Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hard Drive Light Flashes Constantly


  • Please log in to reply

#1
Alfre-doh!(_8(I)

Alfre-doh!(_8(I)

    New Member

  • Member
  • Pip
  • 2 posts
The constant flashing HD light (HD running??) started prior to the latest MS updates, and is continuing. Loading IE9 (32 or 64) is slow going and pages tend to lock up after which I start up the Task Manager to kill IE9. After reloading either IE9 pages load ok, but then the light again runs constantly slowing down the process. After signing off the net the light continues to run. Programs tend likewise but then finally load. I've run BitDefender, Malabytes, and Threatfire; no problems found. I then downloaded SpyBot Search/Destroy which found 7 codes of malware as listed. After having SBSD remove them, the light continues to run and flash constantly. I've removed several programs from Startup, defraggred the hard-drive, used RevoUninstaller to remove several programs, and still the problem remains. After I post here I will run the MSSSTOOL64. Then I'll report any findings. Thank you for your time and efforts.
Below SBSD is the outcome of OTL:

--- Report generated: 2011-10-24 12:01 ---

Babylon.Toolbar: [SBI $5FA838EA] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Google\chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb

FraudAV.SJhorwPa: [SBI $235411ED] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bdsandbox

FraudAV.SJhorwPa: [SBI $235411ED] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bdsandbox

FraudAV.SJhorwPa: [SBI $FCC65F0B] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bdsandbox

FraudAV.SJhorwPa: [SBI $FCC65F0B] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\bdsandbox

FraudAV.SJhorwPa: [SBI $82BB58A0] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bdsandbox

FraudAV.SJhorwPa: [SBI $82BB58A0] Settings (Registry key, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bdsandbox


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2011-10-24 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2011-03-18 Includes\Adware.sbi (*)
2011-08-29 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-12-14 Includes\Dialer.sbi (*)
2011-03-08 Includes\DialerC.sbi (*)
2011-02-24 Includes\HeavyDuty.sbi (*)
2011-03-29 Includes\Hijackers.sbi (*)
2011-10-04 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-12-14 Includes\Keyloggers.sbi (*)
2011-09-27 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2011-10-04 Includes\Malware.sbi (*)
2011-10-18 Includes\MalwareC.sbi (*)
2011-02-24 Includes\PUPS.sbi (*)
2011-10-11 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2011-02-24 Includes\Security.sbi (*)
2011-05-03 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2011-10-18 Includes\Spyware.sbi (*)
2011-10-18 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2011-09-28 Includes\Trojans.sbi (*)
2011-10-18 Includes\TrojansC-02.sbi (*)
2011-10-13 Includes\TrojansC-03.sbi (*)
2011-10-10 Includes\TrojansC-04.sbi (*)
2011-10-18 Includes\TrojansC-05.sbi (*)
2011-09-27 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

OTL logfile created on: 10/24/2011 4:16:30 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Administrator\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.86 Gb Total Physical Memory | 5.54 Gb Available Physical Memory | 70.48% Memory free
19.66 Gb Paging File | 17.13 Gb Available in Paging File | 87.17% Paging File free
Paging file location(s): c:\pagefile.sys 12078 12078 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.97 Gb Total Space | 393.20 Gb Free Space | 86.81% Space Free | Partition Type: NTFS

Computer Name: ALFREDO-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/24 16:14:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Downloads\OTL.exe
PRC - [2011/09/21 14:04:09 | 000,093,912 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\Antispam32\pchooklaunch32.exe
PRC - [2011/09/07 18:14:04 | 000,161,336 | ---- | M] (Google) -- C:\Users\Administrator\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/02/26 01:35:04 | 001,289,296 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/02/26 01:35:04 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/02/26 01:35:04 | 000,288,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/01/14 16:08:16 | 000,378,128 | ---- | M] (PC Tools) -- C:\Program Files (x86)\ThreatFire\TFTray.exe
PRC - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files (x86)\ThreatFire\TFService.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (No Company Name) ==========

MOD - [2009/05/20 17:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/10 08:32:14 | 000,341,296 | ---- | M] (Nitro PDF Software) [Disabled | Stopped] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2011/09/21 14:04:11 | 000,074,336 | ---- | M] (BitDefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe -- (SafeBox)
SRV:64bit: - [2011/09/21 14:03:58 | 000,466,736 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV:64bit: - [2011/09/21 14:03:53 | 000,062,512 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2011/09/21 14:03:05 | 001,938,624 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (VSSERV)
SRV:64bit: - [2011/07/28 16:35:34 | 000,204,288 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/06/13 22:21:14 | 000,343,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV:64bit: - [2011/04/11 11:57:02 | 000,029,040 | ---- | M] (BitDefender) [Disabled | Stopped] -- C:\Program Files\BitDefender\TrafficLight\bsserv.exe -- (bsserv)
SRV:64bit: - [2010/02/05 22:23:06 | 000,865,824 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Disabled | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/11/02 14:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/10/10 14:38:38 | 000,419,624 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/05 20:04:20 | 000,011,264 | ---- | M] (MillieSoft) [Disabled | Stopped] -- C:\Program Files (x86)\MillieSoft\TunerFreeMCE\TunerFreeMCEService.exe -- (TunerFreeMCEService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/03/03 16:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/03 16:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/02/26 01:35:04 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/02/01 13:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2009/12/23 19:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/07/20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/22 14:51:56 | 000,096,376 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SMR210.SYS -- (SMR210)
DRV:64bit: - [2011/09/21 14:03:30 | 000,553,280 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2011/09/21 14:02:54 | 000,674,904 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2011/09/21 10:20:48 | 000,102,992 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/07/28 17:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/28 15:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/07/22 20:20:05 | 000,288,600 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2011/07/15 16:12:44 | 000,258,224 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2011/03/24 15:36:22 | 000,431,176 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/01 17:45:46 | 000,089,680 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2011/02/25 15:39:50 | 000,102,992 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\TrafficLight\bdfwfpf.sys -- (bdfwfpf_bs)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/04/07 13:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/01/19 19:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2010/01/14 16:08:34 | 000,059,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TfSysMon)
DRV:64bit: - [2010/01/14 16:08:32 | 000,041,888 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2010/01/14 16:08:30 | 000,065,072 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2009/12/17 12:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/12/01 21:21:32 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/11/02 14:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/26 15:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/21 23:55:06 | 000,272,432 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/10/16 05:32:22 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2009/09/30 12:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 21:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 21:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 21:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 21:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/05 19:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 19:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2011/10/12 15:51:05 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2011/03/18 11:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2010/07/09 12:19:04 | 000,021,480 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys -- (cpuz134)
DRV - [2010/03/02 22:15:52 | 000,022,016 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\1UnHooker.sys -- (1UnHooker)
DRV - [2009/12/18 11:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2003/04/04 15:07:20 | 000,030,336 | ---- | M] (Politecnico di Torino) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 67 40 9B 54 7D 92 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.searchEnginesURL: "https://addons.mozil...earch-engines/"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2011/09/21 10:11:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011/10/13 08:49:36 | 000,000,000 | ---D | M]

[2011/10/07 13:59:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2011/10/11 08:52:04 | 000,002,428 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Hardys Browser\HyperSonic\Profiles\392x3ipn.default\searchplugins\search-dial.xml
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI
[2011/10/11 06:21:06 | 000,000,000 | ---D | M] (Flagfox) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{1018E4D6-728F-4B20-AD56-37578A4DE76B}
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011/10/11 08:34:22 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{1BC9BA34-1EED-42CA-A505-6D2F1A935BBB}
[2011/10/11 05:35:54 | 000,000,000 | ---D | M] (IE Tab 2 (HS 3.6+)) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{1BC9BA34-1EED-42CA-A505-6D2F1A935BBC}
[2011/10/11 05:35:54 | 000,000,000 | ---D | M] (OpenDownload²) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{210249CE-F888-11DD-B868-4CB456D89593}
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{28197867-B1EF-4140-8E3B-55C45B9C8460}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{5C655500-E712-41E7-9349-CE462F844B19}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{89506680-E3F4-484C-A2C0-ED711D481EDA}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{8B72860F-C5F8-4286-865E-D2C2DB98A9E6}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{987311C6-B504-4AA2-90BF-60CC49808D42}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{9D6218B8-03C7-4B91-AA43-680B305DD35C}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{B9615918-D3DE-44A4-AB65-76DF7EA1F1C1}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{BAEBEF65-9289-47C5-8524-C345CC5D860D}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{C36177C0-224A-11DA-8CD6-0800200C9A91}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{CD617372-6743-4EE4-BAC4-FBF60F35719E}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{CD617375-6743-4EE8-BAC4-FBF10F35729E}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{D47A9F51-8281-43FA-F450-F28EF8735E9A}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{E4DD63FA-01E4-46A7-B6B1-EDAB7D6AD378}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{F69E22C7-BC50-414A-9269-0F5C344CD94D}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{FA8476CF-A98C-4E08-99B4-65A69CB4B7D4}.XPI
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.XPI
[2011/10/11 05:43:36 | 000,000,000 | ---D | M] (New Tab King) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\{FC5BAC7D-D696-4BA6-B913-CF8F000C33DF}
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
[2011/10/11 05:35:25 | 000,000,000 | ---D | M] (Minimize To Tray) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
[2011/10/11 07:21:07 | 000,000,000 | ---D | M] (Your Virtual Shrink) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\SHRINK@FFADDON
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\HARDYS BROWSER\HYPERSONIC\PROFILES\392X3IPN.DEFAULT\EXTENSIONS\[email protected]

O1 HOSTS File: ([2011/10/24 11:23:40 | 000,438,082 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15065 more lines...
O2:64bit: - BHO: (no name) - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - No CLSID value found.
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FAE3E6B1-1936-40D6-9ACC-59EBCF661CCB} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe (PC Tools)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: UseOEMBackground = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:64bit: - Extra 'Tools' menuitem : Speckie Settings - {E6846530-6088-4AA3-932F-C6245CE59A4C} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : Speckie Settings - {E6846530-6088-4AA3-932F-C6245CE59A4C} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: //@surf.mar@/ ([]money in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} http://content.syste...64_4.4.24.0.cab (SysInfo Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.micr...44/igdtoolx.cab (Reg Error: Key error.)
O16 - DPF: {A0CC33E0-9DF0-4361-A94D-E55C4008788F} http://biosagentplus...osagentplus.cab (BiosAgentPlus ActiveX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.4.24.0.cab (SysInfo Class)
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} http://cainternetsec...r/cascanner.cab (CAScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.217.0.5 24.217.201.67 68.113.206.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68523657-D340-45B7-BF27-0C48EB494F6E}: DhcpNameServer = 24.217.0.5 24.217.201.67 68.113.206.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68523657-D340-45B7-BF27-0C48EB494F6E}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6D948D1-1E87-439B-A49C-3E608503CD12}: DhcpNameServer = 24.217.0.5 24.217.201.67 68.113.206.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6D948D1-1E87-439B-A49C-3E608503CD12}: NameServer = 208.67.222.222,208.67.220.220
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - "\\LIVE.SYSINTERNALS.COM\TOOLS\PROCEXP.EXE" File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - "\\LIVE.SYSINTERNALS.COM\TOOLS\PROCEXP.EXE" File not found
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/24 12:56:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\TagsRevisited
[2011/10/24 11:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/10/24 08:08:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Deployment
[2011/10/24 07:11:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\CAROLS FILES
[2011/10/24 06:14:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Desktop Ticker
[2011/10/24 06:14:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desktop Ticker
[2011/10/24 06:06:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Kindle Content
[2011/10/24 06:06:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Amazon
[2011/10/24 06:06:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2011/10/24 04:35:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{C1C9DF43-3CDA-4FBA-866D-E7E7B5699BA0}
[2011/10/23 12:22:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apps
[2011/10/23 11:59:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Evernote
[2011/10/23 05:16:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{A925DB7E-1F66-4B72-BA3F-B5C3327F9179}
[2011/10/23 05:16:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{BECA3209-B874-40F4-9E4D-CFEACC134E28}
[2011/10/23 05:16:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Tracing
[2011/10/23 05:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/10/23 05:10:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Windows Live
[2011/10/22 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Metric Converter
[2011/10/22 15:58:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Microsoft Indic Language Input Tool Getting Started_files
[2011/10/22 15:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Indic Language Input Tool
[2011/10/22 15:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Indic Language Input Tool
[2011/10/22 15:30:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\CrashDumps
[2011/10/22 15:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2011/10/22 14:51:56 | 000,096,376 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS
[2011/10/22 14:51:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\NPE
[2011/10/22 14:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/10/22 14:49:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Evernote
[2011/10/22 13:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire
[2011/10/22 13:56:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\MyFlash
[2011/10/22 11:15:53 | 000,000,000 | ---D | C] -- C:\Data
[2011/10/22 10:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2011/10/22 10:33:10 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Yahoo!
[2011/10/22 04:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IOBIT Uninstaller
[2011/10/21 23:25:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Eraser
[2011/10/21 23:25:44 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData\Local\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}
[2011/10/21 23:25:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eraser
[2011/10/21 23:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Your Cleaner
[2011/10/21 22:57:50 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\RealWorld
[2011/10/21 19:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy Cleaner
[2011/10/21 19:25:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Social Society
[2011/10/21 19:24:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\New Age
[2011/10/21 19:24:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Morse Code
[2011/10/21 19:23:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\bdch
[2011/10/21 19:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Dumps
[2011/10/21 19:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch
[2011/10/21 17:59:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Google
[2011/10/21 16:59:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\MPlayer
[2011/10/21 15:59:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\KaraokeKanta
[2011/10/21 15:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ilusion Software
[2011/10/21 15:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\B-Lyrics-Mimer
[2011/10/21 15:47:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\7plus
[2011/10/21 15:37:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7Plusv.2.3.0-64
[2011/10/21 14:18:11 | 000,000,000 | ---D | C] -- C:\22b6d77840015881431e68
[2011/10/21 08:50:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Styler
[2011/10/20 16:26:25 | 000,059,880 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfSysMon.sys
[2011/10/20 16:26:25 | 000,041,888 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfNetMon.sys
[2011/10/20 16:26:24 | 000,065,072 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfFsMon.sys
[2011/10/20 16:26:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ThreatFire
[2011/10/20 15:27:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\HTML Executable
[2011/10/20 14:58:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashGameDownloader
[2011/10/20 13:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/10/20 10:43:12 | 000,000,000 | -H-D | C] -- C:\MyWinLockerData
[2011/10/19 15:12:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\MY BOOKS
[2011/10/19 12:37:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\VASSAL
[2011/10/19 12:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VASSAL
[2011/10/19 08:45:31 | 000,323,592 | ---- | C] (VBGold Software) -- C:\Windows\SysWow64\sprinter.ocx
[2011/10/19 08:45:31 | 000,052,736 | ---- | C] (Outrider Systems, Inc.) -- C:\Windows\SysWow64\spin32.ocx
[2011/10/19 08:45:31 | 000,000,000 | ---D | C] -- C:\EuroSoft
[2011/10/18 12:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unicode
[2011/10/18 09:21:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\KillSwitch 2
[2011/10/18 06:30:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Notation
[2011/10/18 06:30:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Templates
[2011/10/18 06:30:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Songs
[2011/10/18 06:30:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notation
[2011/10/18 06:20:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Windows 7 Account Screen Editor
[2011/10/17 15:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashGet Network
[2011/10/17 12:52:10 | 000,000,000 | ---D | C] -- C:\Windows\UXBackup
[2011/10/17 11:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/10/17 07:20:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\vlc
[2011/10/16 15:47:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Template
[2011/10/16 15:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
[2011/10/16 15:40:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro PDF
[2011/10/16 14:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\CA
[2011/10/16 11:05:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/16 07:57:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Weblog Posts
[2011/10/16 07:57:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Windows Live Writer
[2011/10/16 07:57:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Windows Live Writer
[2011/10/16 07:23:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Start Orb Manager
[2011/10/15 13:56:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Privacy Guardian
[2011/10/15 13:31:20 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2011/10/15 13:31:20 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2011/10/15 13:31:20 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2011/10/15 13:31:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/10/15 13:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Privacy Guardian
[2011/10/15 12:02:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Kingsoft
[2011/10/15 12:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Kingsoft
[2011/10/15 12:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kingsoft
[2011/10/15 11:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011/10/15 06:02:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\WIN 7 SYS HACKS
[2011/10/14 15:09:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resource Hacker
[2011/10/14 14:21:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Win7codecs
[2011/10/14 14:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win7codecs
[2011/10/14 14:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2011/10/14 10:06:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Secunia PSI
[2011/10/14 08:19:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2011/10/14 08:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/10/14 08:18:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Winamp
[2011/10/14 08:18:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011/10/14 08:16:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/10/14 07:43:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Shark007
[2011/10/14 07:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Shark007
[2011/10/14 07:43:32 | 001,573,376 | ---- | C] (MPC-HC Team) -- C:\Windows\SysNative\VSFilter.dll
[2011/10/14 07:43:32 | 000,548,864 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\SysNative\lameacm.acm
[2011/10/14 07:43:32 | 000,360,960 | ---- | C] (fccHandler) -- C:\Windows\SysNative\aacacm.acm
[2011/10/14 07:43:32 | 000,176,640 | ---- | C] (fccHandler) -- C:\Windows\SysNative\ac3acm.acm
[2011/10/14 07:43:32 | 000,147,968 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2011/10/14 07:43:32 | 000,124,909 | ---- | C] (Open Source Software community project) -- C:\Windows\SysNative\pthreadGC2.dll
[2011/10/14 07:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Shark007
[2011/10/14 07:40:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\JLC's Software
[2011/10/14 07:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2011/10/14 07:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2011/10/14 06:07:56 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2011/10/14 06:07:55 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2011/10/14 05:41:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Intel Corporation
[2011/10/14 05:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2011/10/14 05:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/10/13 15:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AUDIO-VIDEO-VISUAL
[2011/10/13 15:44:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011/10/13 15:43:48 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011/10/13 15:43:48 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011/10/13 15:43:48 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011/10/13 15:43:48 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011/10/13 15:43:48 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011/10/13 15:43:47 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2011/10/13 15:43:47 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2011/10/13 15:43:47 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2011/10/13 15:43:47 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2011/10/13 15:43:37 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011/10/13 15:43:37 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011/10/13 15:43:37 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011/10/13 15:43:37 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011/10/13 15:43:35 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011/10/13 15:43:35 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011/10/13 15:43:30 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2011/10/13 15:43:30 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2011/10/13 15:43:30 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2011/10/13 15:43:29 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2011/10/13 15:43:29 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2011/10/13 15:43:27 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2011/10/13 15:43:25 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2011/10/13 15:43:25 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011/10/13 15:43:24 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2011/10/13 15:43:24 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011/10/13 15:43:21 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2011/10/13 15:43:09 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011/10/13 15:43:09 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2011/10/13 15:43:08 | 000,527,872 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2011/10/13 15:43:08 | 000,515,584 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2011/10/13 15:43:08 | 000,439,808 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2011/10/13 15:43:07 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2011/10/13 15:43:07 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2011/10/13 15:43:06 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2011/10/13 15:43:06 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2011/10/13 15:43:06 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2011/10/13 15:43:06 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2011/10/13 15:43:06 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2011/10/13 15:43:06 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2011/10/13 15:43:06 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2011/10/13 15:43:06 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2011/10/13 15:43:06 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2011/10/13 11:01:10 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Documents\Scanned Documents
[2011/10/13 11:01:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Fax
[2011/10/13 08:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2011/10/13 08:05:11 | 000,000,000 | ---D | C] -- C:\903e7caffb9dc36f64
[2011/10/13 06:23:03 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Karen's Power Tools
[2011/10/12 15:51:05 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2011/10/12 15:51:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\eSupport.com
[2011/10/12 11:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Karen's Power Tools
[2011/10/12 11:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Karen's Power Tools
[2011/10/12 06:25:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Cyberlink
[2011/10/12 06:23:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Nero
[2011/10/12 06:15:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\CyberLink
[2011/10/12 06:15:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\CyberLink
[2011/10/12 06:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011/10/11 14:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\7plus V.2.3.0 X64 Binary
[2011/10/11 14:13:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\STUFF ETC
[2011/10/11 14:10:43 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Windows 7 ETC
[2011/10/11 14:09:52 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\BitDefender
[2011/10/11 14:08:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Fun Stuff
[2011/10/11 14:08:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Hijack This
[2011/10/11 14:07:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\GRC SECURITY
[2011/10/11 14:06:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\NETGEAR
[2011/10/11 05:35:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Hardys Browser
[2011/10/11 05:16:41 | 000,000,000 | ---D | C] -- C:\Portable Program Files
[2011/10/11 05:08:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/10/11 05:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/10/11 05:06:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apple
[2011/10/11 05:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/10/11 05:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/10/11 05:02:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011/10/11 04:21:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\M8 Software
[2011/10/11 04:16:11 | 000,230,864 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2011/10/10 14:37:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011/10/10 14:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011/10/10 11:39:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GCH Guitar academy
[2011/10/10 08:10:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\DMCache
[2011/10/10 08:07:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\CrosswordSolver
[2011/10/10 08:04:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\ASC
[2011/10/10 07:49:48 | 000,060,928 | ---- | C] (TODO: <Название организации>) -- C:\Windows\SysWow64\log32.exe
[2011/10/10 07:20:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TripleA
[2011/10/10 07:12:25 | 000,000,000 | RHSD | C] -- C:\Winmend~Folder~Hidden
[2011/10/09 17:18:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\IsolatedStorage
[2011/10/09 17:09:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Get from YouTube
[2011/10/09 14:20:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Import Audio from Video
[2011/10/09 14:19:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Free Audio Editor
[2011/10/09 14:16:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Nitro PDF
[2011/10/09 14:16:25 | 000,028,976 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2011/10/09 14:16:25 | 000,017,200 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2011/10/09 14:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF
[2011/10/09 14:16:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
[2011/10/09 14:15:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Downloaded Installations
[2011/10/09 13:48:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SlimCleaner
[2011/10/09 07:42:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Identities
[2011/10/09 04:52:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Foxit Software
[2011/10/08 15:06:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Freemake
[2011/10/08 15:03:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Apple Computer
[2011/10/08 15:03:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Apple Computer
[2011/10/08 15:03:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Titanium
[2011/10/08 07:30:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\BleachBit
[2011/10/07 16:43:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\SECURITY CHECK 3X WEEKLY
[2011/10/07 16:32:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Earth Alerts
[2011/10/07 16:32:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\images
[2011/10/07 16:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Earth Alerts
[2011/10/07 15:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dhaatu The Periodic Table of Elements
[2011/10/07 15:15:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\calibre
[2011/10/07 15:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\alcyone
[2011/10/07 15:02:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\WinPatrol
[2011/10/07 13:59:39 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Mozilla
[2011/10/07 13:59:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2011/10/07 07:48:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\KeePass
[2011/10/07 05:19:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Copy of Favorites
[2011/10/07 04:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CC PDF Converter
[2011/10/06 17:04:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\ProgSense
[2011/10/06 17:03:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\GrabPro
[2011/10/06 17:03:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2011/10/06 17:03:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\OpenCandy
[2011/10/06 14:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2011/10/06 14:45:40 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2011/10/06 14:29:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\pdfforge
[2011/10/06 14:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2011/10/05 14:57:56 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\FreeFileViewer
[2011/10/05 14:23:10 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\FormatFactory
[2011/10/05 07:58:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\FixItCenter
[2011/10/05 07:57:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Softland
[2011/10/05 07:54:51 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2011/10/05 07:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2011/10/05 07:46:42 | 001,287,168 | ---- | C] (MPC-HC Team) -- C:\Windows\SysWow64\VSFilter.dll
[2011/10/05 05:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2011/10/04 08:22:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Console
[2011/10/04 08:04:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Notepad++
[2011/10/04 07:27:17 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011/10/04 06:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safer Networking
[2011/10/04 05:48:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Musette
[2011/10/04 05:48:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Musette
[2011/10/04 05:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ginsh John
[2011/10/03 14:29:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Adobe
[2011/10/03 13:20:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Mozilla
[2011/10/03 10:10:06 | 000,344,064 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\AACACM.acm
[2011/10/03 09:38:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2011/10/03 07:35:50 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\FFOutput
[2011/10/03 07:35:47 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2011/10/03 07:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2011/10/02 14:23:47 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2011/10/02 14:23:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011/10/02 14:15:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\MusE
[2011/10/02 14:15:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\MusE
[2011/10/02 14:12:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Luxand
[2011/10/02 14:10:04 | 000,000,000 | ---D | C] -- C:\ProgramData\MCS EMCF D
[2011/10/02 14:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Music Composer Free
[2011/10/02 14:03:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\NCH Swift Sound
[2011/10/02 14:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound
[2011/10/02 14:01:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Swift Sound
[2011/10/02 13:46:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\LibreOffice
[2011/10/02 12:35:31 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SlimWare Utilities Inc
[2011/10/02 12:02:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MICROSOFT SOFTWARE
[2011/10/02 12:01:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INTEL SOFTWARE
[2011/10/02 11:33:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GAMES ETC
[2011/10/02 11:33:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACER SOFTWARE
[2011/10/02 11:32:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INTERNET ETC
[2011/10/02 11:30:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC UTILITIES
[2011/10/02 11:29:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EDUCATIONAL
[2011/10/02 11:28:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\E-READERS ETC
[2011/10/02 11:28:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OFFICE SUITES ETC
[2011/10/02 11:25:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC SECURITY
[2011/10/02 11:20:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AUDIO-VIDEO-VISUAL
[2011/10/01 11:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DonationCoder
[2011/10/01 08:46:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
[2011/10/01 08:01:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\NoteTab Light
[2011/10/01 07:57:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2011/10/01 06:02:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\FastStone
[2011/10/01 04:55:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Auslogics
[2011/09/30 16:47:05 | 000,421,376 | ---- | C] (Softuarium) -- C:\Windows\SysWow64\WebPicLib.ocx
[2011/09/30 16:47:05 | 000,303,104 | ---- | C] (BUAA) -- C:\Windows\SysWow64\EasyIcon.ocx
[2011/09/30 16:11:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Media Player Classic
[2011/09/30 14:08:40 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/09/30 13:18:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Paint.NET
[2011/09/30 08:28:54 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Diagnostics
[2011/09/30 08:12:43 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Free File Opener
[2011/09/30 07:35:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\FlashGetBHO
[2011/09/30 07:19:31 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\IrfanView
[2011/09/30 06:15:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\alfredo2131
[2011/09/30 06:15:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SafeBox
[2011/09/30 05:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Musicpad
[2011/09/30 05:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicScore Music Software
[2011/09/30 05:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECACHE
[2011/09/30 05:18:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\IObit
[2011/09/30 05:18:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2011/09/30 05:17:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes
[2011/09/30 05:08:30 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Documents\My Stationery
[2011/09/30 05:08:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\My Received Files
[2011/09/30 05:08:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\ASCOM
[2011/09/30 05:05:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\DO NOT DELETE
[2011/09/29 16:26:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\FlashGet
[2011/09/29 16:26:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\BITS
[2011/09/29 15:59:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Adobe
[2011/09/29 15:57:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\ATI
[2011/09/29 15:57:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ATI
[2011/09/29 15:53:44 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Searches
[2011/09/29 15:53:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/09/29 15:53:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/09/29 15:53:43 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Contacts
[2011/09/29 15:53:43 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/09/29 15:53:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\VirtualStore
[2011/09/29 15:53:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Bitdefender
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Temporary Internet Files
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Templates
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Start Menu
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\SendTo
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Recent
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\PrintHood
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\NetHood
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Videos
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Pictures
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\My Music
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\My Documents
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Local Settings
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\History
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Cookies
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Application Data
[2011/09/29 15:52:26 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Application Data
[2011/09/29 15:52:25 | 000,000,000 | --SD | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft
[2011/09/29 15:52:25 | 000,000,000 | R-SD | C] -- C:\Users\Administrator\Downloads
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Videos
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Saved Games
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Pictures
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Music
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Links
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Favorites
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Documents
[2011/09/29 15:52:25 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Desktop
[2011/09/29 15:52:25 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData
[2011/09/29 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Temp
[2011/09/29 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Microsoft
[2011/09/29 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Media Center Programs
[2011/09/29 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Macromedia
[2011/09/29 15:52:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/09/28 12:37:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VB6 Runtime
[2011/09/28 12:29:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2011/09/28 06:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2011/09/28 05:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/09/28 05:38:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/09/28 05:38:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/09/28 05:38:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011/09/28 05:34:04 | 000,000,000 | ---D | C] -- C:\ATI
[2011/09/28 05:31:40 | 000,000,000 | ---D | C] -- C:\AMD
[2011/09/27 13:26:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sweet Home 3D
[2011/09/27 13:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\yWriter5
[2011/09/27 12:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/09/27 12:35:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2011/09/27 12:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011/09/27 12:23:21 | 000,000,000 | ---D | C] -- C:\temp
[2011/09/27 07:12:28 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTAudioFile2.dll
[2011/09/27 07:12:28 | 001,212,416 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioInformation2.dll
[2011/09/27 07:12:28 | 000,602,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioTransform2.dll
[2011/09/27 07:12:28 | 000,479,232 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioVisualization2.dll
[2011/09/27 07:12:28 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioRecord2.dll
[2011/09/27 07:12:28 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioPlayer2.dll
[2011/09/27 07:12:28 | 000,417,792 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTTextToAudio2.dll
[2011/09/27 07:12:28 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTWMAFile2.dll
[2011/09/27 07:12:27 | 000,880,640 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioEditor2.dll
[2011/09/27 07:12:27 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\SysWow64\NCTAudioCDGrabber2.dll
[2011/09/27 07:12:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Audio Editor
[2011/09/27 07:09:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimCleaner
[2011/09/27 07:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Downloaded Installers
[2011/09/27 07:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScreenshotCaptor
[2011/09/27 07:02:52 | 000,000,000 | ---D | C] -- C:\Program Files\RAMMon
[2011/09/27 06:53:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Mathematics Add-in
[2011/09/27 06:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mathematics
[2011/09/27 06:45:57 | 000,000,000 | ---D | C] -- C:\Windows\MPSReports
[2011/09/27 05:59:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2011/09/27 04:42:29 | 000,024,912 | ---- | C] (Softland) -- C:\Windows\SysNative\dopdfmn7.dll
[2011/09/27 04:42:29 | 000,021,328 | ---- | C] (Softland) -- C:\Windows\SysNative\dopdfmi7.dll
[2011/09/27 04:42:27 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2011/09/26 15:05:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chord Pickout
[2011/09/26 15:00:47 | 000,200,704 | ---- | C] (John Paul Chacha's Lab) -- C:\Windows\iesshell.dll
[2011/09/26 14:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Luxand
[2011/09/26 14:49:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anagram Generator
[2011/09/26 14:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft HiJackFree
[2011/09/26 14:43:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2011/09/26 14:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research
[2011/09/26 13:01:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\clone.AD
[2011/09/26 12:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Magic Reversi
[2011/09/26 11:26:09 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\StgP
[2011/09/26 11:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SysinternalsSuite
[2011/09/26 11:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\network-activity-indicator
[2011/09/26 11:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JPEGsnoop_v1_5_1
[2011/09/26 05:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\LopeSoft
[2011/09/25 17:56:26 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011/09/25 15:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2011/09/25 15:47:25 | 000,114,688 | ---- | C] (Open Source Telecom) -- C:\Windows\SysWow64\CCGNU32.dll
[2011/09/25 15:47:22 | 000,010,752 | ---- | C] (Almeida & Andrade Ltda) -- C:\Windows\SysWow64\aamd532.dll
[2011/09/25 15:47:21 | 000,939,224 | ---- | C] (Macromedia, Inc.) -- C:\Windows\SysWow64\Flash.ocx
[2011/09/25 09:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Paessler
[2011/09/25 09:00:43 | 000,000,000 | ---D | C] -- C:\usr
[2011/09/25 06:54:26 | 000,000,000 | ---D | C] -- C:\Windows\Symbols
[2011/09/25 06:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ASCOM
[2011/09/25 06:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ASCOM
[2011/09/25 06:54:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASCOM
[2011/09/25 06:54:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{76F58B5D-EE00-4D77-8EA4-FDAB501E2072}
[2011/09/25 06:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Research
[2011/09/25 06:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\MillieSoft
[2011/09/25 06:31:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MillieSoft
[2011/09/25 05:57:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Font Validator
[2011/09/25 05:55:24 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/02/03 21:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/24 16:22:22 | 000,000,303 | ---- | M] () -- C:\Windows\SysNative\checkdnsid.xml
[2011/10/24 16:09:05 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-200937163-3932221294-1481024234-500UA.job
[2011/10/24 15:44:12 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/24 15:34:08 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\WpsUpdateTask_Administrator.job
[2011/10/24 13:59:32 | 000,025,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/24 13:59:32 | 000,025,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/24 13:51:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/24 13:51:41 | 2037,776,383 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/24 11:23:40 | 000,438,082 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/10/24 11:18:20 | 000,001,222 | ---- | M] () -- C:\Users\Administrator\Desktop\SPYBOT.lnk
[2011/10/24 11:01:18 | 000,001,711 | ---- | M] () -- C:\Users\Administrator\Desktop\FOXIT PDF.lnk
[2011/10/24 07:49:09 | 000,000,962 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Ticker.lnk
[2011/10/24 07:41:30 | 000,001,958 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Kindle.lnk
[2011/10/24 06:00:07 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/24 05:51:46 | 000,000,000 | -H-- | M] () -- C:\Users\Administrator\Documents\Default.rdp
[2011/10/24 05:46:50 | 000,007,635 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2011/10/23 20:12:00 | 000,001,258 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/23 16:04:29 | 000,002,576 | ---- | M] () -- C:\Users\Administrator\Documents\CIA Order.bak
[2011/10/23 15:02:57 | 002,049,022 | ---- | M] () -- C:\Users\Administrator\Documents\PsychofIntelNew.pdf
[2011/10/22 18:09:10 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-200937163-3932221294-1481024234-500Core.job
[2011/10/22 16:42:30 | 000,000,769 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\SMRBackup210.dat
[2011/10/22 15:58:32 | 000,012,917 | ---- | M] () -- C:\Users\Administrator\Documents\Microsoft Indic Language Input Tool Getting Started.htm
[2011/10/22 15:01:43 | 000,001,036 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Wizard 2010 (2).lnk
[2011/10/22 14:51:56 | 000,096,376 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SMR210.SYS
[2011/10/22 13:59:44 | 000,001,219 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AIDA64 Extreme Edition.lnk
[2011/10/22 13:59:44 | 000,001,195 | ---- | M] () -- C:\Users\Administrator\Desktop\AIDA 64.lnk
[2011/10/22 13:45:09 | 000,001,596 | ---- | M] () -- C:\Users\Administrator\Desktop\IOBIT DELETE.lnk
[2011/10/22 07:26:52 | 000,001,497 | ---- | M] () -- C:\Users\Administrator\Desktop\IE9 32 (_8(l).lnk
[2011/10/22 07:26:22 | 000,001,471 | ---- | M] () -- C:\Users\Administrator\Desktop\IE9 64 (_8(I).lnk
[2011/10/22 05:58:56 | 000,001,312 | ---- | M] () -- C:\Users\Administrator\Documents\cpuz1.cvf
[2011/10/22 05:57:51 | 000,001,050 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\CPUID CPU-Z.lnk
[2011/10/22 05:51:18 | 000,660,138 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/22 05:51:18 | 000,121,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/22 05:51:17 | 000,772,874 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/22 05:51:12 | 000,772,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/22 05:32:33 | 000,001,665 | ---- | M] () -- C:\Users\Administrator\Desktop\BIT DEFENDER.lnk
[2011/10/22 05:22:14 | 000,436,814 | ---- | M] () -- C:\Users\Administrator\Documents\EasyCleanerSpaceUsage1.bmp
[2011/10/22 05:17:33 | 000,049,133 | ---- | M] () -- C:\Users\Administrator\Documents\EasyCleanerUnnFile1.htm
[2011/10/22 05:02:30 | 000,162,786 | ---- | M] () -- C:\Users\Administrator\Documents\EasyCleanerRegFile1.htm
[2011/10/22 04:22:53 | 000,001,635 | ---- | M] () -- C:\Users\Administrator\Desktop\AUDIE MURPHY.lnk
[2011/10/21 16:59:59 | 000,000,085 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/10/21 16:50:50 | 000,075,776 | ---- | M] () -- C:\Windows\cadkasdeinst01e.exe
[2011/10/21 15:30:46 | 000,001,591 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AlcyonEphemeris.exe.lnk
[2011/10/21 15:11:37 | 000,000,204 | ---- | M] () -- C:\Windows\SysWow64\secustat.dat
[2011/10/21 14:34:15 | 000,707,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/20 16:26:26 | 000,000,922 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ThreatFire.lnk
[2011/10/20 16:26:26 | 000,000,898 | ---- | M] () -- C:\Users\Public\Desktop\THREAT FIRE.lnk
[2011/10/20 15:21:33 | 000,001,477 | ---- | M] () -- C:\Windows\SysWow64\secushr.dat
[2011/10/20 07:51:07 | 000,005,120 | ---- | M] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/20 07:05:35 | 000,000,184 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\wklnhst.dat
[2011/10/19 12:36:53 | 000,000,943 | ---- | M] () -- C:\Users\Administrator\Desktop\VASSAL.lnk
[2011/10/18 16:28:34 | 000,018,102 | ---- | M] () -- C:\Windows\cscmondump.bin
[2011/10/18 15:02:52 | 000,001,322 | ---- | M] () -- C:\Users\Administrator\Desktop\WORD PAD.lnk
[2011/10/18 15:02:15 | 000,001,394 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\notepad++.exe - Shortcut.lnk
[2011/10/18 07:52:39 | 000,000,089 | ---- | M] () -- C:\Users\Administrator\AppData\Local\msmathematics.qat.Administrator
[2011/10/18 06:31:14 | 000,000,054 | ---- | M] () -- C:\Windows\Player.INI
[2011/10/17 15:30:00 | 000,001,359 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\FlashGet 3.7.lnk
[2011/10/17 14:11:08 | 000,000,221 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\America's Army 3.url
[2011/10/17 12:13:36 | 000,000,991 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\GUARDIAN.lnk
[2011/10/17 11:06:41 | 000,001,368 | ---- | M] () -- C:\Users\Public\Desktop\KS-WRITER.lnk
[2011/10/17 08:06:37 | 000,352,932 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/10/17 07:40:21 | 000,949,089 | ---- | M] () -- C:\Users\Administrator\AppData\Local\census.cache
[2011/10/17 07:40:17 | 000,150,695 | ---- | M] () -- C:\Users\Administrator\AppData\Local\ars.cache
[2011/10/16 14:24:25 | 000,000,829 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111024-112328.backup
[2011/10/16 09:03:54 | 000,000,427 | ---- | M] () -- C:\Windows\iepreview.ini
[2011/10/16 06:32:01 | 000,000,036 | ---- | M] () -- C:\Users\Administrator\AppData\Local\housecall.guid.cache
[2011/10/15 14:36:21 | 000,001,663 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ADMIN (2).lnk
[2011/10/15 13:20:49 | 000,001,157 | ---- | M] () -- C:\Users\Administrator\Desktop\MS-WORKS.lnk
[2011/10/15 11:55:18 | 000,001,134 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster 3.lnk
[2011/10/15 11:55:12 | 000,001,146 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Switch to Gaming Mode.lnk
[2011/10/15 04:47:54 | 000,000,961 | ---- | M] () -- C:\Users\Administrator\Desktop\WINAMP.lnk
[2011/10/14 19:58:35 | 000,000,784 | ---- | M] () -- C:\Windows\NTIWVEDT.INI
[2011/10/14 19:56:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\lame_acm.xml
[2011/10/14 14:30:49 | 000,018,326 | ---- | M] () -- C:\ProgramData\HKCU.reg
[2011/10/14 07:28:13 | 000,001,268 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2011/10/13 16:07:43 | 000,001,638 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Catalyst Control Center.lnk
[2011/10/13 09:23:28 | 000,000,943 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\NOTE TAB.lnk
[2011/10/13 08:52:11 | 000,001,296 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Video Downloader.lnk
[2011/10/13 08:52:08 | 000,001,284 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Video Converter.lnk
[2011/10/13 08:52:04 | 000,001,284 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Audio Converter.lnk
[2011/10/13 06:27:55 | 000,000,971 | ---- | M] () -- C:\Users\Administrator\Program Files (x86) - Shortcut.lnk
[2011/10/13 06:27:44 | 000,000,957 | ---- | M] () -- C:\Users\Administrator\Program Files - Shortcut.lnk
[2011/10/12 16:44:28 | 000,000,000 | RH-- | M] () -- C:\Users\Public\Documents\NTIMMV8.DLL
[2011/10/12 15:51:05 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2011/10/12 14:43:42 | 000,000,632 | RHS- | M] () -- C:\Users\Administrator\ntuser.pol
[2011/10/12 09:25:44 | 000,086,016 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
[2011/10/12 09:23:22 | 000,053,760 | ---- | M] () -- C:\Windows\SysNative\ff_acm.acm
[2011/10/12 05:07:16 | 000,001,228 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller.lnk
[2011/10/12 05:06:08 | 000,001,497 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\i_view32.exe - Shortcut.lnk
[2011/10/11 08:16:10 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/10/11 05:16:00 | 000,003,113 | ---- | M] () -- C:\Users\Administrator\Microsoft Desktop Player.lnk
[2011/10/11 04:16:11 | 000,230,864 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2011/10/10 08:57:11 | 000,000,003 | ---- | M] () -- C:\Windows\treeskp.sys
[2011/10/10 08:57:11 | 000,000,003 | ---- | M] () -- C:\Windows\sbacknt.bin
[2011/10/10 08:31:18 | 000,017,200 | ---- | M] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2011/10/10 08:31:16 | 000,028,976 | ---- | M] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2011/10/10 08:12:34 | 000,000,023 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\dilnur
[2011/10/07 15:51:07 | 000,001,186 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Dhaatu The Periodic Table of Elements.lnk
[2011/10/07 05:58:31 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/10/07 05:58:30 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/10/05 15:04:52 | 000,000,026 | ---- | M] () -- C:\Windows\%IniPath%
[2011/10/05 07:46:42 | 001,287,168 | ---- | M] (MPC-HC Team) -- C:\Windows\SysWow64\VSFilter.dll
[2011/10/04 05:22:55 | 000,000,032 | ---- | M] () -- C:\Windows\Guitar Chords.INI
[2011/10/04 05:19:59 | 000,000,032 | ---- | M] () -- C:\Windows\Blank Sheet Music.INI
[2011/10/03 10:10:06 | 000,344,064 | ---- | M] (fccHandler) -- C:\Windows\SysWow64\AACACM.acm
[2011/10/03 10:10:04 | 000,360,960 | ---- | M] (fccHandler) -- C:\Windows\SysNative\aacacm.acm
[2011/09/30 12:04:19 | 000,001,187 | ---- | M] () -- C:\Users\Administrator\Desktop\MAL-BYTE.lnk
[2011/09/27 15:39:28 | 004,005,376 | ---- | M] () -- C:\Windows\SysNative\x264vfw.dll
[2011/09/27 15:39:24 | 004,122,624 | ---- | M] () -- C:\Windows\SysWow64\x264vfw.dll
[2011/09/27 13:29:35 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/09/27 04:45:14 | 000,000,025 | ---- | M] () -- C:\Windows\libem.INI
[2011/09/26 14:59:10 | 000,200,704 | ---- | M] (John Paul Chacha's Lab) -- C:\Windows\iesshell.dll
[2011/09/25 17:56:26 | 000,216,064 | ---- | M] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011/09/25 17:55:46 | 000,147,968 | ---- | M] ( ) -- C:\Windows\SysNative\lagarith.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/24 11:18:20 | 000,001,222 | ---- | C] () -- C:\Users\Administrator\Desktop\SPYBOT.lnk
[2011/10/24 11:01:18 | 000,001,711 | ---- | C] () -- C:\Users\Administrator\Desktop\FOXIT PDF.lnk
[2011/10/24 07:49:09 | 000,000,962 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Ticker.lnk
[2011/10/24 07:41:30 | 000,001,958 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Kindle.lnk
[2011/10/24 05:51:46 | 000,000,000 | -H-- | C] () -- C:\Users\Administrator\Documents\Default.rdp
[2011/10/23 16:04:29 | 000,002,576 | ---- | C] () -- C:\Users\Administrator\Documents\CIA Order.bak
[2011/10/23 15:02:56 | 002,049,022 | ---- | C] () -- C:\Users\Administrator\Documents\PsychofIntelNew.pdf
[2011/10/23 13:07:51 | 000,002,006 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Center.lnk
[2011/10/23 13:07:51 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/10/23 13:07:49 | 000,001,413 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/10/23 13:07:49 | 000,001,264 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/10/23 13:07:49 | 000,001,258 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/23 05:14:23 | 000,002,450 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/10/22 16:42:30 | 000,000,769 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\SMRBackup210.dat
[2011/10/22 15:58:31 | 000,012,917 | ---- | C] () -- C:\Users\Administrator\Documents\Microsoft Indic Language Input Tool Getting Started.htm
[2011/10/22 15:01:43 | 000,001,036 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Wizard 2010 (2).lnk
[2011/10/22 13:59:44 | 000,001,219 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AIDA64 Extreme Edition.lnk
[2011/10/22 13:59:44 | 000,001,195 | ---- | C] () -- C:\Users\Administrator\Desktop\AIDA 64.lnk
[2011/10/22 13:45:09 | 000,001,596 | ---- | C] () -- C:\Users\Administrator\Desktop\IOBIT DELETE.lnk
[2011/10/22 07:26:52 | 000,001,497 | ---- | C] () -- C:\Users\Administrator\Desktop\IE9 32 (_8(l).lnk
[2011/10/22 07:26:22 | 000,001,471 | ---- | C] () -- C:\Users\Administrator\Desktop\IE9 64 (_8(I).lnk
[2011/10/22 05:58:56 | 000,001,312 | ---- | C] () -- C:\Users\Administrator\Documents\cpuz1.cvf
[2011/10/22 05:32:33 | 000,001,665 | ---- | C] () -- C:\Users\Administrator\Desktop\BIT DEFENDER.lnk
[2011/10/22 05:22:14 | 000,436,814 | ---- | C] () -- C:\Users\Administrator\Documents\EasyCleanerSpaceUsage1.bmp
[2011/10/22 05:17:33 | 000,049,133 | ---- | C] () -- C:\Users\Administrator\Documents\EasyCleanerUnnFile1.htm
[2011/10/22 05:02:30 | 000,162,786 | ---- | C] () -- C:\Users\Administrator\Documents\EasyCleanerRegFile1.htm
[2011/10/22 04:21:49 | 000,001,635 | ---- | C] () -- C:\Users\Administrator\Desktop\AUDIE MURPHY.lnk
[2011/10/21 17:59:55 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-200937163-3932221294-1481024234-500UA.job
[2011/10/21 17:59:54 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-200937163-3932221294-1481024234-500Core.job
[2011/10/21 16:59:59 | 000,000,085 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/10/21 16:50:50 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2011/10/21 15:30:46 | 000,001,591 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AlcyonEphemeris.exe.lnk
[2011/10/21 15:15:21 | 000,772,874 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/20 16:26:26 | 000,000,922 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ThreatFire.lnk
[2011/10/20 16:26:26 | 000,000,898 | ---- | C] () -- C:\Users\Public\Desktop\THREAT FIRE.lnk
[2011/10/19 12:36:53 | 000,000,943 | ---- | C] () -- C:\Users\Administrator\Desktop\VASSAL.lnk
[2011/10/18 16:28:34 | 000,018,102 | ---- | C] () -- C:\Windows\cscmondump.bin
[2011/10/18 15:02:52 | 000,001,322 | ---- | C] () -- C:\Users\Administrator\Desktop\WORD PAD.lnk
[2011/10/18 15:02:15 | 000,001,394 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\notepad++.exe - Shortcut.lnk
[2011/10/18 06:31:14 | 000,000,054 | ---- | C] () -- C:\Windows\Player.INI
[2011/10/17 15:30:00 | 000,001,359 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\FlashGet 3.7.lnk
[2011/10/17 14:11:08 | 000,000,221 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\America's Army 3.url
[2011/10/17 12:51:20 | 000,076,288 | ---- | C] () -- C:\Windows\SysWow64\moveex.exe
[2011/10/17 12:13:36 | 000,000,991 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\GUARDIAN.lnk
[2011/10/17 11:33:43 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/10/17 11:32:59 | 000,002,537 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk
[2011/10/17 11:14:46 | 000,002,671 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
[2011/10/17 08:06:37 | 000,352,932 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/10/16 15:46:59 | 000,000,184 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\wklnhst.dat
[2011/10/16 15:40:28 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro PDF Reader 2.lnk
[2011/10/16 09:02:43 | 000,000,427 | ---- | C] () -- C:\Windows\iepreview.ini
[2011/10/16 06:41:10 | 000,949,089 | ---- | C] () -- C:\Users\Administrator\AppData\Local\census.cache
[2011/10/16 06:41:00 | 000,150,695 | ---- | C] () -- C:\Users\Administrator\AppData\Local\ars.cache
[2011/10/16 06:32:01 | 000,000,036 | ---- | C] () -- C:\Users\Administrator\AppData\Local\housecall.guid.cache
[2011/10/15 13:20:49 | 000,001,157 | ---- | C] () -- C:\Users\Administrator\Desktop\MS-WORKS.lnk
[2011/10/15 12:04:27 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\WpsUpdateTask_Administrator.job
[2011/10/15 12:04:17 | 000,001,368 | ---- | C] () -- C:\Users\Public\Desktop\KS-WRITER.lnk
[2011/10/15 11:55:18 | 000,001,134 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster 3.lnk
[2011/10/15 11:55:12 | 000,001,146 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Switch to Gaming Mode.lnk
[2011/10/15 04:47:54 | 000,000,961 | ---- | C] () -- C:\Users\Administrator\Desktop\WINAMP.lnk
[2011/10/14 19:56:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\lame_acm.xml
[2011/10/14 14:30:37 | 000,018,326 | ---- | C] () -- C:\ProgramData\HKCU.reg
[2011/10/14 07:43:33 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2011/10/14 07:43:32 | 004,005,376 | ---- | C] () -- C:\Windows\SysNative\x264vfw.dll
[2011/10/14 07:43:32 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter.acm
[2011/10/14 07:43:32 | 000,053,760 | ---- | C] () -- C:\Windows\SysNative\ff_acm.acm
[2011/10/14 07:28:13 | 000,002,040 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2011/10/14 07:28:13 | 000,001,268 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2011/10/14 06:49:09 | 000,001,050 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\CPUID CPU-Z.lnk
[2011/10/13 16:07:43 | 000,001,638 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Catalyst Control Center.lnk
[2011/10/13 09:23:28 | 000,000,943 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\NOTE TAB.lnk
[2011/10/13 08:52:11 | 000,001,296 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Video Downloader.lnk
[2011/10/13 08:52:08 | 000,001,284 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Video Converter.lnk
[2011/10/13 08:52:04 | 000,001,284 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Freemake Audio Converter.lnk
[2011/10/13 07:44:57 | 000,001,663 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ADMIN (2).lnk
[2011/10/13 06:27:55 | 000,000,971 | ---- | C] () -- C:\Users\Administrator\Program Files (x86) - Shortcut.lnk
[2011/10/13 06:27:44 | 000,000,957 | ---- | C] () -- C:\Users\Administrator\Program Files - Shortcut.lnk
[2011/10/12 16:46:31 | 000,000,784 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2011/10/12 16:44:28 | 000,000,000 | RH-- | C] () -- C:\Users\Public\Documents\NTIMMV8.DLL
[2011/10/12 05:07:16 | 000,001,228 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller.lnk
[2011/10/12 05:06:08 | 000,001,497 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\i_view32.exe - Shortcut.lnk
[2011/10/11 08:16:10 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/10/11 05:16:00 | 000,003,113 | ---- | C] () -- C:\Users\Administrator\Microsoft Desktop Player.lnk
[2011/10/11 05:16:00 | 000,003,073 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Desktop Player.lnk
[2011/10/10 08:12:34 | 000,000,023 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\dilnur
[2011/10/10 07:42:17 | 000,000,003 | ---- | C] () -- C:\Windows\treeskp.sys
[2011/10/10 07:42:17 | 000,000,003 | ---- | C] () -- C:\Windows\sbacknt.bin
[2011/10/07 15:51:07 | 000,001,186 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Dhaatu The Periodic Table of Elements.lnk
[2011/10/07 05:58:31 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/10/07 05:58:30 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/10/06 14:29:19 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2011/10/05 15:00:21 | 000,000,026 | ---- | C] () -- C:\Windows\%IniPath%
[2011/10/04 07:32:01 | 000,007,635 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2011/10/04 05:22:55 | 000,000,032 | ---- | C] () -- C:\Windows\Guitar Chords.INI
[2011/10/04 05:19:59 | 000,000,032 | ---- | C] () -- C:\Windows\Blank Sheet Music.INI
[2011/10/02 14:22:00 | 000,013,568 | ---- | C] () -- C:\Windows\SysNative\CNC1737D.TBL
[2011/10/02 13:41:27 | 000,000,089 | ---- | C] () -- C:\Users\Administrator\AppData\Local\msmathematics.qat.Administrator
[2011/10/02 07:46:53 | 000,000,204 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011/10/01 07:57:35 | 000,703,488 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2011/10/01 07:57:35 | 000,258,560 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2011/10/01 07:57:35 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2011/09/30 16:11:11 | 000,005,120 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/29 15:52:55 | 000,000,632 | RHS- | C] () -- C:\Users\Administrator\ntuser.pol
[2011/09/29 15:52:25 | 000,000,290 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/09/29 15:52:25 | 000,000,272 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/09/28 12:10:22 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx
[2011/09/27 15:39:24 | 004,122,624 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011/09/27 08:09:13 | 000,001,477 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011/09/27 07:12:28 | 000,113,486 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
[2011/09/27 04:45:14 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011/09/27 04:42:29 | 000,007,549 | ---- | C] () -- C:\Windows\SysNative\dopdf7.ctm
[2011/09/25 15:47:21 | 000,010,348 | ---- | C] () -- C:\Windows\SysWow64\SubclassingSink.tlb
[2011/09/21 10:12:12 | 000,229,857 | ---- | C] () -- C:\ProgramData\1316617575.bdinstall.bin
[2011/09/20 18:51:17 | 000,001,668 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2011/09/20 18:28:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/09/20 17:14:32 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011/09/20 17:14:32 | 000,113,264 | ---- | C] () -- C:\Windows\FixUVC.exe
[2011/09/20 17:14:32 | 000,000,302 | ---- | C] () -- C:\Windows\PidList_C.ini
[2011/07/28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/07/12 21:30:54 | 000,011,441 | ---- | C] () -- C:\Windows\SysWow64\LockOfficeu.sys
[2011/07/12 16:56:50 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/06/17 06:26:10 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/06/17 06:17:28 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/03/17 12:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/01/04 14:28:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/03/27 06:53:05 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010/03/27 06:53:05 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2010/03/27 06:53:05 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2010/03/02 22:15:52 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\drivers\1UnHooker.sys
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 16:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 16:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 16:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/08/11 09:33:42 | 001,370,242 | ---- | C] () -- C:\Windows\SysWow64\OGKernel.dll
[2002/03/02 04:10:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll

========== LOP Check ==========

[2011/10/21 15:53:59 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\7plus
[2011/10/01 04:56:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Auslogics
[2011/09/29 15:53:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Bitdefender
[2011/10/21 15:11:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\BITS
[2011/10/09 06:50:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\BleachBit
[2011/10/18 08:07:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\calibre
[2011/10/04 08:22:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Console
[2011/10/11 11:17:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\CrosswordSolver
[2011/10/24 06:14:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Desktop Ticker
[2011/10/11 11:34:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DMCache
[2011/10/16 15:38:42 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Downloaded Installations
[2011/10/24 13:29:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Earth Alerts
[2011/10/17 15:29:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FlashGet
[2011/09/30 07:35:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FlashGetBHO
[2011/10/24 07:04:54 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Foxit Software
[2011/10/19 12:59:41 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Free Audio Editor
[2011/10/07 05:04:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FreeFileViewer
[2011/10/09 17:09:45 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Get from YouTube
[2011/10/06 17:03:57 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GrabPro
[2011/10/11 05:35:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Hardys Browser
[2011/10/20 15:27:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\HTML Executable
[2011/10/07 16:32:30 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\images
[2011/10/09 14:20:45 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Import Audio from Video
[2011/10/15 16:20:26 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2011/09/30 07:19:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IrfanView
[2011/10/15 11:32:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\JLC's Software
[2011/10/07 07:48:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\KeePass
[2011/10/18 09:21:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\KillSwitch 2
[2011/10/15 12:03:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Kingsoft
[2011/10/15 11:19:20 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\LibreOffice
[2011/10/15 12:06:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Luxand
[2011/10/11 04:21:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\M8 Software
[2011/10/02 14:15:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MusE
[2011/10/02 14:03:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NCH Swift Sound
[2011/10/24 06:39:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nitro PDF
[2011/10/18 12:42:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Notepad++
[2011/10/01 08:01:46 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NoteTab Light
[2011/10/06 17:03:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenCandy
[2011/10/16 08:25:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2011/10/06 14:29:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\pdfforge
[2011/10/21 06:47:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Privacy Guardian
[2011/10/06 17:04:04 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ProgSense
[2011/10/14 14:29:41 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Shark007
[2011/10/09 13:48:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SlimCleaner
[2011/10/05 07:57:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Softland
[2011/10/21 08:50:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Styler
[2011/10/16 15:47:15 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Template
[2011/10/07 13:59:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2011/10/08 15:03:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Titanium
[2011/10/14 14:21:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Win7codecs
[2011/10/16 07:57:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Windows Live Writer
[2011/10/07 15:02:40 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\WinPatrol
[2011/10/09 03:54:08 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/10/24 15:34:08 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\WpsUpdateTask_Administrator.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 256 bytes -> C:\ProgramData\Temp:9A870F8B
@Alternate Data Stream - 16 bytes -> C:\Windows\SysWow64\secustat.dat:BDU
@Alternate Data Stream - 16 bytes -> C:\Windows\SysWow64\secushr.dat:BDU
@Alternate Data Stream - 16 bytes -> C:\Windows\libem.INI:BDU
@Alternate Data Stream - 16 bytes -> C:\Users\Administrator\Documents\PsychofIntelNew.pdf:BDU
@Alternate Data Stream - 16 bytes -> C:\Users\Administrator\Documents\Microsoft Indic Language Input Tool Getting Started.htm:BDU
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:F7B65412
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:42D9E231

< End of report >
  • 0

Advertisements


#2
Alfre-doh!(_8(I)

Alfre-doh!(_8(I)

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I just noticed that OCL also creates another file called, "Extras." Here's the info from the file:
(Man! Look at all those errors. I just wonder if those are part of the problem? One other thing; whenever I try to open a saved web page a popup indicates that there is no default program to open it with. Even though I've selected IE9 as the default web page viewer it never stays as the default; saved web pages don't have the IE icon on them-they're just blank until I try to open them.)

OTL Extras logfile created on: 10/24/2011 4:16:30 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Administrator\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.86 Gb Total Physical Memory | 5.54 Gb Available Physical Memory | 70.48% Memory free
19.66 Gb Paging File | 17.13 Gb Available in Paging File | 87.17% Paging File free
Paging file location(s): c:\pagefile.sys 12078 12078 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.97 Gb Total Space | 393.20 Gb Free Space | 86.81% Space Free | Partition Type: NTFS

Computer Name: ALFREDO-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.ini[@ = Notepad++_file] -- C:\Program Files (x86)\Unicode\notepad++.exe (Don HO [email protected])
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.ini [@ = Notepad++_file] -- C:\Program Files (x86)\Unicode\notepad++.exe (Don HO [email protected])

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [takeownership] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [takeownership] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX330_series" = Canon MX330 series MP Drivers
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java™ 6 Update 27 (64-bit)
"{2AB9289D-6432-4CC0-8869-A195C3F0CFCC}" = Bitdefender Total Security 2012
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{49033FF4-8C1C-0EB9-C0A6-4691CB18D0A4}" = ccc-utility64
"{499CBE65-4E07-B40A-624A-B5B7BD6F9A9C}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{59D4C823-ABAC-4E3D-B624-C3678B873227}" = BitDefender TrafficLight
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8961E141-B307-4882-ABAD-77A3E76A40C1}" = ASCOM Platform 6
"{8D0A0350-B509-B362-4827-63E4C6520E7B}" = AMD Catalyst Install Manager
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99985B3B-508D-420F-B45D-96E41C0F2924}" = Microsoft Indic Language Input Tool for Hindi
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A1ED3F26-CF0C-4371-9960-8140B94E09F0}" = System Requirements Lab for Intel (64-bit)
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}" = Microsoft Image Composite Editor
"{D0E36B69-687C-43B3-93BA-5E4B6E531023}_is1" = RAMMon V1.0
"{D63FFA4F-6405-4782-8E3C-6F1C6807C66D}" = Speckie
"{DE5C71F2-F8A3-4689-8675-D61AA170D8E6}" = Nitro PDF Reader 2
"{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}" = Microsoft Mathematics (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Bitdefender" = Bitdefender Total Security 2012
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"Defraggler" = Defraggler
"doPDF 7 printer_is1" = doPDF 7.2 printer
"DriverAgent.exe" = DriverAgent by eSupport.com
"FileMenu Tools_is1" = FileMenu Tools
"KLiteCodecPack64_is1" = K-Lite Codec Pack 5.2.0 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Recuva" = Recuva
"x64 Components_is1" = x64 Components v3.1.3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1E7603CA-71BE-4113-86E7-DD9E17F6BA7D}" = TunerFree MCE
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F4748E6-E093-FA89-7999-737F48C4767F}" = Catalyst Control Center InstallProxy
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java™ 6 Update 27
"{29608D8B-37E4-4B7E-8775-007A8300C381}" = Alcyone Ephemeris
"{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1" = RegAlyzer
"{29D3773E-54F4-23C2-D523-236A4453B845}_is1" = FileAlyzer 2
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{39DB116F-E088-486F-B13C-8925ECE7A6E5}" = 3D Sound Back Beta0.1
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{43A13211-109A-4870-BD1F-11420DA235BC}_is1" = Dhaatu The Periodic Table of Elements 3.0.3
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DB39047-848B-4ADB-86ED-F97E22CCC3C8}" = Kodu Game Lab
"{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}" = Alcor Micro USB Card Reader
"{61150C85-DC0A-4976-922F-5575F388ADA6}" = Notation Player 2.6
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{67CDD5A0-C572-4D2C-A354-6492B51F4138}" = SlimDrivers
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}" = Microsoft Small Basic v1.0
"{7C54AF5F-C131-4B5D-8C2A-9ED26E939756}" = Microsoft Desktop Player
"{7E6FA2FF-CC41-4145-9C06-19C1F78DF855}" = Microsoft Maren
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82705358-3BD6-3CD5-AA9A-B8F058BE3A29}" = Google Talk Plugin
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{88E0499C-60B2-4309-BCC8-33BA0B098C5C}" = MusicPad
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Internet Optimizer
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{966CA8ED-5A5D-47F8-A478-794206AB1B3E}" = Microsoft WorldWide Telescope
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A79024ED-1969-334A-1ED6-16753F9DE377}" = CCC Help English
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel® Processor ID Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{bb73892d-4896-4649-8bdb-e80656e1f81a}}_is1" = Desktop Ticker 1.6.0
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C57C21C0-CE1B-26D5-1215-B26862051F6F}" = Catalyst Control Center
"{C86CB1B1-4BD0-7BFB-88CF-76762C8CE1D3}" = Catalyst Control Center Graphics Previews Common
"{CD05F1BC-FC63-1E93-4094-82BC33662E76}" = Catalyst Control Center Localization All
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.158.203
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{DBF13E88-A514-42E8-BFF5-038166A58D61}" = Blank Sheet Music
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2C98732-F973-4985-A9C5-DC06178E16EE}" = Microsoft Mathematics Add-in (32-bit)
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F5BF6D6E-C8F1-4FE1-943A-C484696B30C2}" = Guitar Chords
"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FA4AE537-3895-47A2-A1C0-14E39398FD29}" = Earth Alerts
"{FBFBDCEB-1921-4771-B80E-09BBD33680D0}" = SlimCleaner
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"123 Free Solitaire_is1" = 123 Free Solitaire 2009 v7.0
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.85
"Amazon Kindle" = Amazon Kindle
"Anagram Generator_is1" = Anagram Generator
"ASCOM Platform 6" = ASCOM Platform 6
"BabyMaker_is1" = BabyMaker v1.5
"Belarc Advisor" = Belarc Advisor 8.2
"Calendar Magic_is1" = Calendar Magic V17.8
"Chord Pickout" = Chord Pickout 2.0
"ColorDetector200_is1" = Color Detector 2.0
"Crescendo" = Crescendo Music Notation Editor
"Emsisoft HiJackFree_is1" = Emsisoft HiJackFree 4.5
"FastStone Image Viewer" = FastStone Image Viewer 4.6
"FlashGet 3.7" = FlashGet 3.7
"FormatFactory" = FormatFactory 2.70
"Foxit Reader_is1" = Foxit Reader 5.0
"Free Audio Editor" = Free Audio Editor
"Free File Opener_is1" = Free File Opener v2011.7.0.1
"FreeFileViewer_is1" = Free File Viewer 2011
"Freemake Audio Converter_is1" = Freemake Audio Converter version 1.1.0
"Freemake Video Converter_is1" = Freemake Video Converter version 2.4.0
"Freemake Video Downloader_is1" = Freemake Video Downloader
"Game Booster_is1" = Game Booster 3
"GCH Guitar academy" = GCH Guitar academy
"Icons from File_is1" = Icons from File 5.02
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}" = Alcor Micro USB Card Reader
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"IrfanView" = IrfanView (remove only)
"Karen's Clipboard Viewer" = Karen's Clipboard Viewer
"Kingsoft Office" = Kingsoft Office 2012 (8.1.0.2942)
"LManager" = Launch Manager
"MagicReversi_is1" = Magic Reversi 4.00
"MagicScore_is1" = MagicScore
"Mahjongg_is1" = Mahjongg 1.1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Metric Converter" = Metric Converter
"Musette_is1" = Musette version 2.10.10
"NoteTab Light 6_is1" = NoteTab Light 6 (Remove only)
"OpenDNS Updater" = OpenDNS Updater 2.2.1
"PC Wizard 2010_is1" = PC Wizard 2010.1.96
"Privacy Guardian_is1" = Privacy Guardian 4.5
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"Revo Uninstaller" = Revo Uninstaller 1.93
"ScreenshotCaptor_is1" = Screenshot Captor 2.101.02
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = B Lyrics Mimer
"Steam App 13140" = America's Army 3
"Sweet Home 3D_is1" = Sweet Home 3D version 3.3
"TripleAVersion1_3_2_2" = TripleA Version 1_3_2_2
"TwelveKeys" = TwelveKeys Music Transcription Software
"VASSAL (3.1.16)" = VASSAL (3.1.16)
"VLC media player" = VLC media player 1.1.11
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Your Cleaner 1.11" = Your Cleaner 1.11
"yWriter5_is1" = yWriter5

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Eraser" = Eraser
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/23/2011 3:59:20 PM | Computer Name = Alfredo-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 7e8 Start
Time: 01cc91be0746de92 Termination Time: 20 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 10/23/2011 4:44:55 PM | Computer Name = Alfredo-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 10/24/2011 6:28:55 AM | Computer Name = Alfredo-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 10/24/2011 9:42:14 AM | Computer Name = Alfredo-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 10a4 Start
Time: 01cc924b80f1e346 Termination Time: 75 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:

Error - 10/24/2011 10:16:43 AM | Computer Name = Alfredo-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 10/24/2011 12:09:52 PM | Computer Name = Alfredo-PC | Source = Application Error | ID = 1000
Description = Faulting application name: MsiExec.exe, version: 5.0.7601.17514, time
stamp: 0x4ce792c4 Faulting module name: QuickTime.qts_unloaded, version: 0.0.0.0,
time stamp: 0x4e13ba08 Exception code: 0xc0000005 Fault offset: 0x02c6a9e9 Faulting
process id: 0x1350 Faulting application start time: 0x01cc92675a152de8 Faulting application
path: C:\Windows\syswow64\MsiExec.exe Faulting module path: QuickTime.qts Report
Id: 9a81d309-fe5a-11e0-852b-00262d9eae5e

Error - 10/24/2011 2:01:16 PM | Computer Name = Alfredo-PC | Source = Application Hang | ID = 1002
Description = The program FileAlyzer2.exe version 2.0.5.57 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: c78 Start
Time: 01cc9276358d5c1e Termination Time: 10 Application Path: C:\Program Files (x86)\Safer
Networking\FileAlyzer 2\FileAlyzer2.exe Report Id: 1ed8d225-fe6a-11e0-9906-00262d9eae5e


Error - 10/24/2011 2:43:33 PM | Computer Name = Alfredo-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1370 Start
Time: 01cc927cab2bb9a8 Termination Time: 10 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:

Error - 10/24/2011 2:44:13 PM | Computer Name = Alfredo-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 604 Start
Time: 01cc927af6cb21bc Termination Time: 25 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id: 2758b2c2-fe70-11e0-9906-00262d9eae5e

Error - 10/24/2011 5:13:16 PM | Computer Name = Alfredo-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d94 Start
Time: 01cc928cbd07fb88 Termination Time: 33 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

[ Media Center Events ]
Error - 10/21/2011 6:31:58 AM | Computer Name = Alfredo-PC | Source = MCUpdate | ID = 0
Description = 5:31:57 AM - Error connecting to the internet. 5:31:57 AM - Unable
to contact server..

[ System Events ]
Error - 10/24/2011 1:08:16 PM | Computer Name = Alfredo-PC | Source = Service Control Manager | ID = 7016
Description = The BitDefender Virus Shield service has reported an invalid current
state 14.

Error - 10/24/2011 1:08:25 PM | Computer Name = Alfredo-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
1UnHooker

Error - 10/24/2011 1:13:56 PM | Computer Name = Alfredo-PC | Source = Service Control Manager | ID = 7016
Description = The BitDefender Virus Shield service has reported an invalid current
state 14.

Error - 10/24/2011 2:50:15 PM | Computer Name = Alfredo-PC | Source = Service Control Manager | ID = 7016
Description = The BitDefender Virus Shield service has reported an invalid current
state 14.

Error - 10/24/2011 2:50:35 PM | Computer Name = Alfredo-PC | Source = Service Control Manager | ID = 7034
Description = The BitDefender Virus Shield service terminated unexpectedly. It
has done this 1 time(s).

Error - 10/24/2011 2:51:39 PM | Computer Name = Alfredo-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\1UnHooker.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 10/24/2011 2:52:05 PM | Computer Name = Alfredo-PC | Source = Service Control Manager | ID = 7016
Description = The BitDefender Virus Shield service has reported an invalid current
state 14.

Error - 10/24/2011 2:52:16 PM | Computer Name = Alfredo-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
1UnHooker

Error - 10/24/2011 2:52:22 PM | Computer Name = Alfredo-PC | Source = Service Control Manager | ID = 7016
Description = The BitDefender Virus Shield service has reported an invalid current
state 14.

Error - 10/24/2011 4:11:32 PM | Computer Name = Alfredo-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 40.


< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP