Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Incessant pop up window every 10 minutes


  • Please log in to reply

#1
rustea

rustea

    New Member

  • Member
  • Pip
  • 1 posts
Hello Everyone,

I keep getting a small window popping up every 10 minutes that says 'Carissa Antoinette short has stopped working' A problem has caused the program to stop working correctly.
when I close that window, immediately, another one pops up saying that 'Windows is searching for a solution'

These are the things that happened just before I started getting these error messages, in case any of them may help you to find a solution:

I was using Norton 360 but it expired so I searched out a free antivirus software and chose Microsoft Security Essentials, on the download I was told to remove any other antivirus software on my system so I removed Norton 360, in the middle of the removal, it asked me if I wanted to leave 'Critical information' on the computer so that it could save my settings in case I decided to re install Norton at a later date. So I said YES in case the free antivirus was not to my liking.

I also had had Microsoft Windows Defender on my system, which was working, but read that it was compatible with Microsoft Security Essentials so I left that on the system. After downloading the Microsoft Security Essentials the Windows Defender will not open to allow me to run a scan anymore.

I play a lot of downloaded games and had many of them saved on my computer, I removed many of them to free up some space on the computer and then this pop up started after removing them.

I ran a complete scan with Security Essentials and came up with nothing, the pop ups are still happening, so I did a System Restore going back about 1 week and still have the same problem.

I ran OTL and these are the results:

OTL logfile created on: 26/05/2012 11:24:52 AM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Rustea\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.93 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 51.98% Memory free
6.06 Gb Paging File | 4.63 Gb Available in Paging File | 76.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.37 Gb Total Space | 46.77 Gb Free Space | 16.27% Space Free | Partition Type: NTFS
Drive D: | 10.72 Gb Total Space | 1.25 Gb Free Space | 11.69% Space Free | Partition Type: NTFS

Computer Name: RUSTEA-PC | User Name: Rustea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2012/05/25 14:30:16 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2012/05/24 18:59:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Rustea\Downloads\OTL.exe
PRC - [2012/05/08 18:27:44 | 000,065,536 | ---- | M] (Anton-Phuoc Golda Drusy) -- C:\Users\Rustea\AppData\Roaming\6 5\rundll32.exe
PRC - [2012/04/03 18:23:35 | 000,024,576 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\2 2\rundll32.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/05/04 17:10:32 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/09/27 11:36:24 | 000,176,408 | ---- | M] (iWin Inc.) -- C:\Program Files\iWin Games\iWinTrusted.exe
PRC - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/05/18 13:36:38 | 000,241,664 | ---- | M] () -- C:\Program Files\Common Files\SNP2UVC\tsnp2uvc.exe
PRC - [2009/05/18 13:34:12 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/22 21:56:50 | 000,441,880 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll
MOD - [2012/05/22 21:56:49 | 003,922,456 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
MOD - [2012/05/22 21:55:24 | 000,134,696 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll
MOD - [2012/05/22 21:55:23 | 000,250,408 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll
MOD - [2012/05/22 21:55:21 | 002,375,720 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll
MOD - [2012/05/22 21:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
MOD - [2012/05/03 06:26:35 | 000,100,864 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll
MOD - [2012/05/03 06:26:34 | 004,050,944 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll
MOD - [2012/04/03 18:23:35 | 000,024,576 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\2 2\rundll32.exe
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/05/18 13:36:38 | 000,241,664 | ---- | M] () -- C:\Program Files\Common Files\SNP2UVC\tsnp2uvc.exe
MOD - [2008/09/23 17:21:22 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/05/06 16:39:53 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/05 09:53:13 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/04 17:10:32 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/27 11:36:24 | 000,176,408 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/29 19:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F40EC59-BFC2-4184-81B8-35AFD15231CD}\MpKsl0536a8dc.sys -- (MpKsl0536a8dc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/10/01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011/09/09 21:34:28 | 000,018,432 | ---- | M] (XOSLAB.COM) [File_System | System | Running] -- C:\Windows\System32\drivers\xlkfs.sys -- (xlkfs)
DRV - [2011/07/29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/09/02 03:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/05/20 16:15:32 | 003,485,952 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/05/19 15:52:20 | 001,166,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/09/21 13:49:36 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2007/10/17 19:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2005/12/12 16:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.my-too...&as=0&isid=9851
IE - HKLM\..\URLSearchHook: {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKLM\..\SearchScopes\{A9C33EDE-4C6A-49DA-8F59-E7B54C5E6301}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3059010
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.my-too...q={searchTerms}
IE - HKLM\..\SearchScopes\{E6436A50-B03A-4713-A174-EFF271D201DA}: "URL" = http://www.ask.com/w...}&l=dis&o=cacql

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.my-too...&as=0&isid=9851
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.worldwinn.../cgi/login.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKCU\..\URLSearchHook: {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {62D526DA-ABC9-451C-863B-3195004F6CF7}
IE - HKCU\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000242c911aaf
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...15-0F39947E3EE5
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.c...rms}&tbid=60468
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.pogo.ip...q={searchTerms}
IE - HKCU\..\SearchScopes\{62D526DA-ABC9-451C-863B-3195004F6CF7}: "URL" = http://start.funmood...q={searchTerms}
IE - HKCU\..\SearchScopes\{6CF82D0E-88AD-6205-BC69-EBB0A35C4A0C}: "URL" = http://ala.asksearch...}&cfg=2-208-0-0
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKCU\..\SearchScopes\{A9C33EDE-4C6A-49DA-8F59-E7B54C5E6301}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3059010
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.my-too...q={searchTerms}
IE - HKCU\..\SearchScopes\{CD10120B-C165-4f8d-8C74-639629E238FF}: "URL" = http://mystart.magen...&loc=search_box
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...m=1&toolbar=UT2
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...ox&a=DidbavotNK
IE - HKCU\..\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{E6436A50-B03A-4713-A174-EFF271D201DA}: "URL" = http://www.ask.com/w...}&l=dis&o=cacql
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57091

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Vgrabber Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "MyTools"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: crossriderapp3491@crossrider.com:0.81.19
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.12.0.8
FF - prefs.js..extensions.enabledItems: glowywine-ff3-30@glowplug.bitasylum.net:4.0.3.08
FF - prefs.js..extensions.enabledItems: {e7348bc0-16f6-11de-8c30-0800200c9a66}:3.6.19.02.10
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57091
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@photoproduct.rocketlife.com/RocketLife App Viewer;version=0.8: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realarcade.com/RAClient: C:\ProgramData\RealArcade\npraclient.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Rustea\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Rustea\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0849}: C:\ProgramData\iWin Games\firefox [2011/01/30 11:41:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/11/11 23:06:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/25 14:31:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/25 14:31:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/25 14:32:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/05/25 14:31:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/05/25 14:32:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{B466E482-3795-433F-8472-1CAC985B0B10}: C:\Users\Rustea\AppData\Local\{B466E482-3795-433F-8472-1CAC985B0B10} [2011/06/08 00:17:35 | 000,000,000 | ---D | M]

[2012/02/25 13:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Extensions
[2010/08/31 22:37:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/04/23 13:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2009/10/24 18:39:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2012/05/15 23:45:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions
[2011/06/06 16:11:02 | 000,000,000 | ---D | M] ("UserZoom survey tool") -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{0a9de085-6dc7-4bc8-b718-2b6b0921458d}
[2009/08/29 22:57:20 | 000,000,000 | ---D | M] (AvantGarde Mist) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{1bb9ca60-cdad-11dd-ad8b-0800200c9a66}
[2010/06/24 11:49:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/10 21:34:47 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2012/04/26 21:38:27 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2009/08/29 23:01:03 | 000,000,000 | ---D | M] (AvantGarde Rosepetal) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2011/11/05 20:20:51 | 000,000,000 | ---D | M] (Vgrabber Community Toolbar) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{b2ed7faf-72a0-46d1-9d9d-602226f5cb9f}
[2011/07/10 21:34:48 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/07/10 21:34:50 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/07/20 12:30:19 | 000,000,000 | ---D | M] (Consumer Input) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\ConsumerInput@Compete
[2011/05/13 16:54:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\engine@conduit.com
[2012/02/16 19:14:23 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\ffxtlbr@babylon.com
[2012/02/16 19:16:18 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\ffxtlbr@funmoods.com
[2011/07/01 00:35:20 | 000,000,000 | ---D | M] (glowywine) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\glowywine-ff3-30@glowplug.bitasylum.net
[2012/05/06 16:40:00 | 000,000,000 | ---D | M] (MyTools extension) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\info@my-tools-app.com
[2012/05/06 16:40:00 | 000,000,000 | ---D | M] (wxDfast extension) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\info@wxdownloadmanager.com
[2011/07/01 00:35:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\glowywine-ff3-30@glowplug.bitasylum.net\chrome\global\extension-icons
[2011/07/01 00:35:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\glowywine-ff3-30@glowplug.bitasylum.net\chrome\mozapps\extensions
[2011/07/01 00:35:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\glowywine-ff3-30@glowplug.bitasylum.net\chrome4\mozapps\extensions
[2010/12/10 14:41:05 | 000,002,233 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\alot-search.xml
[2011/01/28 20:24:33 | 000,001,739 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\ask.uk.xml
[2011/10/04 17:33:04 | 000,002,568 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\askcom.xml
[2011/10/30 19:08:08 | 000,000,919 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\conduit.xml
[2012/02/16 19:16:14 | 000,001,797 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\funmoods.xml
[2010/09/02 04:09:28 | 000,002,486 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\iMeshWebSearch.xml
[2011/03/15 21:03:49 | 000,002,183 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\MyStart Search.xml
[2012/02/16 19:19:19 | 000,000,544 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\MyTools.xml
[2011/11/05 20:24:23 | 000,002,517 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\SearchResults.xml
[2012/01/02 19:03:26 | 000,002,519 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\Search_Results.xml
[2012/05/06 16:40:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/05/06 16:39:53 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/01 13:34:26 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/03/30 20:13:54 | 000,098,304 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npraclient.dll
[2005/04/27 16:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2012/05/25 14:30:49 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/02/16 19:14:17 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/05/06 16:39:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/05 20:24:23 | 000,002,517 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012/01/02 19:03:26 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/05/06 16:39:50 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-re...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealArcade NPAPI Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npraclient.dll
CHR - plugin: RealArcade Mozilla Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\Rustea\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {070C35BD-60CA-6629-7DBF-7CD93F2B45C2} - C:\Windows\System32\bcdprrov.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {0C433F70-233B-7F1B-1EE3-134E09C70565} - C:\Windows\System32\NlsDataa0416.dll ()
O2 - BHO: (Vid-Saver) - {11111111-1111-1111-1111-110011341191} - C:\Program Files\Vid-Saver\Vid-Saver.dll (215 Apps)
O2 - BHO: (Adobe PDF Link Helper) - {165740A0-3D69-4A16-6EB1-600D1D486135} - C:\Windows\System32\mssssha.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {190C2B0C-75CD-4832-6354-195E6315252A} - C:\Windows\System32\comsnapp.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {1C09477F-0457-15FC-16BF-3625137858B0} - C:\Windows\System32\icmpp.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {23221E54-15C8-7330-7083-3F0908053F09} - C:\Windows\System32\iasaads.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {29DD5869-17F1-164F-79EE-25186E1E4989} - C:\Windows\System32\d3dxx9_25.dll ()
O2 - BHO: (Groove Folder Synchronization) - {2AA85371-3033-446B-2E95-70C35D69088C} - C:\Windows\System32\l2naacp.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {2BA2522D-032E-613C-1E74-5A2475F84659} - C:\Windows\System32\NlsDData0007.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {2D5E510A-490C-03F9-0A64-30A1628317CB} - C:\Windows\System32\comsnaap.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {2FB446A7-5028-429C-5CBB-4DE35BA32992} - C:\Windows\System32\msiefftp.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Groove Folder Synchronization) - {319E5BBD-01FF-76B5-7ACC-002A518E0098} - C:\Windows\System32\l2naaacp.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {31C24E61-0E51-1E3E-1B80-485819745392} - C:\Windows\System32\NlsDataa001d.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Windows Live ID Sign-in Helper) - {352A79F6-341C-35A7-62EB-355A6DD91116} - C:\Windows\System32\icmmui.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {3890247F-3FC5-5BAF-189B-66B47C28647D} - C:\Windows\System32\mseexcl40.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {3E6E683F-0B9C-131E-0562-379A3B765926} - C:\Windows\System32\softtpub.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {3FAA04B4-2741-5180-5DEB-60F413790C85} - C:\Windows\System32\KBBDBR.DLL ()
O2 - BHO: (Groove GFS Browser Helper) - {468909E9-0C1A-31C6-6A10-2C3F7975083F} - C:\Windows\System32\divx_xxx11.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {484E6B94-5FDD-718A-43A5-35907A963996} - C:\Windows\System32\nttdll.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {4C6315C1-6D00-39BF-4617-0C577A64050F} - C:\Windows\System32\PortableDeviceWiaCompatt.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {4D562042-3C78-5626-6683-74D7627A0E46} - C:\Windows\System32\gpeditt.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {53FA39C3-055A-0485-0276-71675F9F6693} - C:\Windows\System32\cfggmgr32.dll ()
O2 - BHO: (Groove Folder Synchronization) - {5B9B33CE-35C1-2669-7B52-40C9328C7E31} - C:\Windows\System32\NlsLexxicons0022.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {63166B0F-6696-7F54-443A-1ACD679A1A35} - C:\Windows\System32\hpbprrops.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {65B9704E-407F-2133-4430-50F52918657B} - C:\Windows\System32\igdumd322.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {6B2B6EB0-6215-4253-3460-380B03AF0A4D} - C:\Windows\System32\dpps.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {777E40BC-4769-64BF-44D8-45632F9348C2} - C:\Windows\System32\desskadp.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {79616298-466B-4C28-3695-01CF283A3303} - C:\Windows\System32\igffxpph.dll ()
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
O2 - BHO: (Vgrabber Toolbar) - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
O2 - BHO: (wxdfast Class) - {E8E4F971-D737-40a1-8046-16EAD6D806E1} - C:\Program Files\wxdfast\wxdfast.dll (wxdfast)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vgrabber Toolbar) - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - No CLSID value found.
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Vgrabber Toolbar) - {B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F} - C:\Program Files\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KBD] C:\HP\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tsnp2uvc] C:\Program Files\Common Files\SNP2UVC\tsnp2uvc.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [adobeupdate] C:\Users\Rustea\AppData\Roaming\6 5\l3.lnk ()
O4 - HKCU..\Run: [adobeupdater] "C:\Users\Rustea\AppData\Roaming\6 5\rundll32.exe" File not found
O4 - HKCU..\Run: [F16.exe] C:\Users\Rustea\AppData\Roaming\Microsoft\F564\F16.exe (Microsoft Corporation)
O4 - HKCU..\Run: [FreeAC] C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - Startup: C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cfe.lnk = C:\Users\Rustea\AppData\Roaming\2 2\rundll32.exe ()
O4 - Startup: C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cwcwer.lnk = C:\Users\Rustea\AppData\Roaming\2 2\j.exe ()
O4 - Startup: C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wwer.lnk = C:\Users\Rustea\AppData\Roaming\k 42\j.exe ()
F3 - HKCU WinNT: Load - (C:\Users\Rustea\AppData\Local\Temp\csrss.exe) - File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinn...0/tpir/tpir.cab (TPIR Control)
O16 - DPF: {3D3DBC64-0D21-4EA4-94EE-86D6D9B31C0C} http://www.worldwinn...t/moneylist.cab (MoneyList Control)
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} http://www.worldwinn...litairerush.cab (SolitaireRush Control)
O16 - DPF: {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} http://www.psapoll.com/CopyGuardIE.cab (CopyGuardCtrl Class)
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} http://www.worldwinn...ts/wwhearts.cab (Reg Error: Key error.)
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} http://www.worldwinn...jattack/bja.cab (BJA Control)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {64CD313F-F079-4D93-959F-4D28B5519449} http://www.worldwinn...dy/jeopardy.cab (Reg Error: Key error.)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinn....0/iewwload.cab (Reg Error: Key error.)
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} http://www.worldwinn...eweledtwist.cab (BejeweledTwist Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (Reg Error: Key error.)
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} http://www.worldwinn...luxor/luxor.cab (WwLuxor Control)
O16 - DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} http://www.worldwinn...ly/monopoly.cab (Monopoly Control)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} http://www.worldwinn...es/wwspades.cab (WWSpades Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11ACC45E-A43C-4798-9DE0-E9242F4CA2A7}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\Rustea\AppData\Roaming\dwm.exe) - File not found
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Users\Rustea\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Rustea\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9c4adb91-94b0-11de-a909-001f16d9df56}\Shell - "" = AutoRun
O33 - MountPoints2\{9c4adb91-94b0-11de-a909-001f16d9df56}\Shell\AutoRun\command - "" = F:\StartClickFreeBackup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 90 Days ==========

[2012/05/26 11:17:45 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{8CDC17A6-3922-4C0B-9352-6EE5B6AFF8A0}
[2012/05/26 11:17:16 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{D64AFE49-43E4-4A7B-A010-8C461DB13315}
[2012/05/26 00:11:06 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\RealNetworks
[2012/05/25 14:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012/05/25 14:30:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/05/23 18:36:04 | 000,000,000 | R--D | C] -- C:\Users\Rustea\Desktop\Jobs for Welfare
[2012/05/19 14:22:24 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\cerasus.media
[2012/05/19 14:21:13 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Legends - Tree of Life
[2012/05/18 16:08:56 | 000,000,000 | ---D | C] -- C:\Users\Rustea\Desktop\Animals
[2012/05/15 13:10:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2012/05/14 15:33:22 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{27B28548-04CC-4A4E-B969-F8ABE4A1D86B}
[2012/05/14 15:33:02 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{6D08C342-BE59-4878-80D2-100EF3342D56}
[2012/05/10 10:09:06 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/05/10 10:09:04 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/05/10 10:09:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/05/10 10:09:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/05/10 10:09:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/05/10 10:09:01 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/05/09 15:58:37 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{BC088907-4FF8-4AD5-B38A-F03338A8F01A}
[2012/05/09 15:58:25 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{42973574-DE12-4D4C-9262-66FF8E5CEBD3}
[2012/05/09 15:47:17 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/05/09 15:47:16 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/05/09 15:47:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/05/09 15:47:16 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/05/09 15:47:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/05/09 15:47:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/05/09 15:47:15 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/05/09 15:47:15 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/05/09 15:47:15 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/05/09 15:47:15 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/05/09 15:47:15 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/05/09 15:47:15 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/05/09 15:47:15 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/05/09 15:47:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/05/09 15:47:14 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/05/09 15:47:14 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/05/09 15:47:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/05/09 15:47:14 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/05/09 15:47:14 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/05/09 15:47:14 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/05/09 15:47:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/05/09 15:47:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/05/09 15:47:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/05/09 15:47:13 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/05/09 15:47:13 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/05/09 15:47:13 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/05/09 15:47:13 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/05/09 15:47:12 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/05/09 15:47:12 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/05/09 15:47:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/05/09 15:47:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/05/09 11:56:41 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\LegacyGames
[2012/05/09 11:54:56 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Legends of Atlantis - Exodus
[2012/05/08 18:54:12 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{E8B22813-9012-4BF0-B5C3-13CA58446692}
[2012/05/08 18:54:00 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{5F9CD2CE-641F-470D-AA05-F9C0CFC357D1}
[2012/05/08 16:20:53 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/05/08 16:20:53 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/08 16:20:53 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/05/08 16:20:52 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/05/08 16:20:52 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/05/08 16:20:14 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/08 16:20:14 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/08 16:20:13 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/05/08 13:39:27 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\6 5
[2012/05/07 16:42:13 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{36993243-6271-4AEF-B3FC-EC8045244153}
[2012/05/07 16:41:59 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{5FD40528-C707-4774-8A59-02D5139C36CA}
[2012/05/07 16:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/05/07 16:32:29 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/05/07 16:13:33 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{9BAA45C9-1844-49DC-83F8-16815C613C61}
[2012/05/06 16:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/05/06 16:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/05 16:12:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\1076
[2012/05/05 14:46:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\3012
[2012/05/05 13:09:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\1011
[2012/05/05 11:36:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\2009
[2012/05/05 10:53:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\2025
[2012/05/05 08:23:27 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\3 2
[2012/05/05 00:32:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\3043
[2012/05/04 13:44:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\3071
[2012/05/04 11:43:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\1085
[2012/05/03 06:36:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\2094
[2012/05/01 18:43:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\3064
[2012/05/01 18:10:21 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\WeatherLord
[2012/05/01 18:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\WeatherLord
[2012/05/01 18:09:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\2063
[2012/05/01 12:36:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\2055
[2012/05/01 12:23:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\2052
[2012/05/01 12:21:21 | 146,394,112 | ---- | C] (Microsoft Corporation) -- C:\Users\Rustea\Desktop\Weather Lord Setup.exe
[2012/05/01 11:44:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\1049
[2012/04/30 14:27:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\2016
[2012/04/29 15:28:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\2017
[2012/04/29 13:29:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\30263027
[2012/04/28 18:26:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\3066
[2012/04/28 15:54:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\3044
[2012/04/28 14:32:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\2014
[2012/04/26 21:38:28 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\CRE
[2012/04/26 21:38:10 | 000,000,000 | ---D | C] -- C:\Program Files\Vid-Saver
[2012/04/25 14:51:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\3085
[2012/04/25 13:13:40 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Jumb-O-Fun Games
[2012/04/25 13:11:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\1056
[2012/04/21 20:03:57 | 000,000,000 | R--D | C] -- C:\Users\Rustea\Desktop\FOR THE TOWERS
[2012/04/19 20:20:17 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/04/15 16:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/04/09 08:51:16 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\2 2
[2012/04/02 18:02:44 | 000,000,000 | ---D | C] -- C:\Users\Rustea\.dvdcss
[2012/04/02 18:00:25 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\QuickPlay
[2012/04/02 17:58:18 | 000,000,000 | ---D | C] -- C:\Users\Rustea\Documents\Any Video Converter
[2012/04/02 17:57:58 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\AnvSoft
[2012/04/02 17:57:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2012/04/02 17:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2012/04/02 14:10:59 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/03/28 01:37:37 | 000,000,000 | R--D | C] -- C:\Users\Rustea\Desktop\Public TV 2
[2012/03/26 12:18:24 | 000,000,000 | R--D | C] -- C:\Users\Rustea\Desktop\PUBLIC TV COMEDY
[2012/03/23 16:56:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/03/22 23:21:35 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Memeo
[2012/03/22 16:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Partition Master 9.1.1 Home Edition
[2012/03/22 16:09:47 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Seagate
[2012/03/22 16:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
[2012/03/22 16:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
[2012/03/22 16:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Memeo
[2012/03/22 16:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\Memeo
[2012/03/22 16:06:20 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2012/03/22 16:03:08 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Leadertech
[2012/03/21 12:17:18 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elixir of Immortality
[2012/03/21 12:16:45 | 000,000,000 | ---D | C] -- C:\Program Files\Elixir of Immortality
[2012/03/20 20:44:12 | 000,074,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\NisDrvWFP.sys
[2012/03/20 09:38:09 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\k 42
[2012/03/18 16:43:09 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Maximize Games
[2012/03/18 16:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Maximize Games
[2012/03/17 19:18:37 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\New Yankee in King Arthurs Court
[2012/03/17 19:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\New Yankee in King Arthurs Court
[2012/03/17 19:18:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\2082
[2012/03/15 12:13:49 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mega World Smash
[2012/03/15 12:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mega World Smash
[2012/03/15 12:12:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\3047
[2012/03/14 15:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/03/14 15:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/03/14 11:27:19 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/03/13 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\HitPoint Studios
[2012/03/12 16:11:00 | 000,000,000 | ---D | C] -- C:\Users\Rustea\Documents\Wondershare Video Converter Platinum
[2012/03/12 16:11:00 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Wondershare Video Converter Platinum
[2012/03/12 16:10:50 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\Wondershare
[2012/03/12 16:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wondershare
[2012/03/12 16:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2012/03/12 16:10:41 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\System32\iconv.dll
[2012/03/12 16:10:40 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Wondershare
[2012/03/12 16:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Wondershare
[2012/03/12 16:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pazera Free MP4 to AVI Converter
[2012/03/12 16:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\pazera-software
[2012/03/10 17:04:34 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Anino Games
[2012/03/10 16:52:05 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Potion Bar
[2012/03/10 16:51:31 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grave Mania - Undead Fever
[2012/03/10 16:51:03 | 000,000,000 | ---D | C] -- C:\Program Files\Grave Mania - Undead Fever
[2012/03/10 16:50:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\2027
[2012/03/04 14:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SpookyMall
[2012/02/29 16:05:42 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Realore All My Gods
[2012/02/29 12:49:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\3069
[2012/02/27 19:33:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
[2012/02/27 19:23:46 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2012/02/27 19:21:34 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/02/27 19:21:33 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/02/27 19:21:33 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/02/27 19:19:10 | 000,000,000 | ---D | C] -- C:\Users\Rustea\Desktop\OpenOffice.org 3.3 (en-GB) Installation Files
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2012/05/26 11:24:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2937116624-3378611677-1033156524-1000UA.job
[2012/05/26 11:17:03 | 000,000,284 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2012/05/26 11:15:56 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/26 11:15:15 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-Rustea-Startup.job
[2012/05/26 11:14:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/26 11:14:57 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/26 11:14:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/26 10:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/26 10:38:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/26 10:12:06 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At24.job
[2012/05/26 09:12:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At23.job
[2012/05/25 23:12:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At22.job
[2012/05/25 20:24:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2937116624-3378611677-1033156524-1000Core.job
[2012/05/25 19:32:59 | 000,000,476 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Rustea.job
[2012/05/25 18:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2012/05/25 14:32:12 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/05/25 14:31:14 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012/05/25 14:30:33 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012/05/25 14:30:33 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012/05/25 14:30:28 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012/05/25 12:30:34 | 000,153,600 | ---- | M] () -- C:\Users\Rustea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/25 12:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At21.job
[2012/05/25 10:12:03 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At20.job
[2012/05/24 11:12:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At4.job
[2012/05/24 05:12:01 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At19.job
[2012/05/24 01:59:02 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2012/05/24 01:26:54 | 000,002,047 | ---- | M] () -- C:\Users\Rustea\Desktop\Google Chrome.lnk
[2012/05/24 01:26:54 | 000,002,009 | ---- | M] () -- C:\Users\Rustea\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/23 13:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At7.job
[2012/05/23 12:12:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At6.job
[2012/05/23 10:12:01 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At2.job
[2012/05/23 10:10:15 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At13.job
[2012/05/22 18:11:48 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At5.job
[2012/05/22 14:11:48 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At3.job
[2012/05/21 14:47:27 | 000,000,989 | ---- | M] () -- C:\Users\Rustea\Desktop\Any Video Converter.lnk
[2012/05/20 14:12:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At12.job
[2012/05/20 12:12:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At11.job
[2012/05/19 17:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At10.job
[2012/05/19 15:12:03 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\At27.job
[2012/05/19 14:21:13 | 000,002,196 | ---- | M] () -- C:\Users\Rustea\Desktop\Play Over 11.000 Online Games on The Playing Bay.lnk
[2012/05/19 14:21:13 | 000,002,078 | ---- | M] () -- C:\Users\Rustea\Desktop\Jewel Legends - Tree of Life.lnk
[2012/05/19 14:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At9.job
[2012/05/19 13:12:00 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At8.job
[2012/05/19 13:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At26.job
[2012/05/19 12:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At25.job
[2012/05/19 12:01:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1.job
[2012/05/18 17:37:25 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Monopoly Here & Now Edition.lnk
[2012/05/18 17:37:25 | 000,000,152 | ---- | M] () -- C:\Users\Public\Desktop\More Games at GameHouse.com.url
[2012/05/18 12:59:49 | 000,001,403 | ---- | M] () -- C:\Users\Rustea\Desktop\Cover Letter 1.rtf
[2012/05/16 13:03:47 | 000,006,336 | ---- | M] () -- C:\Users\Rustea\Desktop\Resume 4.rtf
[2012/05/15 13:09:00 | 000,001,217 | ---- | M] () -- C:\Users\Rustea\Desktop\virus stuff.rtf
[2012/05/12 17:13:01 | 000,000,680 | ---- | M] () -- C:\Users\Rustea\AppData\Local\d3d9caps.dat
[2012/05/09 15:56:16 | 000,000,903 | ---- | M] () -- C:\Users\Rustea\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/09 15:47:30 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012/05/09 15:47:30 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012/05/09 15:47:17 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/05/09 15:47:16 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/05/09 15:47:16 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/05/09 15:47:16 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/05/09 15:47:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/05/09 15:47:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/05/09 15:47:15 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/05/09 15:47:15 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/05/09 15:47:15 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/05/09 15:47:15 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/05/09 15:47:15 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/05/09 15:47:15 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/05/09 15:47:15 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/05/09 15:47:15 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/05/09 15:47:15 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/05/09 15:47:14 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/05/09 15:47:14 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/05/09 15:47:14 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/05/09 15:47:14 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/05/09 15:47:14 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/05/09 15:47:14 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/05/09 15:47:13 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/05/09 15:47:13 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/05/09 15:47:13 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/05/09 15:47:13 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/05/09 15:47:13 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/05/09 15:47:13 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/05/09 15:47:13 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/05/09 15:47:12 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/05/09 15:47:12 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/05/09 15:47:12 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/05/09 15:47:12 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/05/09 11:54:56 | 000,001,973 | ---- | M] () -- C:\Users\Rustea\Desktop\Legends of Atlantis - Exodus.lnk
[2012/05/08 18:37:47 | 000,327,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/08 17:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At17.job
[2012/05/08 17:12:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At18.job
[2012/05/08 16:34:20 | 000,712,078 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012/05/08 16:34:20 | 000,634,732 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/08 16:34:20 | 000,145,322 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2012/05/08 16:34:20 | 000,120,000 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/08 16:15:58 | 001,423,446 | -H-- | M] () -- C:\Users\Rustea\AppData\Roaming\Rusteav1.18.0 - Trial versionlog.dat
[2012/05/08 14:58:44 | 000,000,250 | ---- | M] () -- C:\Users\Rustea\Desktop\games to dl.rtf
[2012/05/08 11:12:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At15.job
[2012/05/08 11:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At16.job
[2012/05/08 10:12:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At14.job
[2012/05/07 22:41:55 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/05/07 16:35:14 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/05/07 15:18:45 | 000,008,356 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\wklnhst.dat
[2012/05/05 09:53:13 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/05/05 09:53:13 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/05/01 17:26:13 | 146,394,112 | ---- | M] (Microsoft Corporation) -- C:\Users\Rustea\Desktop\Weather Lord Setup.exe
[2012/04/26 21:38:05 | 000,000,756 | ---- | M] () -- C:\Users\Rustea\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/04/23 13:51:39 | 000,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/04/15 18:34:03 | 000,000,180 | ---- | M] () -- C:\Users\Rustea\Desktop\watch hockey.rtf
[2012/04/15 16:08:57 | 000,000,819 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/04/14 17:00:01 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/04/10 14:13:02 | 000,000,799 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cfe.lnk
[2012/04/09 08:51:22 | 000,001,666 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cwcwer.lnk
[2012/04/05 17:42:44 | 000,000,802 | ---- | M] () -- C:\Users\Rustea\Desktop\Brent's MY ACCOUNT information.rtf
[2012/04/03 04:16:12 | 003,602,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/04/03 04:16:11 | 003,550,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/04/02 09:36:21 | 002,044,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/03/31 18:26:00 | 000,001,015 | -H-- | M] () -- C:\Windows\EPMBatch.ept
[2012/03/23 17:07:01 | 010,884,266 | ---- | M] () -- C:\Users\Rustea\Desktop\LD DVD PLAYER.pdf
[2012/03/23 16:56:35 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/03/23 00:50:15 | 000,000,869 | ---- | M] () -- C:\Users\Rustea\Desktop\CyberLink DVD Suite.lnk
[2012/03/22 16:27:56 | 000,000,980 | ---- | M] () -- C:\Users\Public\Desktop\EASEUS Partition Master 9.1.1 Home Edition.lnk
[2012/03/22 16:08:33 | 000,001,034 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Dashboard.lnk
[2012/03/21 03:32:42 | 000,001,713 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wwer.lnk
[2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NisDrvWFP.sys
[2012/03/18 18:49:18 | 000,000,355 | ---- | M] () -- C:\Users\Rustea\Desktop\pension payment dates 2012.rtf
[2012/03/15 12:13:49 | 000,001,765 | ---- | M] () -- C:\Users\Rustea\Desktop\Mega World Smash.lnk
[2012/03/15 11:20:25 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
[2012/03/14 15:28:36 | 000,001,854 | ---- | M] () -- C:\Users\Rustea\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/03/14 15:26:30 | 000,000,628 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2012/03/14 15:24:57 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/13 19:18:02 | 002,469,760 | ---- | M] () -- C:\Windows\System32\BootMan.exe
[2012/03/12 16:10:46 | 000,001,128 | ---- | M] () -- C:\Users\Rustea\Desktop\Wondershare Video Converter Platinum.lnk
[2012/03/12 16:05:44 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Pazera Free MP4 to AVI Converter.lnk
[2012/03/05 14:10:15 | 000,001,523 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DFX.lnk
[2012/03/01 13:34:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012/03/01 13:34:26 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/03/01 13:34:26 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/03/01 13:34:26 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/03/01 10:46:01 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/03/01 10:46:01 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/02/29 10:08:47 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/02/29 09:44:50 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/02/29 09:41:40 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/02/27 21:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/02/27 21:11:21 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/02/27 21:09:51 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/02/27 21:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/02/27 21:03:16 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/02/27 20:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/02/27 19:23:51 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/25 14:32:12 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/05/19 14:21:13 | 000,002,196 | ---- | C] () -- C:\Users\Rustea\Desktop\Play Over 11.000 Online Games on The Playing Bay.lnk
[2012/05/19 14:21:13 | 000,002,078 | ---- | C] () -- C:\Users\Rustea\Desktop\Jewel Legends - Tree of Life.lnk
[2012/05/18 17:37:25 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Monopoly Here & Now Edition.lnk
[2012/05/18 17:37:25 | 000,000,152 | ---- | C] () -- C:\Users\Public\Desktop\More Games at GameHouse.com.url
[2012/05/15 10:49:26 | 000,001,217 | ---- | C] () -- C:\Users\Rustea\Desktop\virus stuff.rtf
[2012/05/09 15:47:15 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/05/09 11:54:56 | 000,001,973 | ---- | C] () -- C:\Users\Rustea\Desktop\Legends of Atlantis - Exodus.lnk
[2012/05/08 14:58:43 | 000,000,250 | ---- | C] () -- C:\Users\Rustea\Desktop\games to dl.rtf
[2012/05/07 16:35:14 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/05/07 16:34:49 | 000,001,786 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/05/07 16:28:02 | 000,001,985 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/05/05 16:12:38 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\At27.job
[2012/05/05 14:46:52 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At26.job
[2012/05/05 13:09:45 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At25.job
[2012/05/05 11:36:51 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\At24.job
[2012/05/05 10:53:30 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\At23.job
[2012/05/05 00:32:22 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At22.job
[2012/05/04 13:44:51 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At21.job
[2012/05/04 11:43:19 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\At20.job
[2012/05/03 06:36:17 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At19.job
[2012/05/01 18:43:05 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\At18.job
[2012/05/01 18:09:47 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At17.job
[2012/05/01 12:36:43 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At16.job
[2012/05/01 12:23:14 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At15.job
[2012/05/01 11:44:40 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At14.job
[2012/04/30 14:27:01 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\At13.job
[2012/04/29 15:28:01 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\At12.job
[2012/04/29 13:29:43 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At11.job
[2012/04/28 18:26:40 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At10.job
[2012/04/28 15:54:46 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At9.job
[2012/04/28 14:32:13 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At8.job
[2012/04/25 14:51:06 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At7.job
[2012/04/25 13:11:48 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\At6.job
[2012/04/19 20:20:20 | 000,002,047 | ---- | C] () -- C:\Users\Rustea\Desktop\Google Chrome.lnk
[2012/04/19 20:20:20 | 000,002,009 | ---- | C] () -- C:\Users\Rustea\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/19 20:19:36 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2937116624-3378611677-1033156524-1000UA.job
[2012/04/19 20:19:34 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2937116624-3378611677-1033156524-1000Core.job
[2012/04/15 18:34:03 | 000,000,180 | ---- | C] () -- C:\Users\Rustea\Desktop\watch hockey.rtf
[2012/04/15 16:08:56 | 000,000,819 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/04/09 08:51:19 | 000,000,799 | ---- | C] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cfe.lnk
[2012/04/09 08:51:18 | 000,001,666 | ---- | C] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cwcwer.lnk
[2012/04/02 17:57:40 | 000,000,989 | ---- | C] () -- C:\Users\Rustea\Desktop\Any Video Converter.lnk
[2012/04/02 14:11:01 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/03/31 18:24:25 | 000,001,015 | -H-- | C] () -- C:\Windows\EPMBatch.ept
[2012/03/23 17:07:01 | 010,884,266 | ---- | C] () -- C:\Users\Rustea\Desktop\LD DVD PLAYER.pdf
[2012/03/23 16:56:34 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/03/23 16:56:34 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/03/22 23:34:06 | 000,000,869 | ---- | C] () -- C:\Users\Rustea\Desktop\CyberLink DVD Suite.lnk
[2012/03/22 16:27:55 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2012/03/22 16:27:55 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2012/03/22 16:27:55 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2012/03/22 16:27:55 | 000,000,980 | ---- | C] () -- C:\Users\Public\Desktop\EASEUS Partition Master 9.1.1 Home Edition.lnk
[2012/03/22 16:27:54 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2012/03/22 16:27:54 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2012/03/22 16:08:31 | 000,001,034 | ---- | C] () -- C:\Users\Public\Desktop\Seagate Dashboard.lnk
[2012/03/20 09:38:09 | 000,001,713 | ---- | C] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wwer.lnk
[2012/03/18 18:49:18 | 000,000,355 | ---- | C] () -- C:\Users\Rustea\Desktop\pension payment dates 2012.rtf
[2012/03/17 19:18:20 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At5.job
[2012/03/15 12:13:49 | 000,001,765 | ---- | C] () -- C:\Users\Rustea\Desktop\Mega World Smash.lnk
[2012/03/15 12:13:01 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At4.job
[2012/03/14 15:24:57 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/12 16:10:46 | 000,001,128 | ---- | C] () -- C:\Users\Rustea\Desktop\Wondershare Video Converter Platinum.lnk
[2012/03/12 16:10:43 | 000,158,720 | ---- | C] () -- C:\Windows\System32\WS_VideoConverterContextMenu.dll
[2012/03/12 16:10:41 | 000,675,840 | ---- | C] () -- C:\Windows\System32\ac3filter.ax
[2012/03/12 16:10:41 | 000,496,640 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2012/03/12 16:05:44 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\Pazera Free MP4 to AVI Converter.lnk
[2012/03/10 16:50:38 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At3.job
[2012/03/05 14:10:15 | 000,001,523 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DFX.lnk
[2012/02/29 12:49:23 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At2.job
[2012/02/27 19:23:51 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2012/01/11 14:11:25 | 000,073,728 | ---- | C] () -- C:\Windows\System32\nttdll.dll
[2011/10/13 05:20:51 | 000,061,440 | ---- | C] () -- C:\Windows\System32\oleeacc.dll
[2011/08/17 17:19:16 | 000,142,032 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/06/08 00:17:36 | 000,000,120 | ---- | C] () -- C:\Users\Rustea\AppData\Local\Vqelihajilesoqa.dat
[2011/06/08 00:17:36 | 000,000,000 | ---- | C] () -- C:\Users\Rustea\AppData\Local\Kqoma.bin
[2011/06/08 00:15:54 | 000,000,148 | ---- | C] () -- C:\Users\Rustea\AppData\Roaming\d5jc6fnb.bat
[2011/03/24 13:51:34 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/03/18 23:05:49 | 000,029,504 | ---- | C] () -- C:\Windows\cscmondump.bin
[2011/03/18 19:52:01 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/02/10 02:08:58 | 000,196,608 | ---- | C] () -- C:\Windows\System32\mfmp4ssrc.dll
[2011/02/10 02:08:56 | 000,061,440 | ---- | C] () -- C:\Windows\System32\d3d10levell9.dll
[2010/12/15 04:31:21 | 000,045,056 | ---- | C] () -- C:\Windows\System32\taaskeng.exe
[2010/11/27 20:07:44 | 002,205,064 | ---- | C] () -- C:\ProgramData\shs_setup_4059-354328.exe
[2010/11/27 20:07:42 | 000,000,653 | ---- | C] () -- C:\ProgramData\SHSupdates.xml
[2010/11/13 14:25:39 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/10/27 10:23:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\gameuux.dll
[2010/10/26 13:32:08 | 000,019,521 | ---- | C] () -- C:\Windows\hpqins13.dat
[2010/09/30 23:06:59 | 003,485,952 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2010/09/30 23:06:59 | 000,239,616 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2010/09/30 23:06:59 | 000,196,608 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2010/09/30 23:06:59 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2010/09/30 23:06:59 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2010/08/17 19:25:30 | 000,116,839 | ---- | C] () -- C:\Windows\hpqins00.dat
[2010/08/17 18:36:31 | 000,121,356 | ---- | C] () -- C:\Windows\hpoins15.dat.temp
[2010/08/17 18:36:31 | 000,001,037 | ---- | C] () -- C:\Windows\hpomdl15.dat.temp
[2010/08/17 18:30:08 | 000,139,576 | ---- | C] () -- C:\Windows\hpoins15.dat
[2010/08/17 18:30:08 | 000,001,039 | ---- | C] () -- C:\Windows\hpomdl15.dat
[2010/07/28 21:22:56 | 000,045,056 | ---- | C] () -- C:\Windows\System32\igfxperrs.exe
[2010/07/28 20:20:56 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB62280$] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:69AF9D20
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:F7F6E6CB
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:D37966A8
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:D24FEF9D
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:5AA97E18
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:375FC7E7
@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFLV360B061TJTHX6HW0405NB9MXFSVF7VBCVP4GV
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:B0193F8E
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:84151293
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:3118E26B
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:14750D76
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:15752405
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:02A78DF6
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:69FD6BF0
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:538B96B5
@Alternate Data Stream - 8 bytes -> C:\Windows:
@Alternate Data Stream - 237 bytes -> C:\ProgramData\Temp:9B8C5BA8
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:C8AD98B9
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:178093AE
@Alternate Data Stream - 233 bytes -> C:\ProgramData\Temp:8FBE6CA7
@Alternate Data Stream - 233 bytes -> C:\ProgramData\Temp:6B940F20
@Alternate Data Stream - 232 bytes -> C:\ProgramData\Temp:6E11933F
@Alternate Data Stream - 228 bytes -> C:\ProgramData\Temp:75B7DDDF
@Alternate Data Stream - 227 bytes -> C:\ProgramData\Temp:F35AE645
@Alternate Data Stream - 227 bytes -> C:\ProgramData\Temp:1288D434
@Alternate Data Stream - 223 bytes -> C:\ProgramData\Temp:1F3E38E9
@Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:AEEC88F6
@Alternate Data Stream - 220 bytes -> C:\ProgramData\Temp:F5E90ED3
@Alternate Data Stream - 220 bytes -> C:\ProgramData\Temp:BBBC0EE4
@Alternate Data Stream - 220 bytes -> C:\ProgramData\Temp:797D7632
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:AC0528D9
@Alternate Data Stream - 215 bytes -> C:\ProgramData\Temp:A18121AD
@Alternate Data Stream - 215 bytes -> C:\ProgramData\Temp:03D08225
@Alternate Data Stream - 214 bytes -> C:\ProgramData\Temp:F9E46E4C
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:F2CB0B25
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:EA701346
@Alternate Data Stream - 212 bytes -> C:\ProgramData\Temp:D2397415
@Alternate Data Stream - 212 bytes -> C:\ProgramData\Temp:A6CDBCAC
@Alternate Data Stream - 212 bytes -> C:\ProgramData\Temp:36517E77
@Alternate Data Stream - 211 bytes -> C:\ProgramData\Temp:CB0FEE2B
@Alternate Data Stream - 211 bytes -> C:\ProgramData\Temp:5AE33054
@Alternate Data Stream - 210 bytes -> C:\ProgramData\Temp:8140CB50
@Alternate Data Stream - 210 bytes -> C:\ProgramData\Temp:80B291A7
@Alternate Data Stream - 210 bytes -> C:\ProgramData\Temp:5F1019FF
@Alternate Data Stream - 209 bytes -> C:\ProgramData\Temp:76987FE5
@Alternate Data Stream - 209 bytes -> C:\ProgramData\Temp:417B6FAC
@Alternate Data Stream - 209 bytes -> C:\ProgramData\Temp:007D45CF
@Alternate Data Stream - 208 bytes -> C:\ProgramData\Temp:0DFE2AE1
@Alternate Data Stream - 207 bytes -> C:\ProgramData\Temp:BDF08FAF
@Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:E412AAF2
@Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:9026FFAC
@Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:4F96D8E6
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:6677D85A
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:38F6DFA8
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:16B49C20
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:0DACB2B7
@Alternate Data Stream - 202 bytes -> C:\ProgramData\Temp:3BE7E50E
@Alternate Data Stream - 201 bytes -> C:\ProgramData\Temp:66AA0486
@Alternate Data Stream - 201 bytes -> C:\ProgramData\Temp:61A065F2
@Alternate Data Stream - 200 bytes -> C:\ProgramData\Temp:E1D818F7
@Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:D1713795
@Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:A0A7408F
@Alternate Data Stream - 198 bytes -> C:\ProgramData\Temp:EC7C9796
@Alternate Data Stream - 197 bytes -> C:\ProgramData\Temp:D3A8AA31
@Alternate Data Stream - 196 bytes -> C:\ProgramData\Temp:FBFC061F
@Alternate Data Stream - 196 bytes -> C:\ProgramData\Temp:062AF572
@Alternate Data Stream - 194 bytes -> C:\ProgramData\Temp:957E9765
@Alternate Data Stream - 193 bytes -> C:\ProgramData\Temp:126591AF
@Alternate Data Stream - 191 bytes -> C:\ProgramData\Temp:8247A199
@Alternate Data Stream - 191 bytes -> C:\ProgramData\Temp:5EC637CB
@Alternate Data Stream - 190 bytes -> C:\ProgramData\Temp:77F07255
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:4E6B8D68
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:1CB3187E
@Alternate Data Stream - 188 bytes -> C:\ProgramData\Temp:9E50C1C9
@Alternate Data Stream - 186 bytes -> C:\ProgramData\Temp:E84CA8F2
@Alternate Data Stream - 186 bytes -> C:\ProgramData\Temp:0A6D6CB4
@Alternate Data Stream - 185 bytes -> C:\ProgramData\Temp:059167AF
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:5E7B9C6F
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:EA1F715F
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:1A25E48A
@Alternate Data Stream - 167 bytes -> C:\ProgramData\Temp:15947BF6
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:E5DE9C8F
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:7BFFC6A9
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:88AE8AB0
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:656793F6
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:46A2F27B
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:C2F24DB5
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:BDD80819
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:BCDC6E07
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:A1023D41
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:EE7AAC75
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:B38BEEEE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:F5FC5DCE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:A819A132
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:A652BC99
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:6FD36C4B
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:6E1F359F
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:F84B8DB5
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:92D91D7E
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:05F547A9
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:D4BB0AD6
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:7E239580
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:55C54F7C
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:5520ED93
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:C0A2E219
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:A26AFC00
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:51387F29
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:4B244549
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:3324963C
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:2150E7D5
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:08801FDB
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:ED1A96EE
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:9D6EAEC3
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:38D2EA83
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:32FFF2D1
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:1B29BBE9
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:F9EDCFB0
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:DD41E87C
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:689AB7E9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:ED2D63E4
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:A6F30843
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:393F7B1E
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:2AF322BF
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:193CB03B
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:BA24E689
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:99C301D0
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:4A966CC2
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:3CC01EE7
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:329BA65B
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:0DE97E88
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:04BB186B
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E6D148BC
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:91B240CD
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:2C399CCA
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0E22C5DB
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:751D6870
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:4EC7F009
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:413E2927
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:10CFA7D4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:9C3AAD57
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:9AE67195
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:56F368C9
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:CFF6B3FF
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:BB1102D7
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:A1A1140A
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:920AA345
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:0ADB5110
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:FF9C44FE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:EA7D76BE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:CF1334B0
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:97E93E2D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:57B2B96C
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:450741F6
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:1F96ED45
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:F64FED66
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:D453E38B
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:D354012D
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:82A33606
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:2F8E6A71
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:029BAB9F
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:E8CB831A
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:B2A16064
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:8AED9359
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:3F7C1917
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:36A39835
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:00C296E2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:F986CC21
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:D5458F6B
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:E5BA9ADD
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:588B60C7
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:1F7A10DD
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:F7370879
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:C611D6C8
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:902C848D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:4023E53E
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:17F7AEA3
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:04D4F170
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:E40D7F76
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:9D03192E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:6BFA43EB
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:5335CE76
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:38FF076E
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:ADFAD95A
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:98F6F85C
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:69E3AF64
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:EF794BCD
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:DD95E6D9
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:DA18D4E3
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:2F27A2BB
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:2E9900EE
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:1E93E0ED
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:8C81B36D
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:DAFFEEC7
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:8EA16179
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:85F6C941
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:735BC4D1
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:4A2862FF
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:2C250258
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:207C4C79
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:1B389835
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:CCB49694
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:A7BFF8A2
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:B9B3B2FE
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:75798D9A
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:3BD11093
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:2F8138B7
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:0D52F295
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:3790BACD
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:7DC6E295
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F1F85068
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:BFAE3D83
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:D682A3D9
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:0709176B
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:10F6E97E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:A745DB5D
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:C74009E5
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:239F40E7
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:9E395C78
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:EB485B25
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:1A8BB29B

< End of report >
_________________________________________________________________-

OTL Extras logfile created on: 26/05/2012 11:24:52 AM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Rustea\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.93 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 51.98% Memory free
6.06 Gb Paging File | 4.63 Gb Available in Paging File | 76.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.37 Gb Total Space | 46.77 Gb Free Space | 16.27% Space Free | Partition Type: NTFS
Drive D: | 10.72 Gb Total Space | 1.25 Gb Free Space | 11.69% Space Free | Partition Type: NTFS

Computer Name: RUSTEA-PC | User Name: Rustea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{358471A5-1990-42E6-96AD-8048E76873FB}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{596ACE56-67E0-4FA6-AD26-0C160F44AC64}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5C8587E5-6B45-4E34-86A4-A07CFFF03926}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6B59572E-6AEE-4176-957B-4B40496723C4}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{6EBE2BF0-791F-41FB-A95F-B9687020EDB5}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9C1FCDEE-907A-432C-B7BA-15E5C238019E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A9C91163-2AA5-4177-AE0D-FEFE9133A656}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B65F4D62-236E-44FF-9453-8DB9D2F08FAA}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{DE58EC7F-7573-474C-A9BF-6548A2FE03BF}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E53717C5-C545-41B8-A399-A083B3E213AE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F03592AE-F7FF-4D10-BB4E-7E7464FFE5C0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046E6ED7-08F4-4B14-817C-F89DEBA7277F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0785974D-1190-4F2C-848C-7BBED70B80E8}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{07F9E749-CE7B-4C0B-B4BC-1288B4C0A2B0}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{0ACC7473-C49F-4F93-9955-5A9EE792A66C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{11CA9F79-B1DC-4C37-BE81-DE3FCD55BE7C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1ABFC8CC-FE0B-4CA9-9ECB-C28FFE538646}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2677DF22-1FB4-44C3-82C3-F96F2973A69A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{269A5581-6575-4DDC-9600-56984F481AFA}" = dir=in | app=c:\program files\seagate\seagate dashboard\hipservagent\hipservagent.exe |
"{3F1E00C0-807E-4D72-871A-171F76C67932}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5066A224-F926-4B15-BDD9-0909D0F7CC14}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5F0F3923-F208-43E4-8F65-DE651534E566}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{652696EC-1F4E-4F1B-9795-5FB4BA2AE6AF}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{688F220B-8B8A-4984-B059-A9F3B32159B0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6C867E8F-C373-4540-9558-C97CDA49A15F}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{6D5C7B26-8AF9-4B3D-B600-5562A9BB4249}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{70CBB3BA-A6FB-49BA-BCD6-6F0934E3678F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{77916689-7AB6-4181-B62D-0F8AA3E3634D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7C148B50-FCE2-4785-9B31-4564CAB07506}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{8886AFBA-B663-47BA-BD3C-794DD55A6A7A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{9AB9139A-5801-4B15-BDF9-2FFD62476164}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A0585C03-B804-44A6-950F-BF42E2BA5CDB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A2B00D50-3BF8-4FF4-9529-3641910AF39F}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{B8CF559C-EADC-49BB-A935-57AAA817B64B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{BAB3DA13-CAD1-483D-898D-3714300B8B2A}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{D6D8C990-C044-4C5D-82BC-84F8546122F0}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{DEBB070B-C8F9-4ACB-A2D6-1D0828A99B00}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E9E81A26-4CC5-49D2-AB88-3D193AB092E3}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{F037F0ED-D2CB-41EB-9229-B0ED1C3E6BF6}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{F50F8D3A-6093-475D-A1FC-448B3B10FCDD}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FDB0BC55-7015-4C64-8F22-4149611B4661}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{120a0630-0f8e-4b82-aef0-5d21698730b5}" = Slots Jungle Casino
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java™ 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33A783E8-DC11-427F-A56C-8ED43EEC0695}" = RPS CRT
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = USB Video Device
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{6009F2FC-EC56-4e28-B91C-0BA5104D6419}" = SF_CDA_Software
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{665CBCA4-5AB0-414B-A288-3F8F99FEFC45}" = HP User Guides 0118
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6b984ba0-8563-4fb9-b237-2efec2eb25ea}" = Nero 9
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7579D301-A4DE-4BDC-A100-FE7FABB69234}" = Treo 700wx User Guide
"{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{82AF3E91-57E1-4754-84D0-40A46E2479AB}" = OpenOffice.org 3.3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{88908767-B7AD-4b0d-ACBC-FBCCF2761D31}" = HP Photosmart All-In-One Software 9.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1" = Free Alarm Clock 2.2.1
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140011-0062-0409-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - English
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9718521B-A345-4ad9-A52B-74D1435FB708}" = SF_CDA_ProductContext
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981DE354-9301-440f-AAFC-025AA2354A93}" = HP Deskjet & Photosmart Printer Driver Software 8.0.A
"{99A4344A-C723-4661-A507-D9D939480358}" = Cisco LEAP Module
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}" = Cisco EAP-FAST Module
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A08BAD08-9AA3-410F-98F3-C92C8EE37218}" = Safari
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD344FA5-6657-47CD-940F-8727EED35595}" = Cisco PEAP Module
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{DFB3FAE4-41BC-4851-A397-4C955997FB04}" = ps_aio_corporate
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{EFF56C56-9091-4D36-91AE-834E802A8E74}" = Hotel Dash 2 - Lost Luxuries
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Any Video Converter_is1" = Any Video Converter 3.3.8
"BFGC" = Big Fish Games: Game Manager
"BFG-Cubis Gold 2" = Cubis Gold 2
"BFG-Diner Dash 5 - Boom" = Diner Dash 5: Boom
"BFG-DQ Tycoon" = DQ Tycoon
"BFG-Fairy Treasure" = Fairy Treasure
"BFG-Fiona Finch and the Finest Flowers" = Fiona Finch and the Finest Flowers
"BFG-Fizzball" = Fizzball
"BFG-Great Adventures - Lost in Mountains" = Great Adventures: Lost in Mountains
"BFG-Heartwild Solitaire" = Heartwild Solitaire
"BFG-Hells Kitchen" = [bleep]'s Kitchen
"BFG-Nanny Mania 2 - Goes to Hollywood" = Nanny Mania 2: Goes to Hollywood
"BFG-Ozzy Bubbles" = Ozzy Bubbles
"BFG-Supercow" = Supercow
"BFG-Supermarket Mania" = Supermarket Mania
"BFG-The Tuttles - Madcap Misadventures" = The Tuttles: Madcap Misadventures
"BFG-Turtle Odyssey 2" = Turtle Odyssey 2
"BFG-Westward III" = Westward III: Gold Rush
"BFG-Youda Farmer" = Youda Farmer
"Birds Town 1.00" = Birds Town 1.00
"BitTorrent" = BitTorrent
"Blue Moon Screensaver" = Blue Moon Screensaver
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"Cooking Dash 3 Thrills and Spills Collectors Edition 1.00" = Cooking Dash 3 Thrills and Spills Collectors Edition 1.00
"DFX" = DFX
"DFX for RealPlayer" = DFX for RealPlayer
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.1 Home Edition
"Easy File Locker" = Easy File Locker 1.3
"Elixir of Immortality1.0" = Elixir of Immortality
"ExtractNow_is1" = ExtractNow
"Fences" = Fences
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FreeArc" = FreeArc 0.666
"Go-Go Gourmet 2 - Chef of the Year1.0" = Go-Go Gourmet 2 - Chef of the Year
"Granny in Paradise" = Granny in Paradise (remove only)
"Grave Mania - Undead Fever1.0" = Grave Mania - Undead Fever
"Great Adventures - Xmas Edition1.0" = Great Adventures - Xmas Edition
"HDMI" = Intel® Graphics Media Accelerator Driver
"Hotel MogulJust For Fun Games" = Hotel MogulJust For Fun Games
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photo Creations" = HP Photo Creations
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HP Wireless Elite Desktop_is1" = HP Wireless Elite Desktop
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"iLivid" = iLivid
"IncrediMail_MediaBar_2 Toolbar" = IncrediMail_MediaBar_2 Toolbar
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Island Tribe 31.0" = Island Tribe 3
"iWinArcade" = iWin Games (remove only)
"Jewel Legends - Tree of Life1.0" = Jewel Legends - Tree of Life
"Legends of Atlantis - Exodus1.0" = Legends of Atlantis - Exodus
"Mega World Smash1.0" = Mega World Smash
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Mishap 2 An Intentional Haunting Collectors Edition 1.00" = Mishap 2 An Intentional Haunting Collectors Edition 1.00
"Monopoly Here & Now Edition" = Monopoly Here & Now Edition
"Monster Mash1.0" = Monster Mash
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3-Info extension_is1" = MP3-Info extension V3.4.23
"My Kingdom for the Princess III ~ Just For Fun Games" = My Kingdom for the Princess III ~ Just For Fun Games
"New Yankee in King Arthurs Court1.0" = New Yankee in King Arthurs Court
"NSS" = Norton Security Scan
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PC-Doctor for Windows" = Lenovo System Toolbox
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"Pirate Mysteries A Tale of Monkeys, Masks, and Hidden Objects BFG 1.00" = Pirate Mysteries A Tale of Monkeys, Masks, and Hidden Objects BFG 1.00
"PokerStars" = PokerStars
"Potion Bar1.0" = Potion Bar
"RadialpointSecurityAdvisorService_is1" = Radialpoint Security Advisor 2.5.10
"RealPlayer 15.0" = RealPlayer
"Roads Of Rome 2 1.00" = Roads Of Rome 2 1.00
"Royal Envoy Collector's Edition" = Royal Envoy Collector's Edition
"Royal Envoy II CE1.0" = Royal Envoy II CE
"RSH Home Networking Wizard" = RSH Home Networking Wizard
"Sandlot Connect_is1" = Sandlot Connect Version 1.2.6
"Stone Age Cafe 1.00" = Stone Age Cafe 1.00
"Super Granny 3" = Super Granny 3 (remove only)
"Super Granny 5 1.00" = Super Granny 5 1.00
"Super Granny 61.0" = Super Granny 6
"Supermarket Mania 2 1.00" = Supermarket Mania 2 1.00
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"vGrabber" = vGrabber
"Vgrabber Toolbar" = Vgrabber Toolbar
"Vid-Saver" = Vid-Saver
"Virtual Villagers 5 - New Believers1.0" = Virtual Villagers 5 - New Believers
"VLC media player" = VLC media player 2.0.1
"Westward II Heroes of the Frontier" = Westward II Heroes of the Frontier (remove only)
"Westward IV" = Westward IV (remove only)
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"Wondershare Video Converter Platinum_is1" = Wondershare Video Converter Platinum(Build 5.2.2.2)
"WTA-7f6856c0-195f-43b1-8141-7e32f5146267" = Women's Murder Club - A Darker Shade of Grey
"WTA-ad66c435-a350-4ff4-b657-54b363fcfec2" = Haunted Domains
"Wxdfast" = Wxdfast
"wxDownload Fast_is1" = wxDownload Fast 0.6.0
"Yahtzee" = Yahtzee (remove only)
"Youda Farmer 2 Save the Village1.0" = Youda Farmer 2 Save the Village

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/05/2012 3:08:20 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x28b8, application start time
0x01cd3b0e54c54600.

Error - 26/05/2012 3:10:30 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x2f74, application start time
0x01cd3b0ea24cfda0.

Error - 26/05/2012 3:13:21 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x271c, application start time
0x01cd3b0f080b2220.

Error - 26/05/2012 3:21:32 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0xef0, application start time
0x01cd3b102ce0cd10.

Error - 26/05/2012 3:24:19 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x16ec, application start time
0x01cd3b1090c54f90.

Error - 26/05/2012 3:26:27 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x664, application start time
0x01cd3b10dd1aa1b0.

Error - 26/05/2012 3:39:17 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x1648, application start time
0x01cd3b12a79cddd0.

Error - 26/05/2012 3:41:24 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0xc78, application start time
0x01cd3b12f39d3220.

Error - 26/05/2012 10:47:32 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x1df8, application start time
0x01cd3b4e7b4f8020.

Error - 26/05/2012 11:16:29 AM | Computer Name = Rustea-PC | Source = WinMgmt | ID = 10
Description =

[ Hewlett-Packard Events ]
Error - 23/05/2012 8:55:03 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051223085431.xml
File not created by asset agent

Error - 23/05/2012 8:55:38 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051223085506.xml
File not created by asset agent

Error - 23/05/2012 8:56:10 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051223085538.xml
File not created by asset agent

Error - 24/05/2012 9:24:29 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051224092357.xml
File not created by asset agent

Error - 24/05/2012 9:25:01 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051224092429.xml
File not created by asset agent

Error - 24/05/2012 9:25:36 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051224092504.xml
File not created by asset agent

Error - 24/05/2012 9:26:08 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051224092536.xml
File not created by asset agent

Error - 25/05/2012 9:54:42 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051225095410.xml
File not created by asset agent

Error - 25/05/2012 9:55:14 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051225095442.xml
File not created by asset agent

Error - 25/05/2012 9:55:48 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051225095516.xml
File not created by asset agent

[ Media Center Events ]
Error - 07/10/2009 7:20:45 PM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 18/05/2012 10:11:29 PM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 19/05/2012 12:04:33 AM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 19/05/2012 10:53:12 AM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 19/05/2012 10:14:57 PM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 20/05/2012 10:09:40 AM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 23/05/2012 10:11:07 AM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 19/05/2012 1:08:29 AM | Computer Name = Rustea-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.19 for the Network Card with network
address 00242C911AAF has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 19/05/2012 3:51:45 PM | Computer Name = Rustea-PC | Source = Microsoft Antimalware | ID = 1119
Description = %%860 has encountered a critical error when taking action on malware
or other potentially unwanted software. For more information please see the following:
http://go.microsoft....atid=2147642627

Name:
TrojanDownloader:Win32/Regonid.A ID: 2147642627 Severity: Severe Category: Trojan
Downloader Path: file:_C:\Users\Rustea\AppData\Local\Temp\IXP000.TMP\Sale_Frenzy_Setup.exe

Detection
Origin: %%845 Detection Type: %%822 Detection Source: %%818 User: NT AUTHORITY\SYSTEM

Process
Name: C:\Users\Rustea\Desktop\Sale Frenzy Setup.exe Action: %%809 Action Status:
No additional actions required Error Code: 0x80070490 Error description: Element
not found. Signature Version: AV: 1.127.250.0, AS: 1.127.250.0, NIS: 11.0.0.0 Engine
Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

Error - 19/05/2012 3:52:20 PM | Computer Name = Rustea-PC | Source = Microsoft Antimalware | ID = 1119
Description = %%860 has encountered a critical error when taking action on malware
or other potentially unwanted software. For more information please see the following:
http://go.microsoft....atid=2147642627

Name:
TrojanDownloader:Win32/Regonid.A ID: 2147642627 Severity: Severe Category: Trojan
Downloader Path: file:_C:\Users\Rustea\AppData\Local\Temp\IXP000.TMP\Sale_Frenzy_Setup.exe

Detection
Origin: %%845 Detection Type: %%822 Detection Source: %%818 User: NT AUTHORITY\SYSTEM

Process
Name: C:\Users\Rustea\Desktop\Sale Frenzy Setup.exe Action: %%809 Action Status:
No additional actions required Error Code: 0x80070490 Error description: Element
not found. Signature Version: AV: 1.127.250.0, AS: 1.127.250.0, NIS: 11.0.0.0 Engine
Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

Error - 19/05/2012 3:52:50 PM | Computer Name = Rustea-PC | Source = Microsoft Antimalware | ID = 1119
Description = %%860 has encountered a critical error when taking action on malware
or other potentially unwanted software. For more information please see the following:
http://go.microsoft....atid=2147642627

Name:
TrojanDownloader:Win32/Regonid.A ID: 2147642627 Severity: Severe Category: Trojan
Downloader Path: file:_C:\Users\Rustea\AppData\Local\Temp\IXP000.TMP\Sale_Frenzy_Setup.exe

Detection
Origin: %%845 Detection Type: %%822 Detection Source: %%818 User: NT AUTHORITY\SYSTEM

Process
Name: C:\Users\Rustea\Desktop\Sale Frenzy Setup.exe Action: %%809 Action Status:
No additional actions required Error Code: 0x80070490 Error description: Element
not found. Signature Version: AV: 1.127.250.0, AS: 1.127.250.0, NIS: 11.0.0.0 Engine
Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

Error - 21/05/2012 11:19:27 PM | Computer Name = Rustea-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.127.327.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error
code: 0x80072ee2 Error description: The operation timed out

Error - 26/05/2012 11:12:29 AM | Computer Name = Rustea-PC | Source = DCOM | ID = 10010
Description =

Error - 26/05/2012 11:16:29 AM | Computer Name = Rustea-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26/05/2012 11:17:34 AM | Computer Name = Rustea-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 26/05/2012 11:17:34 AM | Computer Name = Rustea-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 26/05/2012 11:32:55 AM | Computer Name = Rustea-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =


< End of report >
  • 0

Advertisements


#2
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP