Below SBSD is the outcome of OTL:
--- Report generated: 2011-10-24 12:01 ---
Babylon.Toolbar: [SBI $5FA838EA] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
FraudAV.SJhorwPa: [SBI $235411ED] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bdsandbox
FraudAV.SJhorwPa: [SBI $235411ED] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bdsandbox
FraudAV.SJhorwPa: [SBI $FCC65F0B] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bdsandbox
FraudAV.SJhorwPa: [SBI $FCC65F0B] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bdsandbox
FraudAV.SJhorwPa: [SBI $82BB58A0] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bdsandbox
FraudAV.SJhorwPa: [SBI $82BB58A0] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bdsandbox
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2011-10-24 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2011-03-18 Includes\Adware.sbi (*)
2011-08-29 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-12-14 Includes\Dialer.sbi (*)
2011-03-08 Includes\DialerC.sbi (*)
2011-02-24 Includes\HeavyDuty.sbi (*)
2011-03-29 Includes\Hijackers.sbi (*)
2011-10-04 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-12-14 Includes\Keyloggers.sbi (*)
2011-09-27 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2011-10-04 Includes\Malware.sbi (*)
2011-10-18 Includes\MalwareC.sbi (*)
2011-02-24 Includes\PUPS.sbi (*)
2011-10-11 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2011-02-24 Includes\Security.sbi (*)
2011-05-03 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2011-10-18 Includes\Spyware.sbi (*)
2011-10-18 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2011-09-28 Includes\Trojans.sbi (*)
2011-10-18 Includes\TrojansC-02.sbi (*)
2011-10-13 Includes\TrojansC-03.sbi (*)
2011-10-10 Includes\TrojansC-04.sbi (*)
2011-10-18 Includes\TrojansC-05.sbi (*)
2011-09-27 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
OTL logfile created on: 10/24/2011 4:16:30 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Administrator\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.86 Gb Total Physical Memory | 5.54 Gb Available Physical Memory | 70.48% Memory free
19.66 Gb Paging File | 17.13 Gb Available in Paging File | 87.17% Paging File free
Paging file location(s): c:\pagefile.sys 12078 12078 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.97 Gb Total Space | 393.20 Gb Free Space | 86.81% Space Free | Partition Type: NTFS
Computer Name: ALFREDO-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/10/24 16:14:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Downloads\OTL.exe
PRC - [2011/09/21 14:04:09 | 000,093,912 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\Antispam32\pchooklaunch32.exe
PRC - [2011/09/07 18:14:04 | 000,161,336 | ---- | M] (Google) -- C:\Users\Administrator\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/02/26 01:35:04 | 001,289,296 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/02/26 01:35:04 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/02/26 01:35:04 | 000,288,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/01/14 16:08:16 | 000,378,128 | ---- | M] (PC Tools) -- C:\Program Files (x86)\ThreatFire\TFTray.exe
PRC - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files (x86)\ThreatFire\TFService.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
========== Modules (No Company Name) ==========
MOD - [2009/05/20 17:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/10/10 08:32:14 | 000,341,296 | ---- | M] (Nitro PDF Software) [Disabled | Stopped] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2011/09/21 14:04:11 | 000,074,336 | ---- | M] (BitDefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe -- (SafeBox)
SRV:64bit: - [2011/09/21 14:03:58 | 000,466,736 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV:64bit: - [2011/09/21 14:03:53 | 000,062,512 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2011/09/21 14:03:05 | 001,938,624 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (VSSERV)
SRV:64bit: - [2011/07/28 16:35:34 | 000,204,288 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/06/13 22:21:14 | 000,343,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV:64bit: - [2011/04/11 11:57:02 | 000,029,040 | ---- | M] (BitDefender) [Disabled | Stopped] -- C:\Program Files\BitDefender\TrafficLight\bsserv.exe -- (bsserv)
SRV:64bit: - [2010/02/05 22:23:06 | 000,865,824 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Disabled | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/11/02 14:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/10/10 14:38:38 | 000,419,624 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/05 20:04:20 | 000,011,264 | ---- | M] (MillieSoft) [Disabled | Stopped] -- C:\Program Files (x86)\MillieSoft\TunerFreeMCE\TunerFreeMCEService.exe -- (TunerFreeMCEService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/03/03 16:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/03 16:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/02/26 01:35:04 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/02/01 13:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2009/12/23 19:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/10/22 14:51:56 | 000,096,376 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SMR210.SYS -- (SMR210)
DRV:64bit: - [2011/09/21 14:03:30 | 000,553,280 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2011/09/21 14:02:54 | 000,674,904 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2011/09/21 10:20:48 | 000,102,992 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/07/28 17:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/28 15:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/07/22 20:20:05 | 000,288,600 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2011/07/15 16:12:44 | 000,258,224 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2011/03/24 15:36:22 | 000,431,176 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/01 17:45:46 | 000,089,680 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2011/02/25 15:39:50 | 000,102,992 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\TrafficLight\bdfwfpf.sys -- (bdfwfpf_bs)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/04/07 13:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/01/19 19:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2010/01/14 16:08:34 | 000,059,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TfSysMon)
DRV:64bit: - [2010/01/14 16:08:32 | 000,041,888 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2010/01/14 16:08:30 | 000,065,072 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2009/12/17 12:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/12/01 21:21:32 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/11/02 14:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/26 15:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/21 23:55:06 | 000,272,432 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/10/16 05:32:22 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink
DRV:64bit: - [2009/09/30 12:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 21:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 21:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 21:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 21:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/05 19:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 19:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2011/10/12 15:51:05 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2011/03/18 11:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2010/07/09 12:19:04 | 000,021,480 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys -- (cpuz134)
DRV - [2010/03/02 22:15:52 | 000,022,016 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\1UnHooker.sys -- (1UnHooker)
DRV - [2009/12/18 11:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2003/04/04 15:07:20 | 000,030,336 | ---- | M] (Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 67 40 9B 54 7D 92 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.searchEnginesURL: "https://addons.mozil...earch-engines/"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2011/09/21 10:11:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011/10/13 08:49:36 | 000,000,000 | ---D | M]
[2011/10/07 13:59:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2011/10/11 08:52:04 | 000,002,428 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Hardys Browser\HyperSonic\Profiles\392x3ipn.default\searchplugins\search-dial.xml
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI
[2011/10/11 06:21:06 | 000,000,000 | ---D | M] (Flagfox) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{1018E4D6-728F-4B20-AD56-37578A4DE76B}
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011/10/11 08:34:22 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{1BC9BA34-1EED-42CA-A505-6D2F1A935BBB}
[2011/10/11 05:35:54 | 000,000,000 | ---D | M] (IE Tab 2 (HS 3.6+)) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{1BC9BA34-1EED-42CA-A505-6D2F1A935BBC}
[2011/10/11 05:35:54 | 000,000,000 | ---D | M] (OpenDownload²) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{210249CE-F888-11DD-B868-4CB456D89593}
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{28197867-B1EF-4140-8E3B-55C45B9C8460}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{5C655500-E712-41E7-9349-CE462F844B19}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{89506680-E3F4-484C-A2C0-ED711D481EDA}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{8B72860F-C5F8-4286-865E-D2C2DB98A9E6}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{987311C6-B504-4AA2-90BF-60CC49808D42}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{9D6218B8-03C7-4B91-AA43-680B305DD35C}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{B9615918-D3DE-44A4-AB65-76DF7EA1F1C1}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{BAEBEF65-9289-47C5-8524-C345CC5D860D}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{C36177C0-224A-11DA-8CD6-0800200C9A91}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{CD617372-6743-4EE4-BAC4-FBF60F35719E}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{CD617375-6743-4EE8-BAC4-FBF10F35729E}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{D47A9F51-8281-43FA-F450-F28EF8735E9A}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{E4DD63FA-01E4-46A7-B6B1-EDAB7D6AD378}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{F69E22C7-BC50-414A-9269-0F5C344CD94D}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{FA8476CF-A98C-4E08-99B4-65A69CB4B7D4}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.XPI
[2011/10/11 05:43:36 | 000,000,000 | ---D | M] (New Tab King) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{FC5BAC7D-D696-4BA6-B913-CF8F000C33DF}
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
[2011/10/11 05:35:25 | 000,000,000 | ---D | M] (Minimize To Tray) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
[2011/10/11 07:21:07 | 000,000,000 | ---D | M] (Your Virtual Shrink) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\SHRINK@FFADDON
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
O1 HOSTS File: ([2011/10/24 11:23:40 | 000,438,082 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15065 more lines...
O2:64bit: - BHO: (no name) - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - No CLSID value found.
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FAE3E6B1-1936-40D6-9ACC-59EBCF661CCB} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe (PC Tools)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: UseOEMBackground = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:64bit: - Extra 'Tools' menuitem : Speckie Settings - {E6846530-6088-4AA3-932F-C6245CE59A4C} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : Speckie Settings - {E6846530-6088-4AA3-932F-C6245CE59A4C} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: //@surf.mar@/ ([]money in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} http://content.syste...64_4.4.24.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.micr...44/igdtoolx.cab (Reg Error: Key error.)
O16 - DPF: {A0CC33E0-9DF0-4361-A94D-E55C4008788F} http://biosagentplus...osagentplus.cab (BiosAgentPlus ActiveX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.4.24.0.cab (SysInfo Class)
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} http://cainternetsec...r/cascanner.cab (CAScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.217.0.5 24.217.201.67 68.113.206.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68523657-D340-45B7-BF27-0C48EB494F6E}: DhcpNameServer = 24.217.0.5 24.217.201.67 68.113.206.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68523657-D340-45B7-BF27-0C48EB494F6E}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6D948D1-1E87-439B-A49C-3E608503CD12}: DhcpNameServer = 24.217.0.5 24.217.201.67 68.113.206.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6D948D1-1E87-439B-A49C-3E608503CD12}: NameServer = 208.67.222.222,208.67.220.220
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - "\\LIVE.SYSINTERNALS.COM\TOOLS\PROCEXP.EXE" File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - "\\LIVE.SYSINTERNALS.COM\TOOLS\PROCEXP.EXE" File not found
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/10/24 12:56:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\TagsRevisited
[2011/10/24 11:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/10/24 08:08:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Deployment
[2011/10/24 07:11:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\CAROLS FILES
[2011/10/24 06:14:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Desktop Ticker
[2011/10/24 06:14:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desktop Ticker
[2011/10/24 06:06:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Kindle Content
[2011/10/24 06:06:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Amazon
[2011/10/24 06:06:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2011/10/24 04:35:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{C1C9DF43-3CDA-4FBA-866D-E7E7B5699BA0}
[2011/10/23 12:22:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apps
[2011/10/23 11:59:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Evernote
[2011/10/23 05:16:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{A925DB7E-1F66-4B72-BA3F-B5C3327F9179}
[2011/10/23 05:16:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{BECA3209-B874-40F4-9E4D-CFEACC134E28}
[2011/10/23 05:16:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Tracing
[2011/10/23 05:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/10/23 05:10:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Windows Live
[2011/10/22 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Metric Converter
[2011/10/22 15:58:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Microsoft Indic Language Input Tool Getting Started_files
[2011/10/22 15:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Indic Language Input Tool
[2011/10/22 15:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Indic Language Input Tool
[2011/10/22 15:30:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\CrashDumps
[2011/10/22 15:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2011/10/22 14:51:56 | 000,096,376 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS
[2011/10/22 14:51:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\NPE
[2011/10/22 14:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/10/22 14:49:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Evernote
[2011/10/22 13:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire
[2011/10/22 13:56:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\MyFlash
[2011/10/22 11:15:53 | 000,000,000 | ---D | C] -- C:\Data
[2011/10/22 10:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2011/10/22 10:33:10 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Yahoo!
[2011/10/22 04:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IOBIT Uninstaller
[2011/10/21 23:25:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Eraser
[2011/10/21 23:25:44 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}
[2011/10/21 23:25:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eraser
[2011/10/21 23:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Your Cleaner
[2011/10/21 22:57:50 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\RealWorld
[2011/10/21 19:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy Cleaner
[2011/10/21 19:25:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Social Society
[2011/10/21 19:24:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\New Age
[2011/10/21 19:24:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Morse Code
[2011/10/21 19:23:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\bdch
[2011/10/21 19:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Dumps
[2011/10/21 19:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch
[2011/10/21 17:59:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Google
[2011/10/21 16:59:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\MPlayer
[2011/10/21 15:59:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\KaraokeKanta
[2011/10/21 15:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ilusion Software
[2011/10/21 15:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\B-Lyrics-Mimer
[2011/10/21 15:47:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\7plus
[2011/10/21 15:37:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7Plusv.2.3.0-64
[2011/10/21 14:18:11 | 000,000,000 | ---D | C] -- C:\22b6d77840015881431e68
[2011/10/21 08:50:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Styler
[2011/10/20 16:26:25 | 000,059,880 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfSysMon.sys
[2011/10/20 16:26:25 | 000,041,888 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfNetMon.sys
[2011/10/20 16:26:24 | 000,065,072 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfFsMon.sys
[2011/10/20 16:26:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ThreatFire
[2011/10/20 15:27:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\HTML Executable
[2011/10/20 14:58:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashGameDownloader
[2011/10/20 13:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/10/20 10:43:12 | 000,000,000 | -H-D | C] -- C:\MyWinLockerData
[2011/10/19 15:12:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\MY BOOKS
[2011/10/19 12:37:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\VASSAL
[2011/10/19 12:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VASSAL
[2011/10/19 08:45:31 | 000,323,592 | ---- | C] (VBGold Software) -- C:\Windows\SysWow64\sprinter.ocx
[2011/10/19 08:45:31 | 000,052,736 | ---- | C] (Outrider Systems, Inc.) -- C:\Windows\SysWow64\spin32.ocx
[2011/10/19 08:45:31 | 000,000,000 | ---D | C] -- C:\EuroSoft
[2011/10/18 12:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unicode
[2011/10/18 09:21:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\KillSwitch 2
[2011/10/18 06:30:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Notation
[2011/10/18 06:30:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Templates
[2011/10/18 06:30:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Songs
[2011/10/18 06:30:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notation
[2011/10/18 06:20:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Windows 7 Account Screen Editor
[2011/10/17 15:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashGet Network
[2011/10/17 12:52:10 | 000,000,000 | ---D | C] -- C:\Windows\UXBackup
[2011/10/17 11:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/10/17 07:20:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\vlc
[2011/10/16 15:47:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Template
[2011/10/16 15:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
[2011/10/16 15:40:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro PDF
[2011/10/16 14:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\CA
[2011/10/16 11:05:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/16 07:57:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Weblog Posts
[2011/10/16 07:57:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Windows Live Writer
[2011/10/16 07:57:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Windows Live Writer
[2011/10/16 07:23:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Start Orb Manager
[2011/10/15 13:56:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Privacy Guardian
[2011/10/15 13:31:20 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2011/10/15 13:31:20 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2011/10/15 13:31:20 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2011/10/15 13:31:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/10/15 13:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Privacy Guardian
[2011/10/15 12:02:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Kingsoft
[2011/10/15 12:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Kingsoft
[2011/10/15 12:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kingsoft
[2011/10/15 11:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011/10/15 06:02:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\WIN 7 SYS HACKS
[2011/10/14 15:09:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resource Hacker
[2011/10/14 14:21:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Win7codecs
[2011/10/14 14:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win7codecs
[2011/10/14 14:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2011/10/14 10:06:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Secunia PSI
[2011/10/14 08:19:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2011/10/14 08:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/10/14 08:18:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Winamp
[2011/10/14 08:18:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011/10/14 08:16:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/10/14 07:43:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Shark007
[2011/10/14 07:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Shark007
[2011/10/14 07:43:32 | 001,573,376 | ---- | C] (MPC-HC Team) -- C:\Windows\SysNative\VSFilter.dll
[2011/10/14 07:43:32 | 000,548,864 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\SysNative\lameacm.acm
[2011/10/14 07:43:32 | 000,360,960 | ---- | C] (fccHandler) -- C:\Windows\SysNative\aacacm.acm
[2011/10/14 07:43:32 | 000,176,640 | ---- | C] (fccHandler) -- C:\Windows\SysNative\ac3acm.acm
[2011/10/14 07:43:32 | 000,147,968 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2011/10/14 07:43:32 | 000,124,909 | ---- | C] (Open Source Software community project) -- C:\Windows\SysNative\pthreadGC2.dll
[2011/10/14 07:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Shark007
[2011/10/14 07:40:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\JLC's Software
[2011/10/14 07:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2011/10/14 07:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2011/10/14 06:07:56 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2011/10/14 06:07:55 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2011/10/14 05:41:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Intel Corporation
[2011/10/14 05:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2011/10/14 05:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/10/13 15:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AUDIO-VIDEO-VISUAL
[2011/10/13 15:44:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011/10/13 15:43:48 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011/10/13 15:43:48 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011/10/13 15:43:48 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011/10/13 15:43:48 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011/10/13 15:43:48 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011/10/13 15:43:47 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2011/10/13 15:43:47 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2011/10/13 15:43:47 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2011/10/13 15:43:47 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2011/10/13 15:43:37 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011/10/13 15:43:37 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011/10/13 15:43:37 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011/10/13 15:43:37 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011/10/13 15:43:35 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011/10/13 15:43:35 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011/10/13 15:43:30 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2011/10/13 15:43:30 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2011/10/13 15:43:30 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2011/10/13 15:43:29 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2011/10/13 15:43:29 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2011/10/13 15:43:27 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2011/10/13 15:43:25 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2011/10/13 15:43:25 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011/10/13 15:43:24 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2011/10/13 15:43:24 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011/10/13 15:43:21 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2011/10/13 15:43:09 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011/10/13 15:43:09 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2011/10/13 15:43:08 | 000,527,872 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2011/10/13 15:43:08 | 000,515,584 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2011/10/13 15:43:08 | 000,439,808 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2011/10/13 15:43:07 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2011/10/13 15:43:07 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2011/10/13 15:43:06 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2011/10/13 15:43:06 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2011/10/13 15:43:06 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2011/10/13 15:43:06 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2011/10/13 15:43:06 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2011/10/13 15:43:06 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2011/10/13 15:43:06 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2011/10/13 15:43:06 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2011/10/13 15:43:06 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2011/10/13 11:01:10 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Documents\Scanned Documents
[2011/10/13 11:01:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Fax
[2011/10/13 08:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2011/10/13 08:05:11 | 000,000,000 | ---D | C] -- C:\903e7caffb9dc36f64
[2011/10/13 06:23:03 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Karen's Power Tools
[2011/10/12 15:51:05 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2011/10/12 15:51:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\eSupport.com
[2011/10/12 11:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Karen's Power Tools
[2011/10/12 11:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Karen's Power Tools
[2011/10/12 06:25:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Cyberlink
[2011/10/12 06:23:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Nero
[2011/10/12 06:15:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\CyberLink
[2011/10/12 06:15:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\CyberLink
[2011/10/12 06:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011/10/11 14:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\7plus V.2.3.0 X64 Binary
[2011/10/11 14:13:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\STUFF ETC
[2011/10/11 14:10:43 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Windows 7 ETC
[2011/10/11 14:09:52 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\BitDefender
[2011/10/11 14:08:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Fun Stuff
[2011/10/11 14:08:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Hijack This
[2011/10/11 14:07:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\GRC SECURITY
[2011/10/11 14:06:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\NETGEAR
[2011/10/11 05:35:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Hardys Browser
[2011/10/11 05:16:41 | 000,000,000 | ---D | C] -- C:\Portable Program Files
[2011/10/11 05:08:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/10/11 05:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/10/11 05:06:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apple
[2011/10/11 05:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/10/11 05:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/10/11 05:02:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011/10/11 04:21:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\M8 Software
[2011/10/11 04:16:11 | 000,230,864 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2011/10/10 14:37:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011/10/10 14:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011/10/10 11:39:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GCH Guitar academy
[2011/10/10 08:10:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\DMCache
[2011/10/10 08:07:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\CrosswordSolver
[2011/10/10 08:04:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\ASC
[2011/10/10 07:49:48 | 000,060,928 | ---- | C] (TODO: <Название организации>) -- C:\Windows\SysWow64\log32.exe
[2011/10/10 07:20:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TripleA
[2011/10/10 07:12:25 | 000,000,000 | RHSD | C] -- C:\Winmend~Folder~Hidden
[2011/10/09 17:18:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\IsolatedStorage
[2011/10/09 17:09:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Get from YouTube
[2011/10/09 14:20:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Import Audio from Video
[2011/10/09 14:19:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Free Audio Editor
[2011/10/09 14:16:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Nitro PDF
[2011/10/09 14:16:25 | 000,028,976 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2011/10/09 14:16:25 | 000,017,200 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2011/10/09 14:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF
[2011/10/09 14:16:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
[2011/10/09 14:15:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Downloaded Installations
[2011/10/09 13:48:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SlimCleaner
[2011/10/09 07:42:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Identities
[2011/10/09 04:52:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Foxit Software
[2011/10/08 15:06:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Freemake
[2011/10/08 15:03:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Apple Computer
[2011/10/08 15:03:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apple Computer
[2011/10/08 15:03:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Titanium
[2011/10/08 07:30:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\BleachBit
[2011/10/07 16:43:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\SECURITY CHECK 3X WEEKLY
[2011/10/07 16:32:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Earth Alerts
[2011/10/07 16:32:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\images
[2011/10/07 16:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Earth Alerts
[2011/10/07 15:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dhaatu The Periodic Table of Elements
[2011/10/07 15:15:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\calibre
[2011/10/07 15:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\alcyone
[2011/10/07 15:02:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\WinPatrol
[2011/10/07 13:59:39 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Mozilla
[2011/10/07 13:59:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2011/10/07 07:48:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\KeePass
[2011/10/07 05:19:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Copy of Favorites
[2011/10/07 04:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CC PDF Converter
[2011/10/06 17:04:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\ProgSense
[2011/10/06 17:03:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\GrabPro
[2011/10/06 17:03:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2011/10/06 17:03:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\OpenCandy
[2011/10/06 14:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2011/10/06 14:45:40 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2011/10/06 14:29:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\pdfforge
[2011/10/06 14:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2011/10/05 14:57:56 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\FreeFileViewer
[2011/10/05 14:23:10 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\FormatFactory
[2011/10/05 07:58:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\FixItCenter
[2011/10/05 07:57:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Softland
[2011/10/05 07:54:51 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2011/10/05 07:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2011/10/05 07:46:42 | 001,287,168 | ---- | C] (MPC-HC Team) -- C:\Windows\SysWow64\VSFilter.dll
[2011/10/05 05:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2011/10/04 08:22:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Console
[2011/10/04 08:04:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Notepad++
[2011/10/04 07:27:17 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011/10/04 06:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safer Networking
[2011/10/04 05:48:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Musette
[2011/10/04 05:48:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Musette
[2011/10/04 05:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ginsh John
[2011/10/03 14:29:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Adobe
[2011/10/03 13:20:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Mozilla
[2011/10/03 10:10:06 | 000,344,064 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\AACACM.acm
[2011/10/03 09:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2011/10/03 07:35:50 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\FFOutput
[2011/10/03 07:35:47 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2011/10/03 07:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2011/10/02 14:23:47 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2011/10/02 14:23:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011/10/02 14:15:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\MusE
[2011/10/02 14:15:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\MusE
[2011/10/02 14:12:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Luxand
[2011/10/02 14:10:04 | 000,000,000 | ---D | C] -- C:\ProgramData\MCS EMCF D
[2011/10/02 14:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Music Composer Free
[2011/10/02 14:03:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\NCH Swift Sound
[2011/10/02 14:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound
[2011/10/02 14:01:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Swift Sound
[2011/10/02 13:46:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\LibreOffice
[2011/10/02 12:35:31 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SlimWare Utilities Inc
[2011/10/02 12:02:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MICROSOFT SOFTWARE
[2011/10/02 12:01:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INTEL SOFTWARE
[2011/10/02 11:33:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GAMES ETC
[2011/10/02 11:33:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACER SOFTWARE
[2011/10/02 11:32:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INTERNET ETC
[2011/10/02 11:30:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC UTILITIES
[2011/10/02 11:29:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EDUCATIONAL
[2011/10/02 11:28:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\E-READERS ETC
[2011/10/02 11:28:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OFFICE SUITES ETC
[2011/10/02 11:25:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC SECURITY
[2011/10/02 11:20:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AUDIO-VIDEO-VISUAL
[2011/10/01 11:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DonationCoder
[2011/10/01 08:46:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
[2011/10/01 08:01:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\NoteTab Light
[2011/10/01 07:57:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2011/10/01 06:02:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\FastStone
[2011/10/01 04:55:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Auslogics
[2011/09/30 16:47:05 | 000,421,376 | ---- | C] (Softuarium) -- C:\Windows\SysWow64\WebPicLib.ocx
[2011/09/30 16:47:05 | 000,303,104 | ---- | C] (BUAA) -- C:\Windows\SysWow64\EasyIcon.ocx
[2011/09/30 16:11:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Media Player Classic
[2011/09/30 14:08:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/09/30 13:18:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Paint.NET
[2011/09/30 08:28:54 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Diagnostics
[2011/09/30 08:12:43 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Free File Opener
[2011/09/30 07:35:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\FlashGetBHO
[2011/09/30 07:19:31 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\IrfanView
[2011/09/30 06:15:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\alfredo2131
[2011/09/30 06:15:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SafeBox
[2011/09/30 05:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Musicpad
[2011/09/30 05:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicScore Music Software
[2011/09/30 05:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECACHE
[2011/09/30 05:18:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\IObit
[2011/09/30 05:18:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2011/09/30 05:17:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes
[2011/09/30 05:08:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Documents\My Stationery
[2011/09/30 05:08:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Received Files
[2011/09/30 05:08:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\ASCOM
[2011/09/30 05:05:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\DO NOT DELETE
[2011/09/29 16:26:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\FlashGet
[2011/09/29 16:26:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\BITS
[2011/09/29 15:59:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Adobe
[2011/09/29 15:57:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\ATI
[2011/09/29 15:57:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ATI
[2011/09/29 15:53:44 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Searches
[2011/09/29 15:53:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/09/29 15:53:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/09/29 15:53:43 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Contacts
[2011/09/29 15:53:43 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/09/29 15:53:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\VirtualStore
[2011/09/29 15:53:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Bitdefender
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Temporary Internet Files
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Templates
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Start Menu
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\SendTo
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Recent
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\PrintHood
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\NetHood
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Videos
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Pictures
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Music
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\My Documents
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Local Settings
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\History
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Cookies
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Application Data
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Application Data
[2011/09/29 15:52:25 | 000,000,000 | --SD | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft
[2011/09/29 15:52:25 | 000,000,000 | R-SD | C] -- C:\Users\Administrator\Downloads
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Videos
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Saved Games
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Pictures
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Music
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Links
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Favorites
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Documents
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Desktop
[2011/09/29 15:52:25 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData
[2011/09/29 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Temp
[2011/09/29 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Microsoft
[2011/09/29 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Media Center Programs
[2011/09/29 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Macromedia
[2011/09/29 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/09/28 12:37:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VB6 Runtime
[2011/09/28 12:29:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2011/09/28 06:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2011/09/28 05:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/09/28 05:38:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/09/28 05:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/09/28 05:38:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011/09/28 05:34:04 | 000,000,000 | ---D | C] -- C:\ATI
[2011/09/28 05:31:40 | 000,000,000 | ---D | C] -- C:\AMD
[2011/09/27 13:26:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sweet Home 3D
[2011/09/27 13:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\yWriter5
[2011/09/27 12:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/09/27 12:35:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2011/09/27 12:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011/09/27 12:23:21 | 000,000,000 | ---D | C] -- C:\temp
[2011/09/27 07:12:28 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTAudioFile2.dll
[2011/09/27 07:12:28 | 001,212,416 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioInformation2.dll
[2011/09/27 07:12:28 | 000,602,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioTransform2.dll
[2011/09/27 07:12:28 | 000,479,232 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioVisualization2.dll
[2011/09/27 07:12:28 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioRecord2.dll
[2011/09/27 07:12:28 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioPlayer2.dll
[2011/09/27 07:12:28 | 000,417,792 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTTextToAudio2.dll
[2011/09/27 07:12:28 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTWMAFile2.dll
[2011/09/27 07:12:27 | 000,880,640 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioEditor2.dll
[2011/09/27 07:12:27 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\SysWow64\NCTAudioCDGrabber2.dll
[2011/09/27 07:12:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Audio Editor
[2011/09/27 07:09:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimCleaner
[2011/09/27 07:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Downloaded Installers
[2011/09/27 07:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScreenshotCaptor
[2011/09/27 07:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\RAMMon
[2011/09/27 06:53:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Mathematics Add-in
[2011/09/27 06:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mathematics
[2011/09/27 06:45:57 | 000,000,000 | ---D | C] -- C:\Windows\MPSReports
[2011/09/27 05:59:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2011/09/27 04:42:29 | 000,024,912 | ---- | C] (Softland) -- C:\Windows\SysNative\dopdfmn7.dll
[2011/09/27 04:42:29 | 000,021,328 | ---- | C] (Softland) -- C:\Windows\SysNative\dopdfmi7.dll
[2011/09/27 04:42:27 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2011/09/26 15:05:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chord Pickout
[2011/09/26 15:00:47 | 000,200,704 | ---- | C] (John Paul Chacha's Lab) -- C:\Windows\iesshell.dll
[2011/09/26 14:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Luxand
[2011/09/26 14:49:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anagram Generator
[2011/09/26 14:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft HiJackFree
[2011/09/26 14:43:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2011/09/26 14:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research
[2011/09/26 13:01:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\clone.AD
[2011/09/26 12:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Magic Reversi
[2011/09/26 11:26:09 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\StgP
[2011/09/26 11:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SysinternalsSuite
[2011/09/26 11:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\network-activity-indicator
[2011/09/26 11:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JPEGsnoop_v1_5_1
[2011/09/26 05:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\LopeSoft
[2011/09/25 17:56:26 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011/09/25 15:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2011/09/25 15:47:25 | 000,114,688 | ---- | C] (Open Source Telecom) -- C:\Windows\SysWow64\CCGNU32.dll
[2011/09/25 15:47:22 | 000,010,752 | ---- | C] (Almeida & Andrade Ltda) -- C:\Windows\SysWow64\aamd532.dll
[2011/09/25 15:47:21 | 000,939,224 | ---- | C] (Macromedia, Inc.) -- C:\Windows\SysWow64\Flash.ocx
[2011/09/25 09:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Paessler
[2011/09/25 09:00:43 | 000,000,000 | ---D | C] -- C:\usr
[2011/09/25 06:54:26 | 000,000,000 | ---D | C] -- C:\Windows\Symbols
[2011/09/25 06:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ASCOM
[2011/09/25 06:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ASCOM
[2011/09/25 06:54:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASCOM
[2011/09/25 06:54:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{76F58B5D-EE00-4D77-8EA4-FDAB501E2072}
[2011/09/25 06:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Research
[2011/09/25 06:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\MillieSoft
[2011/09/25 06:31:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MillieSoft
[2011/09/25 05:57:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Font Validator
[2011/09/25 05:55:24 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/02/03 21:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/10/24 16:22:22 | 000,000,303 | ---- | M] () -- C:\Windows\SysNative\checkdnsid.xml
[2011/10/24 16:09:05 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-200937163-3932221294-1481024234-500UA.job
[2011/10/24 15:44:12 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/24 15:34:08 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\WpsUpdateTask_Administrator.job
[2011/10/24 13:59:32 | 000,025,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/24 13:59:32 | 000,025,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/24 13:51:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/24 13:51:41 | 2037,776,383 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/24 11:23:40 | 000,438,082 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/10/24 11:18:20 | 000,001,222 | ---- | M] () -- C:\Users\Administrator\Desktop\SPYBOT.lnk
[2011/10/24 11:01:18 | 000,001,711 | ---- | M] () -- C:\Users\Administrator\Desktop\FOXIT PDF.lnk
[2011/10/24 07:49:09 | 000,000,962 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Ticker.lnk
[2011/10/24 07:41:30 | 000,001,958 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Kindle.lnk
[2011/10/24 06:00:07 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/24 05:51:46 | 000,000,000 | -H-- | M] () -- C:\Users\Administrator\Documents\Default.rdp
[2011/10/24 05:46:50 | 000,007,635 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2011/10/23 20:12:00 | 000,001,258 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/23 16:04:29 | 000,002,576 | ---- | M] () -- C:\Users\Administrator\Documents\CIA Order.bak
[2011/10/23 15:02:57 | 002,049,022 | ---- | M] () -- C:\Users\Administrator\Documents\PsychofIntelNew.pdf
[2011/10/22 18:09:10 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-200937163-3932221294-1481024234-500Core.job
[2011/10/22 16:42:30 | 000,000,769 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\SMRBackup210.dat
[2011/10/22 15:58:32 | 000,012,917 | ---- | M] () -- C:\Users\Administrator\Documents\Microsoft Indic Language Input Tool Getting Started.htm
[2011/10/22 15:01:43 | 000,001,036 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Wizard 2010 (2).lnk
[2011/10/22 14:51:56 | 000,096,376 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS
[2011/10/22 13:59:44 | 000,001,219 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AIDA64 Extreme Edition.lnk
[2011/10/22 13:59:44 | 000,001,195 | ---- | M] () -- C:\Users\Administrator\Desktop\AIDA 64.lnk
[2011/10/22 13:45:09 | 000,001,596 | ---- | M] () -- C:\Users\Administrator\Desktop\IOBIT DELETE.lnk
[2011/10/22 07:26:52 | 000,001,497 | ---- | M] () -- C:\Users\Administrator\Desktop\IE9 32 (_8(l).lnk
[2011/10/22 07:26:22 | 000,001,471 | ---- | M] () -- C:\Users\Administrator\Desktop\IE9 64 (_8(I).lnk
[2011/10/22 05:58:56 | 000,001,312 | ---- | M] () -- C:\Users\Administrator\Documents\cpuz1.cvf
[2011/10/22 05:57:51 | 000,001,050 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\CPUID CPU-Z.lnk
[2011/10/22 05:51:18 | 000,660,138 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/22 05:51:18 | 000,121,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/22 05:51:17 | 000,772,874 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/22 05:51:12 | 000,772,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/22 05:32:33 | 000,001,665 | ---- | M] () -- C:\Users\Administrator\Desktop\BIT DEFENDER.lnk
[2011/10/22 05:22:14 | 000,436,814 | ---- | M] () -- C:\Users\Administrator\Documents\EasyCleanerSpaceUsage1.bmp
[2011/10/22 05:17:33 | 000,049,133 | ---- | M] () -- C:\Users\Administrator\Documents\EasyCleanerUnnFile1.htm
[2011/10/22 05:02:30 | 000,162,786 | ---- | M] () -- C:\Users\Administrator\Documents\EasyCleanerRegFile1.htm
[2011/10/22 04:22:53 | 000,001,635 | ---- | M] () -- C:\Users\Administrator\Desktop\AUDIE MURPHY.lnk
[2011/10/21 16:59:59 | 000,000,085 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/10/21 16:50:50 | 000,075,776 | ---- | M] () -- C:\Windows\cadkasdeinst01e.exe
[2011/10/21 15:30:46 | 000,001,591 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AlcyonEphemeris.exe.lnk
[2011/10/21 15:11:37 | 000,000,204 | ---- | M] () -- C:\Windows\SysWow64\secustat.dat
[2011/10/21 14:34:15 | 000,707,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/20 16:26:26 | 000,000,922 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ThreatFire.lnk
[2011/10/20 16:26:26 | 000,000,898 | ---- | M] () -- C:\Users\Public\Desktop\THREAT FIRE.lnk
[2011/10/20 15:21:33 | 000,001,477 | ---- | M] () -- C:\Windows\SysWow64\secushr.dat
[2011/10/20 07:51:07 | 000,005,120 | ---- | M] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/20 07:05:35 | 000,000,184 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\wklnhst.dat
[2011/10/19 12:36:53 | 000,000,943 | ---- | M] () -- C:\Users\Administrator\Desktop\VASSAL.lnk
[2011/10/18 16:28:34 | 000,018,102 | ---- | M] () -- C:\Windows\cscmondump.bin
[2011/10/18 15:02:52 | 000,001,322 | ---- | M] () -- C:\Users\Administrator\Desktop\WORD PAD.lnk
[2011/10/18 15:02:15 | 000,001,394 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\notepad++.exe - Shortcut.lnk
[2011/10/18 07:52:39 | 000,000,089 | ---- | M] () -- C:\Users\Administrator\AppData\Local\msmathematics.qat.Administrator
[2011/10/18 06:31:14 | 000,000,054 | ---- | M] () -- C:\Windows\Player.INI
[2011/10/17 15:30:00 | 000,001,359 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\FlashGet 3.7.lnk
[2011/10/17 14:11:08 | 000,000,221 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\America's Army 3.url
[2011/10/17 12:13:36 | 000,000,991 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\GUARDIAN.lnk
[2011/10/17 11:06:41 | 000,001,368 | ---- | M] () -- C:\Users\Public\Desktop\KS-WRITER.lnk
[2011/10/17 08:06:37 | 000,352,932 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/10/17 07:40:21 | 000,949,089 | ---- | M] () -- C:\Users\Administrator\AppData\Local\census.cache
[2011/10/17 07:40:17 | 000,150,695 | ---- | M] () -- C:\Users\Administrator\AppData\Local\ars.cache
[2011/10/16 14:24:25 | 000,000,829 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111024-112328.backup
[2011/10/16 09:03:54 | 000,000,427 | ---- | M] () -- C:\Windows\iepreview.ini
[2011/10/16 06:32:01 | 000,000,036 | ---- | M] () -- C:\Users\Administrator\AppData\Local\housecall.guid.cache
[2011/10/15 14:36:21 | 000,001,663 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ADMIN (2).lnk
[2011/10/15 13:20:49 | 000,001,157 | ---- | M] () -- C:\Users\Administrator\Desktop\MS-WORKS.lnk
[2011/10/15 11:55:18 | 000,001,134 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster 3.lnk
[2011/10/15 11:55:12 | 000,001,146 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Switch to Gaming Mode.lnk
[2011/10/15 04:47:54 | 000,000,961 | ---- | M] () -- C:\Users\Administrator\Desktop\WINAMP.lnk
[2011/10/14 19:58:35 | 000,000,784 | ---- | M] () -- C:\Windows\NTIWVEDT.INI
[2011/10/14 19:56:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\lame_acm.xml
[2011/10/14 14:30:49 | 000,018,326 | ---- | M] () -- C:\ProgramData\HKCU.reg
[2011/10/14 07:28:13 | 000,001,268 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2011/10/13 16:07:43 | 000,001,638 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Catalyst Control Center.lnk
[2011/10/13 09:23:28 | 000,000,943 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\NOTE TAB.lnk
[2011/10/13 08:52:11 | 000,001,296 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Video Downloader.lnk
[2011/10/13 08:52:08 | 000,001,284 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Video Converter.lnk
[2011/10/13 08:52:04 | 000,001,284 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Audio Converter.lnk
[2011/10/13 06:27:55 | 000,000,971 | ---- | M] () -- C:\Users\Administrator\Program Files (x86) - Shortcut.lnk
[2011/10/13 06:27:44 | 000,000,957 | ---- | M] () -- C:\Users\Administrator\Program Files - Shortcut.lnk
[2011/10/12 16:44:28 | 000,000,000 | RH-- | M] () -- C:\Users\Public\Documents\NTIMMV8.DLL
[2011/10/12 15:51:05 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2011/10/12 14:43:42 | 000,000,632 | RHS- | M] () -- C:\Users\Administrator\ntuser.pol
[2011/10/12 09:25:44 | 000,086,016 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
[2011/10/12 09:23:22 | 000,053,760 | ---- | M] () -- C:\Windows\SysNative\ff_acm.acm
[2011/10/12 05:07:16 | 000,001,228 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller.lnk
[2011/10/12 05:06:08 | 000,001,497 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\i_view32.exe - Shortcut.lnk
[2011/10/11 08:16:10 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/10/11 05:16:00 | 000,003,113 | ---- | M] () -- C:\Users\Administrator\Microsoft Desktop Player.lnk
[2011/10/11 04:16:11 | 000,230,864 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2011/10/10 08:57:11 | 000,000,003 | ---- | M] () -- C:\Windows\treeskp.sys
[2011/10/10 08:57:11 | 000,000,003 | ---- | M] () -- C:\Windows\sbacknt.bin
[2011/10/10 08:31:18 | 000,017,200 | ---- | M] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2011/10/10 08:31:16 | 000,028,976 | ---- | M] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2011/10/10 08:12:34 | 000,000,023 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\dilnur
[2011/10/07 15:51:07 | 000,001,186 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Dhaatu The Periodic Table of Elements.lnk
[2011/10/07 05:58:31 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/10/07 05:58:30 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/10/05 15:04:52 | 000,000,026 | ---- | M] () -- C:\Windows\%IniPath%
[2011/10/05 07:46:42 | 001,287,168 | ---- | M] (MPC-HC Team) -- C:\Windows\SysWow64\VSFilter.dll
[2011/10/04 05:22:55 | 000,000,032 | ---- | M] () -- C:\Windows\Guitar Chords.INI
[2011/10/04 05:19:59 | 000,000,032 | ---- | M] () -- C:\Windows\Blank Sheet Music.INI
[2011/10/03 10:10:06 | 000,344,064 | ---- | M] (fccHandler) -- C:\Windows\SysWow64\AACACM.acm
[2011/10/03 10:10:04 | 000,360,960 | ---- | M] (fccHandler) -- C:\Windows\SysNative\aacacm.acm
[2011/09/30 12:04:19 | 000,001,187 | ---- | M] () -- C:\Users\Administrator\Desktop\MAL-BYTE.lnk
[2011/09/27 15:39:28 | 004,005,376 | ---- | M] () -- C:\Windows\SysNative\x264vfw.dll
[2011/09/27 15:39:24 | 004,122,624 | ---- | M] () -- C:\Windows\SysWow64\x264vfw.dll
[2011/09/27 13:29:35 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/09/27 04:45:14 | 000,000,025 | ---- | M] () -- C:\Windows\libem.INI
[2011/09/26 14:59:10 | 000,200,704 | ---- | M] (John Paul Chacha's Lab) -- C:\Windows\iesshell.dll
[2011/09/25 17:56:26 | 000,216,064 | ---- | M] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011/09/25 17:55:46 | 000,147,968 | ---- | M] ( ) -- C:\Windows\SysNative\lagarith.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/10/24 11:18:20 | 000,001,222 | ---- | C] () -- C:\Users\Administrator\Desktop\SPYBOT.lnk
[2011/10/24 11:01:18 | 000,001,711 | ---- | C] () -- C:\Users\Administrator\Desktop\FOXIT PDF.lnk
[2011/10/24 07:49:09 | 000,000,962 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Ticker.lnk
[2011/10/24 07:41:30 | 000,001,958 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Kindle.lnk
[2011/10/24 05:51:46 | 000,000,000 | -H-- | C] () -- C:\Users\Administrator\Documents\Default.rdp
[2011/10/23 16:04:29 | 000,002,576 | ---- | C] () -- C:\Users\Administrator\Documents\CIA Order.bak
[2011/10/23 15:02:56 | 002,049,022 | ---- | C] () -- C:\Users\Administrator\Documents\PsychofIntelNew.pdf
[2011/10/23 13:07:51 | 000,002,006 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Center.lnk
[2011/10/23 13:07:51 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/10/23 13:07:49 | 000,001,413 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/10/23 13:07:49 | 000,001,264 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/10/23 13:07:49 | 000,001,258 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/23 05:14:23 | 000,002,450 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/10/22 16:42:30 | 000,000,769 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\SMRBackup210.dat
[2011/10/22 15:58:31 | 000,012,917 | ---- | C] () -- C:\Users\Administrator\Documents\Microsoft Indic Language Input Tool Getting Started.htm
[2011/10/22 15:01:43 | 000,001,036 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Wizard 2010 (2).lnk
[2011/10/22 13:59:44 | 000,001,219 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AIDA64 Extreme Edition.lnk
[2011/10/22 13:59:44 | 000,001,195 | ---- | C] () -- C:\Users\Administrator\Desktop\AIDA 64.lnk
[2011/10/22 13:45:09 | 000,001,596 | ---- | C] () -- C:\Users\Administrator\Desktop\IOBIT DELETE.lnk
[2011/10/22 07:26:52 | 000,001,497 | ---- | C] () -- C:\Users\Administrator\Desktop\IE9 32 (_8(l).lnk
[2011/10/22 07:26:22 | 000,001,471 | ---- | C] () -- C:\Users\Administrator\Desktop\IE9 64 (_8(I).lnk
[2011/10/22 05:58:56 | 000,001,312 | ---- | C] () -- C:\Users\Administrator\Documents\cpuz1.cvf
[2011/10/22 05:32:33 | 000,001,665 | ---- | C] () -- C:\Users\Administrator\Desktop\BIT DEFENDER.lnk
[2011/10/22 05:22:14 | 000,436,814 | ---- | C] () -- C:\Users\Administrator\Documents\EasyCleanerSpaceUsage1.bmp
[2011/10/22 05:17:33 | 000,049,133 | ---- | C] () -- C:\Users\Administrator\Documents\EasyCleanerUnnFile1.htm
[2011/10/22 05:02:30 | 000,162,786 | ---- | C] () -- C:\Users\Administrator\Documents\EasyCleanerRegFile1.htm
[2011/10/22 04:21:49 | 000,001,635 | ---- | C] () -- C:\Users\Administrator\Desktop\AUDIE MURPHY.lnk
[2011/10/21 17:59:55 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-200937163-3932221294-1481024234-500UA.job
[2011/10/21 17:59:54 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-200937163-3932221294-1481024234-500Core.job
[2011/10/21 16:59:59 | 000,000,085 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/10/21 16:50:50 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2011/10/21 15:30:46 | 000,001,591 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AlcyonEphemeris.exe.lnk
[2011/10/21 15:15:21 | 000,772,874 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/20 16:26:26 | 000,000,922 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ThreatFire.lnk
[2011/10/20 16:26:26 | 000,000,898 | ---- | C] () -- C:\Users\Public\Desktop\THREAT FIRE.lnk
[2011/10/19 12:36:53 | 000,000,943 | ---- | C] () -- C:\Users\Administrator\Desktop\VASSAL.lnk
[2011/10/18 16:28:34 | 000,018,102 | ---- | C] () -- C:\Windows\cscmondump.bin
[2011/10/18 15:02:52 | 000,001,322 | ---- | C] () -- C:\Users\Administrator\Desktop\WORD PAD.lnk
[2011/10/18 15:02:15 | 000,001,394 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\notepad++.exe - Shortcut.lnk
[2011/10/18 06:31:14 | 000,000,054 | ---- | C] () -- C:\Windows\Player.INI
[2011/10/17 15:30:00 | 000,001,359 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\FlashGet 3.7.lnk
[2011/10/17 14:11:08 | 000,000,221 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\America's Army 3.url
[2011/10/17 12:51:20 | 000,076,288 | ---- | C] () -- C:\Windows\SysWow64\moveex.exe
[2011/10/17 12:13:36 | 000,000,991 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\GUARDIAN.lnk
[2011/10/17 11:33:43 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/10/17 11:32:59 | 000,002,537 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk
[2011/10/17 11:14:46 | 000,002,671 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
[2011/10/17 08:06:37 | 000,352,932 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/10/16 15:46:59 | 000,000,184 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\wklnhst.dat
[2011/10/16 15:40:28 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro PDF Reader 2.lnk
[2011/10/16 09:02:43 | 000,000,427 | ---- | C] () -- C:\Windows\iepreview.ini
[2011/10/16 06:41:10 | 000,949,089 | ---- | C] () -- C:\Users\Administrator\AppData\Local\census.cache
[2011/10/16 06:41:00 | 000,150,695 | ---- | C] () -- C:\Users\Administrator\AppData\Local\ars.cache
[2011/10/16 06:32:01 | 000,000,036 | ---- | C] () -- C:\Users\Administrator\AppData\Local\housecall.guid.cache
[2011/10/15 13:20:49 | 000,001,157 | ---- | C] () -- C:\Users\Administrator\Desktop\MS-WORKS.lnk
[2011/10/15 12:04:27 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\WpsUpdateTask_Administrator.job
[2011/10/15 12:04:17 | 000,001,368 | ---- | C] () -- C:\Users\Public\Desktop\KS-WRITER.lnk
[2011/10/15 11:55:18 | 000,001,134 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster 3.lnk
[2011/10/15 11:55:12 | 000,001,146 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Switch to Gaming Mode.lnk
[2011/10/15 04:47:54 | 000,000,961 | ---- | C] () -- C:\Users\Administrator\Desktop\WINAMP.lnk
[2011/10/14 19:56:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\lame_acm.xml
[2011/10/14 14:30:37 | 000,018,326 | ---- | C] () -- C:\ProgramData\HKCU.reg
[2011/10/14 07:43:33 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2011/10/14 07:43:32 | 004,005,376 | ---- | C] () -- C:\Windows\SysNative\x264vfw.dll
[2011/10/14 07:43:32 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter.acm
[2011/10/14 07:43:32 | 000,053,760 | ---- | C] () -- C:\Windows\SysNative\ff_acm.acm
[2011/10/14 07:28:13 | 000,002,040 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2011/10/14 07:28:13 | 000,001,268 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2011/10/14 06:49:09 | 000,001,050 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\CPUID CPU-Z.lnk
[2011/10/13 16:07:43 | 000,001,638 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Catalyst Control Center.lnk
[2011/10/13 09:23:28 | 000,000,943 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\NOTE TAB.lnk
[2011/10/13 08:52:11 | 000,001,296 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Video Downloader.lnk
[2011/10/13 08:52:08 | 000,001,284 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Video Converter.lnk
[2011/10/13 08:52:04 | 000,001,284 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Audio Converter.lnk
[2011/10/13 07:44:57 | 000,001,663 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ADMIN (2).lnk
[2011/10/13 06:27:55 | 000,000,971 | ---- | C] () -- C:\Users\Administrator\Program Files (x86) - Shortcut.lnk
[2011/10/13 06:27:44 | 000,000,957 | ---- | C] () -- C:\Users\Administrator\Program Files - Shortcut.lnk
[2011/10/12 16:46:31 | 000,000,784 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2011/10/12 16:44:28 | 000,000,000 | RH-- | C] () -- C:\Users\Public\Documents\NTIMMV8.DLL
[2011/10/12 05:07:16 | 000,001,228 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller.lnk
[2011/10/12 05:06:08 | 000,001,497 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\i_view32.exe - Shortcut.lnk
[2011/10/11 08:16:10 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/10/11 05:16:00 | 000,003,113 | ---- | C] () -- C:\Users\Administrator\Microsoft Desktop Player.lnk
[2011/10/11 05:16:00 | 000,003,073 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Desktop Player.lnk
[2011/10/10 08:12:34 | 000,000,023 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\dilnur
[2011/10/10 07:42:17 | 000,000,003 | ---- | C] () -- C:\Windows\treeskp.sys
[2011/10/10 07:42:17 | 000,000,003 | ---- | C] () -- C:\Windows\sbacknt.bin
[2011/10/07 15:51:07 | 000,001,186 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Dhaatu The Periodic Table of Elements.lnk
[2011/10/07 05:58:31 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/10/07 05:58:30 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/10/06 14:29:19 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2011/10/05 15:00:21 | 000,000,026 | ---- | C] () -- C:\Windows\%IniPath%
[2011/10/04 07:32:01 | 000,007,635 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2011/10/04 05:22:55 | 000,000,032 | ---- | C] () -- C:\Windows\Guitar Chords.INI
[2011/10/04 05:19:59 | 000,000,032 | ---- | C] () -- C:\Windows\Blank Sheet Music.INI
[2011/10/02 14:22:00 | 000,013,568 | ---- | C] () -- C:\Windows\SysNative\CNC1737D.TBL
[2011/10/02 13:41:27 | 000,000,089 | ---- | C] () -- C:\Users\Administrator\AppData\Local\msmathematics.qat.Administrator
[2011/10/02 07:46:53 | 000,000,204 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011/10/01 07:57:35 | 000,703,488 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2011/10/01 07:57:35 | 000,258,560 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2011/10/01 07:57:35 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2011/09/30 16:11:11 | 000,005,120 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/29 15:52:55 | 000,000,632 | RHS- | C] () -- C:\Users\Administrator\ntuser.pol
[2011/09/29 15:52:25 | 000,000,290 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/09/29 15:52:25 | 000,000,272 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/09/28 12:10:22 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx
[2011/09/27 15:39:24 | 004,122,624 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011/09/27 08:09:13 | 000,001,477 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011/09/27 07:12:28 | 000,113,486 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
[2011/09/27 04:45:14 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011/09/27 04:42:29 | 000,007,549 | ---- | C] () -- C:\Windows\SysNative\dopdf7.ctm
[2011/09/25 15:47:21 | 000,010,348 | ---- | C] () -- C:\Windows\SysWow64\SubclassingSink.tlb
[2011/09/21 10:12:12 | 000,229,857 | ---- | C] () -- C:\ProgramData\1316617575.bdinstall.bin
[2011/09/20 18:51:17 | 000,001,668 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2011/09/20 18:28:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/09/20 17:14:32 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011/09/20 17:14:32 | 000,113,264 | ---- | C] () -- C:\Windows\FixUVC.exe
[2011/09/20 17:14:32 | 000,000,302 | ---- | C] () -- C:\Windows\PidList_C.ini
[2011/07/28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/07/12 21:30:54 | 000,011,441 | ---- | C] () -- C:\Windows\SysWow64\LockOfficeu.sys
[2011/07/12 16:56:50 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/06/17 06:26:10 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/06/17 06:17:28 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/03/17 12:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/01/04 14:28:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/03/27 06:53:05 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010/03/27 06:53:05 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2010/03/27 06:53:05 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2010/03/02 22:15:52 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\drivers\1UnHooker.sys
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 16:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 16:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 16:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/08/11 09:33:42 | 001,370,242 | ---- | C] () -- C:\Windows\SysWow64\OGKernel.dll
[2002/03/02 04:10:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
========== LOP Check ==========
[2011/10/21 15:53:59 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\7plus
[2011/10/01 04:56:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Auslogics
[2011/09/29 15:53:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Bitdefender
[2011/10/21 15:11:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\BITS
[2011/10/09 06:50:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\BleachBit
[2011/10/18 08:07:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\calibre
[2011/10/04 08:22:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Console
[2011/10/11 11:17:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\CrosswordSolver
[2011/10/24 06:14:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Desktop Ticker
[2011/10/11 11:34:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DMCache
[2011/10/16 15:38:42 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Downloaded Installations
[2011/10/24 13:29:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Earth Alerts
[2011/10/17 15:29:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FlashGet
[2011/09/30 07:35:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FlashGetBHO
[2011/10/24 07:04:54 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Foxit Software
[2011/10/19 12:59:41 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Free Audio Editor
[2011/10/07 05:04:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FreeFileViewer
[2011/10/09 17:09:45 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Get from YouTube
[2011/10/06 17:03:57 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GrabPro
[2011/10/11 05:35:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Hardys Browser
[2011/10/20 15:27:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\HTML Executable
[2011/10/07 16:32:30 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\images
[2011/10/09 14:20:45 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Import Audio from Video
[2011/10/15 16:20:26 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2011/09/30 07:19:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IrfanView
[2011/10/15 11:32:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\JLC's Software
[2011/10/07 07:48:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\KeePass
[2011/10/18 09:21:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\KillSwitch 2
[2011/10/15 12:03:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Kingsoft
[2011/10/15 11:19:20 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\LibreOffice
[2011/10/15 12:06:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Luxand
[2011/10/11 04:21:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\M8 Software
[2011/10/02 14:15:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MusE
[2011/10/02 14:03:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NCH Swift Sound
[2011/10/24 06:39:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nitro PDF
[2011/10/18 12:42:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Notepad++
[2011/10/01 08:01:46 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NoteTab Light
[2011/10/06 17:03:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenCandy
[2011/10/16 08:25:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2011/10/06 14:29:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\pdfforge
[2011/10/21 06:47:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Privacy Guardian
[2011/10/06 17:04:04 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ProgSense
[2011/10/14 14:29:41 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Shark007
[2011/10/09 13:48:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SlimCleaner
[2011/10/05 07:57:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Softland
[2011/10/21 08:50:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Styler
[2011/10/16 15:47:15 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Template
[2011/10/07 13:59:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2011/10/08 15:03:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Titanium
[2011/10/14 14:21:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Win7codecs
[2011/10/16 07:57:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Windows Live Writer
[2011/10/07 15:02:40 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\WinPatrol
[2011/10/09 03:54:08 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/10/24 15:34:08 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\WpsUpdateTask_Administrator.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 256 bytes -> C:\ProgramData\Temp:9A870F8B
@Alternate Data Stream - 16 bytes -> C:\Windows\SysWow64\secustat.dat:BDU
@Alternate Data Stream - 16 bytes -> C:\Windows\SysWow64\secushr.dat:BDU
@Alternate Data Stream - 16 bytes -> C:\Windows\libem.INI:BDU
@Alternate Data Stream - 16 bytes -> C:\Users\Administrator\Documents\PsychofIntelNew.pdf:BDU
@Alternate Data Stream - 16 bytes -> C:\Users\Administrator\Documents\Microsoft Indic Language Input Tool Getting Started.htm:BDU
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:F7B65412
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:42D9E231
< End of report >