OK,
I hope I have posted these two reports correctly.
Thanks for offering to help
Regards
OTL logfile created on: 23/06/2013 11:49:46 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
1.97 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 63.62% Memory free
4.69 Gb Paging File | 4.02 Gb Available in Paging File | 85.82% Paging File free
Paging file location(s): c:\pagefile.sys 2940 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.57 Gb Total Space | 18.43 Gb Free Space | 26.49% Space Free | Partition Type: NTFS
Drive D: | 396.19 Gb Total Space | 253.31 Gb Free Space | 63.94% Space Free | Partition Type: NTFS
Drive H: | 1863.01 Gb Total Space | 745.23 Gb Free Space | 40.00% Space Free | Partition Type: NTFS
Computer Name: USER-84F12D431F | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/06/23 11:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2013/05/08 08:36:35 | 000,119,024 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/27 07:45:10 | 000,534,160 | ---- | M] (QFX Software Corporation) -- C:\Program Files\KeyScrambler\KeyScrambler.exe
PRC - [2013/02/27 15:38:44 | 001,259,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/12/05 02:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2012/11/19 16:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/11/08 02:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/11/02 02:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2010/10/27 18:24:42 | 000,645,952 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2010/10/27 18:23:16 | 001,483,072 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ========== MOD - [2013/05/01 09:00:43 | 001,581,056 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft\Media Tools\plugins\pl-b2e730376325753834d77280c183157b.dll
MOD - [2013/03/04 07:46:27 | 000,224,256 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft\Media Tools\MediaIconsOverlays.dll
MOD - [2012/11/28 13:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 13:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/07/05 07:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2007/05/22 14:53:10 | 000,006,656 | ---- | M] () -- C:\Program Files\WinAVI Video Converter\SimpleExt.dll
========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -- (HOSTS Anti-PUPs)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/06/20 11:13:55 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/12 16:50:36 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/08 08:36:35 | 000,119,024 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2013/04/18 09:26:53 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/05 02:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2012/11/02 02:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/01 17:22:06 | 000,295,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/27 18:23:16 | 001,483,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/03/02 14:06:16 | 000,068,136 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/12/06 20:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Disabled | Stopped] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS -- (SymEvent)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\NuMega\SoftICE Driver Suite\Common\Binsiwvid.sys -- (SiwvidStart)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/04/11 03:18:40 | 000,302,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/27 07:40:56 | 000,209,304 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2013/02/19 19:20:24 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/01/30 08:40:38 | 000,010,496 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2012/12/10 02:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/11/08 02:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/10/11 14:55:04 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2012/09/18 19:33:00 | 000,043,960 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2012/09/18 19:33:00 | 000,039,608 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2012/09/18 19:33:00 | 000,030,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2012/09/18 19:32:56 | 000,012,216 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2012/01/10 20:07:36 | 000,179,200 | R--- | M] (Dexetek ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DxVGrb.sys -- (DxVGrb)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/07/23 02:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/13 17:09:26 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011/07/13 07:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/06/02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2010/10/07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/07/20 23:56:52 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2010/07/20 23:45:12 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2010/07/20 23:37:38 | 006,086,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/03/17 16:42:46 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2010/03/10 07:18:20 | 000,024,216 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2009/04/08 02:32:48 | 000,116,224 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009/03/25 16:29:52 | 000,130,432 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007/12/26 01:47:30 | 000,272,128 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2006/12/14 09:41:48 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/07/19 11:29:08 | 000,027,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2006/07/19 11:28:56 | 000,071,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2006/07/19 11:28:04 | 000,036,736 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2006/07/19 11:27:46 | 000,055,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou)
DRV - [2006/07/19 11:27:26 | 000,013,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.SYS -- (L8042Kbd)
DRV - [2005/04/07 09:46:50 | 000,034,240 | R--- | M] (ADS) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adsexpb.sys -- (ADSEXPB)
DRV - [2001/11/07 04:40:00 | 000,018,240 | ---- | M] (Compuware Corporation - NuMega Lab) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\DbgMsg.sys -- (DbgMsg)
DRV - [2001/11/07 01:09:10 | 001,347,462 | ---- | M] (Compuware Corporation - NuMega Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ntice.sys -- (NTice)
DRV - [2001/11/07 01:09:10 | 000,119,658 | ---- | M] (Compuware Corporation - NuMega Lab) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\siwvid.sys -- (Siwvid)
DRV - [2001/11/07 01:09:10 | 000,022,900 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\siwsym.sys -- (Siwsym)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/searchIE - HKLM\..\SearchScopes\{B48DCA56-2F73-4321-827B-AC88FFB71781}: "URL" =
http://www.google.co...g}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1409082233-117609710-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com.au/IE - HKU\S-1-5-21-1409082233-117609710-839522115-1003\..\SearchScopes,DefaultScope = {B48DCA56-2F73-4321-827B-AC88FFB71781}
IE - HKU\S-1-5-21-1409082233-117609710-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKU\S-1-5-21-1409082233-117609710-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKU\S-1-5-21-1409082233-117609710-839522115-1003\..\SearchScopes\{9FD7B827-2C19-4010-A3EF-936A29545E4C}: "URL" =
http://www.bing.com/...=SPLBR2&pc=SPLHIE - HKU\S-1-5-21-1409082233-117609710-839522115-1003\..\SearchScopes\{B48DCA56-2F73-4321-827B-AC88FFB71781}: "URL" =
http://www.google.co...1I7WQIB_enAU539IE - HKU\S-1-5-21-1409082233-117609710-839522115-1003\..\SearchScopes\{DABE5CFC-59E3-4577-B5E6-D8B9CEF16EAB}: "URL" =
http://au.search.yah...cevm&type=STDVMIE - HKU\S-1-5-21-1409082233-117609710-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/30 17:32:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/20 11:13:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/22 13:11:18 | 000,000,000 | ---D | M]
[2010/04/01 16:33:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2013/05/29 10:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\706l0eqd.default-1343368655062\extensions
[2013/06/21 15:04:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions
[2012/07/12 14:52:59 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/07/23 18:26:01 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012/06/27 18:13:17 | 000,000,000 | ---D | M] (Sothink Web Video Downloader for Firefox) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
[2012/05/12 09:52:17 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected][2012/06/28 16:33:44 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected][2012/07/09 16:20:27 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected][2013/05/29 10:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions
[2011/12/08 14:47:10 | 000,014,961 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected][2011/10/03 17:58:10 | 000,074,961 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected][2011/11/30 15:54:45 | 000,051,994 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected][2012/07/04 17:03:41 | 000,087,157 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected][2011/11/22 19:16:08 | 000,004,527 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected][2013/04/19 08:00:18 | 000,213,470 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected][2012/12/27 15:19:42 | 000,213,444 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected][2011/12/03 11:01:05 | 000,003,691 | R--- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2012/06/28 15:20:29 | 000,185,362 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012/07/25 08:54:47 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/08/28 14:28:29 | 000,042,336 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi
[2012/06/12 02:26:43 | 000,007,915 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\
[email protected]\chrome\content\ff\view_expiry.js
[2013/05/07 21:34:11 | 000,004,530 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\
[email protected][2013/02/23 14:38:42 | 000,615,654 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\
[email protected][2013/04/21 09:13:51 | 000,765,412 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013/06/20 11:13:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/20 11:13:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/06/20 11:13:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/20 11:13:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/20 11:13:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\distribution\extensions
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2010/12/09 07:21:24 | 000,002,224 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\webblog.xml
========== Chrome ========== CHR - homepage:
http://www.google.com/CHR - default_search_provider: qvo6 (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url =
CHR - homepage:
http://www.google.com/CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: FTdownloader V3.0 = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn\3.0_0\
CHR - Extension: FTdownloader V3.0 = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn\3.0_0\
O1 HOSTS File: ([2013/06/19 18:02:24 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1409082233-117609710-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKU\S-1-5-21-1409082233-117609710-839522115-1003..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-117609710-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1409082233-117609710-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1409082233-117609710-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 1
O7 - HKU\S-1-5-21-1409082233-117609710-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1409082233-117609710-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EA6C079-3333-4797-9BAC-AF0FD534706A}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C85F8EC6-C08E-404C-9D39-C29A7821E0FD}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\WINDOWS\System32\acaptuser32.dll (Adobe Systems Incorporated)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\expressburn.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\finereader.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\presentationhost.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\screenshotreader.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/01 11:50:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/11/19 13:09:57 | 000,000,000 | ---D | M] - C:\AutoHideIP -- [ NTFS ]
O34 - HKLM BootExecute: (sdnclean.exe)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2020/12/01 12:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2013/06/23 11:47:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2013/06/22 13:12:22 | 000,114,280 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\acaptuser32.dll
[2013/06/21 17:45:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2013/06/21 15:00:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/06/21 15:00:22 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/20 19:05:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2013/06/20 11:18:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/06/20 11:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/06/20 10:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2013/06/19 18:04:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/06/19 17:53:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/06/19 17:53:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/06/19 17:53:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/06/19 17:53:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/06/19 17:50:19 | 000,012,568 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2013/06/19 17:50:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/19 17:06:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com
[2013/06/19 17:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/06/19 09:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\SUPERAntiSpyware Pro
[2013/06/19 09:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware Pro
[2013/06/12 16:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2013/06/12 16:25:41 | 000,000,000 | ---D | C] -- C:\MGtools
[2013/06/12 15:44:49 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/06/08 18:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2013/06/08 18:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/06/08 18:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/06/08 18:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/06/08 18:51:51 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/06/07 17:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2013/06/07 17:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2013/06/06 11:04:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013/06/06 11:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/06/06 11:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/06/06 10:44:46 | 000,889,416 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\User\My Documents\dotNetFx40_Full_setup.exe
[2013/06/06 10:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2013/06/05 17:13:57 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2013/06/05 17:07:36 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/06/05 17:07:35 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/06/05 17:07:35 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/06/05 17:07:34 | 011,112,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/06/05 17:07:34 | 002,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/06/05 17:07:33 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/06/05 17:01:43 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2013/06/05 16:58:35 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2013/06/05 16:58:24 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013/06/05 16:58:23 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013/06/05 16:58:22 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2013/06/05 16:57:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2013/06/05 16:56:51 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2013/06/05 16:56:39 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2013/06/05 16:55:33 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2013/06/05 16:54:44 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2013/06/05 16:54:26 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2013/06/05 16:54:09 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013/06/05 16:52:49 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2013/06/05 16:52:48 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2013/06/05 16:48:41 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2013/06/05 16:48:40 | 002,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013/06/05 16:48:03 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2013/06/05 16:47:50 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2013/06/05 16:47:27 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2013/06/05 16:47:23 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2013/06/05 16:46:49 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2013/06/05 16:26:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/06/05 16:22:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/06/05 16:13:13 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2013/06/05 16:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2013/06/05 16:13:10 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2013/06/05 16:13:09 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2013/06/05 16:13:09 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2013/06/05 16:13:01 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2013/06/05 16:13:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2013/06/05 16:10:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2013/06/05 16:05:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/06/05 15:23:11 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2013/06/05 15:23:10 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2013/06/05 15:23:10 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2013/06/05 15:23:09 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2013/06/05 15:23:09 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2013/06/05 15:23:09 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2013/06/05 15:23:08 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2013/06/05 15:23:08 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2013/06/05 15:23:06 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2013/06/05 15:23:05 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2013/06/05 15:23:05 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2013/06/05 15:23:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2013/06/05 15:23:05 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2013/06/05 15:23:04 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2013/06/05 15:23:04 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2013/06/05 15:22:57 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2013/06/05 15:22:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2013/06/05 15:22:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2013/06/05 15:22:53 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2013/06/05 15:22:53 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2013/06/05 15:22:53 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2013/06/05 15:22:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2013/06/05 15:22:52 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2013/06/05 15:22:52 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2013/06/05 15:22:52 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2013/06/05 15:22:51 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2013/06/05 15:22:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2013/06/05 15:22:47 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2013/06/05 15:22:45 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2013/06/05 15:22:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2013/06/05 15:22:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2013/06/05 15:22:43 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2013/06/05 15:22:42 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2013/06/05 15:22:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2013/06/05 15:22:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2013/06/05 15:22:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2013/06/05 15:22:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2013/06/05 15:22:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2013/06/05 15:22:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2013/06/05 15:22:41 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2013/06/05 15:22:41 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2013/06/05 15:22:41 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2013/06/05 15:22:41 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2013/06/05 15:22:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2013/06/05 15:22:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2013/06/05 15:22:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2013/06/05 15:22:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2013/06/05 15:22:41 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2013/06/05 15:22:39 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2013/06/05 15:22:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2013/06/05 15:22:35 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2013/06/05 15:22:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/06/05 15:22:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/06/05 15:22:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2013/06/05 15:22:30 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2013/06/05 15:22:30 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2013/06/05 15:22:27 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2013/06/05 15:22:27 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2013/06/05 15:22:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2013/06/05 15:22:24 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2013/06/05 15:22:24 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2013/06/05 15:22:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2013/06/05 15:22:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2013/06/05 15:22:23 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2013/06/05 15:22:23 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2013/06/05 15:22:23 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2013/06/05 15:22:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2013/06/05 15:22:22 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2013/06/05 15:22:21 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2013/06/05 15:22:21 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2013/06/05 15:22:21 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2013/06/05 15:22:21 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2013/06/05 15:22:21 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2013/06/05 15:22:17 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2013/06/05 15:22:15 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2013/06/05 15:22:12 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2013/06/05 15:22:07 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2013/06/05 15:22:07 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2013/06/05 15:22:00 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2013/06/05 15:22:00 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2013/06/05 15:21:59 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2013/06/05 15:21:58 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2013/06/05 15:21:57 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2013/06/05 15:21:55 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2013/06/05 15:21:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2013/06/05 15:21:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2013/06/05 15:21:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2013/06/05 15:21:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2013/06/05 15:21:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2013/06/05 15:21:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2013/06/05 15:21:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2013/06/05 15:21:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2013/06/05 15:21:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2013/06/05 15:21:52 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2013/06/05 15:21:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2013/06/05 15:21:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2013/06/05 15:21:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2013/06/05 15:21:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2013/06/05 15:21:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2013/06/05 15:21:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2013/06/05 15:21:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2013/06/05 15:21:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2013/06/05 15:21:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2013/06/05 15:21:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2013/06/05 15:21:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2013/06/05 15:21:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2013/06/05 15:21:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2013/06/05 15:21:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2013/06/05 15:21:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2013/06/05 15:21:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2013/06/05 15:21:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2013/06/05 15:21:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2013/06/05 15:21:48 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2013/06/05 15:21:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2013/06/05 15:21:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2013/06/05 15:21:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2013/06/05 15:21:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2013/06/05 15:21:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2013/06/05 15:21:45 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2013/06/05 15:21:44 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2013/06/05 15:21:44 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2013/06/05 15:21:44 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2013/06/05 15:21:44 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2013/06/05 15:21:44 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2013/06/05 15:21:43 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2013/06/05 15:21:43 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2013/06/05 15:21:43 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2013/06/05 15:21:43 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2013/06/05 15:21:43 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2013/06/05 15:21:43 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2013/06/05 15:21:43 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2013/06/05 15:21:43 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2013/06/05 15:21:43 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2013/06/05 15:21:42 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2013/06/05 15:21:42 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2013/06/05 15:21:42 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2013/06/05 15:21:42 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2013/06/05 15:21:42 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2013/06/05 15:21:42 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2013/06/05 15:21:42 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2013/06/05 15:21:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2013/06/05 15:21:42 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2013/06/05 15:21:41 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2013/06/05 15:21:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2013/06/05 15:21:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2013/06/05 15:21:41 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2013/06/05 15:21:37 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2013/06/05 15:21:32 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2013/06/05 15:21:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2013/06/05 15:21:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2013/06/05 15:21:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2013/06/05 15:21:26 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2013/06/05 15:21:26 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2013/06/05 15:21:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2013/06/05 15:21:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2013/06/05 15:21:24 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2013/06/05 15:21:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2013/06/05 15:21:22 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2013/06/05 15:21:22 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2013/06/05 15:21:22 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2013/06/05 15:21:22 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2013/06/05 15:21:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2013/06/05 15:21:14 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2013/06/05 15:21:13 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2013/06/05 15:21:13 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2013/06/05 15:21:13 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2013/06/05 15:21:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2013/06/05 15:21:11 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2013/06/05 15:21:11 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2013/06/05 15:21:11 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2013/06/05 15:21:10 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2013/06/05 15:21:10 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2013/06/05 15:21:10 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2013/06/05 15:21:10 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2013/06/05 15:21:09 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2013/06/05 15:21:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2013/06/05 15:21:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2013/06/05 15:21:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2013/06/05 15:21:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2013/06/05 15:21:07 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/06/05 15:21:07 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2013/06/05 15:21:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2013/06/05 15:21:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2013/06/05 15:20:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2013/06/05 15:20:52 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2013/06/05 15:20:52 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2013/06/05 15:20:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2013/06/05 15:20:45 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2013/06/05 15:20:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2013/06/05 15:20:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2013/06/05 15:20:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2013/06/05 15:20:35 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2013/06/05 15:20:35 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2013/06/05 15:20:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2013/06/05 15:20:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2013/06/05 15:20:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2013/06/05 15:20:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2013/06/05 15:20:30 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2013/06/05 15:18:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2013/06/05 15:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2013/06/05 15:04:05 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013/06/05 15:04:05 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2013/06/05 15:04:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013/06/05 15:04:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2013/06/05 14:47:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/06/05 14:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\WindowsUpdate
[2013/05/28 17:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\HandBrake
[2013/05/28 17:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\Handbrake
[2013/05/28 17:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\Handbrake
[2013/05/28 17:27:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\FTDownloader.com
[2013/05/28 14:23:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Aimersoft
[2013/05/26 18:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2013/05/26 18:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Aimersoft DVD Ripper
[2013/05/26 18:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Aimersoft
[2013/05/26 18:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Aimersoft
[2013/05/26 18:11:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Aimersoft DVD Ripper
[2013/05/26 18:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\Aimersoft
[2013/04/18 09:19:47 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Program Files\unicows.dll
[2013/04/18 09:19:39 | 000,189,808 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\AutoPlay.exe
[2013/03/28 11:33:30 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\User\Application Data\pcouffin.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/06/23 11:50:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/23 11:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2013/06/23 09:06:00 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 4e57916c-2d66-4dfb-b6cf-71f6d1ed4305.job
[2013/06/23 08:57:18 | 124,134,533 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2013/06/23 08:53:52 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/23 08:53:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/22 17:31:17 | 000,416,199 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Deb,s Facebook Photo.JPG
[2013/06/22 02:00:00 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 2c793a52-bef9-4ac1-a46e-cdcfbcfb56ba.job
[2013/06/21 12:29:54 | 000,001,041 | ---- | M] () -- C:\Documents and Settings\User\Application Data\vso_ts_preview.xml
[2013/06/21 11:34:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/06/20 22:38:00 | 000,204,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2013/06/20 11:35:41 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\ExpressBurnReminder.job
[2013/06/20 10:20:14 | 000,000,895 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/20 10:20:14 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/20 10:20:14 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/06/20 10:20:13 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/06/19 18:02:24 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/19 17:50:19 | 000,012,568 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2013/06/19 17:06:21 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2013/06/19 15:58:30 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/06/18 17:35:24 | 000,773,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll
[2013/06/18 17:35:24 | 000,420,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll
[2013/06/17 12:38:56 | 000,004,649 | ---- | M] () -- C:\Documents and Settings\User\Desktop\brian's avatar.jpg
[2013/06/17 12:28:10 | 000,392,042 | ---- | M] () -- C:\MGlogs.zip
[2013/06/16 14:50:07 | 002,685,442 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Mortgage experts say it's time to go for a quick fix.mht
[2013/06/12 18:11:09 | 000,000,307 | -HS- | M] () -- C:\boot.ini
[2013/06/12 16:50:30 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/12 16:50:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/12 15:28:32 | 001,898,001 | ---- | M] () -- C:\MGtools.exe
[2013/06/12 15:06:18 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/06/12 15:01:41 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\User\defogger_reenable
[2013/06/12 11:59:21 | 000,334,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/09 12:01:29 | 000,000,308 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Malware and Spyware Cleaning Guide - Geeks to Go Forums.URL
[2013/06/09 11:25:38 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/06/08 18:56:49 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/06/08 18:52:10 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/06/07 15:06:09 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to Local Disk ©.lnk
[2013/06/07 14:56:52 | 000,000,282 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to SAMSUNG (H).lnk
[2013/06/07 14:49:50 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys
[2013/06/07 11:05:08 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Disk Cleanup.lnk
[2013/06/07 10:20:39 | 000,470,040 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/07 10:20:39 | 000,076,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/06 10:44:51 | 000,889,416 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\User\My Documents\dotNetFx40_Full_setup.exe
[2013/06/05 16:23:05 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/06/05 15:24:49 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/06/05 15:20:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/06/05 15:20:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/06/05 15:19:55 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013/06/05 15:17:06 | 000,022,720 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/02 16:45:37 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/05/31 13:06:24 | 000,026,900 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\dt.dat
[2013/05/31 13:05:40 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
[2013/05/29 15:20:44 | 000,000,107 | ---- | M] () -- C:\WINDOWS\IfoEdit.INI
[2013/05/28 14:23:11 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Aimersoft DVD Ripper.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/06/21 18:25:05 | 000,416,199 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Deb,s Facebook Photo.JPG
[2013/06/21 07:49:49 | 000,001,041 | ---- | C] () -- C:\Documents and Settings\User\Application Data\vso_ts_preview.xml
[2013/06/20 19:07:53 | 000,204,472 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/06/19 17:53:31 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/06/19 17:53:31 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/06/19 17:53:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/06/19 17:53:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/06/19 17:53:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/06/19 17:06:31 | 000,000,508 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 4e57916c-2d66-4dfb-b6cf-71f6d1ed4305.job
[2013/06/19 17:06:30 | 000,000,508 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 2c793a52-bef9-4ac1-a46e-cdcfbcfb56ba.job
[2013/06/19 17:06:21 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
[2013/06/17 13:03:17 | 000,004,649 | ---- | C] () -- C:\Documents and Settings\User\Desktop\brian's avatar.jpg
[2013/06/16 14:50:07 | 002,685,442 | ---- | C] () -- C:\Documents and Settings\User\My Documents\Mortgage experts say it's time to go for a quick fix.mht
[2013/06/12 16:25:45 | 000,392,042 | ---- | C] () -- C:\MGlogs.zip
[2013/06/12 15:28:31 | 001,898,001 | ---- | C] () -- C:\MGtools.exe
[2013/06/12 15:01:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User\defogger_reenable
[2013/06/09 15:42:29 | 000,966,374 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1409082233-117609710-839522115-1003-0.dat
[2013/06/09 15:42:29 | 000,355,886 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/06/08 18:56:49 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/06/08 18:52:10 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/06/07 15:06:09 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to Local Disk ©.lnk
[2013/06/07 14:56:52 | 000,000,282 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to SAMSUNG (H).lnk
[2013/06/05 16:30:47 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/05 16:30:47 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Internet Explorer.lnk
[2013/06/05 16:13:12 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/06/05 16:13:12 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/06/05 16:13:12 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/06/05 16:13:11 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/06/05 16:13:11 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/06/05 16:13:11 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/06/05 16:13:11 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/06/05 16:13:11 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/06/05 16:13:11 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/06/05 16:13:11 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/06/05 16:13:11 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/06/05 16:13:11 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/06/05 16:13:11 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/06/05 16:13:11 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/06/05 16:13:11 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/06/05 16:13:11 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/06/05 16:13:11 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/06/05 16:13:10 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/06/05 16:13:10 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/06/05 16:13:10 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/06/05 16:13:10 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/06/05 16:13:10 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/06/05 16:13:10 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/06/05 16:13:10 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/06/05 16:13:10 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/06/05 16:13:10 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/06/05 16:13:10 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/06/05 16:13:10 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/06/05 16:13:10 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/06/05 16:13:10 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/06/05 16:13:10 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/06/05 16:13:10 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/06/05 16:13:10 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/06/05 16:13:10 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/06/05 16:13:10 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/06/05 16:13:10 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/06/05 16:13:10 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/06/05 16:13:10 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/06/05 16:13:10 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/06/05 16:13:10 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/06/05 16:13:10 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/06/05 16:13:10 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/06/05 16:13:10 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/06/05 16:13:10 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/06/05 16:13:10 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/06/05 16:13:10 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/06/05 16:13:10 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/06/05 16:13:10 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/06/05 16:13:10 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/06/05 16:13:10 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/06/05 16:13:10 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/06/05 16:13:10 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/06/05 16:13:10 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/06/05 16:13:10 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/06/05 16:13:10 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/06/05 16:13:10 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/06/05 16:13:10 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/06/05 16:13:10 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/06/05 16:13:10 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/06/05 16:13:10 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/06/05 16:13:10 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/06/05 16:13:10 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/06/05 16:13:10 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/06/05 16:13:10 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/06/05 16:13:09 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/06/05 16:13:09 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/06/05 16:13:09 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/06/05 16:13:09 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/06/05 16:13:09 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/06/05 16:13:09 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/06/05 16:13:09 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/06/05 16:13:08 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/06/05 16:13:08 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/06/05 16:13:08 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/06/05 16:13:08 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/06/05 16:13:08 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/06/05 16:13:08 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/06/05 16:13:08 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/06/05 16:13:08 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/06/05 16:13:08 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/06/05 15:36:43 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Windows Media Player.lnk
[2013/06/05 15:22:23 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013/06/05 15:21:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013/06/05 15:21:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013/06/05 15:21:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013/06/05 15:21:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013/06/05 15:21:34 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013/06/05 15:21:29 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013/06/05 15:21:10 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013/06/05 15:17:06 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/05 15:03:51 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/06/05 15:03:51 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/06/05 15:03:51 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/06/05 15:03:51 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/06/05 15:03:51 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/06/05 15:03:51 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/06/05 15:03:50 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2013/05/31 13:06:24 | 000,026,900 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\dt.dat
[2013/05/28 14:23:11 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Aimersoft DVD Ripper.lnk
[2013/04/18 09:19:31 | 000,018,183 | ---- | C] () -- C:\Program Files\Lisezmoi.htm
[2013/04/18 09:19:31 | 000,015,557 | ---- | C] () -- C:\Program Files\ReadMe.htm
[2013/04/18 09:19:30 | 000,017,015 | ---- | C] () -- C:\Program Files\Liesmich.htm
[2013/01/05 09:16:08 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\User\wxDownloadFast.ini
[2012/12/24 16:44:31 | 000,000,060 | ---- | C] () -- C:\Documents and Settings\User\jagex_cl_runescape_LIVE.dat
[2012/12/24 16:44:31 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\User\random.dat
[2012/11/01 07:23:29 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2012/10/12 11:34:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2012/10/12 11:32:58 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012/08/18 12:37:16 | 000,001,588 | ---- | C] () -- C:\WINDOWS\debugrcfile.ini
[2012/07/13 17:21:23 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/07/13 17:21:23 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/03/04 13:29:22 | 000,002,396 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012/02/15 16:00:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/27 12:31:10 | 000,000,520 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2011/12/17 14:20:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2011/12/08 18:40:31 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\KRSBridgeControls.dll
[2011/12/08 18:40:31 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\JeanieInterface.dll
[2011/12/08 18:40:31 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\KRSSockets.dll
[2011/12/08 18:40:31 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\FuzzBox.dll
[2011/12/08 18:40:31 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\BrowseForDirectory.dll
[2011/11/29 22:12:25 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2011/11/29 22:09:35 | 000,000,578 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2011/11/29 22:07:18 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2011/11/22 19:21:10 | 000,002,816 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\un.png
[2011/11/22 19:15:59 | 000,000,316 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Setting.dat
[2011/11/22 19:15:59 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\User\Application Data\UserFlag.ini
[2011/09/07 17:03:45 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/28 12:29:04 | 002,097,152 | ---- | C] () -- C:\Documents and Settings\User\My Volume N
[2011/04/21 19:28:31 | 000,000,022 | --S- | C] () -- C:\Documents and Settings\User\Application Data\Sys2662.Config.Repository.bin
[2011/02/18 19:11:28 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\User\Application Data\AutoGK.ini
[2011/02/10 07:29:06 | 000,000,043 | --S- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2010/04/05 12:20:52 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\User\default.pls
[2010/04/02 14:04:29 | 000,166,400 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/02 12:18:12 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\User\Application Data\pcouffin.cat
[2010/04/02 12:18:12 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\User\Application Data\pcouffin.inf
========== ZeroAccess Check ========== [2010/04/21 09:55:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 22:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013/01/31 09:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TuneUp Software
[2013/06/08 18:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2011/03/12 19:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
[2012/01/22 18:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\38FDB89C-1EBD-4366-84B2-336D12CC3209
[2012/12/30 15:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4shared Desktop
[2013/05/26 18:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aimersoft DVD Ripper
[2011/05/03 13:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aiseesoft Studio
[2012/10/07 12:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anvsoft
[2012/02/23 10:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AutoHideIP
[2012/02/16 09:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2013/03/17 21:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2013/04/24 18:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bridge Analyser
[2010/04/02 15:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2013/06/05 17:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/09/27 10:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CompuClever
[2011/11/22 20:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_0_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/11/22 20:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_2_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/02/10 07:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2011/11/24 12:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2011/11/22 20:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HideIPEasy
[2013/06/12 17:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2012/03/28 14:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2012/12/04 16:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leawo
[2010/04/14 10:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2013/05/15 08:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/12/11 11:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2012/07/28 18:10:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage
[2011/08/06 17:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\oM01602IaPfD01602
[2013/04/22 08:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QFX Software
[2011/09/08 13:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2011/12/23 16:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2012/03/02 16:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2012/10/07 12:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2010/07/25 22:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\sureshotgps
[2012/04/08 12:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/12/11 14:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2011/10/16 15:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2013/01/02 08:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WoW Worldwide Software LTD
[2013/06/21 16:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2012/10/08 14:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
[2013/06/21 17:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2011/02/07 09:47:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/06/12 17:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/02/18 09:32:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2011/11/25 11:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/03/30 20:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D2044A97-3875-40E7-8161-DA975C6BA7CF}
[2010/04/14 18:10:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012/11/01 07:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
[2013/01/31 09:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\TuneUp Software
[2020/12/01 12:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2011/01/04 17:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2012/03/28 11:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\iolo
[2011/02/15 14:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\TuneUp Software
[2012/08/19 15:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\.minecraft
[2012/07/28 17:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\.techniclauncher
[2012/07/25 20:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ad-Aware Antivirus
[2011/09/24 13:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Alaz
[2013/01/02 10:22:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Amazon
[2011/11/22 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AutoHideIP
[2011/09/07 18:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG10
[2012/02/16 09:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG2012
[2011/10/18 19:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Azureus
[2010/10/24 10:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BackTalk
[2013/04/24 18:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bridge Analyser
[2010/12/19 13:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bridge Baron 19
[2012/02/13 07:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bridge Baron 21
[2013/01/02 08:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\calibre
[2010/04/02 16:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\CD-LabelPrint
[2012/09/27 10:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\CompuClever
[2012/07/26 11:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Curiolab
[2011/11/22 20:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_0_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/11/22 20:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_2_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/01/11 15:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Digiarty
[2012/01/22 18:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Downloaded Installations
[2012/04/07 09:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\driveridentifier
[2013/06/20 10:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Dropbox
[2013/03/28 11:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DVDVideoSoft
[2011/08/06 14:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\EarMaster
[2013/05/26 16:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FamilyTreeMaker
[2011/01/03 11:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FDBTemp
[2012/04/16 17:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Garmin
[2011/12/05 16:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GetRightToGo
[2011/07/26 17:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GrabPro
[2013/06/22 15:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\HandBrake
[2011/11/22 20:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\HideIPEasy
[2012/03/28 12:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\iolo
[2011/09/24 13:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ivsu
[2012/01/03 21:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Kernel for Windows Data Recovery
[2012/08/05 11:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2012/12/04 15:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leawo
[2011/11/29 22:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Millennia
[2011/07/21 12:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Moyea
[2011/11/29 22:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\MyHeritage
[2011/01/27 15:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\NCH Swift Sound
[2012/11/13 20:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OpenOffice.org
[2012/07/28 17:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Oracle
[2013/03/31 11:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Orbit
[2013/03/31 11:39:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OxelonMC
[2013/01/12 14:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Photo DVD Maker
[2012/10/07 12:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Photo DVD Slideshow
[2011/07/26 17:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ProgSense
[2011/02/14 12:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Purple Ghost Software, Inc
[2013/04/22 08:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\QFX Software
[2012/08/04 17:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Qualys
[2011/04/30 11:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Regensoft
[2011/04/21 10:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\RegistryKeys
[2011/02/11 18:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Reviversoft
[2011/02/18 16:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ScanSpyware
[2011/11/26 13:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SourceTec
[2010/06/30 17:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\spotmau
[2012/04/07 11:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SystemRequirementsLab
[2011/11/29 22:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\The Complete Genealogy Reporter - FTB
[2010/06/30 17:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Thinstall
[2012/12/04 12:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\tiger-k
[2013/06/02 17:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TuneUp Software
[2011/12/11 13:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ulead Systems
[2013/06/20 19:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent
[2013/06/21 12:29:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Vso
[2011/03/28 13:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
[2011/04/11 10:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Search
[2010/11/10 21:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Xilisoft
[2013/01/21 11:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\XMedia Recode
[2012/03/11 16:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\YouTube Downloader
========== Purity Check ========== ========== Custom Scans ========== ========== Base Services ==========SRV - [2008/04/14 05:42:14 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/14 05:42:12 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/14 05:42:04 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 23:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 05:41:52 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 05:41:52 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/21 03:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 21:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/14 10:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/28 09:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/14 05:42:10 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/14 05:42:24 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 05:41:54 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 05:42:18 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 05:42:18 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 05:42:02 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/21 02:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 21:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 23:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 05:42:04 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 05:42:04 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 22:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/14 05:42:04 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 05:42:06 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 05:42:26 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/14 05:42:12 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 15:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/28 09:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/14 05:42:08 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 05:42:06 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 05:41:58 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 05:42:08 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 05:42:08 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/28 09:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/14 05:42:40 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 05:41:52 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/14 05:41:56 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/14 05:42:10 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/14 05:42:30 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 05:42:10 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 22:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/14 10:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/14 05:42:12 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 16:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< %SYSTEMDRIVE%\*.exe >[2013/06/12 15:28:32 | 001,898,001 | ---- | M] () -- C:\MGtools.exe
< MD5 for: EXPLORER.EXE >[2008/04/14 10:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 22:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: SERVICES >[2004/08/04 22:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services
< MD5 for: SERVICES.CFG >[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/05/11 20:37:26 | 000,558,990 | ---- | M] () MD5=FE8FB005031C2574E990DAC1F9F5ACF8 -- C:\Program Files\Adobe\Reader 11.0\Reader\Services\Services.cfg
< MD5 for: SERVICES.DAT >[2010/03/05 19:06:50 | 000,000,436 | ---- | M] () MD5=1A318B5517BF7F06057B304FCC90F194 -- C:\Backup\Program Files\ProxyWay\services.dat
[2013/04/22 13:04:55 | 000,001,720 | ---- | M] () MD5=43C1700D78D89F0B1F6FA88FD132BE1A -- C:\JRT\services.dat
< MD5 for: SERVICES.EXE >[2009/02/06 21:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 05:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/14 05:42:36 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 21:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 21:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 21:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 22:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
< MD5 for: SERVICES.EXE-2F433351.PF >[2013/06/23 08:54:05 | 000,016,282 | ---- | M] () MD5=F893DD388D337C5E374137454D54A44C -- C:\WINDOWS\Prefetch\SERVICES.EXE-2F433351.pf
< MD5 for: SERVICES.LNK >[2011/01/25 07:26:34 | 000,001,608 | ---- | M] () MD5=129FC547FA535E51BFED3481D6615413 -- C:\Backup\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
[2011/01/25 07:26:38 | 000,001,608 | ---- | M] () MD5=288855420901C5AB809FBA7785B377F3 -- C:\Backup\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Administrative Tools\Services.lnk
[2013/06/05 15:20:11 | 000,001,602 | ---- | M] () MD5=C3F3717EB13AFE34C41C3AFE192E62C9 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
< MD5 for: SERVICES.MSC >[2004/08/04 22:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc
< MD5 for: SERVICES.RDB >[2012/08/13 09:51:02 | 000,178,348 | ---- | M] () MD5=039C8CFBD74EE07F38CD9E4C7D95C5C6 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb
[2012/08/13 09:51:02 | 000,000,453 | ---- | M] () MD5=3D2ADA15FEF5B5FF468243161543D610 -- C:\Program Files\OpenOffice.org 3\program\services.rdb
[2012/08/10 14:12:16 | 000,008,060 | ---- | M] () MD5=7CA7D7150EC46321162F932ADCF5F35B -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
< MD5 for: SERVICES.SBK >[2009/04/28 15:03:53 | 000,000,115 | ---- | M] () MD5=C7126A767173DAC66B704523D8FC3D7C -- C:\Backup\Program Files\Registry Mechanic\backup\Services.sbk
< MD5 for: SERVICES.SBS >[2009/07/07 09:45:50 | 000,031,755 | ---- | M] () MD5=3254FEEC54BAB3EC6AF180367EFEC6F5 -- C:\Backup\Program Files\Spybot - Search & Destroy\Includes\Services.sbs
< MD5 for: SERVICES.TICO >[2009/01/30 03:36:46 | 000,002,038 | ---- | M] () MD5=D669B1B2EBE288A61680C3C863828D28 -- C:\Backup\Program Files\TuneUp Utilities 2009\Data\services.tico
[2009/09/25 14:00:00 | 000,002,038 | ---- | M] () MD5=D669B1B2EBE288A61680C3C863828D28 -- C:\Program Files\TuneUp Utilities 2011\data\services.tico
< MD5 for: SVCHOST.EXE >[2008/04/14 10:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 22:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: USERINIT.EXE >[2004/08/04 22:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 10:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >[2004/08/04 22:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 10:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WINSOCK.AOL >[2001/08/10 08:00:00 | 000,010,432 | ---- | M] () MD5=B11B9F08C67AF2E95F1DFD1B6B0B6CD7 -- C:\Backup\FTW\winsock.aol
< MD5 for: WINSOCK.DLL >[2004/08/04 22:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\WINDOWS\system32\dllcache\winsock.dll
[2004/08/04 22:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\WINDOWS\system32\winsock.dll
< MD5 for: WINSOCK.TXT >[2013/06/17 12:27:38 | 000,053,858 | ---- | M] () MD5=27BFDABD2B76131F0116C65450D9ACF1 -- C:\MGtools\winsock.txt
< >[2010/04/01 11:48:58 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010/04/01 12:07:28 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010/06/22 18:31:17 | 000,000,878 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010/06/22 18:31:17 | 000,000,882 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011/11/21 11:15:48 | 000,000,254 | ---- | C] () -- C:\WINDOWS\Tasks\defrag.job
[2012/04/02 09:00:53 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013/02/02 08:37:38 | 000,000,290 | ---- | C] () -- C:\WINDOWS\Tasks\ExpressBurnReminder.job
[2013/02/20 16:24:09 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2013/06/19 17:06:30 | 000,000,508 | ---- | C] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 2c793a52-bef9-4ac1-a46e-cdcfbcfb56ba.job
[2013/06/19 17:06:31 | 000,000,508 | ---- | C] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 4e57916c-2d66-4dfb-b6cf-71f6d1ed4305.job
< End of report >
OTL Extras logfile created on: 23/06/2013 11:49:46 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
1.97 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 63.62% Memory free
4.69 Gb Paging File | 4.02 Gb Available in Paging File | 85.82% Paging File free
Paging file location(s): c:\pagefile.sys 2940 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.57 Gb Total Space | 18.43 Gb Free Space | 26.49% Space Free | Partition Type: NTFS
Drive D: | 396.19 Gb Total Space | 253.31 Gb Free Space | 63.94% Space Free | Partition Type: NTFS
Drive H: | 1863.01 Gb Total Space | 745.23 Gb Free Space | 40.00% Space Free | Partition Type: NTFS
Computer Name: USER-84F12D431F | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1409082233-117609710-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5353:TCP" = 5353:TCP:*:Enabled:appletv
"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015
"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016
"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Gigabyte\EasySaver\UpdExe.exe" = C:\Program Files\Gigabyte\EasySaver\UpdExe.exe:*:Disabled:Exe File -- (GIGABYTE)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\MultiProxy\MProxy.exe" = C:\Program Files\MultiProxy\MProxy.exe:*:Enabled:MultiProxy personal proxy server -- (MishkinSoft,
http://www.multiproxy.org)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- (VideoLAN)
"C:\Program Files\Regensoft\Downloader App\DownloaderApp.exe" = C:\Program Files\Regensoft\Downloader App\DownloaderApp.exe:*:Enabled:Downloader App -- (Regensoft)
"C:\Documents and Settings\User\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\User\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc)
"C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0610.1
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{0FD155A3-DF78-43ee-84B0-3CC86BA962F2}_is1" = Sothink Video Converter
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series" = Canon iP4500 series
"{1266764D-FC4F-4FA7-B63B-884D53B1680F}" = NetAssistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1965C9BB-9114-4A50-AEC7-E62414BB117B}" = EASEUS Data Recovery Wizard Professional 4.3.6
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.1
"{1CB0993B-1CD4-4A18-9C85-9732AFD9843F}" = Family Tree Maker 2012
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20c31435-2a0a-4580-be8b-ac06fc243ca4}" = Python 2.7
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{249F13C9-889B-405E-8987-F4E6AA90BD8E}" = calibre
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217005F0}" = Java 7 Update 5
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40007E5C-19C8-4A25-AD70-A99D77D0A7DA}" = Active Boot Disk
"{4044436C-3A01-4ECA-8FC9-AC8F3F838EDC}" = Audials TV
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1DB25E-772B-45A6-8DA9-D263C88F7DA0}" = muvee autoProducer 3.1 - CE
"{4B2BD769-C7F5-4275-BCEB-658FC56ED3EE}" = File Renamer
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.24
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{5BCB96FE-1329-4395-9392-525CF6CDC7B3}" = AVG 2012
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5E1A9498-6B12-11D5-A550-00010242F47C}" = NuMega SoftICE Driver Suite 2.6
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}" = Google Earth
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AA92D13-8B7A-48B9-B18D-645564FAD258}" = Nero Vision Xtra
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7EEB72E4-2150-49F8-BC51-B63AF7B9E2F2}" = GEAR driver installer 4.019
"{805FF8E4-2CC8-4981-8DD6-1EDF5A30F6CF}" = YouTube Downloader Toolbar v5.1
"{83340D90-BB65-4969-8C4E7FABC6319CDA}_is1" = Bigasoft iTunes Video Converter 3.7.31.4806
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{87F25562-0C85-4B4A-9D47-9FA591F88401}" = sureanalysis version 3.14
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C52A46C-7961-4A81-AB4B-92CF65CB4772}_is1" = Sothink Web Video Downloader
"{900A3D0F-22D6-4B07-B618-43141080705A}_is1" = Mini CAD Viewer 3.0.2
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92C2E624-CC06-4309-BE91-A33EA04572F1}" = ArcSoft MediaConverter 4 Platinum
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D41D2EF-2D33-4CFD-8A3E-C7E6FCC3303B}" = ArcSoft ShowBiz
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1" = Free FLAC to MP3 Converter 1.0
"{a72ce741-1f32-4d79-bffb-a714375c678d}_is1" = Bigasoft Total Video Converter 3.7.35.4822
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}_955" = Adobe Acrobat 9.5.5 - CPSID_83708
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AF21F061-F04B-42B4-B6C3-784A080F782A}" = dirLock
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{C65AA5AE-8B80-46B6-ADFC-BBF1EFF2AD98}_is1" = EPUB to MOBI
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player
"{CC568376-DDDE-45F4-AC88-C39184455B8D}_is1" = Bigasoft MKV Converter 3.3.14.4128
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3C57A35-DE0D-475D-9F5E-D1D2DB80C3CF}" = Bridge Baron 19 eSellerate Download Version
"{D8CD8BBE-81F6-49CB-84D2-A1E616875792}" = AVG 2012
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode version 3.1.4.1
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F5E68E00-90A1-4486-8CDF-F4694B62E33A}" = Audials
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acoustica MP3 To Wave Converter PLUS" = Acoustica MP3 To Wave Converter PLUS
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aimersoft DVD Ripper_is1" = Aimersoft DVD Ripper(Build 2.5.0.0)
"Akamai" = Akamai NetSession Interface Service
"Amazon Kindle" = Amazon Kindle
"am-jigsawpuzzlegoldenedition" = Jigsaw Puzzle Golden Edition
"AutoHideIP" = Auto Hide IP
"AVG" = AVG 2012
"AviSynth" = AviSynth 2.5
"AVS Audio Converter_is1" = AVS Audio Converter 7
"AVS Audio Editor_is1" = AVS Audio Editor version 4.2
"AVS Screen Capture_is1" = AVS Screen Capture version 1.1.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Boilsoft Video Joiner_is1" = Boilsoft Video Joiner 5.32
"Bridge Analyser_is1" = Bridge Analyser v 1.3.1.0
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"DVD Shrink Pro_is1" = DVD Shrink Pro
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ExpressBurn" = Express Burn
"Family Tree Builder" = MyHeritage Family Tree Builder
"Family Tree Maker 2012" = Family Tree Maker 2012
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.9.9
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"jv16 PowerTools 2011" = jv16 PowerTools 2011
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"KeyScrambler" = KeyScrambler
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.9.5 (Full)
"Legacy 7.5" = Legacy 7.5
"Magic FLAC to MP3 Converter_is1" = Magic FLAC to MP3 Converter 3.71
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MixPad" = MixPad
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"ophcrack" = ophcrack 3.4.0
"Photo DVD Maker Professional" = Photo DVD Maker Professional 8.51
"PROR" = Microsoft Office Professional 2007
"RealAlt_is1" = Real Alternative 2.0.2
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Security Task Manager" = Security Task Manager 1.7f
"sp6" = Logitech SetPoint 6.51
"Spell Checker For OE 2.1" = Spell Checker For OE 2.1
"SUPERAntiSpyware Pro5" = SUPERAntiSpyware Pro
"Tune Up Utilities" = Tune Up Utilities 2011
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"VID_1D19&PID_6108&MI_00" = Conexant Polaris Unused CIR Function
"VID_1D19&PID_6108&MI_01" = Video Grabber
"Video Cutter_is1" = Video Cutter 1.0
"VLC media player" = VLC media player 2.0.7
"VobSub" = VobSub v2.23 (Remove Only)
"What's Running_is1" = What's Running 2.2
"WinAVI Video Converter_is1" = WinAVI Video Converter
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"wxDownload Fast_is1" = wxDownload Fast 0.6.0
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"YouTube Converter Pro_is1" = YouTube Converter Pro
"YouTube Downloader App" = YouTube Downloader App 3.00
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1409082233-117609710-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"NetAssistant" = NetAssistant for Firefox
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 19/06/2013 9:20:54 PM | Computer Name = USER-84F12D431F | Source = Application Hang | ID = 1001
Description = Fault bucket -664088378.
Error - 20/06/2013 3:11:12 AM | Computer Name = USER-84F12D431F | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.
Error - 20/06/2013 4:01:27 AM | Computer Name = USER-84F12D431F | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.
Error - 20/06/2013 6:03:30 AM | Computer Name = USER-84F12D431F | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(8c:7b:9d:e1:fa:ab@fe80::8e7b:9dff:fee1:faab._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 21/06/2013 7:02:36 PM | Computer Name = USER-84F12D431F | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.
Error - 21/06/2013 8:39:06 PM | Computer Name = USER-84F12D431F | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(8c:7b:9d:e1:fa:ab@fe80::8e7b:9dff:fee1:faab._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 22/06/2013 1:09:00 AM | Computer Name = USER-84F12D431F | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(8c:7b:9d:e1:fa:ab@fe80::8e7b:9dff:fee1:faab._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 22/06/2013 3:01:43 AM | Computer Name = USER-84F12D431F | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(8c:7b:9d:e1:fa:ab@fe80::8e7b:9dff:fee1:faab._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 22/06/2013 3:48:22 AM | Computer Name = USER-84F12D431F | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.
Error - 22/06/2013 9:04:47 PM | Computer Name = USER-84F12D431F | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(8c:7b:9d:e1:fa:ab@fe80::8e7b:9dff:fee1:faab._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.
[ System Events ]
Error - 3/04/2012 6:15:46 PM | Computer Name = USER-84F12D431F | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
2147749155 (0x80040D23).
Error - 3/04/2012 6:17:10 PM | Computer Name = USER-84F12D431F | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.
Error - 4/04/2012 8:00:27 PM | Computer Name = USER-84F12D431F | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070002: Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0
SP2 Security Update for Windows 2000, Windows Server 2003, and Windows XP x86 (KB979909).
Error - 4/04/2012 8:00:27 PM | Computer Name = USER-84F12D431F | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070002: Microsoft .NET Framework 3.5 SP1 Update for Windows Server
2003 and Windows XP x86 (KB982168).
Error - 4/04/2012 8:00:27 PM | Computer Name = USER-84F12D431F | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070002: Security Update for Microsoft .NET Framework 2.0 SP2 on
Windows Server 2003 and Windows XP x86 (KB2656352).
Error - 4/04/2012 8:00:27 PM | Computer Name = USER-84F12D431F | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070002: Security Update for Microsoft .NET Framework 2.0 SP2 on
Windows Server 2003 and Windows XP x86 (KB2572073).
Error - 4/04/2012 8:00:27 PM | Computer Name = USER-84F12D431F | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80246007: Security Update for Microsoft .NET Framework 2.0 SP2 on
Windows Server 2003 and Windows XP x86 (KB2633880).
Error - 4/04/2012 8:00:37 PM | Computer Name = USER-84F12D431F | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80246007: Security Update for .NET Framework 2.0 SP2 and 3.5 SP1 on
Windows Server 2003 and Windows XP x86 (KB2518864).
Error - 5/04/2012 5:55:05 PM | Computer Name = USER-84F12D431F | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
2147749155 (0x80040D23).
Error - 5/04/2012 5:56:36 PM | Computer Name = USER-84F12D431F | Source = Service Control Manager | ID = 7022
Description = The Windows Image Acquisition (WIA) service hung on starting.
[ TuneUp Events ]
Error - 1/12/2011 4:17:09 AM | Computer Name = USER-84F12D431F | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 5/12/2011 4:35:29 AM | Computer Name = USER-84F12D431F | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 5/12/2011 5:30:31 PM | Computer Name = USER-84F12D431F | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 8/12/2011 1:18:45 AM | Computer Name = USER-84F12D431F | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 10/12/2011 5:03:39 PM | Computer Name = USER-84F12D431F | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 17/12/2011 11:40:47 PM | Computer Name = USER-84F12D431F | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 17/12/2011 11:42:13 PM | Computer Name = USER-84F12D431F | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 19/12/2011 3:44:09 AM | Computer Name = USER-84F12D431F | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 22/12/2011 4:54:40 AM | Computer Name = USER-84F12D431F | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 23/12/2011 9:16:17 PM | Computer Name = USER-84F12D431F | Source = TuneUp Program Statistics | ID = 131840
Description =
< End of report >