Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

google redirect link to someware else [Closed]


  • This topic is locked This topic is locked

#1
NJGraphix

NJGraphix

    Member

  • Member
  • PipPip
  • 13 posts
Samething here can you help me I have reinstall all my computer from factory setting and nothing change :(

OTS logfile created on: 12/5/2011 9:32:49 AM - Run 1
OTS by OldTimer - Version 3.1.46.0 Folder = C:\Users\Heintje\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 72.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 404.88 Gb Free Space | 89.76% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 1862.36 Gb Total Space | 1619.93 Gb Free Space | 86.98% Space Free | Partition Type: FAT32

Computer Name: HEINTJE-PC
Current User Name: Heintje
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Heintje\Desktop\OTS.exe -> [2011/12/05 09:30:59 | 000,646,144 | ---- | M] (OldTimer Tools)
mscorsvw.exe -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
shwiconxp9106.exe -> C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe -> [2009/07/17 17:07:58 | 000,237,568 | ---- | M] (Alcor Micro Corp.)
pdvddxsrv.exe -> C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe -> [2009/06/24 21:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.)
docklogin.exe -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2009/06/09 11:11:14 | 000,155,648 | ---- | M] (Stardock Corporation)
acrotray.exe -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe -> [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.)
es1000server.exe -> C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Server.exe -> [2008/04/11 14:29:10 | 000,043,008 | ---- | M] (Electronics for Imaging, Inc.)
es1000service.exe -> C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe -> [2008/04/11 14:29:10 | 000,009,216 | ---- | M] (Electronics for Imaging, Inc.)

[Modules - No Company Name]
[Win32 Services - Safe List]
64bit-(FLEXnet Licensing Service 64) [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -> [2011/12/03 10:55:18 | 001,038,088 | ---- | M] (Acresso Software Inc.)
64bit-(NisSrv) [On_Demand | Running] -> C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -> [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation)
64bit-(MsMpSvc) [Auto | Running] -> C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -> [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation)
64bit-(WinDefend) [On_Demand | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
64bit-(AppMgmt) [On_Demand | Stopped] -> C:\Windows\SysNative\appmgmts.dll -> [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation)
64bit-(AMD External Events Utility) [Auto | Running] -> C:\Windows\SysNative\atiesrxx.exe -> [2009/06/15 13:12:10 | 000,203,264 | ---- | M] (AMD)
64bit-(DockLoginService) [Auto | Running] -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2009/06/09 11:11:14 | 000,155,648 | ---- | M] (Stardock Corporation)
64bit-(AERTFilters) [Auto | Running] -> C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -> [2009/03/31 17:01:34 | 000,092,160 | ---- | M] (Andrea Electronics Corporation)
(FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2011/12/03 10:54:09 | 000,655,624 | ---- | M] (Acresso Software Inc.)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Running] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(RoxMediaDB10) RoxMediaDB10 [On_Demand | Stopped] -> c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -> [2009/06/26 12:19:12 | 001,124,848 | ---- | M] (Sonic Solutions)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)
(Adobe Version Cue CS4) Adobe Version Cue CS4 [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -> [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated)
(EFI ES1000) EFI ES1000 [Auto | Running] -> C:\Program Files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe -> [2008/04/11 14:29:10 | 000,009,216 | ---- | M] (Electronics for Imaging, Inc.)

[Driver Services - Safe List]
64bit-(NuidFltr) NUID filter driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nuidfltr.sys -> [2011/08/10 16:40:58 | 000,023,960 | ---- | M] (Microsoft Corporation)
64bit-(Point64) Microsoft IntelliPoint Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\point64.sys -> [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation)
64bit-(dc3d) MS Hardware Device Detection Driver (USB) [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\dc3d.sys -> [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation)
64bit-(NisDrv) Microsoft Network Inspection System [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\NisDrvWFP.sys -> [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation)
64bit-(k57nd60a) Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\k57nd60a.sys -> [2009/08/06 11:43:58 | 000,320,040 | ---- | M] (Broadcom Corporation)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(PxHlpa64) PxHlpa64 [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\PxHlpa64.sys -> [2009/07/09 05:00:00 | 000,055,280 | ---- | M] (Sonic Solutions)
64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\atikmdag.sys -> [2009/06/15 13:48:00 | 006,031,872 | ---- | M] (ATI Technologies Inc.)
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(iaStor) iaStor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2009/06/04 21:54:36 | 000,408,600 | ---- | M] (Intel Corporation)
64bit-(adfs) adfs [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\adfs.sys -> [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.)
64bit-(WDC_SAM) WD SCSI Pass Thru driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\wdcsam64.sys -> [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies)
(WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\SysWOW64\drivers\wimmount.sys -> [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation)
(RxFilter) RxFilter [File_System | System | Stopped] -> C:\Windows\SysWOW64\drivers\RxFilter.sys -> [2009/06/26 11:27:28 | 000,065,520 | ---- | M] (Sonic Solutions)
(adfs) adfs [Kernel | Auto | Running] -> C:\Windows\SysWow64\drivers\adfs.sys -> [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.)

[Registry - All]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft....k/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft....k/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\System32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft....k/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft....k/?LinkId=69157 ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft....k/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft....k/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft....k/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft....k/?LinkId=69157 ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
64bit-HKEY_USERS\S-1-5-19\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysNative\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/20 00:40:49 | 012,370,944 | ---- | M] (Microsoft Corporation)
HKEY_USERS\S-1-5-19\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysWOW64\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/19 23:35:00 | 010,990,080 | ---- | M] (Microsoft Corporation)
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
64bit-HKEY_USERS\S-1-5-20\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysNative\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/20 00:40:49 | 012,370,944 | ---- | M] (Microsoft Corporation)
HKEY_USERS\S-1-5-20\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysWOW64\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/19 23:35:00 | 010,990,080 | ---- | M] (Microsoft Corporation)
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> ->
HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: Main\\"Default_Page_URL" -> http://g.msn.com/USCON/23 ->
HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: Main\\"Local Page" -> C:\Windows\system32\blank.htm ->
HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: Main\\"Search Page" -> http://go.microsoft....k/?LinkId=54896 ->
HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: Main\\"Start Page" -> http://www.google.ca/ ->
64bit-HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysNative\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/20 00:40:49 | 012,370,944 | ---- | M] (Microsoft Corporation)
HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\SysWOW64\ieframe.dll [Microsoft Url Search Hook] -> [2011/08/19 23:35:00 | 010,990,080 | ---- | M] (Microsoft Corporation)
HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
< FireFox Extensions [User Folders] > ->
< HOSTS File > ([2009/06/10 16:00:26 | 000,000,824 | ---- | M] - 21 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [Java™ Plug-In 2 SSV Helper] -> [2009/12/22 15:56:11 | 000,043,520 | ---- | M] (Sun Microsystems, Inc.)
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 13:07:26 | 000,075,128 | ---- | M] (Adobe Systems Incorporated)
{5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [Search Helper] -> [2009/01/14 18:49:24 | 000,092,504 | ---- | M] (Microsoft Corp.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/01/22 16:41:30 | 000,408,448 | ---- | M] (Microsoft Corporation)
{AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe PDF Conversion Toolbar Helper] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java™ Plug-In 2 SSV Helper] -> [2009/12/22 15:55:46 | 000,041,368 | ---- | M] (Sun Microsystems, Inc.)
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation)
{F4971EE7-DAA0-4053-9964-665D8EE6A077} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [SmartSelect Class] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
< 64bit-Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation)
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe PDF] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
"Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 19:17:46 | 001,068,904 | ---- | M] (Microsoft Corporation)
WebBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe PDF] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"IntelliPoint" -> C:\Program Files\Microsoft IntelliPoint\ipoint.exe ["C:\Program Files\Microsoft IntelliPoint\ipoint.exe"] -> [2011/08/01 15:59:06 | 002,417,032 | ---- | M] (Microsoft Corporation)
"itype" -> C:\Program Files\Microsoft IntelliType Pro\itype.exe ["C:\Program Files\Microsoft IntelliType Pro\itype.exe"] -> [2011/08/10 16:40:58 | 001,873,256 | ---- | M] (Microsoft Corporation)
"MSC" -> C:\Program Files\Microsoft Security Client\msseces.exe ["C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2011/06/15 14:35:24 | 001,436,736 | ---- | M] (Microsoft Corporation)
"RtHDVCpl" -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe] -> [2009/05/23 03:20:30 | 007,833,120 | ---- | M] (Realtek Semiconductor)
"Skytel" -> [C:\Program Files\Realtek\Audio\HDA\Skytel.exe] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"" -> [] -> File not found
"Acrobat Assistant 8.0" -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe ["C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"] -> [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.)
"Adobe Acrobat Speed Launcher" -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe ["C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"] -> [2008/06/12 02:25:18 | 000,037,232 | ---- | M] (Adobe Systems Incorporated)
"Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/02/27 18:10:28 | 000,035,696 | ---- | M] (Adobe Systems Incorporated)
"Adobe_ID0ENQBO" -> C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE] -> [2008/08/15 05:46:20 | 000,378,224 | ---- | M] (Adobe Systems Incorporated)
"AdobeCS4ServiceManager" -> C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe ["C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin] -> [2008/08/14 07:58:34 | 000,611,712 | ---- | M] (Adobe Systems Incorporated)
"PDVDDXSrv" -> C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe ["C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"] -> [2009/06/24 21:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.)
"ShwiconXP9106" -> C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe] -> [2009/07/17 17:07:58 | 000,237,568 | ---- | M] (Alcor Micro Corp.)
"StartCCC" -> c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun] -> [2009/06/14 22:24:20 | 000,098,304 | ---- | M] (Advanced Micro Devices, Inc.)
"SunJavaUpdateSched" -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe ["C:\Program Files (x86)\Java\jre6\bin\jusched.exe"] -> [2009/12/22 15:55:46 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.)
< RunOnceEx [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx ->
"ContentMerger" -> c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe [c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe] -> [2009/06/26 12:09:14 | 000,019,952 | ---- | M] (Sonic Solutions)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/13 20:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun] -> [2009/07/13 20:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> [C:\Windows\System32\mctadmin.exe] -> File not found
< Run [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"RESTART_STICKY_NOTES" -> [C:\Windows\System32\StikyNot.exe] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoActiveDesktop" -> [1] -> File not found
\\"NoActiveDesktopChanges" -> [1] -> File not found
\\"ForceActiveDesktopOn" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
\\"EnableInstallerDetection" -> [1] -> File not found
\\"EnableLUA" -> [1] -> File not found
\\"EnableSecureUIAPaths" -> [1] -> File not found
\\"EnableUIADesktopToggle" -> [0] -> File not found
\\"EnableVirtualization" -> [1] -> File not found
\\"PromptOnSecureDesktop" -> [1] -> File not found
\\"ValidateAdminCodeSignatures" -> [0] -> File not found
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"scforceoption" -> [0] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
\\"FilterAdministratorToken" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
\UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" -> [1] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" -> [2] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" -> [7] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIB" -> [8] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" -> [9] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" -> [13] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" -> [17] -> File not found
< 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\Software\Microsoft\Internet Explorer\MenuExt\ ->
Append Link Target to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
Append to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
Convert Link Target to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
Convert to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\Software\Microsoft\Internet Explorer\MenuExt\ ->
Append Link Target to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
Append to Existing PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
Convert Link Target to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
Convert to Adobe PDF -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html] -> [2008/06/11 22:42:44 | 000,345,480 | ---- | M] (Adobe Systems Incorporated)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2009/07/26 21:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.micro...?ext=%s&mime=%s ->
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.micro...?ext=%s&mime=%s ->
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\] > -> HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-2183848373-4019789834-1093417383-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< 64bit-Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_14] ->
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_14] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_14] ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_14] ->
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_14] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/...indows-i586.cab [Java Plug-in 1.6.0_14] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.0.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{C5A5E279-4C9D-490D-8755-9D8C2A4DDBD8}\\DhcpNameServer -> 192.168.0.1 (Broadcom NetLink ™ Gigabit Ethernet) ->
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
C:\Windows\system32\userinit.exe -> C:\Windows\SysNative\userinit.exe -> [2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/13 20:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
userinit.exe -> C:\Windows\SysWow64\userinit.exe -> [2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysWow64\SystemPropertiesPerformance.exe -> [2009/07/13 20:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
64bit-*SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
credssp.dll -> C:\Windows\SysNative\credssp.dll -> [2009/07/13 20:40:23 | 000,020,480 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
credssp.dll -> C:\Windows\SysWow64\credssp.dll -> [2009/07/13 20:15:07 | 000,016,896 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
64bit-*LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
msv1_0 -> C:\Windows\SysNative\msv1_0.dll -> [2009/09/10 01:28:22 | 000,311,808 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
msv1_0 -> C:\Windows\SysWow64\msv1_0.dll -> [2009/09/10 00:52:05 | 000,257,024 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
64bit-*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
kerberos -> C:\Windows\SysNative\kerberos.dll -> [2010/12/18 01:11:34 | 000,714,752 | ---- | M] (Microsoft Corporation)
msv1_0 -> C:\Windows\SysNative\msv1_0.dll -> [2009/09/10 01:28:22 | 000,311,808 | ---- | M] (Microsoft Corporation)
schannel -> C:\Windows\SysNative\schannel.dll -> [2010/08/21 01:36:49 | 000,340,992 | ---- | M] (Microsoft Corporation)
wdigest -> C:\Windows\SysNative\wdigest.dll -> [2009/07/13 20:41:56 | 000,210,432 | ---- | M] (Microsoft Corporation)
tspkg -> C:\Windows\SysNative\tspkg.dll -> [2009/07/13 20:41:55 | 000,086,016 | ---- | M] (Microsoft Corporation)
pku2u -> C:\Windows\SysNative\pku2u.dll -> [2009/07/13 20:41:53 | 000,240,640 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
kerberos -> C:\Windows\SysWow64\kerberos.dll -> [2010/12/18 00:29:31 | 000,541,184 | ---- | M] (Microsoft Corporation)
msv1_0 -> C:\Windows\SysWow64\msv1_0.dll -> [2009/09/10 00:52:05 | 000,257,024 | ---- | M] (Microsoft Corporation)
schannel -> C:\Windows\SysWow64\schannel.dll -> [2010/08/21 00:36:24 | 000,224,256 | ---- | M] (Microsoft Corporation)
wdigest -> C:\Windows\SysWow64\wdigest.dll -> [2009/07/13 20:16:18 | 000,171,520 | ---- | M] (Microsoft Corporation)
tspkg -> C:\Windows\SysWow64\tspkg.dll -> [2009/07/13 20:16:16 | 000,065,024 | ---- | M] (Microsoft Corporation)
pku2u -> C:\Windows\SysWow64\pku2u.dll -> [2009/07/13 20:16:12 | 000,186,880 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{095E0F49-5EF4-4DCE-81B7-F9CBF2040B89} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | [email protected],-28519 | app=system |
{124217AE-8820-42CE-8B17-C15CF2194D3D} -> lport=2177 | profile=private | protocol=17 | dir=in | action=allow | [email protected],-31253 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{15947838-9374-416D-BC40-64FAA173A8D1} -> lport=3704 | profile=private | protocol=6 | dir=in | action=allow | name=adobe version cue cs4 server |
{1777B2AE-4525-455D-882D-0680FAF46CFE} -> lport=5353 | profile=private | protocol=6 | dir=in | action=allow | name=adobe csi cs4 |
{1CE543EE-00FF-44DB-AB7A-DDEA58DB99F5} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | [email protected],-28515 | app=system |
{3133FE92-8D92-4815-A2E5-097C159C04CB} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | [email protected],-28550 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{3351694E-591F-4482-8088-4777F7360F42} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | [email protected],-28531 | app=system |
{3554250A-41D8-40A9-B8B8-8BD18203598F} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live messenger (ssdp-in) | app=svchost.exe | svc=ssdpsrv |
{37C2A58A-B811-4C08-A4C6-7BFF7EBA9848} -> rport=10243 | profile=private | protocol=6 | dir=out | action=allow | [email protected],-31289 | app=system |
{4283A59C-2C11-48D8-B461-D0DDBDCF7C4B} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | [email protected],-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |
{449F566D-1FED-448C-B8AE-F35D2EC012F8} -> lport=10243 | profile=private | protocol=6 | dir=in | action=allow | [email protected],-31285 | app=system |
{54816172-EA81-49B1-99F8-0C830137082E} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | [email protected],-28548 | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{60ABB330-05CD-4345-A64F-1E20FE8C848C} -> rport=2177 | profile=private | protocol=6 | dir=out | action=allow | [email protected],-31265 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{615FF2C3-0679-40B5-B188-8734E3F9E189} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | [email protected],-28507 | app=system |
{6262D80E-72C8-429E-89CE-4E087D773A8B} -> rport=2177 | profile=private | protocol=17 | dir=out | action=allow | [email protected],-31257 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{62CF289E-4EC3-4ADC-ADDE-8CD56DA025D5} -> lport=3703 | profile=private | protocol=6 | dir=in | action=allow | name=adobe version cue cs4 server |
{62F635BB-A870-420E-AD6B-CC6924BAFB39} -> lport=51001 | profile=private | protocol=6 | dir=in | action=allow | name=adobe version cue cs4 server |
{901FC0E8-0136-4BDA-A79C-3D7FCB2DA49B} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | [email protected],-28539 | svc=rpcss |
{9125298D-36AD-48BB-918D-192BC7B4FD94} -> lport=2177 | profile=private | protocol=6 | dir=in | action=allow | [email protected],-31261 | app=%systemroot%\system32\svchost.exe | svc=qwave |
{99E773A5-7D44-4CF1-BBA4-99354280A290} -> lport=1900 | profile=private | protocol=17 | dir=in | action=allow | [email protected],-31269 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{9C225DCC-54F6-4D39-95A5-2CF642B6A54E} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | [email protected],-28511 | app=system |
{9C73E5C0-D9A4-4BB5-B1AC-F28CA9CD0686} -> lport=51000 | profile=private | protocol=6 | dir=in | action=allow | name=adobe version cue cs4 server |
{AADDC092-A562-45EE-8DBA-57EE9514B2C8} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | [email protected],-28503 | app=system |
{B4A842D6-70A5-46DB-B189-1BCE01D6AC54} -> lport=2869 | profile=private | protocol=6 | dir=in | action=allow | [email protected],-31277 | app=system |
{D343A60B-494F-4D46-B796-3403700AC79A} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | [email protected],-28527 | app=system |
{E03F43F7-BD16-4733-9D3E-796B0A623A94} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | [email protected],-28523 | app=system |
{F1FB15C9-A3EF-438A-B08F-E92644CA8880} -> rport=1900 | profile=private | protocol=17 | dir=out | action=allow | [email protected],-31273 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv |
{F516A9C6-D0D3-4A36-9C75-49A53A7601F8} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live messenger (upnp-in) | app=system |
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{0B11B61C-5751-47FF-A072-D9B94CD6324A} -> profile=private | protocol=17 | dir=out | action=allow | [email protected],-31297 | app=%programfiles%\windows media player\wmplayer.exe |
{194B84B7-B1DB-493E-A939-8D59E3B6AD7C} -> dir=in | action=allow | name=cyberlink powerdvd dx | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
{1ABEBF33-77F1-45B8-865B-9D0E99145325} -> profile=private | protocol=6 | dir=in | action=allow | [email protected],-31313 | app=%programfiles%\windows media player\wmpnetwk.exe |
{2A782777-1D9A-47BB-B06B-4698FDD08B0F} -> profile=private | protocol=17 | dir=in | action=allow | [email protected],-31003 | app=%programfiles%\windows media player\wmplayer.exe |
{329E0801-7DD4-4C2B-810B-3E2841EFA843} -> profile=private | protocol=6 | dir=out | action=allow | [email protected],-31025 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{37AF2AB5-C7CB-4225-8C13-1EF1A2BBA1BB} -> profile=private | protocol=17 | dir=in | action=allow | name=adobe version cue cs4 server | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
{4D37DAE9-98E0-4C4D-86C2-CEC9447829EC} -> profile=private | protocol=6 | dir=in | action=allow | name=adobe csi cs4 | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
{54E2DF0D-5F00-4044-BFD0-4F7FE85E4013} -> dir=in | action=allow | name=cyberlink powerdvd dx resident program | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
{557D73C4-C88E-4887-ACFA-3E9D9D1B8DCC} -> profile=private | protocol=17 | dir=in | action=allow | [email protected],-31305 | app=%programfiles%\windows media player\wmpnetwk.exe |
{5D5790BC-01C5-4590-8E06-DAAEECA47C9D} -> profile=private | protocol=58 | dir=out | action=allow | [email protected],-28546 |
{6259DCE5-A66A-4364-A4A2-55474BD812C4} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
{79A9670E-4737-46A5-9F78-C9C7263F2F32} -> profile=private | protocol=17 | dir=out | action=allow | [email protected],-31024 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{86475A40-0AF4-4CEE-995D-1B818DA5A893} -> profile=private | protocol=6 | dir=out | action=allow | [email protected],-31011 | app=%programfiles%\windows media player\wmplayer.exe |
{872D9AE8-10BF-4818-8C2B-C6111D244540} -> profile=private | protocol=6 | dir=out | action=allow | [email protected],-31301 | app=%programfiles%\windows media player\wmplayer.exe |
{8B98A53A-2CCB-42EB-8D32-2F2696F5A3AD} -> profile=private | protocol=6 | dir=in | action=allow | name=adobe version cue cs4 server | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
{8E4437DA-A5CC-419C-88D8-65514A1A362D} -> profile=private | protocol=58 | dir=in | action=allow | [email protected],-28545 |
{8F98E62B-A68E-4AD9-82BF-4E0B24C46C0F} -> profile=private | protocol=6 | dir=out | action=allow | [email protected],-31317 | app=%programfiles%\windows media player\wmpnetwk.exe |
{9E326FB7-535E-4127-B3BB-E2817EB7A0C6} -> dir=in | action=allow | name=windows live sync | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
{A359A936-1FEE-4B17-8C96-BD68030AA1FD} -> profile=private | protocol=17 | dir=in | action=allow | [email protected],-31293 | app=%programfiles%\windows media player\wmplayer.exe |
{A8677778-7117-4CB6-B551-087629EE825E} -> profile=domain | dir=in | action=allow | name=mcafee network agent | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
{AE31C8B1-13A1-48E2-A058-736DBA59ED0A} -> profile=private | protocol=17 | dir=in | action=allow | [email protected],-31023 | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{AE936A5D-00B1-4749-8300-2E38F561C7BD} -> profile=private | protocol=17 | dir=out | action=allow | [email protected],-31309 | app=%programfiles%\windows media player\wmpnetwk.exe |
{B6B729F3-D536-4CD8-A777-13D8053B89F2} -> profile=private | protocol=6 | dir=out | action=allow | [email protected],-31321 | app=%systemroot%\system32\svchost.exe | svc=upnphost |
{C8EDE9F7-6566-471C-B569-9A3D9126B329} -> profile=private | protocol=17 | dir=out | action=allow | [email protected],-31007 | app=%programfiles%\windows media player\wmplayer.exe |
{CB541C6E-21B6-4755-BE10-5620059A9D96} -> profile=private | protocol=17 | dir=in | action=allow | name=adobe csi cs4 | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
{CDC7D7A5-376C-4308-8855-7A9B3CF1EB58} -> profile=private | protocol=6 | dir=out | action=allow | [email protected],-31281 | app=system |
{E08E5825-D045-488C-902D-4C408CE9C1EA} -> profile=private | protocol=1 | dir=out | action=allow | [email protected],-28544 |
{F8A9F517-FE09-4798-B118-D904AAF5BF85} -> dir=in | action=allow | name=windows live call | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
{F9673B52-EFD9-442A-B8AA-4DAD555C61A6} -> profile=private | protocol=1 | dir=in | action=allow | [email protected],-28543 |
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/07/13 18:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
64bit-comfile [open] -> "%1" %*
64bit-exefile [open] -> "%1" %*
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

[Registry - Additional Scans - Safe List]
< 64bit-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
AppMgmt -> C:\Windows\SysNative\appmgmts.dll -> [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
64bit-batfile [open] -> "%1" %*
64bit-cmdfile [open] -> "%1" %*
64bit-comfile [open] -> "%1" %*
64bit-exefile [open] -> "%1" %*
64bit-htmlfile [print] -> rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
64bit-inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/13 20:39:13 | 000,010,240 | ---- | M] (Microsoft Corporation)
64bit-InternetShortcut [open] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l -> [2009/07/13 20:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation)
64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2009/07/13 20:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation)
64bit-piffile [open] -> "%1" %*
64bit-scrfile [config] -> "%1"
64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l
64bit-scrfile [open] -> "%1" /S
64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/13 20:39:01 | 000,344,576 | ---- | M] (Microsoft Corporation)
64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation)
64bit-Folder [open] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation)
64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation)
batfile [open] -> "%1" %* ->
cmdfile [open] -> "%1" %* ->
comfile [open] -> "%1" %* ->
cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2009/07/13 20:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation)
exefile [open] -> "%1" %* ->
htmlfile [print] -> rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" ->
inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2009/07/13 20:14:21 | 000,009,216 | ---- | M] (Microsoft Corporation)
piffile [open] -> "%1" %* ->
scrfile [config] -> "%1" ->
scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l ->
scrfile [open] -> "%1" /S ->
Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 ->
Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/13 20:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation)
Directory [find] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation)
Folder [open] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation)
Drive [find] -> %SystemRoot%\Explorer.exe -> [2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation)
< 64bit-Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{02AD9D20-03D2-4DE0-8793-E8253026AD86} -> EMCGadgets64
{05BFB060-4F22-4710-B0A2-2801A1B606C5} -> Microsoft Antimalware
{257F446A-01ED-739C-16B8-237498DEDDDF} -> ccc-utility64
{26A24AE4-039D-4CA4-87B4-2F86416014FF} -> Java™ 6 Update 14 (64-bit)
{295CFB7C-A57E-4313-93E7-68E7CE1D0332} -> Adobe WinSoft Linguistics Plugin x64
{2D74E972-5A85-44DC-9193-8A302BA8C181} -> Photoshop Camera Raw_x64
{42738DB0-FC3E-4672-A99B-9372F5696E30} -> Microsoft Security Client
{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} -> Roxio File Backup
{624C7F0A-89B2-4C49-9CAB-9D69613EC95A} -> Microsoft IntelliPoint 8.2
{6631325A-9B1B-4EE7-8E64-8CC4A6F10643} -> Adobe Fonts All x64
{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0} -> Microsoft IntelliType Pro 8.2
{8875A1C0-6308-4790-8CF6-D34E89880052} -> Adobe Linguistics CS4 x64
{887797BF-37A5-4199-B0C9-0D38D6196E9A} -> Adobe Anchor Service x64 CS4
{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762} -> Adobe Type Support x64 CS4
{8DAA31EB-6830-4006-A99F-4DF8AB24714F} -> Adobe CSI CS4 x64
{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05} -> Dell Edoc Viewer
{90BA8112-80B3-4617-A3C1-BD2771B60F74} -> Adobe CMaps x64 CS4
{95120000-00B9-0409-1000-0000000FF1CE} -> Microsoft Application Error Reporting
{A3454894-144A-4D80-B605-C128FE0D7329} -> Adobe Drive CS4 x64
{B37A99DD-88E2-4ED0-80B4-1E054AB354BF} -> Adobe InDesign CS4 Icon Handler x64
{D40172D6-CE2D-4B72-BF5F-26A04A900B7B} -> Adobe Photoshop CS4 (64 Bit)
{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E} -> VD64Inst
{DFFABE78-8173-4E97-9C5C-22FB26192FC5} -> Adobe PDF Library Files x64 CS4
{E60B7350-EA5F-41E0-9D6F-E508781E36D2} -> Dell Dock
{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} -> Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile -> Microsoft .NET Framework 4 Client Profile
Microsoft IntelliPoint 8.2 -> Microsoft IntelliPoint 8.2
Microsoft IntelliType Pro 8.2 -> Microsoft IntelliType Pro 8.2
Microsoft Security Client -> Microsoft Security Essentials
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{00ADFB20-AE75-46F4-AD2C-F48B15AC3100} -> Adobe Color NA Recommended Settings CS4
{0301AC02-D87B-27E9-9429-7E4BB52D9183} -> CCC Help German
{03DEEAD2-F3B7-45BF-9006-A25D015F00D2} -> Adobe Flash Player 10 Plugin
{05308C4E-7285-4066-BAE3-6B50DA6ED755} -> Adobe Update Manager CS4
{054EFA56-2AC1-48F4-A883-0AB89874B972} -> Adobe Extension Manager CS4
{055EE59D-217B-43A7-ABFF-507B966405D8} -> ATI Catalyst Control Center
{08E81ABD-79F7-49C2-881F-FD6CB0975693} -> Roxio Central Data
{098122AB-C605-4853-B441-C0A4EB359B75} -> DirectXInstallService
{098727E1-775A-4450-B573-3F441F1CA243} -> kuler
{0D6013AB-A0C7-41DC-973C-E93129C9A29F} -> Adobe Color JA Extra Settings CS4
{0F723FC1-7606-4867-866C-CE80AD292DAF} -> Adobe CSI CS4
{1350DD04-57AD-6278-3F4D-D4281EEE7C5C} -> Catalyst Control Center Graphics Full New
{15BC8CD0-A65B-47D0-A2DD-90A824590FA8} -> Microsoft Works
{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B} -> Adobe SGM CS4
{1618734A-3957-4ADD-8199-F973763109A8} -> Adobe Anchor Service CS4
{16E16F01-2E2D-4248-A42F-76261C147B6C} -> Adobe Drive CS4
{16E6D2C1-7C90-4309-8EC4-D2212690AAA4} -> AdobeColorCommonSetRGB
{178832DE-9DE0-4C87-9F82-9315A9B03985} -> Windows Live Writer
{197A3012-8C85-4FD3-AB66-9EC7E13DB92E} -> Adobe AIR
{1A6842E0-3047-BD62-9A28-5A7743D88E2A} -> Catalyst Control Center InstallProxy
{1B7C06E1-4888-47A6-992A-0990B9683486} -> Adobe Version Cue CS4 Server
{1DCA3EAA-6EB5-4563-A970-EA14D75037BA} -> Adobe InDesign CS4
{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1} -> Adobe InDesign CS4 Icon Handler
{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4} -> Roxio Central Tools
{205C6BDD-7B73-42DE-8505-9A093F35A238} -> Windows Live Upload Tool
{2168245A-B5AD-40D8-A641-48E3E070B5B6} -> Adobe Flash CS4 STI-en
{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT
{26A24AE4-039D-4CA4-87B4-2F83216014FF} -> Java™ 6 Update 14
{2BAF2B96-7560-48B4-87D4-10178DDBE217} -> Adobe InDesign CS4 Application Feature Set Files (Roman)
{30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Roxio Update Manager
{305CAF40-92F0-12ED-8B28-926B011788E4} -> CCC Help Spanish
{30C8AA56-4088-426F-91D1-0EDFD3A25678} -> Adobe Dreamweaver CS4
{34D6DE28-4FD0-9CCA-CDB4-316F7B3B30B5} -> CCC Help Portuguese
{35D94F92-1D3A-43C5-8605-EA268B1A7BD9} -> PDF Settings CS4
{39F6E2B4-CFE8-C30A-66E8-489651F0F34C} -> Adobe Media Player
{3A4E8896-C2E7-4084-A4A4-B8FD1894E739} -> Adobe XMP Panels CS4
{3A6829EF-0791-4FDD-9382-C690DD0821B9} -> Adobe Flash Player 10 ActiveX
{3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform
{3D2C9DE6-9ADE-4252-A241-E43723B0CE02} -> Adobe Color - Photoshop Specific CS4
{3D5044A5-97B8-45C0-B956-BB2376569188} -> Windows Live Movie Maker
{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF} -> Adobe WinSoft Linguistics Plugin
{428FDF9F-E010-4C4C-A8BB-156960AFCA1C} -> Adobe Fireworks CS4
{43509E18-076E-40FE-AF38-CA5ED400A5A9} -> Pixel Bender Toolkit
{45338B07-A236-4270-9A77-EBB4115517B5} -> Windows Live Sign-in Assistant
{4943EFF5-229F-435D-BEA9-BE3CAEA783A7} -> Adobe Service Manager Extension
{4A52555C-032A-4083-BDD9-6A85ABFB39A8} -> Adobe SING CS4
{5089AEEE-052D-B75F-0B92-7CF981403025} -> Catalyst Control Center Graphics Light
{537BF16E-7412-448C-95D8-846E85A1D817} -> Roxio Easy CD and DVD Burning
{54741B98-6335-43A1-C716-25B0A3C4016C} -> Catalyst Control Center Graphics Previews Common
{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4} -> Adobe Color EU Extra Settings CS4
{5A06423A-210C-49FB-950E-CB0EB8C5CEC7} -> Roxio BackOnTrack
{5B94A120-16E7-6034-7494-22285B471EDE} -> CCC Help Hungarian
{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D} -> Adobe Dynamiclink Support
{612B5D2E-8084-4102-91DE-24281E4EFB2C} -> Roxio Easy CD and DVD Burning
{63C24A08-70F3-4C8E-B9FB-9F21A903801D} -> Adobe Color Video Profiles CS CS4
{63E5CDBF-8214-4F03-84F8-CD3CE48639AD} -> Adobe Photoshop CS4 Support
{6412CECE-8172-4BE5-935B-6CECACD2CA87} -> Windows Live Mail
{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Roxio Express Labeler 3
{67F0E67A-8E93-4C2C-B29D-47C48262738A} -> Adobe Device Central CS4
{6811CAA0-BF12-11D4-9EA1-0050BAE317E1} -> PowerDVD DX
{68243FF8-83CA-466B-B2B8-9F99DA5479C4} -> AdobeColorCommonSetCMYK
{6E9D082B-F681-64AB-48B4-F3EC05D3A83F} -> CCC Help Chinese Traditional
{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83} -> Roxio Central Audio
{793D1D88-6141-43DE-BE58-59BCE31B4090} -> Adobe Flash CS4 Extension - Flash Lite STI en
{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C} -> Adobe InDesign CS4 Common Base Files
{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045} -> Dell Getting Started Guide
{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} -> Windows Live Essentials
{8186FF34-D389-4B7E-9A2F-C197585BCFBD} -> Adobe Media Encoder CS4 Importer
{81CB0C83-5928-3387-AB23-10EC5F767FA8} -> CCC Help Turkish
{820D3F45-F6EE-4AAF-81EF-CE21FF21D230} -> Adobe Type Support CS4
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
{83877DB1-8B77-45BC-AB43-2BAC22E093E0} -> Adobe Bridge CS4
{842B4B72-9E8F-4962-B3C1-1C422A5C4434} -> Suite Shared Configuration CS4
{846B1C55-76D0-0DA3-8C12-10596CBB15BD} -> CCC Help Italian
{846D0802-8606-7452-85FF-A71EB1B8AD6D} -> Catalyst Control Center Localization All
{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1} -> Windows Live Sync
{87532CAB-7932-4F84-8937-823337622807} -> Adobe Illustrator CS4
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8A74E887-8F0F-4017-AF53-CBA42211AAA5} -> Microsoft Sync Framework Runtime Native v1.0 (x86)
{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B} -> Sonic CinePlayer Decoder Pack
{8DCE118A-1F3C-B056-D2A8-F832523C357C} -> CCC Help English
{90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system
{931AB7EA-3656-4BB7-864D-022B09E3DD67} -> Adobe Linguistics CS4
{94D398EB-D2FD-4FD1-B8C4-592635E8A191} -> Adobe CMaps CS4
{95120000-00AF-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (English)
{96B1A291-2654-4415-59B4-AC90D29C3E1E} -> Catalyst Control Center Core Implementation
{995F1E2E-F542-4310-8E1D-9926F5A279B3} -> Windows Live Toolbar
{9A968BD3-88AF-B4D0-CA9A-78F4EF9FA23B} -> CCC Help Chinese Standard
{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} -> Microsoft Search Enhancement Pack
{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400} -> Multimedia Card Reader
{A128921B-D03F-4BFB-8141-C365AA48D660} -> Adobe Setup
{A2881E09-38DB-4F79-9135-00FDA01768A7} -> Adobe Creative Suite 4 Design Premium
{A52D8A45-B3A1-0022-B096-A0033B03E01F} -> Catalyst Control Center Graphics Full Existing
{A69D7B32-2BE9-42BF-B576-69B5E0FF7394} -> Catalyst Control Center - Branding
{A85FD55B-891B-4314-97A5-EA96C0BD80B5} -> Windows Live Messenger
{AC76BA86-1033-F400-7760-000000000004} -> Adobe Acrobat 9 Pro - English, Français, Deutsch
{AC76BA86-7AD7-1033-7B44-A91000000001} -> Adobe Reader 9.1.2
{AE3BFAC5-A07A-7845-C576-0CB832E4B0AD} -> Skins
{B29AD377-CC12-490A-A480-1452337C618D} -> Connect
{B4ECB428-6A8D-8D53-4E76-1CEE7AC4BF32} -> CCC Help French
{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494} -> Adobe Photoshop CS4
{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD} -> Roxio Central Copy
{B76D6D09-16D6-DF95-F7D7-2565E88B88BA} -> Catalyst Control Center Graphics Previews Vista
{B9F4561A-924D-4510-A85A-BB0960C338CB} -> Adobe Asset Services CS4
{BB4E33EC-8181-4685-96F7-8554293DEC6A} -> Adobe Output Module
{BD3E0D67-D90D-3CA6-DE34-22B56D425136} -> CCC Help Japanese
{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} -> Microsoft Sync Framework Services Native v1.0 (x86)
{C52E3EC1-048C-45E1-8D53-10B0C6509683} -> Adobe Default Language CS4
{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B} -> Acrobat.com
{CAADA7C7-23DA-455C-BB38-0DA4BEBA2800} -> Command WorkStation 5.1.1.04
{CC75AB5C-2110-4A7F-AF52-708680D22FE8} -> Photoshop Camera Raw
{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA} -> Windows Live Photo Gallery
{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E} -> Adobe Media Encoder CS4
{E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update
{EC877639-07AB-495C-BFD1-D63AF9140810} -> Roxio Activation Module
{ED439A64-F018-4DD4-8BA5-328D85AB09AB} -> Roxio Central Core
{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU]
{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard
{F0E64E2E-3A60-40D8-A55D-92F6831875DA} -> Adobe Search for Help
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F6BD194C-4190-4D73-B1B1-C48C99921BFE} -> Windows Live Call
{F6E99614-F042-4459-82B7-8B38B2601356} -> Adobe Flash CS4
{F8B250A2-582A-6C80-108F-AA68E64A6F03} -> CCC Help Korean
{F8EF2B3F-C345-4F20-8FE4-791A20333CD5} -> Adobe ExtendScript Toolkit CS4
{F93C84A6-0DC6-42AF-89FA-776F7C377353} -> Adobe PDF Library Files CS4
{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794} -> Adobe Fonts All
{FD040188-43B3-2C49-A8BF-5B0458031AED} -> ccc-core-static
{FDB46DE7-9045-47BB-970A-3E4ED5369E03} -> EMC 10 Content
Adobe AIR -> Adobe AIR
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Adobe_55230b0b70661df0f212e88f0b655f7 -> Adobe Creative Suite 4 Design Premium
com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Adobe Media Player
com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 -> Acrobat.com
InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400} -> Multimedia Card Reader
WinLiveSuite_Wave3 -> Windows Live Essentials

[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Users\Heintje\Desktop\OTS.exe -> [2011/12/05 09:30:22 | 000,646,144 | ---- | C] (OldTimer Tools)
PM4_64bit -> C:\Users\Heintje\Desktop\PM4_64bit -> [2011/12/05 08:21:15 | 000,000,000 | ---D | C]
Xerox -> C:\Users\Heintje\AppData\Roaming\Xerox -> [2011/12/05 08:09:26 | 000,000,000 | ---D | C]
Xerox -> C:\ProgramData\Xerox -> [2011/12/05 08:08:41 | 000,000,000 | ---D | C]
Xerox -> C:\Xerox -> [2011/12/05 08:00:44 | 000,000,000 | ---D | C]
Microsoft Security Client -> C:\Program Files (x86)\Microsoft Security Client -> [2011/12/05 07:35:52 | 000,000,000 | ---D | C]
Microsoft Security Client -> C:\Program Files\Microsoft Security Client -> [2011/12/05 07:35:37 | 000,000,000 | ---D | C]
netio.sys -> C:\Windows\SysNative\drivers\netio.sys -> [2011/12/05 07:35:22 | 000,374,664 | ---- | C] (Microsoft Corporation)
MCPR.exe -> C:\Users\Heintje\Desktop\MCPR.exe -> [2011/12/05 07:11:38 | 001,832,544 | ---- | C] (McAfee, Inc.)
Microsoft.NET -> C:\Program Files (x86)\Microsoft.NET -> [2011/12/05 07:01:02 | 000,000,000 | ---D | C]
MSXML 4.0 -> C:\Program Files (x86)\MSXML 4.0 -> [2011/12/03 11:29:41 | 000,000,000 | ---D | C]
Wat -> C:\Windows\SysWow64\Wat -> [2011/12/03 11:28:46 | 000,000,000 | ---D | C]
Wat -> C:\Windows\SysNative\Wat -> [2011/12/03 11:28:46 | 000,000,000 | ---D | C]
mseinstall.exe -> C:\Users\Heintje\Desktop\mseinstall.exe -> [2011/12/03 11:26:06 | 010,165,440 | ---- | C] (Microsoft Corporation)
FLEXnet -> C:\ProgramData\FLEXnet -> [2011/12/03 11:10:36 | 000,000,000 | ---D | C]
Adobe -> C:\Program Files\Adobe -> [2011/12/03 11:09:50 | 000,000,000 | ---D | C]
ALM -> C:\ProgramData\ALM -> [2011/12/03 11:07:00 | 000,000,000 | ---D | C]
AdobePDFUI.dll -> C:\Windows\SysNative\AdobePDFUI.dll -> [2011/12/03 11:02:39 | 000,024,416 | R--- | C] (Adobe Systems Inc.)
CSC -> C:\Windows\CSC -> [2011/12/03 11:00:25 | 000,000,000 | ---D | C]
System Volume Information -> C:\System Volume Information -> [2011/12/03 10:58:39 | 000,000,000 | -HSD | C]
Adobe Media Player -> C:\Program Files (x86)\Adobe Media Player -> [2011/12/03 10:57:15 | 000,000,000 | ---D | C]
Adobe -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe -> [2011/12/03 10:57:15 | 000,000,000 | ---D | C]
Adobe AIR -> C:\Program Files (x86)\Common Files\Adobe AIR -> [2011/12/03 10:56:27 | 000,000,000 | ---D | C]
Adobe Design Premium CS4 -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS4 -> [2011/12/03 10:56:12 | 000,000,000 | ---D | C]
Macrovision Shared -> C:\Program Files\Common Files\Macrovision Shared -> [2011/12/03 10:55:18 | 000,000,000 | ---D | C]
Adobe -> C:\Program Files\Common Files\Adobe -> [2011/12/03 10:55:18 | 000,000,000 | ---D | C]
Macrovision Shared -> C:\Program Files (x86)\Common Files\Macrovision Shared -> [2011/12/03 10:54:09 | 000,000,000 | ---D | C]
Identities -> C:\Users\Heintje\AppData\Roaming\Identities -> [2011/12/03 10:03:30 | 000,000,000 | ---D | C]
Contacts -> C:\Users\Heintje\Contacts -> [2011/12/03 10:03:29 | 000,000,000 | R--D | C]
VirtualStore -> C:\Users\Heintje\AppData\Local\VirtualStore -> [2011/12/03 10:03:26 | 000,000,000 | ---D | C]
wintrust.dll -> C:\Windows\SysNative\wintrust.dll -> [2011/12/03 10:03:23 | 000,220,672 | ---- | C] (Microsoft Corporation)
cabview.dll -> C:\Windows\SysNative\cabview.dll -> [2011/12/03 10:03:22 | 000,139,264 | ---- | C] (Microsoft Corporation)
cabview.dll -> C:\Windows\SysWow64\cabview.dll -> [2011/12/03 10:03:22 | 000,132,608 | ---- | C] (Microsoft Corporation)
Microsoft -> C:\Users\Heintje\AppData\Roaming\Microsoft -> [2011/12/03 10:02:22 | 000,000,000 | --SD | C]
Videos -> C:\Users\Heintje\Videos -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Startup -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Saved Games -> C:\Users\Heintje\Saved Games -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Pictures -> C:\Users\Heintje\Pictures -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Music -> C:\Users\Heintje\Music -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Maintenance -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Links -> C:\Users\Heintje\Links -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Favorites -> C:\Users\Heintje\Favorites -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Downloads -> C:\Users\Heintje\Downloads -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Documents -> C:\Users\Heintje\Documents -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Desktop -> C:\Users\Heintje\Desktop -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Accessories -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories -> [2011/12/03 10:02:22 | 000,000,000 | R--D | C]
Temporary Internet Files -> C:\Users\Heintje\AppData\Local\Temporary Internet Files -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
Templates -> C:\Users\Heintje\Templates -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
Start Menu -> C:\Users\Heintje\Start Menu -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
SendTo -> C:\Users\Heintje\SendTo -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
Recent -> C:\Users\Heintje\Recent -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
PrintHood -> C:\Users\Heintje\PrintHood -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
NetHood -> C:\Users\Heintje\NetHood -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
My Videos -> C:\Users\Heintje\Documents\My Videos -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
My Pictures -> C:\Users\Heintje\Documents\My Pictures -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
My Music -> C:\Users\Heintje\Documents\My Music -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
My Documents -> C:\Users\Heintje\My Documents -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
Local Settings -> C:\Users\Heintje\Local Settings -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
History -> C:\Users\Heintje\AppData\Local\History -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
Cookies -> C:\Users\Heintje\Cookies -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
Application Data -> C:\Users\Heintje\Application Data -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
Application Data -> C:\Users\Heintje\AppData\Local\Application Data -> [2011/12/03 10:02:22 | 000,000,000 | -HSD | C]
AppData -> C:\Users\Heintje\AppData -> [2011/12/03 10:02:22 | 000,000,000 | -H-D | C]
Temp -> C:\Users\Heintje\AppData\Local\Temp -> [2011/12/03 10:02:22 | 000,000,000 | ---D | C]
Microsoft -> C:\Users\Heintje\AppData\Local\Microsoft -> [2011/12/03 10:02:22 | 000,000,000 | ---D | C]
Media Center Programs -> C:\Users\Heintje\AppData\Roaming\Media Center Programs -> [2011/12/03 10:02:22 | 000,000,000 | ---D | C]
dfshim.dll -> C:\Windows\SysNative\dfshim.dll -> [2011/12/03 10:02:14 | 001,942,856 | ---- | C] (Microsoft Corporation)
dfshim.dll -> C:\Windows\SysWow64\dfshim.dll -> [2011/12/03 10:02:14 | 001,130,824 | ---- | C] (Microsoft Corporation)
PresentationHost.exe -> C:\Windows\SysNative\PresentationHost.exe -> [2011/12/03 10:02:14 | 000,320,352 | ---- | C] (Microsoft Corporation)
PresentationHost.exe -> C:\Windows\SysWow64\PresentationHost.exe -> [2011/12/03 10:02:14 | 000,295,264 | ---- | C] (Microsoft Corporation)
PresentationHostProxy.dll -> C:\Windows\SysNative\PresentationHostProxy.dll -> [2011/12/03 10:02:14 | 000,109,912 | ---- | C] (Microsoft Corporation)
PresentationHostProxy.dll -> C:\Windows\SysWow64\PresentationHostProxy.dll -> [2011/12/03 10:02:14 | 000,099,176 | ---- | C] (Microsoft Corporation)
netfxperf.dll -> C:\Windows\SysWow64\netfxperf.dll -> [2011/12/03 10:02:14 | 000,049,472 | ---- | C] (Microsoft Corporation)
netfxperf.dll -> C:\Windows\SysNative\netfxperf.dll -> [2011/12/03 10:02:14 | 000,048,960 | ---- | C] (Microsoft Corporation)
Microsoft Mouse -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse -> [2011/12/03 09:58:09 | 000,000,000 | ---D | C]
Microsoft IntelliPoint -> C:\Program Files\Microsoft IntelliPoint -> [2011/12/03 09:57:54 | 000,000,000 | ---D | C]
Fiery -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiery -> [2011/12/03 09:52:44 | 000,000,000 | ---D | C]
IscDbc.dll -> C:\Windows\SysWow64\IscDbc.dll -> [2011/12/03 09:48:46 | 000,274,432 | ---- | C] (IBPhoenix Inc.)
OdbcJdbcMT.dll -> C:\Windows\SysWow64\OdbcJdbcMT.dll -> [2011/12/03 09:48:46 | 000,262,144 | ---- | C] (IBPhoenix Inc)
OdbcJdbc.dll -> C:\Windows\SysWow64\OdbcJdbc.dll -> [2011/12/03 09:48:46 | 000,253,952 | ---- | C] (IBPhoenix Inc)
OdbcJdbcSetup.dll -> C:\Windows\SysWow64\OdbcJdbcSetup.dll -> [2011/12/03 09:48:46 | 000,155,648 | ---- | C] (IBPhoenix Inc.)
Microsoft Keyboard -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard -> [2011/12/03 09:46:56 | 000,000,000 | ---D | C]
Microsoft IntelliType Pro -> C:\Program Files\Microsoft IntelliType Pro -> [2011/12/03 09:46:14 | 000,000,000 | ---D | C]
Adobe -> C:\Users\Heintje\AppData\Local\Adobe -> [2011/12/03 09:38:28 | 000,000,000 | ---D | C]
aksusb.sys -> C:\Windows\SysWow64\drivers\aksusb.sys -> [2011/12/03 09:34:58 | 000,019,968 | ---- | C] (Aladdin Knowledge Systems)
inf -> C:\Windows\SysWow64\inf -> [2011/12/03 09:34:58 | 000,000,000 | ---D | C]
spool -> C:\Windows\SysWow64\spool -> [2011/12/03 09:34:51 | 000,000,000 | ---D | C]
msfeeds.dll -> C:\Windows\SysNative\msfeeds.dll -> [2011/12/03 09:34:00 | 000,703,488 | ---- | C] (Microsoft Corporation)
iepeers.dll -> C:\Windows\SysNative\iepeers.dll -> [2011/12/03 09:34:00 | 000,256,000 | ---- | C] (Microsoft Corporation)
iepeers.dll -> C:\Windows\SysWow64\iepeers.dll -> [2011/12/03 09:33:59 | 000,185,856 | ---- | C] (Microsoft Corporation)
licmgr10.dll -> C:\Windows\SysNative\licmgr10.dll -> [2011/12/03 09:33:59 | 000,057,856 | ---- | C] (Microsoft Corporation)
licmgr10.dll -> C:\Windows\SysWow64\licmgr10.dll -> [2011/12/03 09:33:59 | 000,044,544 | ---- | C] (Microsoft Corporation)
ieui.dll -> C:\Windows\SysNative\ieui.dll -> [2011/12/03 09:33:58 | 000,247,808 | ---- | C] (Microsoft Corporation)
ieui.dll -> C:\Windows\SysWow64\ieui.dll -> [2011/12/03 09:33:58 | 000,176,640 | ---- | C] (Microsoft Corporation)
url.dll -> C:\Windows\SysNative\url.dll -> [2011/12/03 09:33:58 | 000,134,144 | ---- | C] (Microsoft Corporation)
url.dll -> C:\Windows\SysWow64\url.dll -> [2011/12/03 09:33:58 | 000,132,096 | ---- | C] (Microsoft Corporation)
mshtmled.dll -> C:\Windows\SysNative\mshtmled.dll -> [2011/12/03 09:33:58 | 000,097,280 | ---- | C] (Microsoft Corporation)
mshtmled.dll -> C:\Windows\SysWow64\mshtmled.dll -> [2011/12/03 09:33:58 | 000,067,072 | ---- | C] (Microsoft Corporation)
msfeedssync.exe -> C:\Windows\SysWow64\msfeedssync.exe -> [2011/12/03 09:33:57 | 000,012,800 | ---- | C] (Microsoft Corporation)
msfeedssync.exe -> C:\Windows\SysNative\msfeedssync.exe -> [2011/12/03 09:33:57 | 000,012,288 | ---- | C] (Microsoft Corporation)
html.iec -> C:\Windows\SysNative\html.iec -> [2011/12/03 09:33:56 | 000,482,816 | ---- | C] (Microsoft Corporation)
html.iec -> C:\Windows\SysWow64\html.iec -> [2011/12/03 09:33:56 | 000,386,048 | ---- | C] (Microsoft Corporation)
winload.efi -> C:\Windows\SysNative\winload.efi -> [2011/12/03 09:33:45 | 000,640,896 | ---- | C] (Microsoft Corporation)
winload.exe -> C:\Windows\SysNative\winload.exe -> [2011/12/03 09:33:45 | 000,603,976 | ---- | C] (Microsoft Corporation)
winresume.efi -> C:\Windows\SysNative\winresume.efi -> [2011/12/03 09:33:45 | 000,556,928 | ---- | C] (Microsoft Corporation)
winresume.exe -> C:\Windows\SysNative\winresume.exe -> [2011/12/03 09:33:45 | 000,518,160 | ---- | C] (Microsoft Corporation)
kdusb.dll -> C:\Windows\SysNative\kdusb.dll -> [2011/12/03 09:33:45 | 000,020,352 | ---- | C] (Microsoft Corporation)
kd1394.dll -> C:\Windows\SysNative\kd1394.dll -> [2011/12/03 09:33:45 | 000,019,328 | ---- | C] (Microsoft Corporation)
kdcom.dll -> C:\Windows\SysNative\kdcom.dll -> [2011/12/03 09:33:45 | 000,017,792 | ---- | C] (Microsoft Corporation)
dnsapi.dll -> C:\Windows\SysNative\dnsapi.dll -> [2011/12/03 09:33:33 | 000,356,352 | ---- | C] (Microsoft Corporation)
dnscacheugc.exe -> C:\Windows\SysNative\dnscacheugc.exe -> [2011/12/03 09:33:32 | 000,030,208 | ---- | C] (Microsoft Corporation)
dnscacheugc.exe -> C:\Windows\SysWow64\dnscacheugc.exe -> [2011/12/03 09:33:32 | 000,028,672 | ---- | C] (Microsoft Corporation)
jscript.dll -> C:\Windows\SysNative\jscript.dll -> [2011/12/03 09:33:26 | 000,852,480 | ---- | C] (Microsoft Corporation)
jscript.dll -> C:\Windows\SysWow64\jscript.dll -> [2011/12/03 09:33:26 | 000,716,800 | ---- | C] (Microsoft Corporation)
vbscript.dll -> C:\Windows\SysNative\vbscript.dll -> [2011/12/03 09:33:26 | 000,612,352 | ---- | C] (Microsoft Corporation)
prevhost.exe -> C:\Windows\SysWow64\prevhost.exe -> [2011/12/03 09:33:21 | 000,031,232 | ---- | C] (Microsoft Corporation)
prevhost.exe -> C:\Windows\SysNative\prevhost.exe -> [2011/12/03 09:33:21 | 000,031,232 | ---- | C] (Microsoft Corporation)
kernel32.dll -> C:\Windows\SysNative\kernel32.dll -> [2011/12/03 09:33:12 | 001,162,240 | ---- | C] (Microsoft Corporation)
KernelBase.dll -> C:\Windows\SysNative\KernelBase.dll -> [2011/12/03 09:33:12 | 000,422,400 | ---- | C] (Microsoft Corporation)
wow64win.dll -> C:\Windows\SysNative\wow64win.dll -> [2011/12/03 09:33:11 | 000,362,496 | ---- | C] (Microsoft Corporation)
conhost.exe -> C:\Windows\SysNative\conhost.exe -> [2011/12/03 09:33:11 | 000,338,432 | ---- | C] (Microsoft Corporation)
wow64.dll -> C:\Windows\SysNative\wow64.dll -> [2011/12/03 09:33:11 | 000,243,200 | ---- | C] (Microsoft Corporation)
winsrv.dll -> C:\Windows\SysNative\winsrv.dll -> [2011/12/03 09:33:11 | 000,214,528 | ---- | C] (Microsoft Corporation)
setup16.exe -> C:\Windows\SysWow64\setup16.exe -> [2011/12/03 09:33:10 | 000,025,600 | ---- | C] (Microsoft Corporation)
ntvdm64.dll -> C:\Windows\SysNative\ntvdm64.dll -> [2011/12/03 09:33:10 | 000,016,384 | ---- | C] (Microsoft Corporation)
ntvdm64.dll -> C:\Windows\SysWow64\ntvdm64.dll -> [2011/12/03 09:33:09 | 000,014,336 | ---- | C] (Microsoft Corporation)
wow64cpu.dll -> C:\Windows\SysNative\wow64cpu.dll -> [2011/12/03 09:33:09 | 000,013,312 | ---- | C] (Microsoft Corporation)
instnm.exe -> C:\Windows\SysWow64\instnm.exe -> [2011/12/03 09:33:09 | 000,007,680 | ---- | C] (Microsoft Corporation)
api-ms-win-core-libraryloader-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll -> [2011/12/03 09:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-libraryloader-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll -> [2011/12/03 09:33:09 | 000,003,584 | -H-- | C] (Microsoft Corporation)
wow32.dll -> C:\Windows\SysWow64\wow32.dll -> [2011/12/03 09:33:08 | 000,005,120 | ---- | C] (Microsoft Corporation)
api-ms-win-core-file-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll -> [2011/12/03 09:33:06 | 000,005,120 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-file-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll -> [2011/12/03 09:33:06 | 000,005,120 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-heap-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll -> [2011/12/03 09:33:06 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-string-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll -> [2011/12/03 09:33:06 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-security-base-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,006,144 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-threadpool-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,004,608 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-sysinfo-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,004,096 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-sysinfo-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,004,096 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-synch-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,004,096 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-synch-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,004,096 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-xstate-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-util-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll -> [2011/12/03 09:33:05 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-processthreads-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,004,608 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-misc-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,004,096 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-rtlsupport-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-processenvironment-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-processenvironment-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-namedpipe-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-namedpipe-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-misc-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-memory-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-string-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-rtlsupport-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-profile-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-profile-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll -> [2011/12/03 09:33:04 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-localregistry-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,004,096 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-localregistry-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,004,096 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-memory-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-interlocked-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-heap-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-io-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-io-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-interlocked-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll -> [2011/12/03 09:33:03 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-security-base-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,006,144 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-threadpool-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,004,608 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-processthreads-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,004,608 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-xstate-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,584 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-handle-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-handle-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-fibers-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-fibers-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-errorhandling-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-errorhandling-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-delayload-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-delayload-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-debug-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-debug-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-datetime-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-datetime-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll -> [2011/12/03 09:33:02 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-localization-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll -> [2011/12/03 09:33:01 | 000,004,096 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-localization-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll -> [2011/12/03 09:33:01 | 000,004,096 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-util-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll -> [2011/12/03 09:33:01 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-console-l1-1-0.dll -> C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll -> [2011/12/03 09:33:01 | 000,003,072 | -H-- | C] (Microsoft Corporation)
api-ms-win-core-console-l1-1-0.dll -> C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll -> [2011/12/03 09:33:01 | 000,003,072 | -H-- | C] (Microsoft Corporation)
user.exe -> C:\Windows\SysWow64\user.exe -> [2011/12/03 09:32:57 | 000,002,048 | ---- | C] (Microsoft Corporation)
xmllite.dll -> C:\Windows\SysNative\xmllite.dll -> [2011/12/03 09:31:20 | 000,199,680 | ---- | C] (Microsoft Corporation)
lsasrv.dll -> C:\Windows\SysNative\lsasrv.dll -> [2011/12/03 09:31:00 | 001,446,912 | ---- | C] (Microsoft Corporation)
taskschd.dll -> C:\Windows\SysNative\taskschd.dll -> [2011/12/03 09:30:48 | 001,169,408 | ---- | C] (Microsoft Corporation)
wmicmiplugin.dll -> C:\Windows\SysNative\wmicmiplugin.dll -> [2011/12/03 09:30:48 | 000,524,288 | ---- | C] (Microsoft Corporation)
taskschd.dll -> C:\Windows\SysWow64\taskschd.dll -> [2011/12/03 09:30:48 | 000,496,128 | ---- | C] (Microsoft Corporation)
taskcomp.dll -> C:\Windows\SysNative\taskcomp.dll -> [2011/12/03 09:30:48 | 000,473,600 | ---- | C] (Microsoft Corporation)
taskeng.exe -> C:\Windows\SysNative\taskeng.exe -> [2011/12/03 09:30:48 | 000,464,384 | ---- | C] (Microsoft Corporation)
taskcomp.dll -> C:\Windows\SysWow64\taskcomp.dll -> [2011/12/03 09:30:47 | 000,305,152 | ---- | C] (Microsoft Corporation)
schtasks.exe -> C:\Windows\SysNative\schtasks.exe -> [2011/12/03 09:30:47 | 000,285,696 | ---- | C] (Microsoft Corporation)
schtasks.exe -> C:\Windows\SysWow64\schtasks.exe -> [2011/12/03 09:30:47 | 000,179,712 | ---- | C] (Microsoft Corporation)
d3d10warp.dll -> C:\Windows\SysNative\d3d10warp.dll -> [2011/12/03 09:30:38 | 001,837,568 | ---- | C] (Microsoft Corporation)
d2d1.dll -> C:\Windows\SysNative\d2d1.dll -> [2011/12/03 09:30:38 | 000,902,656 | ---- | C] (Microsoft Corporation)
mf.dll -> C:\Windows\SysNative\mf.dll -> [2011/12/03 09:30:37 | 004,068,864 | ---- | C] (Microsoft Corporation)
mf.dll -> C:\Windows\SysWow64\mf.dll -> [2011/12/03 09:30:37 | 003,181,568 | ---- | C] (Microsoft Corporation)
WMVDECOD.DLL -> C:\Windows\SysNative\WMVDECOD.DLL -> [2011/12/03 09:30:37 | 001,888,256 | ---- | C] (Microsoft Corporation)
DWrite.dll -> C:\Windows\SysNative\DWrite.dll -> [2011/12/03 09:30:37 | 001,540,608 | ---- | C] (Microsoft Corporation)
ExplorerFrame.dll -> C:\Windows\SysNative\ExplorerFrame.dll -> [2011/12/03 09:30:35 | 001,863,680 | ---- | C] (Microsoft Corporation)
WMVDECOD.DLL -> C:\Windows\SysWow64\WMVDECOD.DLL -> [2011/12/03 09:30:35 | 001,619,456 | ---- | C] (Microsoft Corporation)
mfreadwrite.dll -> C:\Windows\SysNative\mfreadwrite.dll -> [2011/12/03 09:30:34 | 000,257,024 | ---- | C] (Microsoft Corporation)
ExplorerFrame.dll -> C:\Windows\SysWow64\ExplorerFrame.dll -> [2011/12/03 09:30:33 | 001,495,040 | ---- | C] (Microsoft Corporation)
dxgmms1.sys -> C:\Windows\SysNative\drivers\dxgmms1.sys -> [2011/12/03 09:30:33 | 000,265,088 | ---- | C] (Microsoft Corporation)
XpsRasterService.dll -> C:\Windows\SysNative\XpsRasterService.dll -> [2011/12/03 09:30:33 | 000,229,888 | ---- | C] (Microsoft Corporation)
mfreadwrite.dll -> C:\Windows\SysWow64\mfreadwrite.dll -> [2011/12/03 09:30:33 | 000,196,608 | ---- | C] (Microsoft Corporation)
cdd.dll -> C:\Windows\SysNative\cdd.dll -> [2011/12/03 09:30:33 | 000,144,384 | ---- | C] (Microsoft Corporation)
XpsRasterService.dll -> C:\Windows\SysWow64\XpsRasterService.dll -> [2011/12/03 09:30:33 | 000,135,168 | ---- | C] (Microsoft Corporation)
mfps.dll -> C:\Windows\SysNative\mfps.dll -> [2011/12/03 09:30:32 | 000,206,848 | ---- | C] (Microsoft Corporation)
mssrch.dll -> C:\Windows\SysNative\mssrch.dll -> [2011/12/03 09:30:09 | 002,228,224 | ---- | C] (Microsoft Corporation)
mssrch.dll -> C:\Windows\SysWow64\mssrch.dll -> [2011/12/03 09:30:09 | 001,401,856 | ---- | C] (Microsoft Corporation)
tquery.dll -> C:\Windows\SysNative\tquery.dll -> [2011/12/03 09:30:08 | 002,326,016 | ---- | C] (Microsoft Corporation)
tquery.dll -> C:\Windows\SysWow64\tquery.dll -> [2011/12/03 09:30:08 | 001,553,920 | ---- | C] (Microsoft Corporation)
mssph.dll -> C:\Windows\SysNative\mssph.dll -> [2011/12/03 09:30:08 | 000,491,520 | ---- | C] (Microsoft Corporation)
mssvp.dll -> C:\Windows\SysNative\mssvp.dll -> [2011/12/03 09:30:06 | 000,779,264 | ---- | C] (Microsoft Corporation)
mssvp.dll -> C:\Windows\SysWow64\mssvp.dll -> [2011/12/03 09:30:06 | 000,666,624 | ---- | C] (Microsoft Corporation)
mssph.dll -> C:\Windows\SysWow64\mssph.dll -> [2011/12/03 09:30:06 | 000,337,408 | ---- | C] (Microsoft Corporation)
SearchProtocolHost.exe -> C:\Windows\SysNative\SearchProtocolHost.exe -> [2011/12/03 09:30:06 | 000,249,856 | ---- | C] (Microsoft Corporation)
SearchFilterHost.exe -> C:\Windows\SysNative\SearchFilterHost.exe -> [2011/12/03 09:30:06 | 000,113,664 | ---- | C] (Microsoft Corporation)
msscntrs.dll -> C:\Windows\SysNative\msscntrs.dll -> [2011/12/03 09:30:06 | 000,075,264 | ---- | C] (Microsoft Corporation)
mssphtb.dll -> C:\Windows\SysNative\mssphtb.dll -> [2011/12/03 09:30:05 | 000,288,256 | ---- | C] (Microsoft Corporation)
msscntrs.dll -> C:\Windows\SysWow64\msscntrs.dll -> [2011/12/03 09:30:03 | 000,059,392 | ---- | C] (Microsoft Corporation)
CertEnroll.dll -> C:\Windows\SysNative\CertEnroll.dll -> [2011/12/03 09:29:47 | 001,975,296 | ---- | C] (Microsoft Corporation)
CertEnroll.dll -> C:\Windows\SysWow64\CertEnroll.dll -> [2011/12/03 09:29:47 | 001,320,960 | ---- | C] (Microsoft Corporation)
wmp.dll -> C:\Windows\SysNative\wmp.dll -> [2011/12/03 09:29:38 | 014,627,840 | ---- | C] (Microsoft Corporation)
wmp.dll -> C:\Windows\SysWow64\wmp.dll -> [2011/12/03 09:29:37 | 011,406,848 | ---- | C] (Microsoft Corporation)
wmploc.DLL -> C:\Windows\SysNative\wmploc.DLL -> [2011/12/03 09:29:36 | 012,625,920 | ---- | C] (Microsoft Corporation)
wmploc.DLL -> C:\Windows\SysWow64\wmploc.DLL -> [2011/12/03 09:29:36 | 012,625,408 | ---- | C] (Microsoft Corporation)
CPFilters.dll -> C:\Windows\SysNative\CPFilters.dll -> [2011/12/03 09:29:24 | 000,961,024 | ---- | C] (Microsoft Corporation)
EncDec.dll -> C:\Windows\SysNative\EncDec.dll -> [2011/12/03 09:29:24 | 000,723,968 | ---- | C] (Microsoft Corporation)
sbe.dll -> C:\Windows\SysNative\sbe.dll -> [2011/12/03 09:29:23 | 001,118,720 | ---- | C] (Microsoft Corporation)
sbe.dll -> C:\Windows\SysWow64\sbe.dll -> [2011/12/03 09:29:23 | 000,850,432 | ---- | C] (Microsoft Corporation)
CPFilters.dll -> C:\Windows\SysWow64\CPFilters.dll -> [2011/12/03 09:29:23 | 000,642,048 | ---- | C] (Microsoft Corporation)
EncDec.dll -> C:\Windows\SysWow64\EncDec.dll -> [2011/12/03 09:29:23 | 000,534,528 | ---- | C] (Microsoft Corporation)
mpg2splt.ax -> C:\Windows\SysNative\mpg2splt.ax -> [2011/12/03 09:29:23 | 000,259,072 | ---- | C] (Microsoft Corporation)
mpg2splt.ax -> C:\Windows\SysWow64\mpg2splt.ax -> [2011/12/03 09:29:22 | 000,199,680 | ---- | C] (Microsoft Corporation)
odbcjt32.dll -> C:\Windows\SysWow64\odbcjt32.dll -> [2011/12/03 09:29:18 | 000,319,488 | ---- | C] (Microsoft Corporation)
odbctrac.dll -> C:\Windows\SysNative\odbctrac.dll -> [2011/12/03 09:29:18 | 000,212,992 | ---- | C] (Microsoft Corporation)
odbctrac.dll -> C:\Windows\SysWow64\odbctrac.dll -> [2011/12/03 09:29:18 | 000,163,840 | ---- | C] (Microsoft Corporation)
odbccp32.dll -> C:\Windows\SysNative\odbccp32.dll -> [2011/12/03 09:29:18 | 000,163,840 | ---- | C] (Microsoft Corporation)
odbccp32.dll -> C:\Windows\SysWow64\odbccp32.dll -> [2011/12/03 09:29:18 | 000,122,880 | ---- | C] (Microsoft Corporation)
odbccu32.dll -> C:\Windows\SysNative\odbccu32.dll -> [2011/12/03 09:29:18 | 000,106,496 | ---- | C] (Microsoft Corporation)
odbccr32.dll -> C:\Windows\SysNative\odbccr32.dll -> [2011/12/03 09:29:18 | 000,106,496 | ---- | C] (Microsoft Corporation)
odbccu32.dll -> C:\Windows\SysWow64\odbccu32.dll -> [2011/12/03 09:29:18 | 000,086,016 | ---- | C] (Microsoft Corporation)
odbccr32.dll -> C:\Windows\SysWow64\odbccr32.dll -> [2011/12/03 09:29:18 | 000,081,920 | ---- | C] (Microsoft Corporation)
mfc40.dll -> C:\Windows\SysWow64\mfc40.dll -> [2011/12/03 09:29:13 | 000,954,752 | ---- | C] (Microsoft Corporation)
mfc40u.dll -> C:\Windows\SysWow64\mfc40u.dll -> [2011/12/03 09:29:12 | 000,954,288 | ---- | C] (Microsoft Corporation)
upnp.dll -> C:\Windows\SysNative\upnp.dll -> [2011/12/03 09:29:05 | 000,264,192 | ---- | C] (Microsoft Corporation)
upnp.dll -> C:\Windows\SysWow64\upnp.dll -> [2011/12/03 09:29:05 | 000,204,288 | ---- | C] (Microsoft Corporation)
davclnt.dll -> C:\Windows\SysNative\davclnt.dll -> [2011/12/03 09:29:04 | 000,100,864 | ---- | C] (Microsoft Corporation)
wscapi.dll -> C:\Windows\SysNative\wscapi.dll -> [2011/12/03 09:29:04 | 000,062,976 | ---- | C] (Microsoft Corporation)
wscapi.dll -> C:\Windows\SysWow64\wscapi.dll -> [2011/12/03 09:29:02 | 000,051,200 | ---- | C] (Microsoft Corporation)
slwga.dll -> C:\Windows\SysNative\slwga.dll -> [2011/12/03 09:29:02 | 000,015,360 | ---- | C] (Microsoft Corporation)
slwga.dll -> C:\Windows\SysWow64\slwga.dll -> [2011/12/03 09:29:02 | 000,014,336 | ---- | C] (Microsoft Corporation)
ole32.dll -> C:\Windows\SysNative\ole32.dll -> [2011/12/03 09:28:17 | 002,085,376 | ---- | C] (Microsoft Corporation)
drvinst.exe -> C:\Windows\SysWow64\drvinst.exe -> [2011/12/03 09:28:13 | 000,252,928 | ---- | C] (Microsoft Corporation)
devrtl.dll -> C:\Windows\SysWow64\devrtl.dll -> [2011/12/03 09:28:13 | 000,044,544 | ---- | C] (Microsoft Corporation)
msdri.dll -> C:\Windows\SysNative\msdri.dll -> [2011/12/03 09:28:03 | 000,552,960 | ---- | C] (Microsoft Corporation)
d3d10_1core.dll -> C:\Windows\SysNative\d3d10_1core.dll -> [2011/12/03 09:27:55 | 000,320,512 | ---- | C] (Microsoft Corporation)
d3d10_1.dll -> C:\Windows\SysNative\d3d10_1.dll -> [2011/12/03 09:27:55 | 000,197,120 | ---- | C] (Microsoft Corporation)
psisdecd.dll -> C:\Windows\SysNative\psisdecd.dll -> [2011/12/03 09:27:40 | 000,613,888 | ---- | C] (Microsoft Corporation)
psisdecd.dll -> C:\Windows\SysWow64\psisdecd.dll -> [2011/12/03 09:27:40 | 000,465,408 | ---- | C] (Microsoft Corporation)
MSNP.ax -> C:\Windows\SysNative\MSNP.ax -> [2011/12/03 09:27:40 | 000,288,256 | ---- | C] (Microsoft Corporation)
MSNP.ax -> C:\Windows\SysWow64\MSNP.ax -> [2011/12/03 09:27:40 | 000,204,288 | ---- | C] (Microsoft Corporation)
psisrndr.ax -> C:\Windows\SysNative\psisrndr.ax -> [2011/12/03 09:27:40 | 000,108,032 | ---- | C] (Microsoft Corporation)
Mpeg2Data.ax -> C:\Windows\SysNative\Mpeg2Data.ax -> [2011/12/03 09:27:40 | 000,104,960 | ---- | C] (Microsoft Corporation)
psisrndr.ax -> C:\Windows\SysWow64\psisrndr.ax -> [2011/12/03 09:27:40 | 000,075,776 | ---- | C] (Microsoft Corporation)
MSDvbNP.ax -> C:\Windows\SysNative\MSDvbNP.ax -> [2011/12/03 09:27:39 | 000,075,776 | ---- | C] (Microsoft Corporation)
Mpeg2Data.ax -> C:\Windows\SysWow64\Mpeg2Data.ax -> [2011/12/03 09:27:39 | 000,072,704 | ---- | C] (Microsoft Corporation)
MSDvbNP.ax -> C:\Windows\SysWow64\MSDvbNP.ax -> [2011/12/03 09:27:39 | 000,059,904 | ---- | C] (Microsoft Corporation)
poqexec.exe -> C:\Windows\SysNative\poqexec.exe -> [2011/12/03 09:27:27 | 000,142,336 | ---- | C] (Microsoft Corporation)
poqexec.exe -> C:\Windows\SysWow64\poqexec.exe -> [2011/12/03 09:27:26 | 000,123,904 | ---- | C] (Microsoft Corporation)
quartz.dll -> C:\Windows\SysNative\quartz.dll -> [2011/12/03 09:27:23 | 001,572,352 | ---- | C] (Microsoft Corporation)
quartz.dll -> C:\Windows\SysWow64\quartz.dll -> [2011/12/03 09:27:23 | 001,328,640 | ---- | C] (Microsoft Corporation)
avifil32.dll -> C:\Windows\SysWow64\avifil32.dll -> [2011/12/03 09:27:22 | 000,091,648 | ---- | C] (Microsoft Corporation)
mciavi32.dll -> C:\Windows\SysWow64\mciavi32.dll -> [2011/12/03 09:27:22 | 000,084,480 | ---- | C] (Microsoft Corporation)
ntdll.dll -> C:\Windows\SysNative\ntdll.dll -> [2011/12/03 09:27:15 | 001,739,176 | ---- | C] (Microsoft Corporation)
explorer.exe -> C:\Windows\explorer.exe -> [2011/12/03 09:26:49 | 002,870,272 | ---- | C] (Microsoft Corporation)
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2011/12/03 09:26:49 | 002,614,784 | ---- | C] (Microsoft Corporation)
secproc_isv.dll -> C:\Windows\SysNative\secproc_isv.dll -> [2011/12/03 09:26:36 | 000,422,912 | ---- | C] (Microsoft Corporation)
secproc.dll -> C:\Windows\SysNative\secproc.dll -> [2011/12/03 09:26:35 | 000,424,960 | ---- | C] (Microsoft Corporation)
secproc.dll -> C:\Windows\SysWow64\secproc.dll -> [2011/12/03 09:26:35 | 000,369,152 | ---- | C] (Microsoft Corporation)
secproc_isv.dll -> C:\Windows\SysWow64\secproc_isv.dll -> [2011/12/03 09:26:35 | 000,365,568 | ---- | C] (Microsoft Corporation)
RMActivate_isv.exe -> C:\Windows\SysNative\RMActivate_isv.exe -> [2011/12/03 09:26:35 | 000,357,888 | ---- | C] (Microsoft Corporation)
RMActivate.exe -> C:\Windows\SysNative\RMActivate.exe -> [2011/12/03 09:26:35 | 000,356,352 | ---- | C] (Microsoft Corporation)
RMActivate_isv.exe -> C:\Windows\SysWow64\RMActivate_isv.exe -> [2011/12/03 09:26:35 | 000,324,608 | ---- | C] (Microsoft Corporation)
RMActivate.exe -> C:\Windows\SysWow64\RMActivate.exe -> [2011/12/03 09:26:35 | 000,320,512 | ---- | C] (Microsoft Corporation)
RMActivate_ssp.exe -> C:\Windows\SysNative\RMActivate_ssp.exe -> [2011/12/03 09:26:35 | 000,306,688 | ---- | C] (Microsoft Corporation)
RMActivate_ssp_isv.exe -> C:\Windows\SysNative\RMActivate_ssp_isv.exe -> [2011/12/03 09:26:35 | 000,305,152 | ---- | C] (Microsoft Corporation)
secproc_ssp_isv.dll -> C:\Windows\SysNative\secproc_ssp_isv.dll -> [2011/12/03 09:26:35 | 000,121,856 | ---- | C] (Microsoft Corporation)
secproc_ssp.dll -> C:\Windows\SysNative\secproc_ssp.dll -> [2011/12/03 09:26:35 | 000,121,856 | ---- | C] (Microsoft Corporation)
RMActivate_ssp.exe -> C:\Windows\SysWow64\RMActivate_ssp.exe -> [2011/12/03 09:26:34 | 000,280,064 | ---- | C] (Microsoft Corporation)
RMActivate_ssp_isv.exe -> C:\Windows\SysWow64\RMActivate_ssp_isv.exe -> [2011/12/03 09:26:34 | 000,277,504 | ---- | C] (Microsoft Corporation)
secproc_ssp_isv.dll -> C:\Windows\SysWow64\secproc_ssp_isv.dll -> [2011/12/03 09:26:34 | 000,085,504 | ---- | C] (Microsoft Corporation)
secproc_ssp.dll -> C:\Windows\SysWow64\secproc_ssp.dll -> [2011/12/03 09:26:34 | 000,085,504 | ---- | C] (Microsoft Corporation)
atmfd.dll -> C:\Windows\SysNative\atmfd.dll -> [2011/12/03 09:26:29 | 000,367,104 | ---- | C] (Adobe Systems Incorporated)
atmfd.dll -> C:\Windows\SysWow64\atmfd.dll -> [2011/12/03 09:26:28 | 000,294,912 | ---- | C] (Adobe Systems Incorporated)
fontsub.dll -> C:\Windows\SysNative\fontsub.dll -> [2011/12/03 09:26:28 | 000,100,864 | ---- | C] (Microsoft Corporation)
fontsub.dll -> C:\Windows\SysWow64\fontsub.dll -> [2011/12/03 09:26:28 | 000,070,656 | ---- | C] (Microsoft Corporation)
atmlib.dll -> C:\Windows\SysNative\atmlib.dll -> [2011/12/03 09:26:28 | 000,046,080 | ---- | C] (Adobe Systems)
atmlib.dll -> C:\Windows\SysWow64\atmlib.dll -> [2011/12/03 09:26:28 | 000,034,304 | ---- | C] (Adobe Systems)
comctl32.dll -> C:\Windows\SysNative\comctl32.dll -> [2011/12/03 09:26:18 | 000,633,856 | ---- | C] (Microsoft Corporation)
XpsGdiConverter.dll -> C:\Windows\SysNative\XpsGdiConverter.dll -> [2011/12/03 09:26:04 | 000,476,160 | ---- | C] (Microsoft Corporation)
XpsGdiConverter.dll -> C:\Windows\SysWow64\XpsGdiConverter.dll -> [2011/12/03 09:26:04 | 000,288,256 | ---- | C] (Microsoft Corporation)
msasn1.dll -> C:\Windows\SysNative\msasn1.dll -> [2011/12/03 09:25:56 | 000,046,592 | ---- | C] (Microsoft Corporation)
webio.dll -> C:\Windows\SysNative\webio.dll -> [2011/12/03 09:25:54 | 000,395,776 | ---- | C] (Microsoft Corporation)
webio.dll -> C:\Windows\SysWow64\webio.dll -> [2011/12/03 09:25:54 | 000,314,368 | ---- | C] (Microsoft Corporation)
t2embed.dll -> C:\Windows\SysNative\t2embed.dll -> [2011/12/03 09:25:51 | 000,148,992 | ---- | C] (Microsoft Corporation)
t2embed.dll -> C:\Windows\SysWow64\t2embed.dll -> [2011/12/03 09:25:51 | 000,109,056 | ---- | C] (Microsoft Corporation)
wmpmde.dll -> C:\Windows\SysNative\wmpmde.dll -> [2011/12/03 09:25:49 | 001,024,512 | ---- | C] (Microsoft Corporation)
wmpmde.dll -> C:\Windows\SysWow64\wmpmde.dll -> [2011/12/03 09:25:49 | 000,738,816 | ---- | C] (Microsoft Corporation)
i1iSis_x64.sys -> C:\Windows\SysNative\drivers\i1iSis_x64.sys -> [2011/12/03 09:25:03 | 000,051,600 | ---- | C] (Thesycon GmbH, Germany)
i1io2_x64.sys -> C:\Windows\SysNative\drivers\i1io2_x64.sys -> [2011/12/03 09:25:03 | 000,051,600 | ---- | C] (Thesycon GmbH, Germany)
i1_x64.sys -> C:\Windows\SysNative\drivers\i1_x64.sys -> [2011/12/03 09:25:03 | 000,051,600 | ---- | C] (Thesycon GmbH, Germany)
i1display_x64.sys -> C:\Windows\SysNative\drivers\i1display_x64.sys -> [2011/12/03 09:25:03 | 000,007,808 | ---- | C] (GretagMacbeth LLC)
EFI -> C:\Program Files (x86)\Common Files\EFI -> [2011/12/03 09:25:03 | 000,000,000 | ---D | C]
Fiery -> C:\Program Files (x86)\Fiery -> [2011/12/03 09:24:34 | 000,000,000 | ---D | C]
mfc42u.dll -> C:\Windows\SysNative\mfc42u.dll -> [2011/12/03 09:23:54 | 001,359,872 | ---- | C] (Microsoft Corporation)
mfc42.dll -> C:\Windows\SysNative\mfc42.dll -> [2011/12/03 09:23:53 | 001,395,712 | ---- | C] (Microsoft Corporation)
mfc42u.dll -> C:\Windows\SysWow64\mfc42u.dll -> [2011/12/03 09:23:53 | 001,164,288 | ---- | C] (Microsoft Corporation)
mfc42.dll -> C:\Windows\SysWow64\mfc42.dll -> [2011/12/03 09:23:53 | 001,137,664 | ---- | C] (Microsoft Corporation)
FXSCOVER.exe -> C:\Windows\SysNative\FXSCOVER.exe -> [2011/12/03 09:23:51 | 000,267,776 | ---- | C] (Microsoft Corporation)
StructuredQuery.dll -> C:\Windows\SysNative\StructuredQuery.dll -> [2011/12/03 09:23:50 | 000,483,840 | ---- | C] (Microsoft Corporation)
ntoskrnl.exe -> C:\Windows\SysNative\ntoskrnl.exe -> [2011/12/03 09:23:33 | 005,507,968 | ---- | C] (Microsoft Corporation)
ntkrnlpa.exe -> C:\Windows\SysWow64\ntkrnlpa.exe -> [2011/12/03 09:23:32 | 003,957,120 | ---- | C] (Microsoft Corporation)
ntoskrnl.exe -> C:\Windows\SysWow64\ntoskrnl.exe -> [2011/12/03 09:23:32 | 003,902,336 | ---- | C] (Microsoft Corporation)
odbc32.dll -> C:\Windows\SysNative\odbc32.dll -> [2011/12/03 09:23:13 | 000,720,896 | ---- | C] (Microsoft Corporation)
odbc32.dll -> C:\Windows\SysWow64\odbc32.dll -> [2011/12/03 09:23:13 | 000,573,440 | ---- | C] (Microsoft Corporation)
winlogon.exe -> C:\Windows\SysNative\winlogon.exe -> [2011/12/03 09:23:09 | 000,389,632 | ---- | C] (Microsoft Corporation)
XpsPrint.dll -> C:\Windows\SysWow64\XpsPrint.dll -> [2011/12/03 09:23:07 | 000,442,880 | ---- | C] (Microsoft Corporation)
XpsPrint.dll -> C:\Windows\SysNative\XpsPrint.dll -> [2011/12/03 09:23:06 | 000,662,528 | ---- | C] (Microsoft Corporation)
oleaut32.dll -> C:\Windows\SysNative\oleaut32.dll -> [2011/12/03 09:23:03 | 000,861,184 | ---- | C] (Microsoft Corporation)
oleacc.dll -> C:\Windows\SysNative\oleacc.dll -> [2011/12/03 09:23:03 | 000,331,776 | ---- | C] (Microsoft Corporation)
mstscax.dll -> C:\Windows\SysNative\mstscax.dll -> [2011/12/03 09:23:00 | 003,138,048 | ---- | C] (Microsoft Corporation)
mstscax.dll -> C:\Windows\SysWow64\mstscax.dll -> [2011/12/03 09:23:00 | 002,690,560 | ---- | C] (Microsoft Corporation)
mstsc.exe -> C:\Windows\SysNative\mstsc.exe -> [2011/12/03 09:22:59 | 001,097,216 | ---- | C] (Microsoft Corporation)
mstsc.exe -> C:\Windows\SysWow64\mstsc.exe -> [2011/12/03 09:22:59 | 001,034,240 | ---- | C] (Microsoft Corporation)
sscore.dll -> C:\Windows\SysWow64\sscore.dll -> [2011/12/03 09:22:56 | 000,009,728 | ---- | C] (Microsoft Corporation)
rtutils.dll -> C:\Windows\SysNative\rtutils.dll -> [2011/12/03 09:22:54 | 000,052,224 | ---- | C] (Microsoft Corporation)
consent.exe -> C:\Windows\SysNative\consent.exe -> [2011/12/03 09:22:51 | 000,112,000 | ---- | C] (Microsoft Corporation)
iccvid.dll -> C:\Windows\SysWow64\iccvid.dll -> [2011/12/03 09:22:50 | 000,082,944 | ---- | C] (Radius Inc.)
Diskdump.sys -> C:\Windows\SysNative\drivers\Diskdump.sys -> [2011/12/03 09:22:49 | 000,027,008 | ---- | C] (Microsoft Corporation)
InstallShield -> C:\Users\Heintje\AppData\Roaming\InstallShield -> [2011/12/03 09:22:29 | 000,000,000 | ---D | C]
CyberLink -> C:\Users\Heintje\AppData\Roaming\CyberLink -> [2011/12/03 09:19:15 | 000,000,000 | ---D | C]
Macromedia -> C:\Users\Heintje\AppData\Roaming\Macromedia -> [2011/12/03 09:07:58 | 000,000,000 | ---D | C]
Adobe -> C:\Users\Heintje\AppData\Roaming\Adobe -> [2011/12/03 09:07:37 | 000,000,000 | ---D | C]
Dell -> C:\Users\Heintje\AppData\Roaming\Dell -> [2011/12/03 09:04:58 | 000,000,000 | ---D | C]
Stardock_Corporation -> C:\Users\Heintje\AppData\Local\Stardock_Corporation -> [2011/12/03 09:04:42 | 000,000,000 | ---D | C]
ATI -> C:\Users\Heintje\AppData\Roaming\ATI -> [2011/12/03 09:04:23 | 000,000,000 | ---D | C]
ATI -> C:\Users\Heintje\AppData\Local\ATI -> [2011/12/03 09:04:23 | 000,000,000 | ---D | C]
Searches -> C:\Users\Heintje\Searches -> [2011/12/03 09:03:53 | 000,000,000 | R--D | C]
Administrative Tools -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools -> [2011/12/03 09:03:53 | 000,000,000 | R--D | C]
User Pinned -> C:\Users\Heintje\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned -> [2011/12/03 09:03:53 | 000,000,000 | -H-D | C]

[Files/Folders - Modified Within 30 Days]
OTS.exe -> C:\Users\Heintje\Desktop\OTS.exe -> [2011/12/05 09:30:59 | 000,646,144 | ---- | M] (OldTimer Tools)
spumonilpstd.otf -> C:\Users\Heintje\Desktop\spumonilpstd.otf -> [2011/12/05 09:04:12 | 000,045,548 | ---- | M] ()
E111Viva.ttf -> C:\Users\Heintje\Desktop\E111Viva.ttf -> [2011/12/05 08:37:36 | 000,062,308 | ---- | M] ()
centurystd-bookcondensed.otf -> C:\Users\Heintje\Desktop\centurystd-bookcondensed.otf -> [2011/12/05 08:36:13 | 000,031,160 | ---- | M] ()
PM4_64bit.zip -> C:\Users\Heintje\Desktop\PM4_64bit.zip -> [2011/12/05 08:20:57 | 000,016,331 | ---- | M] ()
X-GPD_5.216.19.0_PS_x64.exe -> C:\Users\Heintje\Desktop\X-GPD_5.216.19.0_PS_x64.exe -> [2011/12/05 08:00:10 | 029,562,288 | ---- | M] ()
PM4_APP.exe -> C:\Users\Heintje\Desktop\PM4_APP.exe -> [2011/12/05 08:00:01 | 000,535,472 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/12/05 07:45:05 | 000,014,016 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/12/05 07:45:05 | 000,014,016 | -H-- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2011/12/05 07:44:07 | 000,729,688 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2011/12/05 07:44:07 | 000,630,124 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2011/12/05 07:44:07 | 000,111,208 | ---- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2011/12/05 07:37:32 | 000,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2011/12/05 07:37:18 | 2140,495,871 | -HS- | M] ()
epplauncher.mif -> C:\Windows\epplauncher.mif -> [2011/12/05 07:36:14 | 000,002,154 | ---- | M] ()
PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2011/12/05 07:35:58 | 000,734,810 | ---- | M] ()
MCPR.exe -> C:\Users\Heintje\Desktop\MCPR.exe -> [2011/12/05 07:11:44 | 001,832,544 | ---- | M] (McAfee, Inc.)
FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2011/12/05 06:54:23 | 002,975,664 | ---- | M] ()
mseinstall.exe -> C:\Users\Heintje\Desktop\mseinstall.exe -> [2011/12/03 11:26:06 | 010,165,440 | ---- | M] (Microsoft Corporation)
Adobe Acrobat 9 Pro.lnk -> C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk -> [2011/12/03 11:02:23 | 000,002,023 | ---- | M] ()
license.rtf -> C:\Windows\SysWow64\license.rtf -> [2011/12/03 11:00:42 | 000,040,209 | ---- | M] ()
license.rtf -> C:\Windows\SysNative\license.rtf -> [2011/12/03 11:00:42 | 000,040,209 | ---- | M] ()
Msft_Kernel_point64_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf -> [2011/12/03 09:58:08 | 000,000,000 | -H-- | M] ()
Command WorkStation 5.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Command WorkStation 5.lnk -> [2011/12/03 09:52:53 | 000,002,564 | ---- | M] ()
Command WorkStation 5.lnk -> C:\Users\Public\Desktop\Command WorkStation 5.lnk -> [2011/12/03 09:52:44 | 000,002,546 | ---- | M] ()
IscDbc.dll -> C:\Windows\SysWow64\IscDbc.dll -> [2011/12/03 09:48:46 | 000,274,432 | ---- | M] (IBPhoenix Inc.)
OdbcJdbcMT.dll -> C:\Windows\SysWow64\OdbcJdbcMT.dll -> [2011/12/03 09:48:46 | 000,262,144 | ---- | M] (IBPhoenix Inc)
OdbcJdbc.dll -> C:\Windows\SysWow64\OdbcJdbc.dll -> [2011/12/03 09:48:46 | 000,253,952 | ---- | M] (IBPhoenix Inc)
OdbcJdbcSetup.dll -> C:\Windows\SysWow64\OdbcJdbcSetup.dll -> [2011/12/03 09:48:46 | 000,155,648 | ---- | M] (IBPhoenix Inc.)
ODBCINST.INI -> C:\Windows\ODBCINST.INI -> [2011/12/03 09:48:46 | 000,000,401 | ---- | M] ()
Msft_Kernel_NuidFltr_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf -> [2011/12/03 09:46:41 | 000,000,000 | -H-- | M] ()
Msft_Kernel_dc3d_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf -> [2011/12/03 09:38:04 | 000,000,000 | -H-- | M] ()
Launch Internet Explorer Browser.lnk -> C:\Users\Heintje\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2011/12/03 09:07:22 | 000,001,443 | ---- | M] ()
Msft_Kernel_NuidFltr_01005.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf -> [2011/12/03 09:04:54 | 000,000,000 | -H-- | M] ()
Dell Dock.lnk -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk -> [2011/12/03 09:04:45 | 000,001,984 | ---- | M] ()
22 C:\Users\Heintje\AppData\Local\Temp\*.tmp files -> C:\Users\Heintje\AppData\Local\Temp\*.tmp ->
22 C:\Users\Heintje\AppData\Local\Temp\*.tmp files -> C:\Users\Heintje\AppData\Local\Temp\*.tmp ->
11 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp ->

[Files - No Company Name]
spumonilpstd.otf -> C:\Users\Heintje\Desktop\spumonilpstd.otf -> [2011/12/05 09:04:11 | 000,045,548 | ---- | C] ()
E111Viva.ttf -> C:\Users\Heintje\Desktop\E111Viva.ttf -> [2011/12/05 08:37:35 | 000,062,308 | ---- | C] ()
centurystd-bookcondensed.otf -> C:\Users\Heintje\Desktop\centurystd-bookcondensed.otf -> [2011/12/05 08:36:12 | 000,031,160 | ---- | C] ()
PM4_64bit.zip -> C:\Users\Heintje\Desktop\PM4_64bit.zip -> [2011/12/05 08:20:57 | 000,016,331 | ---- | C] ()
X-GPD_5.216.19.0_PS_x64.exe -> C:\Users\Heintje\Desktop\X-GPD_5.216.19.0_PS_x64.exe -> [2011/12/05 08:00:09 | 029,562,288 | ---- | C] ()
PM4_APP.exe -> C:\Users\Heintje\Desktop\PM4_APP.exe -> [2011/12/05 07:59:56 | 000,535,472 | ---- | C] ()
epplauncher.mif -> C:\Windows\epplauncher.mif -> [2011/12/05 07:36:14 | 000,002,154 | ---- | C] ()
PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2011/12/05 07:35:58 | 000,734,810 | ---- | C] ()
Microsoft Security Essentials.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> [2011/12/05 07:35:43 | 000,001,899 | ---- | C] ()
Adobe Acrobat 9 Pro.lnk -> C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk -> [2011/12/03 11:02:23 | 000,002,023 | ---- | C] ()
Acrobat.com.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk -> [2011/12/03 10:58:46 | 000,001,011 | ---- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2011/12/03 10:58:38 | 2140,495,871 | -HS- | C] ()
Dell Help Documentation.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk -> [2011/12/03 10:03:08 | 000,001,979 | ---- | C] ()
Shows Desktop.lnk -> C:\Users\Heintje\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> [2011/12/03 10:02:22 | 000,000,290 | ---- | C] ()
Window Switcher.lnk -> C:\Users\Heintje\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> [2011/12/03 10:02:22 | 000,000,272 | ---- | C] ()
Msft_Kernel_point64_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf -> [2011/12/03 09:58:08 | 000,000,000 | -H-- | C] ()
Command WorkStation 5.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Command WorkStation 5.lnk -> [2011/12/03 09:52:53 | 000,002,564 | ---- | C] ()
Command WorkStation 5.lnk -> C:\Users\Public\Desktop\Command WorkStation 5.lnk -> [2011/12/03 09:52:44 | 000,002,546 | ---- | C] ()
UnInCWS5.ISS -> C:\Windows\UnInCWS5.ISS -> [2011/12/03 09:52:44 | 000,000,263 | R--- | C] ()
ODBCINST.INI -> C:\Windows\ODBCINST.INI -> [2011/12/03 09:48:46 | 000,000,401 | ---- | C] ()
UnInsIV30.iss -> C:\Windows\UnInsIV30.iss -> [2011/12/03 09:48:13 | 000,000,382 | ---- | C] ()
Msft_Kernel_NuidFltr_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf -> [2011/12/03 09:46:41 | 000,000,000 | -H-- | C] ()
UnInsDBP30.iss -> C:\Windows\UnInsDBP30.iss -> [2011/12/03 09:38:34 | 000,000,253 | ---- | C] ()
Msft_Kernel_dc3d_01009.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf -> [2011/12/03 09:38:04 | 000,000,000 | -H-- | C] ()
UnInsHar30_CXP.ISS -> C:\Windows\UnInsHar30_CXP.ISS -> [2011/12/03 09:24:36 | 000,000,255 | ---- | C] ()
Launch Internet Explorer Browser.lnk -> C:\Users\Heintje\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2011/12/03 09:07:22 | 000,001,443 | ---- | C] ()
Msft_Kernel_NuidFltr_01005.Wdf -> C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf -> [2011/12/03 09:04:54 | 000,000,000 | -H-- | C] ()
Dell Dock.lnk -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk -> [2011/12/03 09:04:45 | 000,001,984 | ---- | C] ()
Internet Explorer (64-bit).lnk -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> [2011/12/03 09:04:09 | 000,001,415 | ---- | C] ()
Internet Explorer.lnk -> C:\Users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> [2011/12/03 09:03:56 | 000,001,449 | ---- | C] ()
APOMngr.DLL -> C:\Windows\SysWow64\APOMngr.DLL -> [2009/12/22 17:52:30 | 000,146,432 | ---- | C] ()
CmdRtr.DLL -> C:\Windows\SysWow64\CmdRtr.DLL -> [2009/12/22 17:52:30 | 000,072,704 | ---- | C] ()
ativpsrm.bin -> C:\Windows\ativpsrm.bin -> [2009/12/22 17:51:54 | 000,000,000 | ---- | C] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2009/07/14 00:38:36 | 000,067,584 | --S- | C] ()
NOISE.DAT -> C:\Windows\SysWow64\NOISE.DAT -> [2009/07/13 21:35:51 | 000,000,741 | ---- | C] ()
dssec.dat -> C:\Windows\SysWow64\dssec.dat -> [2009/07/13 21:34:42 | 000,215,943 | ---- | C] ()
mib.bin -> C:\Windows\mib.bin -> [2009/07/13 19:10:29 | 000,043,131 | ---- | C] ()
BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/13 18:42:10 | 000,064,000 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/13 16:03:59 | 000,364,544 | ---- | C] ()
mlang.dat -> C:\Windows\SysWow64\mlang.dat -> [2009/06/10 16:26:10 | 000,673,088 | ---- | C] ()

[File - Lop Check]
Xerox -> C:\Users\Heintje\AppData\Roaming\Xerox -> [2011/12/05 08:09:26 | 000,000,000 | ---D | M]
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2009/07/14 00:08:49 | 000,003,698 | ---- | M] ()

[File - Purity Scan]

< End of report >

Attached File  OTS4dec.Txt   238.37KB   75 downloads
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there as you have re-installed I believe I know what it is

Do the following:
  • Click on the Start button and then choose Control Panel.
  • Click on the System and Security link.

    Note: If you're viewing the Large icons or Small icons view of Control Panel, you won't see this link so just click on the Administrative Tools icon and skip to Step 4.
  • In the System and Security window, click on the Administrative Tools heading located near the bottom of the window.
  • In the Administrative Tools window, double-click on the Computer Management icon.
  • When Computer Management opens, click on Disk Management on the left side of the window, located under Storage.

    After a brief loading period, Disk Management should now appear on the right side of the Computer Management window.

    Note: If you don't see Disk Management listed, you may need to click on the |> icon to the left of the Storage icon.
Take a screen Shot of the Disk Management Window and attach the screen shot to your reply.

THEN

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:



Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.
  • 0

#3
NJGraphix

NJGraphix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Your good it find something I hope you can Help me

Attached Thumbnails

  • screen.jpg

Attached Files


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Back in a bit - you have the latest variant and I need to work up a new set of instructions
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I will need you to burn a programme to a disc and then boot from that.. I will do no repairs at first as I will need to check where it is hiding

Download the following programme to your desktop

gparted-live-0.10.0-3.iso (115.1 MB)

Create a bootable CD, for Gparted from the ISO image. You can use ImgBurn do this.

Now boot off of the newly created Gparted CD.

Posted Image
You should be here...
Press ENTER

Posted Image
By default, "do not touch keymap" is highlighted. Leave this setting alone and just press ENTER.

Posted Image
Choose your language and press ENTER. English is default [33]

Posted Image
Once again, at this prompt, press ENTER

You will now be taken to the main GUI screen below
Posted Image
I would like you then to make a note of all the partitions and their sizes.

Boot back to normal windows and post that result here please
  • 0

#6
NJGraphix

NJGraphix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Hi here the result

/dev/sda1 fat 16 dellutility 39,19 mib
/dev/sda2 ntfs reovery 14,65 gib
/dev/sda3 os 451,07 gib
unallocated unallocated 1,00 mb


Thanks again for your good service
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK before we run Gparted again we will need to create a recovery disc

Create a Windows 7 System Repair Disc

Note: the below can only be done if your machine has a a type of CD/R or DVD/R optical drive installed. Also depending on the exact type of OEM your machine has you may be unable to actually create a SRD.

  • Click on Start(Windows 7 Orb) >> Run...(or the Windows key and R together) to bring up the Run box, then copy/paste the following command into the box and click on OK:

    recdisc.exe

  • Allow the UAC(User Account Control) prompt via selecting Yes.
  • You should now see a menu like the below:-
Posted Image

  • Put a blank rewritable CD/DVD in your optical(CD/DVD) drive and then click on Create disc.
  • Note: If a AutoPlay window pops up, just close it.
  • When the SRD has been created you will see the below:-
Posted Image

  • Now click on Close
  • You now have a Windows 7 System Repair Disc.

Load the Gparted CD

Now boot off of the newly created Gparted CD.

Posted Image
You should be here...
Press ENTER

Posted Image
By default, "do not touch keymap" is highlighted. Leave this setting alone and just press ENTER.

Posted Image
Choose your language and press ENTER. English is default [33]

Posted Image
Once again, at this prompt, press ENTER

You will now be taken to the main GUI screen below
Posted Image
According to your logs, the partition that you want to delete is 1Mb unallocated
Click the trash can icon to delete and then click Apply.

You should now be here confirming your actions:
Posted Image

Now you should be here:
Posted Image

Posted Image
Is "boot" next to your OS drive?

If "boot" is not next to your OS drive under "Flags", right-mouse click the OS drive while in Gparted and select Manage Flags

In the menu that pops up, place a checkmark in boot like the picture below:
Posted Image

Now double-click the Posted Image button.

You should receive a small pop up like this:
Posted Image
Choose reboot and then press OK.

Now reboot from the Windows 7 Recovery Environment CD and execute the following commands:

  • bootrec /FixMbr
  • bootrec /FixBoot
  • exit

Once back in Windows.

If you are unable to get to windows then run the recovery disc again and select this option:

Startup Repair



Download MBRCheck.exe to your desktop.
  • Be sure to disable your security programs
  • Double click on the file to run it (Confirm the UAC prompt)
  • A window will open on your desktop
  • if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
  • If nothing unusual is found just press Enter
  • A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.

  • 0

#8
NJGraphix

NJGraphix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Hi I do what you said. but I was unable to delete this partition... the trash can was inactive when I click on this partition

did I make something wrong??
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not as far as I can see - I will need to test that on my system

Could you reboot to normal windows and run the following programmes please

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#10
NJGraphix

NJGraphix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Hi TDSSKiller.exe did not find anything!!!

Should I Run ComboFix anyway
  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes [please - I need to explore all avenues - especially as this is a fresh re-install
  • 0

#12
NJGraphix

NJGraphix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Here the logAttached File  ComboFix.txt   20.67KB   108 downloads

ComboFix 11-12-06.02 - Heintje 07/12/2011 17:02:44.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.2.1033.18.8183.5563 [GMT -5:00]
Running from: c:\users\Heintje\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
I:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-11-08 to 2011-12-08 )))))))))))))))))))))))))))))))
.
.
2011-12-08 12:58 . 2011-12-08 12:58 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15CF0CEF-93C1-405A-9D7A-ED0ACC7DB752}\offreg.dll
2011-12-07 22:30 . 2011-12-07 22:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-07 08:42 . 2011-11-21 08:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-12-07 08:42 . 2011-11-21 08:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15CF0CEF-93C1-405A-9D7A-ED0ACC7DB752}\mpengine.dll
2011-12-06 13:17 . 2011-12-06 13:17 -------- d-----r- C:\MSOCache
2011-12-06 03:16 . 2011-12-06 03:16 -------- d-----w- c:\program files (x86)\Common Files\SafeNet Sentinel
2011-12-06 03:16 . 2011-12-06 03:16 -------- d-----w- c:\windows\Downloaded Installations
2011-12-06 03:15 . 2011-12-06 03:15 -------- d-----w- c:\programdata\Tajima
2011-12-06 03:15 . 2011-12-06 03:15 -------- d-----w- c:\programdata\Pulse
2011-12-06 03:15 . 2011-12-06 03:15 -------- d-----w- c:\program files (x86)\Tajima
2011-12-06 03:13 . 2011-12-06 03:16 -------- dc-h--w- c:\programdata\{17DED61C-64DD-43C7-B00B-818634A00EE6}
2011-12-05 19:19 . 2005-09-23 22:40 822784 ----a-w- c:\windows\system32\msvcr80.dll
2011-12-05 19:19 . 2005-09-23 22:40 1097728 ----a-w- c:\windows\system32\msvcp80.dll
2011-12-05 19:19 . 2011-12-05 19:19 -------- d-----w- C:\prntdrvr
2011-12-05 13:08 . 2011-12-05 13:08 -------- d-----w- c:\programdata\Xerox
2011-12-05 13:00 . 2011-12-05 13:01 -------- d-----w- C:\Xerox
2011-12-05 12:43 . 2011-12-05 12:43 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4530F716-CADF-4F24-8CCA-C68C1B6ED9E5}\gapaengine.dll
2011-12-05 12:42 . 2010-10-19 20:51 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-12-05 12:35 . 2011-12-05 12:35 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-12-05 12:35 . 2011-12-05 12:36 -------- d-----w- c:\program files\Microsoft Security Client
2011-12-05 12:35 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-12-05 12:03 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-12-05 12:03 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-12-05 12:03 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-12-05 12:03 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-12-05 12:03 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-12-05 12:03 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-12-05 12:03 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-12-05 12:02 . 2011-03-11 06:23 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2011-12-05 12:02 . 2011-03-11 06:23 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-12-05 12:02 . 2011-03-11 06:23 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-12-05 12:02 . 2011-03-11 06:23 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-12-05 12:02 . 2011-03-11 06:23 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-12-05 12:02 . 2011-03-11 06:22 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-12-05 12:02 . 2011-03-11 06:22 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-12-05 12:02 . 2011-03-11 06:18 2566144 ----a-w- c:\windows\system32\esent.dll
2011-12-05 12:02 . 2011-03-11 06:15 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-12-05 12:02 . 2011-03-11 05:39 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2011-12-05 12:02 . 2011-03-11 05:37 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-12-05 12:01 . 2011-12-06 13:20 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-12-03 16:29 . 2011-12-03 16:29 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-12-03 16:28 . 2011-12-03 16:28 -------- d-----w- c:\windows\SysWow64\Wat
2011-12-03 16:28 . 2011-12-03 16:28 -------- d-----w- c:\windows\system32\Wat
2011-12-03 16:10 . 2011-12-05 12:23 -------- d-----w- c:\programdata\FLEXnet
2011-12-03 16:07 . 2011-12-03 16:07 -------- d-----w- c:\programdata\ALM
2011-12-03 16:02 . 2008-04-07 10:38 24416 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-12-03 15:57 . 2011-12-03 15:57 -------- d-----w- c:\program files (x86)\Adobe Media Player
2011-12-03 15:56 . 2011-12-03 15:56 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2011-12-03 15:55 . 2011-12-03 16:11 -------- d-----w- c:\program files\Common Files\Adobe
2011-12-03 15:55 . 2011-12-03 15:55 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2011-12-03 15:54 . 2011-12-03 15:54 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2011-12-03 15:19 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-12-03 15:19 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-12-03 15:13 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2011-12-03 15:13 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2011-12-03 15:03 . 2009-10-10 03:17 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-12-03 15:03 . 2009-12-29 08:03 220672 ----a-w- c:\windows\system32\wintrust.dll
2011-12-03 15:03 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2011-12-03 15:03 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2011-12-03 15:03 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2011-12-03 15:02 . 2011-12-03 14:03 -------- d-----w- c:\users\Heintje
2011-12-03 15:02 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-12-03 15:02 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-12-03 15:02 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-12-03 15:02 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-12-03 15:02 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-12-03 15:02 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-12-03 15:02 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-12-03 15:02 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-12-03 15:02 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-12-03 15:02 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-12-03 14:57 . 2011-12-03 14:58 -------- d-----w- c:\program files\Microsoft IntelliPoint
2011-12-03 14:48 . 2011-12-03 14:48 274432 ----a-w- c:\windows\SysWow64\IscDbc.dll
2011-12-03 14:48 . 2011-12-03 14:48 262144 ----a-w- c:\windows\SysWow64\OdbcJdbcMT.dll
2011-12-03 14:48 . 2011-12-03 14:48 253952 ----a-w- c:\windows\SysWow64\OdbcJdbc.dll
2011-12-03 14:48 . 2011-12-03 14:48 155648 ----a-w- c:\windows\SysWow64\OdbcJdbcSetup.dll
2011-12-03 14:46 . 2011-12-03 14:46 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2011-12-03 14:35 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-12-03 14:33 . 2011-08-20 05:46 696576 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2011-12-03 14:32 . 2011-07-16 02:26 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-12-03 14:32 . 2011-07-09 05:14 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-03 14:32 . 2011-07-09 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-03 14:31 . 2009-12-11 10:29 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2011-12-03 14:31 . 2009-12-11 09:24 1446912 ----a-w- c:\windows\system32\lsasrv.dll
2011-12-03 14:31 . 2009-12-11 07:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2011-12-03 14:31 . 2009-12-11 07:36 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2011-12-03 14:29 . 2009-09-03 07:36 1975296 ----a-w- c:\windows\system32\CertEnroll.dll
2011-12-03 14:28 . 2011-07-09 02:44 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-12-03 14:27 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-12-03 14:26 . 2011-09-29 16:24 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-12-03 14:25 . 2010-10-12 05:05 35328 ----a-w- c:\program files\Windows Mail\wabfind.dll
2011-12-03 14:24 . 2011-12-03 14:24 -------- d-----w- c:\program files (x86)\Fiery
2011-12-03 14:22 . 2010-12-18 06:08 1097216 ----a-w- c:\windows\system32\mstsc.exe
2011-12-03 14:22 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-12-03 14:22 . 2010-08-27 06:14 236032 ----a-w- c:\windows\system32\srvsvc.dll
2011-12-03 14:22 . 2010-08-27 05:46 9728 ----a-w- c:\windows\SysWow64\sscore.dll
2011-12-03 14:22 . 2010-03-04 07:57 2080256 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-12-03 14:22 . 2010-03-04 07:33 1619968 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll
2011-12-03 14:22 . 2010-06-19 06:53 52224 ----a-w- c:\windows\system32\rtutils.dll
2011-12-03 14:22 . 2010-06-19 06:23 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2011-12-03 14:22 . 2010-10-16 05:23 112000 ----a-w- c:\windows\system32\consent.exe
2011-12-03 14:22 . 2010-07-29 06:30 82944 ----a-w- c:\windows\SysWow64\iccvid.dll
2011-12-03 14:22 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-12-03 14:20 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tajima DGML By Pulse 2009 Update Setup for All Users"="c:\programdata\{17DED61C-64DD-43C7-B00B-818634A00EE6}\setup.exe" [2009-01-20 3409272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2009-12-22 148888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-15 98304]
"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2009-07-17 237568]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
.
c:\users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Command WorkStation 5.lnk - c:\program files (x86)\Fiery\Applications3\Command WorkStation 5\Contents\WinOS\cws.exe [2011-12-3 589824]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-12-03 1038088]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-31 92160]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 EFI ES1000;EFI ES1000;c:\program files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe [2008-04-11 9216]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;c:\windows\system32\DRIVERS\SNTUSB64.SYS [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-23 7833120]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.ca/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-Tajima DGML By Pulse 2009 Update Setup - c:\users\Heintje\AppData\Local\{17DED61C-64DD-43C7-B00B-818634A00EE6}\setup.exe
Toolbar-Locked - (no file)
HKLM-Run-Skytel - c:\program files\Realtek\Audio\HDA\Skytel.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Tajima\DGML By Pulse 2009\DesignSpooler.exe
c:\program files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Server.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Windows Live\Toolbar\wltuser.exe
.
**************************************************************************
.
Completion time: 2011-12-08 08:18:47 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-08 13:18
.
Pre-Run: 427,712,262,144 bytes free
Post-Run: 428,225,667,072 bytes free
.
- - End Of File - - 187551F42610C9F2519D37A5E753D514
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are any other computers using your router and are they getting redirects as well ?
  • 0

#14
NJGraphix

NJGraphix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
nope only mine.. the other pc work find and the mac work well for sure :)
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What is the address you get redirected to ?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP