%%2

Error - 2011/05/20 12:50:42 | Computer Name = Sizustar-PC | Source = Service Control Manager | ID = 7000
Description = The TriSecurity System - Filter Driver service failed to start due
to the following error: %%2

Error - 2011/05/20 12:50:47 | Computer Name = Sizustar-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
TfFsMon TfSysMon


< End of report >


  • 0

#4
Render
Posted 20 May 2011 - 11:38 AM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Thank you. Please un-install Daemon Tools (you can install it back when your computer will be clean) and repeat aswMBR scan and post the log.
  • 0

#5
bluewr
Posted 20 May 2011 - 12:08 PM

bluewr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Here it is

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-21 02:05:55
-----------------------------
02:05:55.586 OS Version: Windows x64 6.1.7601 Service Pack 1
02:05:55.586 Number of processors: 4 586 0x403
02:05:55.586 ComputerName: SIZUSTAR-PC UserName: Sizustar
02:06:02.418 Initialize success
02:06:05.460 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
02:06:05.460 Disk 0 Vendor: WDC_WD1001FALS-00J7B0 05.00K05 Size: 953869MB BusType: 3
02:06:05.460 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-4
02:06:05.460 Disk 1 Vendor: ST31500341AS CC1H Size: 1430799MB BusType: 3
02:06:05.460 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T1L0-6
02:06:05.460 Disk 2 Vendor: WDC_WD3200SD-01KNB0 08.05J08 Size: 305245MB BusType: 3
02:06:05.492 Disk 0 MBR read successfully
02:06:05.492 Disk 0 MBR scan
02:06:05.492 Disk 0 Windows 7 default MBR code
02:06:05.492 Service scanning
02:06:07.738 Disk 0 trace - called modules:
02:06:07.754 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80069fd2c0]<<
02:06:07.754 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007b6a060]
02:06:07.754 3 CLASSPNP.SYS[fffff88001b9a43f] -> nt!IofCallDriver -> [0xfffffa800783d500]
02:06:07.754 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0xfffffa800783c4e0]
02:06:07.754 \Driver\atapi[0xfffffa8006b3f060] -> IRP_MJ_CREATE -> 0xfffffa80069fd2c0
02:06:07.769 Scan finished successfully
02:06:44.164 Disk 0 MBR has been saved successfully to "C:\Users\Sizustar\Desktop\MBR.dat"
02:06:44.180 The log file has been saved successfully to "C:\Users\Sizustar\Desktop\aswMBR.txt"
02:06:49.780 Disk 0 MBR has been saved successfully to "C:\Users\Sizustar\Desktop\MBR.dat"
02:06:49.796 The log file has been saved successfully to "C:\Users\Sizustar\Desktop\aswMBR12.txt"



  • 0

#6
Render
Posted 20 May 2011 - 12:13 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


    Posted Image

  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.


    Posted Image

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  • 0

#7
bluewr
Posted 20 May 2011 - 12:23 PM

bluewr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Here is the log, the default action is to skip,

2011/05/21 02:21:41.0989 1456 TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29
2011/05/21 02:21:42.0629 1456 ================================================================================
2011/05/21 02:21:42.0629 1456 SystemInfo:
2011/05/21 02:21:42.0629 1456
2011/05/21 02:21:42.0629 1456 OS Version: 6.1.7601 ServicePack: 1.0
2011/05/21 02:21:42.0629 1456 Product type: Workstation
2011/05/21 02:21:42.0629 1456 ComputerName: SIZUSTAR-PC
2011/05/21 02:21:42.0629 1456 UserName: Sizustar
2011/05/21 02:21:42.0629 1456 Windows directory: C:\Windows
2011/05/21 02:21:42.0629 1456 System windows directory: C:\Windows
2011/05/21 02:21:42.0629 1456 Running under WOW64
2011/05/21 02:21:42.0629 1456 Processor architecture: Intel x64
2011/05/21 02:21:42.0629 1456 Number of processors: 4
2011/05/21 02:21:42.0629 1456 Page size: 0x1000
2011/05/21 02:21:42.0629 1456 Boot type: Normal boot
2011/05/21 02:21:42.0629 1456 ================================================================================
2011/05/21 02:21:42.0925 1456 Initialize success
2011/05/21 02:21:52.0837 4056 ================================================================================
2011/05/21 02:21:52.0837 4056 Scan started
2011/05/21 02:21:52.0837 4056 Mode: Manual;
2011/05/21 02:21:52.0837 4056 ================================================================================
2011/05/21 02:21:53.0493 4056 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/05/21 02:21:53.0555 4056 a2acc (0b8ed3de81ec30ad50873f033b34b39e) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
2011/05/21 02:21:53.0602 4056 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/05/21 02:21:53.0633 4056 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/05/21 02:21:53.0664 4056 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/21 02:21:53.0695 4056 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/21 02:21:53.0727 4056 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/21 02:21:53.0758 4056 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/05/21 02:21:53.0789 4056 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/05/21 02:21:53.0805 4056 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/05/21 02:21:53.0820 4056 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/05/21 02:21:53.0836 4056 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/21 02:21:53.0867 4056 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/21 02:21:53.0883 4056 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/05/21 02:21:53.0898 4056 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/21 02:21:53.0914 4056 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/05/21 02:21:53.0929 4056 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/05/21 02:21:53.0961 4056 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/05/21 02:21:53.0976 4056 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/21 02:21:54.0023 4056 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/21 02:21:54.0039 4056 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/05/21 02:21:54.0070 4056 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2011/05/21 02:21:54.0085 4056 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
2011/05/21 02:21:54.0101 4056 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
2011/05/21 02:21:54.0117 4056 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
2011/05/21 02:21:54.0163 4056 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/05/21 02:21:54.0179 4056 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/05/21 02:21:54.0210 4056 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/05/21 02:21:54.0226 4056 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/21 02:21:54.0257 4056 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/21 02:21:54.0288 4056 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/21 02:21:54.0304 4056 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/21 02:21:54.0319 4056 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/05/21 02:21:54.0335 4056 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/21 02:21:54.0366 4056 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/21 02:21:54.0366 4056 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/21 02:21:54.0382 4056 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/21 02:21:54.0460 4056 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/21 02:21:54.0475 4056 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/21 02:21:54.0475 4056 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/21 02:21:54.0507 4056 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/05/21 02:21:54.0538 4056 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/21 02:21:54.0569 4056 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/05/21 02:21:54.0600 4056 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/05/21 02:21:54.0631 4056 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/21 02:21:54.0647 4056 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/05/21 02:21:54.0772 4056 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys
2011/05/21 02:21:54.0819 4056 cpuz135 (ccb09eb78e047c931708149992c2e435) C:\Windows\system32\drivers\cpuz135_x64.sys
2011/05/21 02:21:54.0834 4056 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/21 02:21:54.0897 4056 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
2011/05/21 02:21:54.0943 4056 DefragFS (cec7f24e28b40829c0fd2d523e72b5d3) C:\Windows\system32\drivers\DefragFS.sys
2011/05/21 02:21:54.0975 4056 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/05/21 02:21:55.0021 4056 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/05/21 02:21:55.0021 4056 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/05/21 02:21:55.0053 4056 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/05/21 02:21:55.0084 4056 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
2011/05/21 02:21:55.0115 4056 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/05/21 02:21:55.0146 4056 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/05/21 02:21:55.0177 4056 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/21 02:21:55.0209 4056 DynamicEDController (5862fdfecb4754a92568db29ca035432) C:\Windows\SysWOW64\drivers\TSSFSFD.SYS
2011/05/21 02:21:55.0349 4056 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/05/21 02:21:55.0474 4056 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/21 02:21:55.0505 4056 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/05/21 02:21:55.0536 4056 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/05/21 02:21:55.0567 4056 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/05/21 02:21:55.0583 4056 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/21 02:21:55.0614 4056 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/05/21 02:21:55.0630 4056 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/05/21 02:21:55.0645 4056 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/21 02:21:55.0677 4056 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/05/21 02:21:55.0708 4056 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/05/21 02:21:55.0723 4056 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/21 02:21:55.0755 4056 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/21 02:21:55.0770 4056 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/21 02:21:55.0895 4056 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/21 02:21:55.0926 4056 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/05/21 02:21:55.0957 4056 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/05/21 02:21:55.0973 4056 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/21 02:21:56.0004 4056 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/21 02:21:56.0020 4056 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/21 02:21:56.0051 4056 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/21 02:21:56.0098 4056 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/21 02:21:56.0129 4056 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/05/21 02:21:56.0160 4056 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/21 02:21:56.0176 4056 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/05/21 02:21:56.0223 4056 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/05/21 02:21:56.0238 4056 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/21 02:21:56.0269 4056 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/05/21 02:21:56.0285 4056 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/21 02:21:56.0316 4056 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/21 02:21:56.0347 4056 ipgd (d8ace7edae4ffe09d401ed151d81c64e) C:\Windows\system32\DRIVERS\ipgdnd60.sys
2011/05/21 02:21:56.0379 4056 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/21 02:21:56.0410 4056 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/05/21 02:21:56.0410 4056 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/05/21 02:21:56.0441 4056 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/05/21 02:21:56.0472 4056 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/05/21 02:21:56.0488 4056 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/05/21 02:21:56.0503 4056 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/05/21 02:21:56.0535 4056 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/21 02:21:56.0550 4056 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/21 02:21:56.0566 4056 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/05/21 02:21:56.0628 4056 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/05/21 02:21:56.0644 4056 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/21 02:21:56.0659 4056 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/05/21 02:21:56.0691 4056 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/21 02:21:56.0706 4056 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/21 02:21:56.0737 4056 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/21 02:21:56.0769 4056 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/21 02:21:56.0784 4056 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/05/21 02:21:56.0956 4056 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/21 02:21:57.0003 4056 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/21 02:21:57.0049 4056 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/05/21 02:21:57.0065 4056 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/21 02:21:57.0096 4056 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/05/21 02:21:57.0112 4056 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/21 02:21:57.0143 4056 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/05/21 02:21:57.0159 4056 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/05/21 02:21:57.0190 4056 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/21 02:21:57.0221 4056 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/05/21 02:21:57.0252 4056 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/21 02:21:57.0268 4056 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/21 02:21:57.0283 4056 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/21 02:21:57.0299 4056 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/05/21 02:21:57.0330 4056 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/05/21 02:21:57.0361 4056 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/05/21 02:21:57.0361 4056 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/21 02:21:57.0393 4056 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/05/21 02:21:57.0408 4056 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/21 02:21:57.0424 4056 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/21 02:21:57.0439 4056 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/05/21 02:21:57.0455 4056 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/05/21 02:21:57.0486 4056 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/05/21 02:21:57.0502 4056 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/05/21 02:21:57.0517 4056 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/21 02:21:57.0533 4056 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/05/21 02:21:57.0564 4056 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/05/21 02:21:57.0580 4056 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/21 02:21:57.0627 4056 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/05/21 02:21:57.0658 4056 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/21 02:21:57.0673 4056 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/21 02:21:57.0689 4056 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/21 02:21:57.0720 4056 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/21 02:21:57.0751 4056 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/05/21 02:21:57.0751 4056 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/21 02:21:57.0783 4056 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/21 02:21:57.0829 4056 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/21 02:21:57.0829 4056 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/05/21 02:21:57.0861 4056 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/21 02:21:57.0907 4056 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/05/21 02:21:57.0939 4056 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/05/21 02:21:57.0970 4056 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
2011/05/21 02:21:58.0204 4056 nvlddmkm (a963c2c276a97b088ded5d7a83be8052) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/05/21 02:21:58.0282 4056 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/05/21 02:21:58.0297 4056 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys
2011/05/21 02:21:58.0344 4056 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/05/21 02:21:58.0407 4056 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/05/21 02:21:58.0453 4056 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/05/21 02:21:58.0500 4056 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/05/21 02:21:58.0531 4056 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/05/21 02:21:58.0594 4056 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/05/21 02:21:58.0609 4056 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/05/21 02:21:58.0641 4056 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/21 02:21:58.0656 4056 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/05/21 02:21:58.0687 4056 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/05/21 02:21:58.0765 4056 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/21 02:21:58.0765 4056 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/05/21 02:21:58.0797 4056 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/21 02:21:58.0843 4056 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/21 02:21:58.0875 4056 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/21 02:21:58.0906 4056 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/21 02:21:58.0921 4056 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/21 02:21:58.0937 4056 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/21 02:21:58.0953 4056 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/21 02:21:58.0984 4056 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/21 02:21:58.0999 4056 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/21 02:21:59.0015 4056 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/21 02:21:59.0031 4056 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/21 02:21:59.0046 4056 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/21 02:21:59.0062 4056 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
2011/05/21 02:21:59.0093 4056 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/21 02:21:59.0109 4056 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/21 02:21:59.0124 4056 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/05/21 02:21:59.0155 4056 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/05/21 02:21:59.0187 4056 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/05/21 02:21:59.0233 4056 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/21 02:21:59.0249 4056 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
2011/05/21 02:21:59.0327 4056 SASDIFSV (99df79c258b3342b6c8a5f802998de56) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
2011/05/21 02:21:59.0374 4056 SASKUTIL (2859c35c0651e8eb0d86d48e740388f2) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
2011/05/21 02:21:59.0421 4056 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/05/21 02:21:59.0467 4056 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/21 02:21:59.0499 4056 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/21 02:21:59.0530 4056 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/21 02:21:59.0545 4056 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/05/21 02:21:59.0577 4056 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/21 02:21:59.0608 4056 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/05/21 02:21:59.0623 4056 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/21 02:21:59.0639 4056 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/21 02:21:59.0655 4056 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/21 02:21:59.0686 4056 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/21 02:21:59.0701 4056 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/21 02:21:59.0717 4056 skfiltv (01acb9228c303de1fff82b807d28b2b0) C:\Windows\system32\drivers\skfiltv.sys
2011/05/21 02:21:59.0748 4056 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/05/21 02:21:59.0795 4056 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/05/21 02:21:59.0826 4056 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/05/21 02:21:59.0826 4056 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/05/21 02:21:59.0842 4056 sptd - detected LockedFile.Multi.Generic (1)
2011/05/21 02:21:59.0873 4056 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/05/21 02:21:59.0904 4056 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/21 02:21:59.0920 4056 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/21 02:21:59.0967 4056 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/21 02:21:59.0998 4056 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
2011/05/21 02:22:00.0029 4056 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
2011/05/21 02:22:00.0045 4056 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/05/21 02:22:00.0107 4056 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
2011/05/21 02:22:00.0185 4056 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/05/21 02:22:00.0263 4056 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/21 02:22:00.0294 4056 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/21 02:22:00.0325 4056 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/05/21 02:22:00.0341 4056 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/05/21 02:22:00.0357 4056 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/21 02:22:00.0372 4056 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/05/21 02:22:00.0450 4056 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/21 02:22:00.0497 4056 TSS_FSFILTER (5862fdfecb4754a92568db29ca035432) C:\Windows\SysWOW64\DRIVERS\TSSFSFD.SYS
2011/05/21 02:22:00.0528 4056 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/05/21 02:22:00.0544 4056 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/21 02:22:00.0575 4056 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/21 02:22:00.0606 4056 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/21 02:22:00.0637 4056 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/21 02:22:00.0669 4056 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/05/21 02:22:00.0700 4056 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/21 02:22:00.0731 4056 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/05/21 02:22:00.0747 4056 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/21 02:22:00.0778 4056 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/05/21 02:22:00.0809 4056 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/21 02:22:00.0840 4056 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/21 02:22:00.0856 4056 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/21 02:22:00.0887 4056 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/21 02:22:00.0918 4056 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/21 02:22:00.0934 4056 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/21 02:22:00.0981 4056 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/21 02:22:01.0012 4056 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/21 02:22:01.0059 4056 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/21 02:22:01.0074 4056 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/05/21 02:22:01.0121 4056 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/05/21 02:22:01.0152 4056 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/05/21 02:22:01.0183 4056 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
2011/05/21 02:22:01.0215 4056 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
2011/05/21 02:22:01.0230 4056 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/05/21 02:22:01.0261 4056 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/05/21 02:22:01.0277 4056 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/05/21 02:22:01.0308 4056 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/21 02:22:01.0339 4056 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/05/21 02:22:01.0355 4056 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/21 02:22:01.0386 4056 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/21 02:22:01.0386 4056 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/21 02:22:01.0433 4056 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/05/21 02:22:01.0464 4056 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/21 02:22:01.0495 4056 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/21 02:22:01.0527 4056 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/05/21 02:22:01.0573 4056 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
2011/05/21 02:22:01.0589 4056 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/21 02:22:01.0636 4056 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/21 02:22:01.0651 4056 WsAudio_DeviceS(1) (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
2011/05/21 02:22:01.0683 4056 WsAudio_DeviceS(2) (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
2011/05/21 02:22:01.0683 4056 WsAudio_DeviceS(3) (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
2011/05/21 02:22:01.0714 4056 WsAudio_DeviceS(4) (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
2011/05/21 02:22:01.0729 4056 WsAudio_DeviceS(5) (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
2011/05/21 02:22:01.0761 4056 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/05/21 02:22:01.0776 4056 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/21 02:22:01.0948 4056 ================================================================================
2011/05/21 02:22:01.0948 4056 Scan finished
2011/05/21 02:22:01.0948 4056 ================================================================================
2011/05/21 02:22:01.0963 2220 Detected object count: 1
2011/05/21 02:22:10.0060 2220 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/05/21 02:22:19.0560 1636 ================================================================================
2011/05/21 02:22:19.0560 1636 Scan started
2011/05/21 02:22:19.0560 1636 Mode: Manual;
2011/05/21 02:22:19.0560 1636 ================================================================================
2011/05/21 02:22:19.0747 1636 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/05/21 02:22:19.0810 1636 a2acc (0b8ed3de81ec30ad50873f033b34b39e) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
2011/05/21 02:22:19.0872 1636 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/05/21 02:22:19.0888 1636 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/05/21 02:22:19.0935 1636 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/21 02:22:19.0966 1636 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/21 02:22:19.0981 1636 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/21 02:22:20.0028 1636 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/05/21 02:22:20.0059 1636 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/05/21 02:22:20.0075 1636 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/05/21 02:22:20.0091 1636 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/05/21 02:22:20.0106 1636 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/21 02:22:20.0122 1636 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/21 02:22:20.0153 1636 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/05/21 02:22:20.0169 1636 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/21 02:22:20.0169 1636 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/05/21 02:22:20.0200 1636 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/05/21 02:22:20.0231 1636 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/05/21 02:22:20.0247 1636 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/21 02:22:20.0278 1636 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/21 02:22:20.0278 1636 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/05/21 02:22:20.0309 1636 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2011/05/21 02:22:20.0325 1636 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
2011/05/21 02:22:20.0340 1636 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
2011/05/21 02:22:20.0356 1636 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
2011/05/21 02:22:20.0387 1636 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/05/21 02:22:20.0403 1636 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/05/21 02:22:20.0434 1636 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/05/21 02:22:20.0449 1636 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/21 02:22:20.0481 1636 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/21 02:22:20.0496 1636 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/21 02:22:20.0512 1636 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/21 02:22:20.0543 1636 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/05/21 02:22:20.0559 1636 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/21 02:22:20.0574 1636 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/21 02:22:20.0574 1636 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/21 02:22:20.0590 1636 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/21 02:22:20.0621 1636 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/21 02:22:20.0637 1636 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/21 02:22:20.0652 1636 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/21 02:22:20.0699 1636 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/05/21 02:22:20.0761 1636 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/21 02:22:20.0793 1636 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/05/21 02:22:20.0824 1636 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/05/21 02:22:20.0855 1636 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/21 02:22:20.0871 1636 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/05/21 02:22:20.0949 1636 cpuz134 (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys
2011/05/21 02:22:20.0964 1636 cpuz135 (ccb09eb78e047c931708149992c2e435) C:\Windows\system32\drivers\cpuz135_x64.sys
2011/05/21 02:22:20.0995 1636 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/21 02:22:21.0042 1636 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
2011/05/21 02:22:21.0073 1636 DefragFS (cec7f24e28b40829c0fd2d523e72b5d3) C:\Windows\system32\drivers\DefragFS.sys
2011/05/21 02:22:21.0089 1636 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/05/21 02:22:21.0120 1636 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/05/21 02:22:21.0136 1636 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/05/21 02:22:21.0167 1636 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/05/21 02:22:21.0198 1636 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
2011/05/21 02:22:21.0214 1636 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/05/21 02:22:21.0245 1636 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/05/21 02:22:21.0276 1636 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/21 02:22:21.0323 1636 DynamicEDController (5862fdfecb4754a92568db29ca035432) C:\Windows\SysWOW64\drivers\TSSFSFD.SYS
2011/05/21 02:22:21.0417 1636 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/05/21 02:22:21.0463 1636 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/21 02:22:21.0495 1636 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/05/21 02:22:21.0526 1636 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/05/21 02:22:21.0541 1636 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/05/21 02:22:21.0573 1636 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/21 02:22:21.0588 1636 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/05/21 02:22:21.0604 1636 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/05/21 02:22:21.0635 1636 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/21 02:22:21.0666 1636 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/05/21 02:22:21.0682 1636 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/05/21 02:22:21.0697 1636 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/21 02:22:21.0729 1636 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/21 02:22:21.0744 1636 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/21 02:22:21.0853 1636 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/21 02:22:21.0869 1636 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/05/21 02:22:21.0900 1636 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/05/21 02:22:21.0931 1636 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/21 02:22:21.0947 1636 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/21 02:22:21.0963 1636 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/21 02:22:21.0994 1636 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/21 02:22:22.0041 1636 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/21 02:22:22.0072 1636 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/05/21 02:22:22.0087 1636 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/21 02:22:22.0119 1636 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/05/21 02:22:22.0165 1636 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/05/21 02:22:22.0181 1636 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/21 02:22:22.0197 1636 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/05/21 02:22:22.0228 1636 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/21 02:22:22.0259 1636 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/21 02:22:22.0290 1636 ipgd (d8ace7edae4ffe09d401ed151d81c64e) C:\Windows\system32\DRIVERS\ipgdnd60.sys
2011/05/21 02:22:22.0337 1636 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/21 02:22:22.0384 1636 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/05/21 02:22:22.0384 1636 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/05/21 02:22:22.0431 1636 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/05/21 02:22:22.0446 1636 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/05/21 02:22:22.0477 1636 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/05/21 02:22:22.0509 1636 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/05/21 02:22:22.0540 1636 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/21 02:22:22.0555 1636 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/21 02:22:22.0571 1636 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/05/21 02:22:22.0618 1636 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/05/21 02:22:22.0633 1636 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/21 02:22:22.0665 1636 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/05/21 02:22:22.0680 1636 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/21 02:22:22.0696 1636 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/21 02:22:22.0711 1636 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/21 02:22:22.0743 1636 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/21 02:22:22.0758 1636 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/05/21 02:22:22.0789 1636 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/21 02:22:22.0805 1636 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/21 02:22:22.0836 1636 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/05/21 02:22:22.0852 1636 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/21 02:22:22.0852 1636 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/05/21 02:22:22.0867 1636 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/21 02:22:22.0899 1636 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/05/21 02:22:22.0930 1636 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/05/21 02:22:22.0945 1636 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/21 02:22:22.0977 1636 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/05/21 02:22:23.0008 1636 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/21 02:22:23.0023 1636 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/21 02:22:23.0039 1636 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/21 02:22:23.0039 1636 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/05/21 02:22:23.0070 1636 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/05/21 02:22:23.0101 1636 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/05/21 02:22:23.0117 1636 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/21 02:22:23.0133 1636 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/05/21 02:22:23.0148 1636 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/21 02:22:23.0164 1636 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/21 02:22:23.0179 1636 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/05/21 02:22:23.0195 1636 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/05/21 02:22:23.0211 1636 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/05/21 02:22:23.0242 1636 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/05/21 02:22:23.0257 1636 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/21 02:22:23.0273 1636 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/05/21 02:22:23.0289 1636 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/05/21 02:22:23.0320 1636 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/21 02:22:23.0367 1636 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/05/21 02:22:23.0413 1636 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/21 02:22:23.0429 1636 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/21 02:22:23.0445 1636 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/21 02:22:23.0476 1636 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/21 02:22:23.0507 1636 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/05/21 02:22:23.0523 1636 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/21 02:22:23.0538 1636 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/21 02:22:23.0585 1636 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/21 02:22:23.0601 1636 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/05/21 02:22:23.0616 1636 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/21 02:22:23.0679 1636 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/05/21 02:22:23.0725 1636 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/05/21 02:22:23.0803 1636 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
2011/05/21 02:22:24.0053 1636 nvlddmkm (a963c2c276a97b088ded5d7a83be8052) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/05/21 02:22:24.0131 1636 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/05/21 02:22:24.0162 1636 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys
2011/05/21 02:22:24.0193 1636 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/05/21 02:22:24.0225 1636 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/05/21 02:22:24.0271 1636 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/05/21 02:22:24.0303 1636 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/05/21 02:22:24.0334 1636 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/05/21 02:22:24.0365 1636 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/05/21 02:22:24.0396 1636 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/05/21 02:22:24.0412 1636 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/21 02:22:24.0443 1636 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/05/21 02:22:24.0474 1636 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/05/21 02:22:24.0537 1636 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/21 02:22:24.0552 1636 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/05/21 02:22:24.0583 1636 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/21 02:22:24.0630 1636 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/21 02:22:24.0646 1636 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/21 02:22:24.0677 1636 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/21 02:22:24.0693 1636 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/21 02:22:24.0708 1636 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/21 02:22:24.0739 1636 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/21 02:22:24.0755 1636 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/21 02:22:24.0771 1636 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/21 02:22:24.0786 1636 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/21 02:22:24.0817 1636 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/21 02:22:24.0833 1636 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/21 02:22:24.0849 1636 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
2011/05/21 02:22:24.0864 1636 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/21 02:22:24.0895 1636 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/21 02:22:24.0911 1636 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/05/21 02:22:24.0942 1636 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/05/21 02:22:24.0973 1636 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/05/21 02:22:25.0005 1636 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/21 02:22:25.0036 1636 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
2011/05/21 02:22:25.0083 1636 SASDIFSV (99df79c258b3342b6c8a5f802998de56) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
2011/05/21 02:22:25.0114 1636 SASKUTIL (2859c35c0651e8eb0d86d48e740388f2) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
2011/05/21 02:22:25.0161 1636 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/05/21 02:22:25.0207 1636 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/21 02:22:25.0239 1636 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/21 02:22:25.0270 1636 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/21 02:22:25.0285 1636 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/05/21 02:22:25.0317 1636 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/21 02:22:25.0348 1636 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/05/21 02:22:25.0363 1636 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/21 02:22:25.0379 1636 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/21 02:22:25.0410 1636 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/21 02:22:25.0426 1636 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/21 02:22:25.0441 1636 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/21 02:22:25.0473 1636 skfiltv (01acb9228c303de1fff82b807d28b2b0) C:\Windows\system32\drivers\skfiltv.sys
2011/05/21 02:22:25.0488 1636 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/05/21 02:22:25.0519 1636 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/05/21 02:22:25.0566 1636 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/05/21 02:22:25.0566 1636 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/05/21 02:22:25.0566 1636 sptd - detected LockedFile.Multi.Generic (1)
2011/05/21 02:22:25.0597 1636 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/05/21 02:22:25.0629 1636 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/21 02:22:25.0660 1636 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/21 02:22:25.0707 1636 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/21 02:22:25.0722 1636 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
2011/05/21 02:22:25.0753 1636 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
2011/05/21 02:22:25.0769 1636 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/05/21 02:22:25.0847 1636 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
2011/05/21 02:22:25.0925 1636 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/05/21 02:22:25.0987 1636 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/21 02:22:26.0019 1636 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/21 02:22:26.0050 1636 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/05/21 02:22:26.0065 1636 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/05/21 02:22:26.0081 1636 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/21 02:22:26.0097 1636 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/05/21 02:22:26.0159 1636 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/21 02:22:26.0221 1636 TSS_FSFILTER (5862fdfecb4754a92568db29ca035432) C:\Windows\SysWOW64\DRIVERS\TSSFSFD.SYS
2011/05/21 02:22:26.0237 1636 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/05/21 02:22:26.0253 1636 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/21 02:22:26.0284 1636 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/21 02:22:26.0299 1636 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/21 02:22:26.0331 1636 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/21 02:22:26.0362 1636 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/05/21 02:22:26.0393 1636 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/21 02:22:26.0424 1636 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/05/21 02:22:26.0440 1636 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/21 02:22:26.0455 1636 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/05/21 02:22:26.0487 1636 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/21 02:22:26.0518 1636 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/21 02:22:26.0533 1636 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/21 02:22:26.0549 1636 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/21 02:22:26.0580 1636 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/21 02:22:26.0611 1636 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/21 02:22:26.0643 1636 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/21 02:22:26.0674 1636 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/21 02:22:26.0689 1636 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/21 02:22:26.0721 1636 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/05/21 02:22:26.0752 1636 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/05/21 02:22:26.0767 1636 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/05/21 02:22:26.0783 1636 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
2011/05/21 02:22:26.0799 1636 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
2011/05/21 02:22:26.0799 1636 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/05/21 02:22:26.0845 1636 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/05/21 02:22:26.0861 1636 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/05/21 02:22:26.0877 1636 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/21 02:22:26.0908 1636 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/05/21 02:22:26.0939 1636 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/21 02:22:26.0955 1636 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/21 02:22:26.0970 1636 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/21 02:22:27.0001 1636 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/05/21 02:22:27.0033 1636 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/21 02:22:27.0064 1636 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/21 02:22:27.0095 1636 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/05/21 02:22:27.0142 1636 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
2011/05/21 02:22:27.0157 1636 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/21 02:22:27.0189 1636 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/21 02:22:27.0220 1636 WsAudio_DeviceS(1) (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
2011/05/21 02:22:27.0235 1636 WsAudio_DeviceS(2) (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
2011/05/21 02:22:27.0251 1636 WsAudio_DeviceS(3) (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
2011/05/21 02:22:27.0267 1636 WsAudio_DeviceS(4) (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
2011/05/21 02:22:27.0267 1636 WsAudio_DeviceS(5) (ad12f5c7251bb8d575d560894e73cbba) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
2011/05/21 02:22:27.0313 1636 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/05/21 02:22:27.0313 1636 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/21 02:22:27.0485 1636 ================================================================================
2011/05/21 02:22:27.0485 1636 Scan finished
2011/05/21 02:22:27.0485 1636 ================================================================================
2011/05/21 02:22:27.0516 3596 Detected object count: 1
2011/05/21 02:22:53.0662 3596 LockedFile.Multi.Generic(sptd) - User select action: Skip


  • 0

#8
Render
Posted 20 May 2011 - 12:45 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
So you didn't uninstall Daemon Tools?
  • 0

#9
bluewr
Posted 20 May 2011 - 12:49 PM

bluewr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

So you didn't uninstall Daemon Tools?


I did, I unstalled both Daemon Tool and it's toolbar.
It's not showing up in CC Cleaner's uninstall screen too.
  • 0

#10
Render
Posted 20 May 2011 - 01:10 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK. Please do these steps:

Step 1

We need to run an OTL Fix

  • Please reopen Posted Image on your desktop.
  • Copy (select all lines inside quote box and press CTRL+C) and Paste (press CTRL+V) the following code into the Posted Image textbox.

    :OTL
    DRV:64bit: - [2010/09/25 01:17:22 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

    :Files
    ipconfig /flushdns /c

    :Reg

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Click on Posted Image button.
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click on Posted Image button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.

Step 2

  • Double click the aswMBR.exe to run it.

    Posted Image
  • Click the Scan button to start scan.

    Posted Image
  • On completion of the scan click Save log, save it to your desktop and post in your next reply.

When completed the above, please post back the following in the order asked for:
  • aswMBR log

  • 0

Advertisements

#11
bluewr
Posted 20 May 2011 - 01:55 PM

bluewr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
I cannot complete the first step.
Everytime I try to run it, it goes to a BSOD with this error 0x0000001E

I'm going to try one more time in Safe Mode.
  • 0

#12
bluewr
Posted 20 May 2011 - 02:14 PM

bluewr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Successful run OTL in Safe mode

OTL Log

All processes killed
========== OTL ==========
Service sptd stopped successfully!
Service sptd deleted successfully!
C:\Windows\SysNative\drivers\sptd.sys moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Sizustar
->Temp folder emptied: 266856 bytes
->Temporary Internet Files folder emptied: 27094553 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16254237 bytes
->Flash cache emptied: 615 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 123717 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 2925 bytes

Total Files Cleaned = 42.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Sizustar
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Error creating restore point.

OTL by OldTimer - Version 3.2.22.3 log created on 05212011_040622

Files\Folders moved on Reboot...
C:\Users\Sizustar\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


AMBR log

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-21 04:11:14
-----------------------------
04:11:14.579 OS Version: Windows x64 6.1.7601 Service Pack 1
04:11:14.579 Number of processors: 4 586 0x403
04:11:14.579 ComputerName: SIZUSTAR-PC UserName: Sizustar
04:11:15.312 Initialize success
04:11:16.919 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
04:11:16.919 Disk 0 Vendor: WDC_WD1001FALS-00J7B0 05.00K05 Size: 953869MB BusType: 3
04:11:16.934 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-5
04:11:16.934 Disk 1 Vendor: ST31500341AS CC1H Size: 1430799MB BusType: 3
04:11:16.934 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T1L0-6
04:11:16.950 Disk 2 Vendor: WDC_WD3200SD-01KNB0 08.05J08 Size: 305245MB BusType: 3
04:11:16.950 Disk 0 MBR read successfully
04:11:16.966 Disk 0 MBR scan
04:11:16.966 Disk 0 Windows 7 default MBR code
04:11:16.966 Service scanning
04:11:19.150 Disk 0 trace - called modules:
04:11:19.165 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
04:11:19.181 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007aba060]
04:11:19.181 3 CLASSPNP.SYS[fffff8800166c43f] -> nt!IofCallDriver -> [0xfffffa8006b18e40]
04:11:19.196 5 ACPI.sys[fffff88000f617a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0xfffffa8006b23680]
04:11:19.196 Scan finished successfully
04:11:53.564 Disk 0 MBR has been saved successfully to "C:\Users\Sizustar\Desktop\MBR.dat"
04:11:53.564 The log file has been saved successfully to "C:\Users\Sizustar\Desktop\aswMBR.txt"



  • 0

#13
Render
Posted 20 May 2011 - 02:20 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK. MBR looks clean. Let's try with this now:

Download AVPTool from Here to your desktop

Run the program you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan
  • On the first tab select all elements down to Computer and then select start scan
  • Once it has finished select report and post that.

Posted Image

Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop

Now an analysis scan
  • Select the Manual Disinfection tab
  • Press the Gather System Information button
  • Once done Open the last report saved folder then attach the zip file to your next post zip
  • The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image

How to add an attachment to a new topic or reply
  • 0

#14
bluewr
Posted 21 May 2011 - 12:39 AM

bluewr

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
My computer doesn't like AVTP Tool
It keep on freezing Explorer.exe
  • 0

#15
Render
Posted 21 May 2011 - 04:59 AM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK. Try with this:

Rootkit Unhooker:
  • Please download Rootkit Unhooker and save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth. Uncheck the rest and then click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get the following warning, just click OK and continue.

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP