Dear
Thank You for your reply, I have removed all cracks and keegens, I hope?
No excuse, BUT in the past three months that I have been infected I have used a lot of programs trying to clear the computer, I have/had a professional to fix my PC, but now I cannot afford it, most weeks we are left with less than $ 10.00 for the whole week, I could not afford to bay and tray 15/30 programs, I know I’m bad.
This is the first time ever “thank you” that I ask for free help, you understand why.
The antivirus that I am using I purchased it last week online and I am waiting to send me the key.
I do know that I have a lot of rubbish that I want to clean, I am afraid to do so because I am losing some data, very important data for me, if I clean it “thanks to you with you help” then I backup and do the cleaning.
I do hope that this cleaning help I do not wish to put you or anyone in a position that affects anyone.
Again thank you for your help, awaiting your replay
OTL logfile created on: 7/24/2012 12:05:25 AM - Run 3
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Administrator\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.50 Gb Total Physical Memory | 2.28 Gb Available Physical Memory | 65.22% Memory free
7.00 Gb Paging File | 5.01 Gb Available in Paging File | 71.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 168.00 Gb Total Space | 92.92 Gb Free Space | 55.31% Space Free | Partition Type: NTFS
Drive D: | 130.09 Gb Total Space | 47.78 Gb Free Space | 36.73% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 379.37 Gb Free Space | 40.73% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 226.43 Gb Free Space | 48.62% Space Free | Partition Type: NTFS
Computer Name: KHAN | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ========== PRC - [2012/07/13 23:52:46 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
PRC - [2012/06/17 17:51:58 | 000,466,704 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2012/06/17 17:51:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2012/05/15 19:27:34 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011/04/24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2011/04/24 23:12:42 | 000,131,472 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe
PRC - [2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 22:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/09/10 15:12:10 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ========== MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2011/04/24 23:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll
MOD - [2011/04/24 23:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll
MOD - [2011/04/24 23:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll
MOD - [2011/04/24 23:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll
MOD - [2011/04/24 23:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll
MOD - [2011/04/24 23:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll
MOD - [2011/04/20 19:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2010/07/29 18:19:04 | 000,234,496 | ---- | M] () -- C:\Program Files\Total Video Converter\TVCShellExt.dll
MOD - [2007/10/13 20:47:12 | 000,053,248 | ---- | M] () -- C:\Program Files\Classic Menu for Office\ArmAccess.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - File not found [Auto | Stopped] -- C:\Program Files\RapidBIT\cisvc.exe -- (FlexService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/17 17:51:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012/05/15 20:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/01/20 12:58:00 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/04/24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2009/11/06 12:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Stopped] -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2009/09/10 15:12:10 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/07/14 11:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 11:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 11:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\ADMINI~1\AppData\Local\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012/07/14 17:14:02 | 000,570,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/06/17 17:51:54 | 000,137,488 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012/05/15 20:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/12/10 11:45:19 | 000,015,600 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011/06/23 16:43:04 | 001,068,216 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\wcmvcam.sys -- (WCMVCAM)
DRV - [2011/05/18 10:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/05/18 10:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/05/18 10:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/05/18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/05/18 10:09:48 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011/05/18 10:09:48 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011/03/10 18:36:18 | 000,023,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2011/03/04 13:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011/03/04 13:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2010/11/20 22:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 20:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 20:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 19:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 19:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 19:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/11/06 12:00:36 | 000,176,752 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ssidrv.sys -- (ssidrv)
DRV - [2009/11/06 12:00:36 | 000,023,152 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sshrmd.sys -- (sshrmd)
DRV - [2009/11/06 12:00:34 | 000,029,808 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ssfs0bbc.sys -- (ssfs0bbc)
DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/07/14 10:56:07 | 000,265,088 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerIb.sys -- (BrSerIb) Brother MFC Serial Interface Driver(WDM)
DRV - [2009/07/14 09:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/14 08:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSIb.sys -- (BrUsbSIb) Brother MFC Serial USB Driver(WDM)
DRV - [2002/01/12 16:30:34 | 000,003,567 | ---- | M] (Beyond Logic
http://www.beyondlogic.org) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PortTalk.sys -- (PortTalk)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" =
http://www.searchqu....q={searchTerms} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2411852452-117403543-12125213-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-2411852452-117403543-12125213-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2411852452-117403543-12125213-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 91 09 90 5C B5 CC 01 [binary data]
IE - HKU\S-1-5-21-2411852452-117403543-12125213-500\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKU\S-1-5-21-2411852452-117403543-12125213-500\..\SearchScopes,DefaultScope = {5E3DD9B7-5DB3-443C-AED9-98B91906A19C}
IE - HKU\S-1-5-21-2411852452-117403543-12125213-500\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" =
http://supertoolbar....ale.underscore}IE - HKU\S-1-5-21-2411852452-117403543-12125213-500\..\SearchScopes\{5E3DD9B7-5DB3-443C-AED9-98B91906A19C}: "URL" =
http://www.google.co...utputEncoding?}IE - HKU\S-1-5-21-2411852452-117403543-12125213-500\..\SearchScopes\{88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6}: "URL" =
http://www.search-re...&ver=4.0.0.1550IE - HKU\S-1-5-21-2411852452-117403543-12125213-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Search Defender"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.0.740
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1894
FF - prefs.js..extensions.enabledItems: avg@toolbar:9.0.0.22
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011/12/17 13:58:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\
[email protected] [2012/07/14 18:01:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\
[email protected] [2012/07/14 18:01:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\
[email protected] [2012/07/14 18:01:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/22 10:57:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/18 15:43:17 | 000,000,000 | ---D | M]
[2011/12/16 11:00:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2012/07/22 09:29:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\knjvk5v2.default\extensions
[2012/07/22 09:29:35 | 000,000,000 | ---D | M] (uTorrentControl2) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\knjvk5v2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2011/02/01 19:05:08 | 000,002,333 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\knjvk5v2.default\searchplugins\askcom.xml
[2012/01/20 12:30:53 | 000,000,984 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\knjvk5v2.default\searchplugins\filestube.xml
[2012/07/22 08:50:40 | 000,008,397 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\knjvk5v2.default\searchplugins\pdf-ebook-searches.xml
[2012/06/22 10:33:10 | 000,002,349 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\knjvk5v2.default\searchplugins\search-defender-1.xml
[2012/06/20 22:52:17 | 000,000,000 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\knjvk5v2.default\searchplugins\search-defender.xml
[2012/07/22 08:50:44 | 000,011,187 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\knjvk5v2.default\searchplugins\timeanddatecom.xml
[2012/07/14 18:01:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/10 17:49:35 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012/07/14 17:15:12 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\
[email protected]_bak2
[2012/07/14 17:15:07 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\
[email protected]_bak2
[2012/06/17 19:47:06 | 000,004,539 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNJVK5V2.DEFAULT\EXTENSIONS\
[email protected][2012/06/15 08:20:49 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/02/09 15:05:22 | 000,002,236 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\askcom.xml
[2012/01/20 11:34:12 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/06/15 08:19:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/15 08:19:40 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/07/12 05:53:33 | 000,442,125 | R--- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15216 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\S-1-5-21-2411852452-117403543-12125213-500\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKU\S-1-5-21-2411852452-117403543-12125213-500\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKU\S-1-5-21-2411852452-117403543-12125213-500..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-2411852452-117403543-12125213-500..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2411852452-117403543-12125213-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2411852452-117403543-12125213-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2411852452-117403543-12125213-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Copy to &Lightning Note - c:\Program Files\Corel\WordPerfect Lightning\Programs\WPLightningCopyToNote.hta ()
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files\Corel\WordPerfect Office X5\Programs\WPLauncher.hta ()
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE}
http://download.giga...bject/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA463021-803B-4E77-A471-1A2BA3172F5D}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 07:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/09/19 07:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/01/12 12:04:17 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
========== Files/Folders - Created Within 60 Days ========== [2012/07/23 21:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2012/07/23 14:52:43 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{103930BC-8084-4116-9DFC-C008E7A1F0D4}
[2012/07/23 14:49:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{1FB64A9D-F42A-46CF-BB07-2BD0FB23A7BF}
[2012/07/23 14:45:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{4673D3DE-077F-4EBB-8878-199176EE69AD}
[2012/07/23 14:41:50 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{94DDC534-0E4B-481C-9A4C-74825828C85C}
[2012/07/23 14:38:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{E1B8CFB8-B8D6-4FF3-8EBE-261755D8AA1B}
[2012/07/23 14:34:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{234AD5FF-50CB-43BF-A946-2F78860EC068}
[2012/07/23 14:29:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{E5C99CB4-A73F-4416-8E87-1B88A686AEC8}
[2012/07/23 09:53:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{B86E0C31-A459-4E85-AEC8-976186035082}
[2012/07/23 09:49:39 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{16B5B940-ED9B-4281-A0B2-F18F1FF08D73}
[2012/07/22 13:58:15 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Administrator\Desktop\aswMBR.exe
[2012/07/22 09:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/07/22 09:29:54 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Google
[2012/07/22 09:29:54 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\CRE
[2012/07/22 09:28:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Conduit
[2012/07/22 09:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/07/22 09:23:23 | 000,895,376 | ---- | C] (BitTorrent, Inc.) -- C:\Users\Administrator\Desktop\uTorrent.exe
[2012/07/21 11:19:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{1B42E99A-C774-4B30-A6A8-4E9B0068AA3F}
[2012/07/21 11:19:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{87C36CEE-6B0B-4DA2-AC10-17F64D3E4884}
[2012/07/21 11:14:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{216668E3-9816-4658-9300-2D02617788E1}
[2012/07/21 11:13:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{C5106A4A-9C0E-4EAE-8B6C-6B2BC42944E5}
[2012/07/21 10:08:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{C5304FB6-D9CA-4DEF-BBC8-15965A4ECACD}
[2012/07/21 10:07:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{3B87E682-8AD7-419C-932C-E0B5AABA77FA}
[2012/07/21 10:06:54 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{40BB17BB-953F-40F7-B01A-79372BA6EAC5}
[2012/07/21 10:06:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{E5F9EC55-211B-4841-8B7F-C16A6217385D}
[2012/07/20 18:32:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{263F4AB0-90AC-4623-B2CB-C472E17990A0}
[2012/07/20 17:30:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{C4FBF46A-1DE8-4EB8-B36C-832FCE8E7AC4}
[2012/07/16 11:55:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\CCWin
[2012/07/14 17:15:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2012
[2012/07/14 17:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/07/14 17:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2012/07/14 17:14:02 | 000,570,160 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/07/14 17:04:49 | 000,638,976 | ---- | C] (ESET) -- C:\Windows\ESETUninstaller.exe
[2012/07/14 16:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Webroot
[2012/07/13 23:51:28 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2012/07/13 11:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentPortable
[2012/07/12 22:33:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidBIT Downloader
[2012/07/12 13:31:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{5AC709BE-44AC-4AA8-88E7-CCE137CBB5FD}
[2012/07/12 05:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot
[2012/07/12 05:48:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2012/07/12 05:48:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012/07/12 05:48:09 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot
[2012/07/11 10:03:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\updfiles
[2012/07/11 02:42:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\FixZeroAccess
[2012/07/11 01:13:02 | 001,805,736 | ---- | C] (Symantec Corporation) -- C:\Users\Administrator\Desktop\SymantecFixZeroAccess.exe
[2012/07/10 08:19:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{7EEE5FEB-DC92-4ABF-955A-443B142A3FD8}
[2012/07/10 01:31:16 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\Desktop\[Originals]
[2012/07/09 10:46:50 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/07/09 10:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2012/07/07 23:00:02 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/01 12:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Optimizer Pro
[2012/07/01 12:15:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-zip
[2012/07/01 12:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\7-zip
[2012/07/01 12:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2012/06/30 17:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/06/30 16:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/30 16:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/30 16:18:26 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/06/30 16:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/30 11:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PE Builder
[2012/06/30 11:28:01 | 000,000,000 | ---D | C] -- C:\pebuilder3110a
[2012/06/30 00:03:05 | 004,124,324 | ---- | C] (PC Tools) -- C:\Users\Administrator\Desktop\avinstall.exe.6iwtvof.partial
[2012/06/28 14:44:39 | 009,876,312 | ---- | C] (PC Tools ) -- C:\Users\Administrator\Desktop\tfinstall.exe
[2012/06/28 00:51:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\WCID
[2012/06/28 00:20:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Threat Expert
[2012/06/27 18:14:33 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\uTorrent
[2012/06/27 08:10:43 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2012/06/26 19:18:11 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft Antimalware
[2012/06/26 17:47:53 | 000,000,000 | ---D | C] -- C:\backup
[2012/06/25 23:45:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SpeedMaxPc
[2012/06/25 23:45:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\DriverCure
[2012/06/25 22:15:44 | 000,173,456 | ---- | C] (Symantec Corporation) -- C:\Users\Administrator\Desktop\FixVundo.exe
[2012/06/25 15:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedMaxPc
[2012/06/25 13:25:59 | 000,000,000 | R--D | C] -- C:\Sandbox
[2012/06/25 13:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2012/06/21 23:47:42 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\How to Remove Internet Explorer 9 7 Tutorials_files
[2012/06/21 23:40:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\How do I remove Internet Explorer 8 from Windows as a troubleshooting step_files
[2012/06/20 17:48:21 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/06/20 17:35:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\New folder
[2012/06/20 15:38:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\PC Tool History
[2012/06/19 22:31:21 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/19 22:31:20 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/19 22:31:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/19 22:31:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/19 22:31:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/19 22:31:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/19 22:31:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/19 22:25:56 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/19 22:25:46 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2012/06/19 22:25:45 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/06/19 22:25:45 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/06/19 22:25:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/06/19 10:22:05 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2012/06/18 02:43:03 | 000,203,088 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012/06/17 23:01:12 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/06/17 23:00:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/06/17 22:51:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\temp
[2012/06/17 21:44:15 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/06/17 20:37:39 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\TestApp
[2012/06/17 19:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/06/09 09:22:47 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/09 09:22:47 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/09 09:22:35 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/06/09 09:22:35 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/06/09 09:22:35 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/06/09 09:22:23 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/09 09:22:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/06/03 11:27:40 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2012/06/03 11:27:40 | 011,354,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2012/06/03 11:27:40 | 000,883,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll
[2012/06/03 11:27:39 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2012/06/03 11:27:39 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2012/06/03 11:27:39 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2012/06/03 11:27:39 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2012/06/03 11:27:39 | 001,000,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2012/06/03 11:05:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/06/03 11:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/06/03 11:04:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/06/03 11:04:23 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/06/03 11:04:02 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/06/03 11:04:02 | 000,687,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/06/03 11:04:02 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/06/03 11:03:55 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/06/03 11:03:55 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/06/03 11:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/06/03 09:37:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{E2B32B90-E0E0-41A5-80E3-9413C0F874E3}
[2012/06/02 17:52:41 | 003,306,678 | ---- | C] (Bart Lagerweij ) -- C:\Users\Administrator\Desktop\BART pebuilder3110a.exe
[102 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]
========== Files - Modified Within 60 Days ========== [2012/07/23 22:29:54 | 000,002,266 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012/07/23 19:51:55 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/23 19:51:55 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/23 12:15:00 | 000,000,454 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2012/07/23 09:35:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/22 23:29:55 | 000,007,308 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012/07/22 16:09:41 | 000,000,512 | ---- | M] () -- C:\Users\Administrator\Desktop\MBR.dat
[2012/07/22 14:52:12 | 000,000,426 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2012/07/22 14:51:53 | 2817,380,352 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/22 14:03:03 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Administrator\Desktop\aswMBR.exe
[2012/07/22 12:35:31 | 000,041,097 | ---- | M] () -- C:\Users\Administrator\Desktop\Extend ja-f-27b.pdf
[2012/07/22 09:27:42 | 000,000,965 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/07/22 09:23:29 | 000,895,376 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Administrator\Desktop\uTorrent.exe
[2012/07/20 20:52:45 | 000,018,706 | ---- | M] () -- C:\Users\Administrator\Desktop\Pay Slip.zip
[2012/07/19 17:39:24 | 000,000,353 | ---- | M] () -- C:\Users\Administrator\Desktop\164 A-C compressor rebuild needed - Alfa Romeo Bulletin Board & Forums.url
[2012/07/14 18:38:09 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/07/14 18:01:51 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2012/07/14 18:01:51 | 000,097,961 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2012/07/14 17:16:37 | 000,017,408 | ---- | M] () -- C:\Users\Administrator\AppData\Local\WebpageIcons.db
[2012/07/14 17:14:02 | 000,570,160 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/07/14 17:04:26 | 000,638,976 | ---- | M] (ESET) -- C:\Windows\ESETUninstaller.exe
[2012/07/14 15:44:20 | 000,004,021 | ---- | M] () -- C:\Windows\System32\EpfwUser.dat
[2012/07/14 15:44:20 | 000,004,021 | ---- | M] () -- C:\Windows\System32\EpfwTemp.dat
[2012/07/14 14:38:51 | 000,001,441 | ---- | M] () -- C:\Users\Administrator\Desktop\Internet Explorer.lnk
[2012/07/14 09:23:05 | 002,784,732 | ---- | M] () -- C:\Windows\System32\em023_32.dat
[2012/07/14 09:23:04 | 035,604,120 | ---- | M] () -- C:\Windows\System32\em002_32.dat
[2012/07/13 23:52:46 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2012/07/12 06:20:20 | 000,089,094 | ---- | M] () -- C:\Windows\System32\em006_32.dat
[2012/07/12 05:53:33 | 000,442,125 | R--- | M] () -- C:\Windows\System32\drivers\etc\HOSTS
[2012/07/11 21:44:08 | 001,103,622 | ---- | M] () -- C:\Windows\System32\em009_32.dat
[2012/07/11 21:44:08 | 000,492,053 | ---- | M] () -- C:\Windows\System32\em004_32.dat
[2012/07/11 21:44:08 | 000,252,560 | ---- | M] () -- C:\Windows\System32\em008_32.dat
[2012/07/11 21:44:08 | 000,046,729 | ---- | M] () -- C:\Windows\System32\em005_32.dat
[2012/07/11 21:44:08 | 000,038,604 | ---- | M] () -- C:\Windows\System32\em013_32.dat
[2012/07/11 21:44:08 | 000,004,342 | ---- | M] () -- C:\Windows\System32\em015_32.dat
[2012/07/11 21:44:07 | 000,714,995 | ---- | M] () -- C:\Windows\System32\em003_32.dat
[2012/07/11 21:43:57 | 000,521,149 | ---- | M] () -- C:\Windows\System32\em001_32.dat
[2012/07/11 21:43:57 | 000,055,770 | ---- | M] () -- C:\Windows\System32\em000_32.dat
[2012/07/11 07:44:48 | 000,000,000 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared.fix
[2012/07/11 02:08:53 | 012,320,768 | ---- | M] () -- C:\Users\Administrator\ntuser.bak
[2012/07/11 01:57:33 | 001,346,640 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2012/07/11 01:13:02 | 001,805,736 | ---- | M] (Symantec Corporation) -- C:\Users\Administrator\Desktop\SymantecFixZeroAccess.exe
[2012/07/11 01:11:44 | 000,050,206 | ---- | M] () -- C:\Users\Administrator\Desktop\Symantec fixkriz.exe
[2012/07/10 08:25:59 | 000,002,873 | ---- | M] () -- C:\Users\Public\Desktop\ACDSee Photo Manager 12.lnk
[2012/07/09 10:53:10 | 000,000,047 | RH-- | M] () -- C:\Users\Administrator\Desktop\stinger 2.opt
[2012/07/09 10:46:50 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/07/07 23:00:02 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/07 23:00:02 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/07/03 09:49:40 | 000,000,948 | ---- | M] () -- C:\Windows\Brpfx04a.ini
[2012/07/01 12:26:50 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\7-zip.lnk
[2012/06/30 22:30:48 | 001,110,476 | ---- | M] () -- C:\Users\Administrator\Desktop\7z920.exe
[2012/06/30 17:51:41 | 000,001,119 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/06/30 15:23:21 | 000,001,045 | ---- | M] () -- C:\Users\Administrator\Desktop\Sandboxed Web Browser.lnk
[2012/06/30 15:23:21 | 000,001,045 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/06/30 00:23:35 | 004,124,324 | ---- | M] (PC Tools) -- C:\Users\Administrator\Desktop\avinstall.exe.6iwtvof.partial
[2012/06/28 15:00:51 | 009,876,312 | ---- | M] (PC Tools ) -- C:\Users\Administrator\Desktop\tfinstall.exe
[2012/06/28 14:47:06 | 000,000,000 | ---- | M] () -- C:\Users\Administrator\Desktop\TEMSSetup-x32.exe.d8aeaub.partial
[2012/06/27 08:49:08 | 000,007,608 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2012/06/26 22:41:46 | 012,569,784 | ---- | M] () -- C:\Users\Administrator\Desktop\SysinternalsSuite.zip
[2012/06/25 22:15:45 | 000,173,456 | ---- | M] (Symantec Corporation) -- C:\Users\Administrator\Desktop\FixVundo.exe
[2012/06/24 16:30:24 | 000,000,712 | ---- | M] () -- C:\Users\Administrator\Desktop\Temp Progrm - Shortcut.lnk
[2012/06/24 09:03:27 | 000,012,288 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2012/06/23 15:28:16 | 000,331,776 | ---- | M] () -- C:\Users\Administrator\Documents\Database1.accdb
[2012/06/22 17:39:34 | 000,000,256 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2012/06/22 14:37:26 | 000,043,008 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2012/06/21 23:48:23 | 000,638,489 | ---- | M] () -- C:\Users\Administrator\Desktop\How to uninstall Internet Explorer 9.mht
[2012/06/21 23:47:42 | 000,052,266 | ---- | M] () -- C:\Users\Administrator\Desktop\How to Remove Internet Explorer 9 7 Tutorials.htm
[2012/06/21 23:41:33 | 000,723,379 | ---- | M] () -- C:\Users\Administrator\Desktop\How to uninstall Internet Explorer 8 from Windows 7.mht
[2012/06/21 23:40:17 | 000,138,219 | ---- | M] () -- C:\Users\Administrator\Desktop\How do I remove Internet Explorer 8 from Windows as a troubleshooting step.htm
[2012/06/21 17:43:09 | 000,584,650 | ---- | M] () -- C:\Users\Administrator\Desktop\How do I install or uninstall Internet Explorer 9.mht
[2012/06/21 17:29:01 | 001,232,438 | ---- | M] () -- C:\Users\Administrator\Desktop\Prerequisites for installing Internet Explorer 9.mht
[2012/06/20 17:23:47 | 000,940,100 | ---- | M] () -- C:\Users\Administrator\Desktop\How To Easily Repair Windows 7 Boot Problems Using Startup Repair.mht
[2012/06/20 00:50:10 | 000,431,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/19 23:37:11 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/19 23:37:11 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/19 23:36:14 | 000,961,020 | ---- | M] () -- C:\Users\Administrator\Documents\Scan 19-6.htm
[2012/06/19 13:14:03 | 000,000,008 | RHS- | M] () -- C:\ProgramData\8510DB6088.sys
[2012/06/19 12:17:31 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/06/19 12:17:31 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/06/17 22:57:01 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120621-154314.backup
[2012/06/17 21:43:57 | 331,086,892 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/06/16 17:45:51 | 000,014,848 | ---- | M] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/03 16:21:03 | 003,386,435 | ---- | M] () -- C:\Users\Administrator\Desktop\BART Zip pebuilder3110a.zip
[2012/06/03 11:03:30 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/06/03 11:03:30 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/06/03 08:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/03 08:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/06/03 08:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/06/03 08:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/03 08:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/06/03 01:23:37 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/06/02 17:52:41 | 003,306,678 | ---- | M] (Bart Lagerweij ) -- C:\Users\Administrator\Desktop\BART pebuilder3110a.exe
[2012/06/02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/05/31 12:25:14 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/05/25 00:26:03 | 000,000,100 | ---- | M] () -- C:\Users\Administrator\Desktop\Contatta la Rai.URL
[102 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/07/22 12:35:31 | 000,041,097 | ---- | C] () -- C:\Users\Administrator\Desktop\Extend ja-f-27b.pdf
[2012/07/22 09:27:42 | 000,000,965 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/07/20 20:52:45 | 000,018,706 | ---- | C] () -- C:\Users\Administrator\Desktop\Pay Slip.zip
[2012/07/19 17:39:24 | 000,000,353 | ---- | C] () -- C:\Users\Administrator\Desktop\164 A-C compressor rebuild needed - Alfa Romeo Bulletin Board & Forums.url
[2012/07/14 17:16:34 | 000,017,408 | ---- | C] () -- C:\Users\Administrator\AppData\Local\WebpageIcons.db
[2012/07/14 17:15:14 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2012/07/14 17:15:14 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2012/07/14 14:38:51 | 000,001,441 | ---- | C] () -- C:\Users\Administrator\Desktop\Internet Explorer.lnk
[2012/07/11 21:44:09 | 035,604,120 | ---- | C] () -- C:\Windows\System32\em002_32.dat
[2012/07/11 21:44:09 | 002,784,732 | ---- | C] () -- C:\Windows\System32\em023_32.dat
[2012/07/11 21:44:09 | 001,103,622 | ---- | C] () -- C:\Windows\System32\em009_32.dat
[2012/07/11 21:44:09 | 000,714,995 | ---- | C] () -- C:\Windows\System32\em003_32.dat
[2012/07/11 21:44:09 | 000,521,149 | ---- | C] () -- C:\Windows\System32\em001_32.dat
[2012/07/11 21:44:09 | 000,492,053 | ---- | C] () -- C:\Windows\System32\em004_32.dat
[2012/07/11 21:44:09 | 000,252,560 | ---- | C] () -- C:\Windows\System32\em008_32.dat
[2012/07/11 21:44:09 | 000,089,094 | ---- | C] () -- C:\Windows\System32\em006_32.dat
[2012/07/11 21:44:09 | 000,055,770 | ---- | C] () -- C:\Windows\System32\em000_32.dat
[2012/07/11 21:44:09 | 000,046,729 | ---- | C] () -- C:\Windows\System32\em005_32.dat
[2012/07/11 21:44:09 | 000,038,604 | ---- | C] () -- C:\Windows\System32\em013_32.dat
[2012/07/11 21:44:09 | 000,004,342 | ---- | C] () -- C:\Windows\System32\em015_32.dat
[2012/07/11 10:02:28 | 000,004,021 | ---- | C] () -- C:\Windows\System32\EpfwTemp.dat
[2012/07/11 10:02:27 | 000,004,021 | ---- | C] () -- C:\Windows\System32\EpfwUser.dat
[2012/07/11 02:47:41 | 000,000,000 | ---- | C] () -- C:\Program Files\Common Files\Symantec Shared.fix
[2012/07/11 01:11:44 | 000,050,206 | ---- | C] () -- C:\Users\Administrator\Desktop\Symantec fixkriz.exe
[2012/07/09 10:05:04 | 000,000,047 | RH-- | C] () -- C:\Users\Administrator\Desktop\stinger 2.opt
[2012/07/01 12:25:30 | 000,000,454 | ---- | C] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2012/07/01 12:25:29 | 000,000,426 | ---- | C] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2012/07/01 12:15:36 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\7-zip.lnk
[2012/07/01 09:54:20 | 000,000,512 | ---- | C] () -- C:\Users\Administrator\Desktop\MBR.dat
[2012/06/30 22:30:47 | 001,110,476 | ---- | C] () -- C:\Users\Administrator\Desktop\7z920.exe
[2012/06/30 17:51:41 | 000,001,119 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/06/30 15:23:38 | 000,001,045 | ---- | C] () -- C:\Users\Administrator\Desktop\Sandboxed Web Browser.lnk
[2012/06/30 15:23:38 | 000,001,045 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/06/30 15:23:35 | 000,002,266 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/06/28 14:47:06 | 000,000,000 | ---- | C] () -- C:\Users\Administrator\Desktop\TEMSSetup-x32.exe.d8aeaub.partial
[2012/06/26 22:40:24 | 012,569,784 | ---- | C] () -- C:\Users\Administrator\Desktop\SysinternalsSuite.zip
[2012/06/24 16:30:24 | 000,000,712 | ---- | C] () -- C:\Users\Administrator\Desktop\Temp Progrm - Shortcut.lnk
[2012/06/22 17:39:34 | 000,000,256 | ---- | C] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2012/06/22 10:57:47 | 000,001,128 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/21 23:48:21 | 000,638,489 | ---- | C] () -- C:\Users\Administrator\Desktop\How to uninstall Internet Explorer 9.mht
[2012/06/21 23:47:38 | 000,052,266 | ---- | C] () -- C:\Users\Administrator\Desktop\How to Remove Internet Explorer 9 7 Tutorials.htm
[2012/06/21 23:41:32 | 000,723,379 | ---- | C] () -- C:\Users\Administrator\Desktop\How to uninstall Internet Explorer 8 from Windows 7.mht
[2012/06/21 23:40:16 | 000,138,219 | ---- | C] () -- C:\Users\Administrator\Desktop\How do I remove Internet Explorer 8 from Windows as a troubleshooting step.htm
[2012/06/21 17:43:07 | 000,584,650 | ---- | C] () -- C:\Users\Administrator\Desktop\How do I install or uninstall Internet Explorer 9.mht
[2012/06/21 17:28:58 | 001,232,438 | ---- | C] () -- C:\Users\Administrator\Desktop\Prerequisites for installing Internet Explorer 9.mht
[2012/06/20 17:23:47 | 000,940,100 | ---- | C] () -- C:\Users\Administrator\Desktop\How To Easily Repair Windows 7 Boot Problems Using Startup Repair.mht
[2012/06/20 11:47:12 | 000,512,992 | ---- | C] () -- C:\Users\Administrator\Desktop\sdsetup.exe
[2012/06/19 23:36:03 | 000,961,020 | ---- | C] () -- C:\Users\Administrator\Documents\Scan 19-6.htm
[2012/06/19 13:14:03 | 000,000,008 | RHS- | C] () -- C:\ProgramData\8510DB6088.sys
[2012/06/19 12:17:23 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/06/19 12:17:23 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/06/17 21:43:57 | 331,086,892 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/06/02 17:55:36 | 003,386,435 | ---- | C] () -- C:\Users\Administrator\Desktop\BART Zip pebuilder3110a.zip
[2012/05/25 00:26:03 | 000,000,100 | ---- | C] () -- C:\Users\Administrator\Desktop\Contatta la Rai.URL
[2012/05/19 15:54:59 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll0611.old
[2012/05/19 15:54:59 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll0559.old
[2012/05/19 15:54:59 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll0536.old
[2012/05/19 15:54:59 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll0520.old
[2012/05/19 15:54:59 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll0512.old
[2012/04/17 22:48:02 | 000,676,224 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2012/04/10 17:53:58 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012/04/01 23:45:41 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012/03/19 13:58:18 | 000,000,000 | ---- | C] () -- C:\Windows\Textart.INI
[2012/02/09 14:20:38 | 004,794,880 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2012/02/02 14:32:01 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2012/01/30 23:42:27 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/01/24 21:53:30 | 000,000,564 | ---- | C] () -- C:\Windows\eReg.dat
[2012/01/20 15:48:18 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/01/20 15:47:23 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/01/17 10:50:09 | 000,000,948 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012/01/17 10:50:09 | 000,000,154 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012/01/17 10:49:35 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012/01/17 10:49:34 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012/01/17 10:48:33 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012/01/17 10:48:33 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012/01/12 08:13:33 | 000,007,608 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2012/01/09 19:45:18 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/01/06 18:40:15 | 000,014,848 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/06 01:53:12 | 145,727,915 | ---- | C] () -- C:\Users\Administrator\Sky Angel Vol.72 Internal Cum Shot - AYA-02.mp4
[2012/01/02 22:44:39 | 000,004,096 | -H-- | C] () -- C:\Users\Administrator\AppData\Local\keyfile3.drm
[2011/12/21 21:03:43 | 000,031,567 | ---- | C] () -- C:\Windows\maxlink.ini
[2011/12/16 11:00:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/12/11 11:39:30 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2011/12/11 11:37:52 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2011/12/10 20:34:27 | 000,007,308 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/12/10 20:27:15 | 000,000,258 | ---- | C] () -- C:\Windows\System32\BDEMERGE.INI
[2011/12/08 04:22:23 | 012,320,768 | ---- | C] () -- C:\Users\Administrator\ntuser.bak
[2011/12/07 19:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2011/11/22 03:55:12 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/10/28 03:00:11 | 000,001,194 | ---- | C] () -- C:\Windows\System32\RTSLCS.dll
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/03/11 12:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
========== LOP Check ========== [2011/12/13 17:44:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ACD Systems
[2012/03/13 11:11:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AutoHideIP
[2012/01/30 23:11:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip133C9_jZip21F0_RealHideIP.exe
[2012/01/30 23:10:15 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip133C9_jZipF38_RealHideIP.exe
[2012/03/17 13:08:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip14144_jZip152_RealHideIP.exe
[2012/03/17 13:05:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip14144_jZip1C1F2_RealHideIP.exe
[2011/12/24 12:11:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip192F_jZip10113_PlatinumHideIP.exe
[2011/12/24 12:15:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip192F_jZip16361_PlatinumHideIP.exe
[2011/12/24 12:18:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip192F_jZip20166_PlatinumHideIP.exe
[2011/12/24 12:13:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip192F_jZip213D0_PlatinumHideIP.exe
[2011/12/24 12:17:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip192F_jZip2523B_PlatinumHideIP.exe
[2011/12/24 13:00:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip1A44_jZip15199_PlatinumHideIP.exe
[2011/12/24 12:59:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip1A44_jZip152D4_PlatinumHideIP.exe
[2011/12/24 12:58:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip1A44_jZip1C3C4_PlatinumHideIP.exe
[2012/04/07 14:29:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip1B394_jZip2F272_HideIPEasy.exe
[2012/03/13 10:56:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip25279_jZipC396_RealHideIP.exe
[2012/04/03 23:49:26 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip25B4_jZip1A21_HideIPEasy.exe
[2012/04/03 23:47:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip25B4_jZip223C1_HideIPEasy.exe
[2012/04/03 23:47:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip25B4_jZip3747_HideIPEasy.exe
[2011/12/24 12:48:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2814D_jZip151F0_PlatinumHideIP.exe
[2011/12/24 12:49:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2814D_jZip171D7_PlatinumHideIP.exe
[2011/12/24 12:46:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2814D_jZip1826F_PlatinumHideIP.exe
[2011/12/24 12:47:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2814D_jZip1BD8_PlatinumHideIP.exe
[2011/12/24 12:44:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2814D_jZip24320_PlatinumHideIP.exe
[2011/12/24 12:46:41 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2814D_jZip28B7_PlatinumHideIP.exe
[2011/12/24 12:50:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2814D_jZip2A2A0_PlatinumHideIP.exe
[2011/12/24 12:42:59 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2814D_jZip3A257_PlatinumHideIP.exe
[2012/04/03 23:14:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2C118_jZip141E1_PlatinumHideIP.exe
[2012/04/03 23:20:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2C118_jZip3217_PlatinumHideIP.exe
[2012/01/30 23:26:31 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2D140_jZip1E306_RealHideIP.exe
[2012/01/30 23:26:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip2D140_jZip2F136_RealHideIP.exe
[2012/04/03 23:34:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip3115C_jZip35E1_RealHideIP.exe
[2012/02/01 11:14:14 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip322E5_jZipD37F_RealHideIP.exe
[2012/03/13 12:16:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip342F9_jZip11215_RealHideIP.exe
[2012/03/13 12:15:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip342F9_jZip211AF_RealHideIP.exe
[2012/03/13 11:01:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip376C_jZip102E6_HideIPEasy.exe
[2012/03/13 11:05:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip3B32E_jZip203C_RealHideIP.exe
[2012/04/03 23:25:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip7333_jZip142D0_PlatinumHideIP.exe
[2012/04/03 23:26:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZip7333_jZip5131_PlatinumHideIP.exe
[2011/12/18 12:20:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZipAD7_jZip2FB5_PlatinumHideIP.exe
[2011/12/18 12:20:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\C__Users_ADMINI~1_AppData_Local_Temp_jZip_jZipAD7_jZipA91_PlatinumHideIP.exe
[2012/05/06 11:44:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
[2012/06/25 23:45:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DriverCure
[2012/02/02 16:23:07 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ESET
[2012/07/11 02:42:59 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FixZeroAccess
[2012/04/03 23:55:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\F__NEW PROGRAMS_Hide IP_Hide IP Easy v5.1.3.8 + Crack (Srkfan-Invicta RG)_Crack_HideIPEasy.exe
[2012/01/30 23:19:59 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\F__NEW PROGRAMS_Hide IP_Platinum.Hide.IP.3.0.9.2_incl.Cracked.By.ScoRPioN2_CRACK_PlatinumHideIP.exe
[2012/04/01 19:40:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Garmin
[2012/04/06 10:50:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\HideIPEasy
[2012/03/18 08:51:38 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\InterVideo
[2012/03/12 17:49:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NCH Swift Sound
[2011/12/16 18:34:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nokia
[2011/12/16 17:45:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PC Suite
[2012/03/26 15:56:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PC-FAX TX
[2011/12/18 12:21:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PlatinumHideIP
[2012/03/12 12:47:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Regensoft
[2012/01/21 23:07:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Registry Mechanic
[2011/12/21 21:05:14 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ScanSoft
[2012/06/25 23:45:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SpeedMaxPc
[2011/12/24 12:22:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SurfAnonymousFree
[2012/06/17 20:37:39 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TestApp
[2012/03/14 12:22:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thinstall
[2012/04/03 13:18:26 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TypeItReadIt
[2012/07/22 14:06:14 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent
[2011/12/11 17:18:21 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\WebcamMax
[2012/03/12 12:57:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Win7codecs
[2012/07/22 14:52:12 | 000,000,426 | ---- | M] () -- C:\Windows\Tasks\PC Optimizer Pro startups.job
[2012/07/23 12:15:00 | 000,000,454 | ---- | M] () -- C:\Windows\Tasks\PC Optimizer Pro Updates.job
[2012/06/17 22:54:49 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe >[2000/12/13 09:28:42 | 000,030,068 | ---- | M] () -- C:\FIXKRIZ.EXE
< MD5 for: EXPLORER.EXE >[2011/02/26 15:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 11:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows.old\Windows\explorer.exe
[2009/07/14 11:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/07/14 11:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 15:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011/02/26 15:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 22:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Files\C\Windows\explorer.exe
[2010/11/20 22:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: SERVICES >[2009/06/11 07:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows.old\Windows\System32\drivers\etc\services
[2009/06/11 07:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
[2009/06/11 07:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/11 07:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
< MD5 for: SERVICES.CSS >[2007/07/18 19:10:46 | 000,001,111 | R--- | M] () MD5=AC91C948DBB2BBE9B6A1EF98F1214CEC -- C:\Program Files\Common Files\Corel\Online Services\1.0\Languages\EN\Content\services.css
[2007/07/19 00:10:46 | 000,001,111 | R--- | M] () MD5=AC91C948DBB2BBE9B6A1EF98F1214CEC -- C:\Windows.old\Program Files\Common Files\Corel\Online Services\1.0\Languages\EN\Content\services.css
< MD5 for: SERVICES.DAT >[2012/01/06 08:16:31 | 000,010,240 | ---- | M] () MD5=598DA820816EFCCC9D2D3115BC21F620 -- C:\Program Files\Acrobat X Pro\Acrobat X Pro\MODIFIED\@APPDATA@\Adobe\Acrobat\10.0\Security\services.dat
< MD5 for: SERVICES.EXE >[2009/07/14 11:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows.old\Windows\System32\services.exe
[2009/07/14 11:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2009/07/14 11:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009/07/14 11:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 11:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SERVICES.EXE.MUI >[2009/07/14 12:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows.old\Windows\System32\en-US\services.exe.mui
[2009/07/14 12:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
[2009/07/14 12:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/14 12:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
< MD5 for: SERVICES.LNK >[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\ProgramData\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Application Data\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 14:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Windows.old\Users\All Users\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >[2009/06/11 07:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows.old\Windows\System32\wbem\services.mof
[2009/06/11 07:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
[2009/06/11 07:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/11 07:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
< MD5 for: SERVICES.MSC >[2009/07/14 12:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows.old\Windows\System32\en-US\services.msc
[2009/06/11 07:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows.old\Windows\System32\services.msc
[2009/07/14 12:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/11 07:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
[2009/07/14 12:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/11 07:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/14 12:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/11 07:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PNG >[2012/06/21 23:42:29 | 000,005,384 | ---- | M] () MD5=A67A461DB0FAFC647B30D3F945420194 -- C:\Users\Administrator\Desktop\How to Remove Internet Explorer 9 7 Tutorials_files\services.png
< MD5 for: SERVICES.PTXML >[2009/07/14 06:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows.old\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/14 06:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
[2009/07/14 06:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/14 06:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
< MD5 for: SERVICES.SBK >[2012/07/22 14:44:59 | 000,001,334 | ---- | M] () MD5=533135AA7AE295BE7F28F7A5D98EBC7A -- C:\Program Files\Registry Mechanic\backup\Services.sbk
< MD5 for: SVCHOST.EXE >[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\System32\svchost.exe
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 22:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010/11/20 22:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 22:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 11:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows.old\Windows\System32\userinit.exe
[2009/07/14 11:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 11:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >[2010/11/20 22:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010/11/20 22:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 22:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/07/14 11:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows.old\Windows\System32\winlogon.exe
[2009/07/14 11:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2009/07/14 11:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s > ========== Alternate Data Streams ========== @Alternate Data Stream - 266 bytes -> C:\ProgramData\TEMP:D282699C
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:64FFFDC8
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0FF263E8
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:0D786AE3
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >
OTL ExtrasOTL Extras logfile created on: 7/24/2012 12:05:25 AM - Run 3
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Administrator\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.50 Gb Total Physical Memory | 2.28 Gb Available Physical Memory | 65.22% Memory free
7.00 Gb Paging File | 5.01 Gb Available in Paging File | 71.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 168.00 Gb Total Space | 92.92 Gb Free Space | 55.31% Space Free | Partition Type: NTFS
Drive D: | 130.09 Gb Total Space | 47.78 Gb Free Space | 36.73% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 379.37 Gb Free Space | 40.73% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 226.43 Gb Free Space | 48.62% Space Free | Partition Type: NTFS
Computer Name: KHAN | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0986F084-2C46-4D25-9F14-237FF88EDAF4}" = rport=139 | protocol=6 | dir=out | app=system |
"{35D49BBD-8C77-4D50-9DC4-9CF15CC938AE}" = lport=94 | protocol=6 | dir=out | app=c:\program files\nch software\vrs\vrs.exe |
"{4C72D63A-657D-4E98-A44C-6D73C45DAFD3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DA9B0BA-3849-470A-BA46-FEAD3F7FA8A3}" = lport=139 | protocol=6 | dir=in | app=system |
"{5E80A86F-4539-40B4-804F-9C26580A95E3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{6E733705-D08F-46B5-88E3-B15F36902865}" = rport=137 | protocol=17 | dir=out | app=system |
"{89B865DA-A2FC-4DA5-9826-65F025AF0C02}" = lport=137 | protocol=17 | dir=in | app=system |
"{A8E8DA49-1870-40C6-A1AF-C5CDEB74E9F1}" = lport=94 | protocol=6 | dir=in | app=c:\program files\nch software\vrs\vrs.exe |
"{C6A44285-5A1E-48EB-8D96-CF82F381E1F3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CEA4879D-58E1-4DFC-B8DA-7A27D95EE656}" = lport=445 | protocol=6 | dir=in | app=system |
"{D0A4DFAF-6D72-4D21-9B33-EA163EFBA73F}" = lport=138 | protocol=17 | dir=in | app=system |
"{E7BA2383-F345-4D19-BFB2-37072EC4E043}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F320DD6C-D741-4D03-8F79-A7001FBF705C}" = rport=445 | protocol=6 | dir=out | app=system |
"{FCA0159A-ED5E-40AC-9054-52A23E3B21AF}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09B7A294-B9B6-4069-8FB9-88919F873945}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"{17037A3C-430F-465A-8447-B1F3ADAA31C2}" = protocol=17 | dir=in | app=c:\program files\satsuki decoder pack\mpc\mplayerc.exe |
"{2CB24AB2-CE24-46A0-91CD-72A45A085BB3}" = protocol=6 | dir=in | app=c:\program files\satsuki decoder pack\mpc\mplayerc.exe |
"{3268C3F5-5DDF-4E11-8941-4B008935E627}" = protocol=6 | dir=in | app=c:\program files\nokia\nokia pc suite 7\pcsuite.exe |
"{4B6686AF-1906-4DA6-8DCB-F73CC503CF65}" = protocol=58 | dir=out |
[email protected],-28546 |
"{4CB308E4-407E-4AC5-AFCB-3CCFDAA6F567}" = protocol=17 | dir=in | app=c:\program files\nokia\nokia pc suite 7\pcsuite.exe |
"{4E5106B1-7BF3-4837-A38C-C2F17F3D638B}" = protocol=6 | dir=in | app=c:\program files\eset\eset smart security\sysrescue.exe |
"{55AA0DF5-624E-4462-A4E6-E2BD38760BD1}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{5A004625-2E48-4863-A9AA-62E61B655D74}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{634B2AFB-0335-4B0E-8C70-7ADF2ACC20B8}" = protocol=6 | dir=in | app=c:\program files\webroot\webrootsecurity\spysweeperui.exe |
"{67FC93F2-22D2-4623-A657-B66E1E53CD02}" = protocol=17 | dir=in | app=c:\program files\eset\eset smart security\sysrescue.exe |
"{6BD7C42A-487F-43DE-8D02-C57D549B0DBF}" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"{7FDA74E6-CFCB-4DCF-B716-DCF372470561}" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"{8346F2CF-4BD7-4EDE-B6E9-77C7F796B39F}" = protocol=17 | dir=in | app=c:\program files\eset\eset smart security\egui.exe |
"{87E73C11-4054-4756-A2E1-A91934ADCF56}" = protocol=17 | dir=in | app=c:\program files\webroot\webrootsecurity\spysweeperui.exe |
"{881CA6C5-1E5E-4AB3-80C2-1B7AC9CB3430}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{89FB2D6B-8967-4275-9906-C0788C8CA1A7}" = protocol=17 | dir=in | app=c:\program files\utorrentportable\utorrentportable.exe |
"{98BAB0D0-1D7C-4A4E-966B-2FBF0E72B6BF}" = protocol=1 | dir=out |
[email protected],-28544 |
"{9D27373E-F94D-4DD7-9251-04E158358BC3}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"{AC373836-2F29-472A-A3C1-6D1C8CD55063}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BBA7277B-0797-4BBD-AC12-AF8E0144F412}" = protocol=58 | dir=in |
[email protected],-28545 |
"{C5C67A5C-9D4A-42A2-B1C4-E9F55E9494A9}" = protocol=1 | dir=in |
[email protected],-28543 |
"{D6FE546B-CEE6-4736-98AC-8EA432E51671}" = protocol=6 | dir=in | app=c:\program files\utorrentportable\utorrentportable.exe |
"{DC7BD124-950D-4803-AA57-DFD930BE72CE}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{E04A34DD-B60D-463E-BD1A-38CEB491D848}" = protocol=6 | dir=in | app=c:\program files\eset\eset smart security\egui.exe |
"TCP Query User{383B557D-16FC-4C26-8D6F-D59324D04906}C:\program files\utorrentportable\app\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrentportable\app\utorrent\utorrent.exe |
"UDP Query User{5380B1D0-0B6E-4E0B-9F0E-F9937DB8E733}C:\program files\utorrentportable\app\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrentportable\app\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B568643E-076D-48A2-B5C3-7F0144D668D8}" = Paradox
"_{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}" = WordPerfect Office X5
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{13EBF9E8-82FF-47D0-A324-534B79EF7F71}" = WordPerfect Office X5 - WT
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{17C5A285-F7B6-492B-8F3B-343D02B84D75}" = WordPerfect Office X5 - Common
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19B4CD07-1919-4002-B28F-A5D2027026E0}" = WordPerfect Office X5 - IPM
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DF03ECE-6AF4-414E-B118-C316F151A9A2}" = Corel WordPerfect Office - iFilter
"{1F0D7D15-8A36-4AE4-8573-70BEA7DF379D}" = WordPerfect Office X5 - Migration Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{378BAC91-3AE8-45F0-90E4-4F81E3EAEBC5}" = WordPerfect Office X5 - PR
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{409ECFF1-9CC7-43A8-B28A-B7F0B7CB04D1}_is1" = Classic Menu for Office 2007 v5.20
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4873CC58-69D8-490D-9E5C-001DC2EE2010}" = WordPerfect Lightning - Messages
"{4873CC58-69D8-490D-9E5C-001DC2EE2020}" = WordPerfect Lightning - IPM
"{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}" = Brother MFL-Pro Suite MFC-790CW
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64459BD5-3AE8-4689-B7B0-D57B667D8399}" = WordPerfect Office X5 - PerfectExperts EN
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{67ED9603-CB76-4338-B7B0-690FE144C4DA}" = WordPerfect Lightning
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C13C708-FF28-4991-84E6-5526A0EE677B}" = WordPerfect Office X5 - Oxford
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E4B1E42-A831-44B4-A705-D006F68560EC}" = WordPerfect Office X5 - Graphics
"{71D2F8EE-9D45-4D95-A6F6-F6433C2B94B5}" = WordPerfect Office X5 - System EN
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A6FD1334-FD75-4951-935D-08F8C7E4C6B0}" = WordPerfect Office X5 - Sharepoint
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}" = Licensing Service Install
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B568643E-076D-48A2-B5C3-7F0144D668D8}" = Paradox
"{B62C4524-41B5-4E65-952B-36AEC51E3F55}" = WordPerfect Office X5
"{C507B0CC-BA89-4479-B3CA-E553E5D19548}" = Microsoft Office Professional Edition 2003 Plus Languages (VMware ThinApp)
"{C5F4A58B-0729-4F9C-9AA5-54008EEE8CFB}" = RapidBIT Suite
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CD5C6C29-E6CB-4DF3-B45F-A04087B1C294}" = WordPerfect Office X5 - Templates
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite
"{D4167D08-0F61-4F44-BC3F-26B4960745C4}" = WordPerfect Office X5 - Skins
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7643510-C1AE-44AD-B0F9-0665C4D73BFD}" = WordPerfect Office X5 - LegalTools
"{DAEDCD3D-B981-4F10-B17B-764753EDAF9F}" = WordPerfect Office X5 - QP
"{DE1DDAC8-0451-4F16-B63D-B72FBCBC9BF6}" = Febooti fileTweak Hash and CRC
"{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}" = WordPerfect Office X5 - Setup Files
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E539B721-4458-4EFC-8BD0-04D4842051AE}" = Wordperfect Office X5 - EN
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E67732DE-3387-4F1E-BDDA-2D0C08BC025B}" = WordPerfect Office X5 - Filters
"{E6A4E6CD-B92C-4CFD-AEE9-97D361B4CE25}_is1" = TypeIt ReadIt 1.6
"{EC61C6D9-159B-4B14-AAF3-AF33FCFA50DD}" = WordPerfect Office X5 - WP
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F6EE49FD-B736-4888-A05A-115F3B1160FA}" = WordPerfect Lightning - MSOM
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
"7-zip" = 7-zip v9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video ReMaker_is1" = AVS Video ReMaker 4.0.7.139
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows Driver Package - Nokia Modem (02/25/2011 4.7)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"ExpressBurn" = Express Burn Disc Burning Software
"HashCheck Shell Extension" = HashCheck Shell Extension (x86-32)
"HashTab" = HashTab 4.0.0.2
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"PE Builder_is1" = PE Builder 3.1.10a
"Registry Mechanic_is1" = Registry Mechanic 10.0
"Sandboxie" = Sandboxie 3.72 (32-bit)
"Satsuki Decoder Pack" = Satsuki Decoder Pack
"Security Task Manager" = Security Task Manager 1.8d
"Soulseek2" = SoulSeek 157 NS 13e
"uTorrent" = µTorrent
"VideoPad" = VideoPad Video Editor
"WavePad" = WavePad Sound Editor
"WebcamMax" = WebcamMax
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 7/17/2012 12:24:22 PM | Computer Name = Khan | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 7/18/2012 12:21:07 AM | Computer Name = Khan | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2012/07/18 14:21:07.100]: [00016348]: CUsbScnDev: DeviceIoControl()
failed. ErrorCode = 2
Error - 7/20/2012 1:04:42 PM | Computer Name = Khan | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 7/21/2012 12:57:07 PM | Computer Name = Khan | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 7/21/2012 9:14:11 PM | Computer Name = Khan | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16446,
time stamp: 0x4fb57c8f Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec49b60 Exception code: 0xc0000005 Fault offset: 0x00055eab Faulting
process id: 0x1fa8 Faulting application start time: 0x01cd63ac2381792e Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 8b0764d1-d39a-11e1-a2ee-001a4d5634f4
Error - 7/22/2012 12:46:47 AM | Computer Name = Khan | Source = VSS | ID = 8194
Description = Volume Shadow Copy Service error: Unexpected error querying for the
IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often
caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer Writer Instance ID: {59e95488-1621-405e-a540-47d196248c2d}
Error - 7/22/2012 11:06:53 AM | Computer Name = Khan | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 7/23/2012 1:07:00 AM | Computer Name = Khan | Source = Application Error | ID = 1000
Description = Faulting application name: WLXPhotoGallery.exe, version: 15.4.3538.513,
time stamp: 0x4dcdb214 Faulting module name: FFDshow.ax, version: 1.1.4332.0, time
stamp: 0x4f428bc0 Exception code: 0xc0000005 Fault offset: 0x00141258 Faulting process
id: 0x17b0 Faulting application start time: 0x01cd688ddd975b3f Faulting application
path: C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe Faulting module
path: C:\Program Files\Win7codecs\filters\FFDshow.ax Report Id: 3b548b68-d484-11e1-9c2c-001a4d5634f4
Error - 7/23/2012 1:10:17 AM | Computer Name = Khan | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2012/07/23 15:10:17.439]: [00002984]: CUsbScnDev: DeviceIoControl()
failed. ErrorCode = 2
Error - 7/23/2012 1:24:33 AM | Computer Name = Khan | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16446 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: f10 Start
Time: 01cd68900815ca4a Termination Time: 31 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:
[ OSession Events ]
Error - 2/1/2012 8:09:29 PM | Computer Name = Khan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 648
seconds with 300 seconds of active time. This session ended with a crash.
Error - 6/6/2012 8:13:04 AM | Computer Name = Khan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/14/2012 2:56:05 AM | Computer Name = Khan | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 69040
seconds with 3180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 7/22/2012 12:52:28 AM | Computer Name = Khan | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Webroot
Spy Sweeper Engine service to connect.
Error - 7/22/2012 12:52:28 AM | Computer Name = Khan | Source = Service Control Manager | ID = 7000
Description = The Webroot Spy Sweeper Engine service failed to start due to the
following error: %%1053
Error - 7/22/2012 12:52:29 AM | Computer Name = Khan | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASKUTIL
Error - 7/22/2012 12:54:30 AM | Computer Name = Khan | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%2 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).
Error - 7/22/2012 12:54:30 AM | Computer Name = Khan | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069
Error - 7/22/2012 1:05:36 AM | Computer Name = Khan | Source = Service Control Manager | ID = 7034
Description = The MBAMService service terminated unexpectedly. It has done this
1 time(s).
Error - 7/22/2012 1:05:45 AM | Computer Name = Khan | Source = Service Control Manager | ID = 7034
Description = The Sandboxie Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 7/22/2012 1:05:57 AM | Computer Name = Khan | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 7/22/2012 2:01:28 AM | Computer Name = Khan | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 2 time(s).
Error - 7/22/2012 3:48:17 PM | Computer Name = Khan | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.
< End of report >