[code] OTS logfile created on: 11/10/2009 6:33:43 AM - Run 2 OTS by OldTimer - Version 3.1.4.0 Folder = C:\Documents and Settings\Bruce\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 74.11% Memory free 3.85 Gb Paging File | 3.46 Gb Available in Paging File | 90.02% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 139.21 Gb Total Space | 77.77 Gb Free Space | 55.86% Space Free | Partition Type: NTFS Drive D: | 9.82 Gb Total Space | 0.59 Gb Free Space | 6.06% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC155953175710 Current User Name: Bruce Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\Bruce\Desktop\OTS.exe -> [2009/11/09 12:26:16 | 00,525,312 | ---- | M] (OldTimer Tools) ashdisp.exe -> C:\Program Files\Alwil Software\Avast4\ashDisp.exe -> [2009/08/17 10:07:23 | 00,081,000 | ---- | M] (ALWIL Software) ashserv.exe -> C:\Program Files\Alwil Software\Avast4\ashServ.exe -> [2009/08/17 10:07:17 | 00,138,680 | ---- | M] (ALWIL Software) ashmaisv.exe -> C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -> [2009/08/17 10:07:01 | 00,254,040 | ---- | M] (ALWIL Software) ashwebsv.exe -> C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -> [2009/08/17 10:04:21 | 00,352,920 | ---- | M] (ALWIL Software) aswupdsv.exe -> C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -> [2009/08/17 09:58:55 | 00,018,752 | ---- | M] (ALWIL Software) mqtgsvc.exe -> C:\WINDOWS\system32\mqtgsvc.exe -> [2009/06/22 05:49:23 | 00,117,248 | ---- | M] (Microsoft Corporation) mqsvc.exe -> C:\WINDOWS\system32\mqsvc.exe -> [2009/06/22 05:49:04 | 00,004,608 | ---- | M] (Microsoft Corporation) wltuser.exe -> C:\Program Files\Windows Live\Toolbar\wltuser.exe -> [2009/02/06 17:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) explorer.exe -> C:\WINDOWS\explorer.exe -> [2007/06/13 04:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) asghost.exe -> C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe -> [2007/02/06 19:30:00 | 00,065,536 | R--- | M] (Cognizance Corporation) [Modules - Safe List] ots.exe -> C:\Documents and Settings\Bruce\Desktop\OTS.exe -> [2009/11/09 12:26:16 | 00,525,312 | ---- | M] (OldTimer Tools) apshook.dll -> C:\WINDOWS\system32\APSHook.dll -> [2007/02/25 21:49:00 | 00,070,144 | R--- | M] (Bioscrypt Inc.) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll -> [2006/08/25 09:45:56 | 01,054,208 | ---- | M] (Microsoft Corporation) framedyn.dll -> C:\WINDOWS\system32\wbem\framedyn.dll -> [2004/08/04 02:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) mslbui.dll -> C:\WINDOWS\system32\mslbui.dll -> [2004/08/04 02:00:00 | 00,025,088 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (GoogleDesktopManager-093009-130223) Google Desktop Manager 5.9.909.30391 [Disabled | Stopped] -> C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -> [2009/11/02 03:35:53 | 00,030,192 | ---- | M] (Google) (ACDaemon) ArcSoft Connect Daemon [Disabled | Stopped] -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -> [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) (avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\Alwil Software\Avast4\ashServ.exe -> [2009/08/17 10:07:17 | 00,138,680 | ---- | M] (ALWIL Software) (avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -> [2009/08/17 10:07:01 | 00,254,040 | ---- | M] (ALWIL Software) (avast! Web Scanner) avast! Web Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -> [2009/08/17 10:04:21 | 00,352,920 | ---- | M] (ALWIL Software) (aswUpdSv) avast! iAVS4 Control Service [Auto | Running] -> C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -> [2009/08/17 09:58:55 | 00,018,752 | ---- | M] (ALWIL Software) (MSMQTriggers) Message Queuing Triggers [Auto | Running] -> C:\WINDOWS\system32\mqtgsvc.exe -> [2009/06/22 05:49:23 | 00,117,248 | ---- | M] (Microsoft Corporation) (MSMQ) Message Queuing [Auto | Running] -> C:\WINDOWS\system32\mqsvc.exe -> [2009/06/22 05:49:04 | 00,004,608 | ---- | M] (Microsoft Corporation) (SeaPort) SeaPort [Disabled | Stopped] -> C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -> [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) (PCPitstop Scheduling) PCPitstop Scheduling [Disabled | Stopped] -> C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -> [2009/04/26 13:29:24 | 00,090,352 | ---- | M] (PC Pitstop LLC) (QBCFMonitorService) QBCFMonitorService [Disabled | Stopped] -> C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -> [2009/04/08 23:47:58 | 00,020,480 | ---- | M] (Intuit) (gusvc) Google Software Updater [Auto | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/03/26 10:02:30 | 00,183,280 | ---- | M] (Google) (JavaQuickStarterService) Java Quick Starter [Disabled | Stopped] -> C:\Program Files\Java\jre6\bin\jqs.exe -> [2009/01/13 22:25:44 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) (odserv) Microsoft Office Diagnostics Service [Disabled | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) (FreeAgentGoNext Service) Seagate Service [Disabled | Stopped] -> C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -> [2008/10/28 15:42:30 | 00,156,968 | ---- | M] (Seagate Technology LLC) (Microsoft Office Groove Audit Service) Microsoft Office Groove Audit Service [Disabled | Stopped] -> C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -> [2008/10/25 10:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) (RoxLiveShare9) LiveShare P2P Server 9 [Disabled | Stopped] -> C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -> [2008/09/19 10:38:02 | 00,313,840 | ---- | M] (Sonic Solutions) (RoxWatch9) Roxio Hard Drive Watcher 9 [Disabled | Stopped] -> C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -> [2008/09/19 10:37:58 | 00,170,480 | ---- | M] (Sonic Solutions) (RoxMediaDB9) RoxMediaDB9 [Disabled | Stopped] -> C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -> [2008/09/19 10:37:36 | 01,108,464 | ---- | M] (Sonic Solutions) (FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [On_Demand | Stopped] -> c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) (idsvc) Windows CardSpace [Unknown | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) (NetTcpPortSharing) Net.Tcp Port Sharing Service [Disabled | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) (LVPrcSrv) Process Monitor [Disabled | Stopped] -> C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -> [2008/07/26 07:25:36 | 00,150,040 | ---- | M] (Logitech Inc.) (LVCOMSer) LVCOMSer [Disabled | Stopped] -> C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -> [2008/07/26 07:23:42 | 00,186,904 | ---- | M] (Logitech Inc.) (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) (aspnet_state) ASP.NET State Service [On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) (aawservice) Lavasoft Ad-Aware Service [Disabled | Stopped] -> C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -> [2008/07/07 07:15:18 | 00,611,664 | ---- | M] (Lavasoft) (CTUPnPSv) Creative Centrale Media Server [Disabled | Stopped] -> C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -> [2008/05/21 05:42:56 | 00,064,000 | ---- | M] (Creative Technology Ltd) (Roxio UPnP Renderer 9) Roxio UPnP Renderer 9 [Disabled | Stopped] -> C:\Program Files\Roxio\Roxio MyDVD Basic v9\Digital Home 9\RoxioUPnPRenderer9.exe -> [2007/12/06 23:20:56 | 00,088,560 | ---- | M] (Sonic Solutions) (Roxio Upnp Server 9) Roxio Upnp Server 9 [Disabled | Stopped] -> C:\Program Files\Roxio\Roxio MyDVD Basic v9\Digital Home 9\RoxioUpnpService9.exe -> [2007/12/06 23:20:52 | 00,362,992 | ---- | M] (Sonic Solutions) (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Disabled | Stopped] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> [2007/05/30 06:31:10 | 00,312,880 | ---- | M] (GRISOFT s.r.o.) (NVSvc) NVIDIA Display Driver Service [Disabled | Stopped] -> C:\WINDOWS\system32\nvsvc32.exe -> [2007/05/25 06:07:00 | 00,163,909 | ---- | M] (NVIDIA Corporation) (pdfcDispatcher) PDF Document Manager [Disabled | Stopped] -> C:\Program Files\PDF Complete\pdfsvc.exe -> [2007/05/08 09:38:46 | 00,540,448 | ---- | M] (PDF Complete Inc) (FLCDLOCK) HP ProtectTools Device Locking / Auditing [Disabled | Stopped] -> C:\WINDOWS\system32\flcdlock.exe -> [2007/04/30 09:28:34 | 00,172,131 | ---- | M] (Hewlett-Packard Ltd) (HpFkCryptService) Drive Encryption Service [Disabled | Stopped] -> c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -> [2007/04/27 11:58:58 | 00,221,184 | ---- | M] (SafeBoot International) (LightScribeService) LightScribeService Direct Disc Labeling Service [Disabled | Stopped] -> C:\Program Files\Common Files\LightScribe\LSSrvc.exe -> [2007/04/19 14:35:46 | 00,075,304 | ---- | M] (Hewlett-Packard Company) (CTDevice_Srv) CT Device Query service [Disabled | Stopped] -> C:\Program Files\Creative\Shared Files\CTDevSrv.exe -> [2007/04/02 00:15:40 | 00,061,440 | ---- | M] (Creative Technology Ltd) (ASBroker) Logon Session Broker [Auto | Running] -> C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -> [2007/02/06 19:30:00 | 00,074,240 | R--- | M] (Cognizance Corporation) (btwdins) Bluetooth Service [Disabled | Stopped] -> C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -> [2007/02/06 14:02:26 | 00,266,295 | ---- | M] (Broadcom Corporation.) (IviRegMgr) IviRegMgr [Disabled | Stopped] -> C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -> [2007/01/04 18:48:52 | 00,112,152 | R--- | M] (InterVideo) (MgiSvr) MgiSvr [Disabled | Stopped] -> C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe -> [2006/11/13 13:02:08 | 00,076,544 | ---- | M] (ArcSoft, Inc.) (QBFCService) Intuit QuickBooks FCS [Disabled | Stopped] -> C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -> [2006/11/09 14:30:14 | 00,065,536 | ---- | M] (Intuit Inc.) (stllssvr) stllssvr [Disabled | Stopped] -> c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -> [2006/11/01 12:17:32 | 00,073,728 | R--- | M] (MicroVision Development, Inc.) (ose) Office Source Engine [Disabled | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) (WMPNetworkSvc) Windows Media Player Network Sharing Service [Disabled | Stopped] -> C:\Program Files\Windows Media Player\WMPNetwk.exe -> [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) (Pml Driver HPZ12) Pml Driver HPZ12 [Auto | Running] -> C:\WINDOWS\system32\HPZIPM12.DLL -> [2006/10/16 23:01:12 | 00,053,248 | ---- | M] (Hewlett-Packard) (AdobeActiveFileMonitor5.0) Adobe Active File Monitor V5 [Disabled | Stopped] -> C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -> [2006/09/14 06:56:06 | 00,102,400 | ---- | M] () (ASChannel) Local Communication Channel [Auto | Running] -> C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -> [2006/06/21 23:14:00 | 00,131,584 | R--- | M] (Cognizance Corporation) (hpqwmiex) hpqwmiex [Disabled | Stopped] -> C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe -> [2006/05/02 16:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) (PCA) PC Angel [Disabled | Stopped] -> C:\WINDOWS\SMINST\PCAngel.exe -> [2006/01/12 14:22:38 | 00,294,912 | ---- | M] (SoftThinks) (USBDeviceService) USBDeviceService [Disabled | Stopped] -> C:\Program Files\Roxio\MyDVD\MyDVD\USBDeviceService.exe -> [2005/08/31 05:15:00 | 00,090,112 | ---- | M] () (Diskeeper) Diskeeper [Disabled | Stopped] -> C:\Program Files\Executive Software\Diskeeper\DkService.exe -> [2005/07/26 16:51:22 | 00,606,316 | ---- | M] (Executive Software International, Inc.) (CCALib8) Canon Camera Access Library 8 [Disabled | Stopped] -> C:\Program Files\Canon\CAL\CALMAIN.exe -> [2005/06/02 14:54:34 | 00,086,606 | ---- | M] (Canon Inc.) (IDriverT) InstallDriver Table Manager [Disabled | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -> [2004/10/22 04:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) (helpsvc) Help and Support [Auto | Running] -> C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -> [2004/08/04 02:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) (MDM) Machine Debug Manager [Disabled | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (AnyDVD) AnyDVD [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\AnyDVD.sys -> [2009/09/24 16:59:35 | 00,104,512 | ---- | M] (SlySoft, Inc.) (ElbyCDIO) ElbyCDIO Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\ElbyCDIO.sys -> [2009/09/11 11:08:45 | 00,024,744 | ---- | M] (Elaborate Bytes AG) (aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\aswmon2.sys -> [2009/08/17 10:06:43 | 00,094,160 | ---- | M] (ALWIL Software) (aswSP) avast! Self Protection [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aswSP.sys -> [2009/08/17 10:05:52 | 00,114,768 | ---- | M] (ALWIL Software) (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\aswFsBlk.sys -> [2009/08/17 10:05:37 | 00,020,560 | ---- | M] (ALWIL Software) (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aswTdi.sys -> [2009/08/17 10:04:40 | 00,051,376 | ---- | M] (ALWIL Software) (aswRdr) aswRdr [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\aswRdr.sys -> [2009/08/17 10:04:29 | 00,023,152 | ---- | M] (ALWIL Software) (Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aavmker4.sys -> [2009/08/17 10:03:21 | 00,026,944 | ---- | M] (ALWIL Software) (SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2009/08/10 20:39:54 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (MQAC) Message Queuing access control [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mqac.sys -> [2009/06/22 05:48:44 | 00,091,776 | ---- | M] (Microsoft Corporation) (Point32) Microsoft IntelliPoint Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\point32.sys -> [2009/06/01 12:51:54 | 00,027,792 | ---- | M] (Microsoft Corporation) (NuidFltr) NUID filter driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\nuidfltr.sys -> [2009/06/01 12:51:54 | 00,014,736 | ---- | M] (Microsoft Corporation) (SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -> [2009/03/28 08:47:24 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\PxHelp20.sys -> [2008/11/20 13:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) (LVUSBSta) Logitech USB Monitor Filter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\LVUSBSta.sys -> [2008/07/26 09:26:20 | 00,041,752 | ---- | M] (Logitech Inc.) (LVRS) Logitech RightSound Filter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\lvrs.sys -> [2008/07/26 09:25:46 | 00,627,864 | ---- | M] (Logitech Inc.) (PID_PEPI) Logitech QuickCam IM(PID_PEPI) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\LV302V32.SYS -> [2008/07/26 09:22:32 | 02,570,520 | ---- | M] (Logitech Inc.) (pepifilter) Volume Adapter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\lv302af.sys -> [2008/07/26 09:22:20 | 00,013,848 | ---- | M] (Logitech Inc.) (LVPr2Mon) Logitech LVPr2Mon Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\LVPr2Mon.sys -> [2008/07/26 07:25:02 | 00,025,624 | ---- | M] () (RimUsb) BlackBerry Smartphone [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\RimUsb.sys -> [2008/05/20 19:33:50 | 00,022,784 | ---- | M] (Research In Motion Limited) (RMCAST) Reliable Multicast Protocol driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rmcast.sys -> [2008/05/08 06:28:49 | 00,202,752 | ---- | M] (Microsoft Corporation) (PID_0928) Logitech QuickCam Express(PID_0928) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\LV561AV.SYS -> [2008/02/01 03:43:00 | 00,489,624 | ---- | M] (Logitech Inc.) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2007/11/13 04:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (ARCSOFTVIRTUALCAPTURE) Magic-i Virtual Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ArcSoftVirtualCapture.sys -> [2007/07/02 14:08:08 | 00,015,616 | ---- | M] (ArcSoft, Inc.) (AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Running] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [2007/05/30 06:10:42 | 00,011,000 | ---- | M] () (AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\AvgAsCln.sys -> [2007/05/30 06:10:42 | 00,010,872 | ---- | M] (GRISOFT, s.r.o.) (nv) nv [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2007/05/25 06:07:00 | 06,345,504 | ---- | M] (NVIDIA Corporation) (HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2007/05/06 19:00:06 | 00,988,032 | ---- | M] (Conexant Systems, Inc.) (winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2007/05/06 19:00:06 | 00,731,136 | ---- | M] (Conexant Systems, Inc.) (HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2007/05/06 19:00:06 | 00,210,816 | ---- | M] (Conexant Systems, Inc.) (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\mdmxsdk.sys -> [2007/05/06 19:00:06 | 00,012,672 | ---- | M] (Conexant) (RsvLock) RsvLock [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\rsvlock.sys -> [2007/04/26 20:23:36 | 00,005,808 | ---- | M] (SafeBoot International) (SafeBoot) SafeBoot [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\SafeBoot.sys -> [2007/04/26 20:23:06 | 00,100,095 | ---- | M] () (DAMDrv) DAMDrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\DAMDrv.sys -> [2007/04/23 14:13:44 | 00,030,008 | ---- | M] (Hewlett-Packard Development Company L.P.) (e1express) Intel(R) PRO/1000 PCI Express Network Connection Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\e1e5132.sys -> [2007/04/17 07:26:54 | 00,250,776 | ---- | M] (Intel Corporation) (ATSWPDRV) (****DEBUG****) AuthenTec TruePrint USB Driver (SwipeSensor) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\atswpdrv.sys -> [2007/04/10 16:55:28 | 00,140,808 | ---- | M] (AuthenTec, Inc.) (NETw4x32) Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\NETw4x32.sys -> [2007/04/03 03:44:24 | 02,203,520 | ---- | M] (Intel Corporation) (BCM43XX) Broadcom 802.11 Network Adapter Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2007/04/03 03:44:06 | 00,604,928 | ---- | M] (Broadcom Corporation) (SbFsLock) SbFsLock [File_System | Boot | Running] -> C:\WINDOWS\system32\drivers\SbFsLock.sys -> [2007/03/29 17:54:00 | 00,013,696 | ---- | M] (SafeBoot International) (iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\WINDOWS\System32\DRIVERS\iaStor.sys -> [2007/03/21 06:58:56 | 00,304,920 | ---- | M] (Intel Corporation) (ADIHdAudAddService) ADI UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ADIHdAud.sys -> [2007/03/01 05:45:58 | 00,289,792 | ---- | M] (Analog Devices, Inc.) (rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2007/02/24 08:42:22 | 00,039,936 | ---- | M] (REDC) (BTWUSB) WIDCOMM USB Bluetooth Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\btwusb.sys -> [2007/02/14 08:21:00 | 00,067,960 | ---- | M] (Broadcom Corporation.) (BTKRNL) Bluetooth Bus Enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\btkrnl.sys -> [2007/02/14 08:20:58 | 00,868,298 | ---- | M] (Broadcom Corporation.) (IFXTPM) IFXTPM [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ifxtpm.sys -> [2007/01/23 14:13:26 | 00,036,608 | ---- | M] (Infineon Technologies AG) (rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2007/01/23 11:03:28 | 00,037,376 | ---- | M] (REDC) (rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2007/01/23 10:40:20 | 00,042,496 | ---- | M] (REDC) (RimVSerPort) RIM Virtual Serial Port v2 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RimSerial.sys -> [2007/01/18 10:24:58 | 00,026,496 | R--- | M] (Research in Motion Ltd) (SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\SynTP.sys -> [2007/01/12 07:04:44 | 00,201,856 | ---- | M] (Synaptics, Inc.) (rismc32) RICOH Smart Card Reader [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rismc32.sys -> [2006/12/19 19:08:00 | 00,047,616 | ---- | M] (RICOH Company, Ltd.) (eabfiltr) eabfiltr [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\eabfiltr.sys -> [2006/11/30 12:24:58 | 00,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) (Afc) PPdus ASPI Shell [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\afc.sys -> [2006/11/10 14:05:00 | 00,018,688 | ---- | M] (Arcsoft, Inc.) (SbAlg) SbAlg [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\SbAlg.sys -> [2006/10/09 14:31:46 | 00,044,720 | ---- | M] (SafeBoot N.V.) (AEAudio) AE Audio Service [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\aeaudio.sys -> [2006/08/07 00:57:30 | 00,093,952 | ---- | M] (Andrea Electronics Corporation) (Accelerometer) Accelerometer [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Accelerometer.sys -> [2006/07/23 23:00:04 | 00,022,016 | ---- | M] (Hewlett-Packard Corporation) (hpdskflt) HP Disk Filter Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -> [2006/07/23 23:00:04 | 00,017,920 | ---- | M] (Hewlett-Packard Corporation) (HBtnKey) HBtnKey [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\CPQBttn.sys -> [2006/06/28 11:54:00 | 00,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) (SASENUM) SASENUM [Kernel | On_Demand | Stopped] -> C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -> [2006/02/16 15:51:08 | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) (tfsnudfa) tfsnudfa [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnudfa.sys -> [2005/08/26 04:33:00 | 00,100,605 | ---- | M] (Sonic Solutions) (tfsnudf) tfsnudf [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnudf.sys -> [2005/08/26 04:33:00 | 00,098,716 | ---- | M] (Sonic Solutions) (tfsnifs) tfsnifs [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnifs.sys -> [2005/08/26 04:33:00 | 00,086,812 | ---- | M] (Sonic Solutions) (tfsncofs) tfsncofs [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsncofs.sys -> [2005/08/26 04:33:00 | 00,034,845 | ---- | M] (Sonic Solutions) (tfsnboio) tfsnboio [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnboio.sys -> [2005/08/26 04:33:00 | 00,025,725 | ---- | M] (Sonic Solutions) (tfsnopio) tfsnopio [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnopio.sys -> [2005/08/26 04:33:00 | 00,015,069 | ---- | M] (Sonic Solutions) (tfsnpool) tfsnpool [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsnpool.sys -> [2005/08/26 04:33:00 | 00,006,365 | ---- | M] (Sonic Solutions) (tfsndrct) tfsndrct [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsndrct.sys -> [2005/08/26 04:33:00 | 00,004,125 | ---- | M] (Sonic Solutions) (tfsndres) tfsndres [File_System | Auto | Running] -> C:\WINDOWS\system32\dla\tfsndres.sys -> [2005/08/26 04:33:00 | 00,002,241 | ---- | M] (Sonic Solutions) (drvmcdb) drvmcdb [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\drvmcdb.sys -> [2005/02/02 02:22:00 | 00,088,080 | ---- | M] (Sonic Solutions) (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Hdaudbus.sys -> [2005/01/07 18:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) (drvnddm) drvnddm [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\drvnddm.sys -> [2004/12/23 01:56:00 | 00,040,544 | ---- | M] (Sonic Solutions) (sscdbhk5) sscdbhk5 [File_System | System | Running] -> C:\WINDOWS\system32\drivers\sscdbhk5.sys -> [2004/12/02 10:04:20 | 00,005,627 | ---- | M] (Sonic Solutions) (ssrtln) ssrtln [File_System | System | Running] -> C:\WINDOWS\system32\drivers\ssrtln.sys -> [2004/12/02 10:04:10 | 00,023,545 | ---- | M] (Sonic Solutions) (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2004/08/04 02:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) (ROOTMODEM) Microsoft Legacy Modem Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rootmdm.sys -> [2004/08/04 02:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) (usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\USBAUDIO.sys -> [2004/08/03 22:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) (SMCIRDA) SMC IrCC Miniport Device Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\smcirda.sys -> [2001/08/17 13:10:28 | 00,035,913 | ---- | M] (SMC) (AliIde) AliIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 09:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.msnbc.msn.com/ -> HKEY_CURRENT_USER\: URLSearchHooks\\"{1392b8d2-5c05-419f-a8f6-b9f15a596612}" [HKLM] -> C:\Program Files\Freecorder\tbFre0.dll [Freecorder Toolbar] -> [2009/07/21 08:23:35 | 02,215,960 | ---- | M] (Conduit Ltd.) HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Bruce\Application Data\Mozilla\FireFox\Profiles\9lqe2f9c.default\prefs.js -> browser.startup.homepage -> "http://www.msnbc.msn.com/" -> extensions.enabledItems -> {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.8 -> extensions.enabledItems -> {097d3191-e6fa-4728-9826-b533d755359d}:0.7.10 -> extensions.enabledItems -> {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.1 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> moveplayer@movenetworks.com:1.0.0.07103010 -> extensions.enabledItems -> camifox@altmusictv.com:2.0.3 -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4 -> extensions.enabledItems -> {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.69 -> keyword.URL -> "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&q=" -> network.proxy.type -> 4 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com -> C:\Program Files\Java\jre6\lib\deploy\jqs\ff [C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF] -> [2009/01/13 22:25:44 | 00,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/09/01 16:17:46 | 00,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} -> C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext [C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD\FIREFOX\EXT] -> [2009/10/07 18:34:39 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2009/11/02 07:24:59 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2009/11/02 03:35:53 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Extensions -> [2009/03/05 11:43:07 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2008/08/26 05:44:42 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Extensions\mozswing@mozswing.org -> [2009/03/05 11:43:07 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Firefox\Profiles\9lqe2f9c.default\extensions -> [2009/11/08 22:01:59 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Firefox\Profiles\9lqe2f9c.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} -> [2009/06/13 19:38:36 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Firefox\Profiles\9lqe2f9c.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d} -> [2009/05/06 19:40:08 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Firefox\Profiles\9lqe2f9c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/09/01 20:59:12 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Firefox\Profiles\9lqe2f9c.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} -> [2009/10/04 11:37:33 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Firefox\Profiles\9lqe2f9c.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03} -> [2008/12/07 23:28:33 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Firefox\Profiles\9lqe2f9c.default\extensions\camifox@altmusictv.com -> [2009/07/20 19:40:23 | 00,000,000 | ---D | M] -> C:\Documents and Settings\Bruce\Application Data\Mozilla\Firefox\Profiles\9lqe2f9c.default\extensions\moveplayer@movenetworks.com -> [2008/09/30 21:35:30 | 00,000,000 | ---D | M] < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2009/11/08 22:01:59 | 00,000,000 | ---D | M] -> C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2009/10/28 15:48:48 | 00,000,000 | ---D | M] -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} -> [2008/07/12 06:16:46 | 00,000,000 | ---D | M] -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} -> [2009/01/13 22:26:10 | 00,000,000 | ---D | M] -> C:\Program Files\Mozilla Firefox\extensions\Access Privileges Test -> [2008/09/05 12:29:27 | 00,000,000 | ---D | M] < FireFox Components [Program Folders] > -> browserdirprovider.dll -> C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll -> [2009/10/28 15:48:40 | 00,023,544 | ---- | M] (Mozilla Foundation) brwsrcmp.dll -> C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll -> [2009/10/28 15:48:40 | 00,137,208 | ---- | M] (Mozilla Foundation) GoogleDesktopMozilla.dll -> C:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll -> [2009/11/02 03:35:53 | 00,119,808 | ---- | M] (Google) < HOSTS File > (74 bytes and 2 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost ::1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 22:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated) {1392b8d2-5c05-419f-a8f6-b9f15a596612} [HKLM] -> C:\Program Files\Freecorder\tbFre0.dll [Freecorder Toolbar] -> [2009/07/21 08:23:35 | 02,215,960 | ---- | M] (Conduit Ltd.) {22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> [2009/05/26 18:41:16 | 01,088,296 | ---- | M] (Skype Technologies S.A.) {3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2009/10/07 18:34:38 | 00,329,312 | ---- | M] (RealPlayer) {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [HKLM] -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [Search Helper] -> [2009/05/19 10:36:18 | 00,137,600 | ---- | M] (Microsoft Corporation) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 14:19:32 | 02,217,848 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2009/01/13 22:25:44 | 00,320,920 | ---- | M] (Sun Microsystems, Inc.) {9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2009/02/17 16:11:04 | 00,408,440 | ---- | M] (Microsoft Corporation) {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2009/10/27 17:52:03 | 00,256,112 | ---- | M] (Google Inc.) {AE7CD045-E861-484f-8273-0445EE161910} [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [AcroIEToolbarHelper Class] -> [2003/05/15 00:03:46 | 00,147,456 | ---- | M] () {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [Google Toolbar Notifier BHO] -> [2009/10/27 18:24:16 | 00,761,840 | ---- | M] (Google Inc.) {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [Google Dictionary Compression sdch] -> [2009/10/27 17:52:01 | 00,458,736 | ---- | M] (Google Inc.) {DF21F1DB-80C6-11D3-9483-B03D0EC10000} [HKLM] -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [Credential Manager for HP ProtectTools] -> [2006/11/21 00:59:00 | 00,071,192 | R--- | M] (Bioscrypt Inc.) {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [Windows Live Toolbar Helper] -> [2009/02/06 17:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation) {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/01/13 22:25:44 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{1392b8d2-5c05-419f-a8f6-b9f15a596612}" [HKLM] -> C:\Program Files\Freecorder\tbFre0.dll [Freecorder Toolbar] -> [2009/07/21 08:23:35 | 02,215,960 | ---- | M] (Conduit Ltd.) "{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 17:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation) "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/10/27 17:52:03 | 00,256,112 | ---- | M] (Google Inc.) "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [2003/05/15 00:03:46 | 00,147,456 | ---- | M] () < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> ShellBrowser\\"{1392B8D2-5C05-419F-A8F6-B9F15A596612}" [HKLM] -> C:\Program Files\Freecorder\tbFre0.dll [Freecorder Toolbar] -> [2009/07/21 08:23:35 | 02,215,960 | ---- | M] (Conduit Ltd.) WebBrowser\\"{1392B8D2-5C05-419F-A8F6-B9F15A596612}" [HKLM] -> C:\Program Files\Freecorder\tbFre0.dll [Freecorder Toolbar] -> [2009/07/21 08:23:35 | 02,215,960 | ---- | M] (Conduit Ltd.) WebBrowser\\"{21FA44EF-376D-4D53-9B0F-8A89D3229068}" [HKLM] -> C:\Program Files\Windows Live\Toolbar\wltcore.dll [&Windows Live Toolbar] -> [2009/02/06 17:17:46 | 01,068,904 | ---- | M] (Microsoft Corporation) WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/10/27 17:52:03 | 00,256,112 | ---- | M] (Google Inc.) WebBrowser\\"{47833539-D0C5-4125-9FA8-0819E2EAAC93}" [HKLM] -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> [2003/05/15 00:03:46 | 00,147,456 | ---- | M] () < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "avast!" -> C:\Program Files\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> [2009/08/17 10:07:23 | 00,081,000 | ---- | M] (ALWIL Software) "Malwarebytes Anti-Malware (reboot)" -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe ["C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript] -> [2009/09/10 14:53:56 | 01,312,080 | ---- | M] (Malwarebytes Corporation) "PPort11reminder" -> C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe ["C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini] -> [2006/11/16 10:01:34 | 00,035,368 | ---- | M] (Nuance Communications, Inc.) < RunOnce [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> "Shockwave Updater" -> C:\WINDOWS\System32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -Mozilla\5.0_( [C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US;_rv:1.9.1.4)_Gecko/20091016_Firefox/3.5.4_(.NET_CLR_3.5.30729)" -"http://www.msnbc.msn.com/id/20044245/ns/entertainment-comics_games_news_of_the_weird/?cat=uj"] -> File not found < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Bruce Startup Folder > -> C:\Documents and Settings\Bruce\Start Menu\Programs\Startup -> < Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"HonorAutoRunSetting" -> [1] -> File not found \\"NoCDBurning" -> [0] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found \\"DisableRegistryTools" -> [0] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> Add to Google Photos Screensa&ver -> C:\WINDOWS\System32\GPhotos.scr [res://C:\WINDOWS\system32\GPhotos.scr/200] -> [2009/05/01 12:30:36 | 03,366,912 | ---- | M] (Google Inc.) E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2009/05/04 07:40:04 | 18,333,536 | ---- | M] (Microsoft Corporation) < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2009/07/26 19:17:14 | 00,186,192 | ---- | M] (Microsoft Corporation) {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2009/07/26 19:17:14 | 00,186,192 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2008/10/25 06:52:00 | 00,604,056 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2008/10/25 06:52:00 | 00,604,056 | ---- | M] (Microsoft Corporation) {77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Button: Skype] -> [2009/05/26 18:41:16 | 01,088,296 | ---- | M] (Skype Technologies S.A.) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 03:04:56 | 00,039,464 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> [2004/10/13 10:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2004/10/13 10:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> localhost .[http] -> Local intranet -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. -> GD [:Range = 127.0.0.1] -> http = Local intranet | -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {0E5F0222-96B9-11D3-8997-00104BD12D94} [HKLM] -> http://pcpitstop.com/betapit/PCPitStop.CAB [PCPitstop Utility] -> {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} [HKLM] -> http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll [PCPitstop Exam] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 24.116.2.50 24.116.2.34 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {39DB9454-ADC0-468C-8ACB-18B1F84D05EA}\\DhcpNameServer -> 24.116.2.50 24.116.2.34 (Intel(R) Wireless WiFi Link 4965AG) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2007/06/13 04:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> !SASWinLogon -> C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL -> [2009/09/09 06:36:30 | 00,548,352 | ---- | M] (SUPERAntiSpyware.com) DeviceNP -> C:\WINDOWS\System32\DeviceNP.dll -> [2007/04/30 09:19:04 | 00,049,152 | ---- | M] (Hewlett-Packard Limited) OneCard -> C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -> [2007/02/06 19:30:00 | 00,074,240 | R--- | M] (Cognizance Corporation) < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{56F9679E-7826-4C84-81F3-532071A8BCC5}" [HKLM] -> C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [] -> [2009/05/24 21:41:34 | 00,304,128 | ---- | M] (Microsoft Corporation) "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" [HKLM] -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> [2007/05/30 06:29:58 | 00,079,408 | ---- | M] (GRISOFT s.r.o.) "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [] -> [2008/05/20 20:36:44 | 00,077,824 | ---- | M] (SuperAdBlocker.com) "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009/02/12 14:19:32 | 02,217,848 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004/08/04 02:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2009/07/26 15:44:34 | 03,883,856 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" -> C:\Program Files\Windows Live\Messenger\wlcsdk.exe [C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 17:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" -> C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe [C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync] -> [2009/07/26 11:05:30 | 01,169,224 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\mqsvc.exe" -> C:\WINDOWS\System32\mqsvc.exe [C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing] -> [2009/06/22 05:49:04 | 00,004,608 | ---- | M] (Microsoft Corporation) < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2004/08/04 02:00:00 | 00,140,800 | ---- | M] (Microsoft Corporation) "C:\Documents and Settings\Bruce\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" -> C:\Documents and Settings\Bruce\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe [C:\Documents and Settings\Bruce\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player] -> [2009/07/16 07:54:39 | 00,319,488 | ---- | M] (Octoshape ApS) "C:\Program Files\Google\Google Talk\googletalk.exe" -> C:\Program Files\Google\Google Talk\googletalk.exe [C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk] -> [2007/01/01 15:22:02 | 03,739,648 | ---- | M] (Google) "C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe" -> C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe [C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe:*:Enabled:QuickBooks 2007 Data Manager] -> [2006/09/13 09:32:12 | 00,128,536 | ---- | M] (iAnywhere Solutions, Inc.) "C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2009/07/31 13:22:14 | 00,139,776 | ---- | M] (Lime Wire, LLC) "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove] -> [2009/02/14 05:03:18 | 00,337,264 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote] -> [2008/11/24 21:16:44 | 01,020,776 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2009/08/17 21:54:54 | 12,957,536 | ---- | M] (Microsoft Corporation) "C:\Program Files\Mozilla Firefox\firefox.exe" -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox] -> [2009/10/28 15:48:41 | 00,908,280 | ---- | M] (Mozilla Corporation) "C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath ] -> [2009/05/26 18:41:16 | 24,264,488 | R--- | M] (Skype Technologies S.A.) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2009/07/26 15:44:34 | 03,883,856 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" -> C:\Program Files\Windows Live\Messenger\wlcsdk.exe [C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call] -> [2009/02/06 17:21:00 | 00,583,024 | ---- | M] (Microsoft Corporation) "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" -> C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe [C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync] -> [2009/07/26 11:05:30 | 01,169,224 | ---- | M] (Microsoft Corporation) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> [2009/05/26 21:06:32 | 04,351,216 | ---- | M] (Yahoo! Inc.) "C:\WINDOWS\SMINST\Scheduler.exe" -> C:\WINDOWS\SMINST\Scheduler.exe [C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler ] -> [2006/10/09 12:23:06 | 00,697,976 | ---- | M] () "C:\WINDOWS\system32\dpvsetup.exe" -> C:\WINDOWS\System32\dpvsetup.exe [C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test] -> [2004/08/04 02:00:00 | 00,083,456 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\mqsvc.exe" -> C:\WINDOWS\System32\mqsvc.exe [C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing] -> [2009/06/22 05:49:04 | 00,004,608 | ---- | M] (Microsoft Corporation) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> D:\AUTOEXEC.BAT [] -> D:\AUTOEXEC.BAT [ FAT32 ] -> [2001/07/27 23:07:00 | 00,000,000 | -HS- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> File not found exefile [open] -> "%1" %* -> File not found [Registry - Additional Scans - Safe List] < Disabled MSConfig Services [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services -> "aawservice" -> -> "ACDaemon" -> -> "AdobeActiveFileMonitor5.0" -> -> "aswUpdSv" -> -> "avast! Antivirus" -> -> "avast! Mail Scanner" -> -> "avast! Web Scanner" -> -> "AVG Anti-Spyware Guard" -> -> "btwdins" -> -> "CCALib8" -> -> "CTDevice_Srv" -> -> "CTUPnPSv" -> -> "Diskeeper" -> -> "FLCDLOCK" -> -> "FreeAgentGoNext Service" -> -> "GoogleDesktopManager-093009-130223" -> -> "gusvc" -> -> "HpFkCryptService" -> -> "hpqwmiex" -> -> "IDriverT" -> -> "idsvc" -> -> "ImapiService" -> -> "IviRegMgr" -> -> "JavaQuickStarterService" -> -> "LightScribeService" -> -> "LVCOMSer" -> -> "LVPrcSrv" -> -> "MDM" -> -> "MgiSvr" -> -> "Microsoft Office Groove Audit Service" -> -> "NVSvc" -> -> "odserv" -> -> "ose" -> -> "PCA" -> -> "PCPitstop Scheduling" -> -> "pdfcDispatcher" -> -> "QBFCService" -> -> "Roxio UPnP Renderer 9" -> -> "Roxio Upnp Server 9" -> -> "RoxLiveShare9" -> -> "RoxMediaDB9" -> -> "RoxWatch9" -> -> "SeaPort" -> -> "stllssvr" -> -> "USBDeviceService" -> -> "WMPNetworkSvc" -> -> < Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe -> [2003/05/15 00:19:50 | 00,217,193 | ---- | M] (Adobe Systems Inc.) C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe -> [2007/02/06 14:14:00 | 00,561,213 | ---- | M] (Broadcom Corporation.) C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe -> [2007/05/23 10:00:08 | 00,192,512 | ---- | M] (InterVideo Inc.) C:^Documents and Settings^All Users^Start Menu^Programs^Startup^eSync Reminder.lnk -> C:\Program Files\Dentrix\eSyncReminder.exe -> [2009/01/28 16:59:06 | 00,222,480 | ---- | M] () C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Button Manager.lnk -> C:\Program Files\HP\Button Manager\BM.exe -> [2008/11/06 13:22:18 | 00,266,240 | ---- | M] () C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe -> [2006/02/10 06:56:20 | 00,073,728 | ---- | M] (Hewlett-Packard Development Company, L.P.) C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Magic-i.lnk -> C:\Program Files\ArcSoft\Magic-i 3\Magic-i.exe -> [2008/05/21 12:33:32 | 00,530,944 | ---- | M] (ArcSoft, Inc.) C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe -> [2009/04/09 02:37:00 | 00,972,064 | ---- | M] (Intuit Inc.) C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WebSync Reminder.lnk -> C:\Program Files\Dentrix\WebSyncReminder.exe -> [2009/01/28 16:59:42 | 00,091,408 | ---- | M] (Henry Schein, Inc.) C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe -> [2008/05/26 21:19:14 | 00,123,904 | ---- | M] (Microsoft Corporation) C:^Documents and Settings^Bruce^Start Menu^Programs^Startup^Desktop Manager.lnk -> C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe -> [2008/11/04 12:09:44 | 01,545,488 | ---- | M] (Research In Motion Limited) C:^Documents and Settings^Bruce^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE -> [2008/10/25 07:18:50 | 00,098,696 | ---- | M] (Microsoft Corporation) < Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> !AVG Anti-Spyware hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> [2007/06/11 03:25:42 | 06,731,312 | ---- | M] (GRISOFT s.r.o.) AccelerometerSysTrayApplet hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found AnyDVD hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe -> [2009/09/25 07:19:02 | 03,058,624 | ---- | M] (SlySoft, Inc.) ArcSoft Connection Service hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe -> [2009/10/10 12:32:18 | 00,203,264 | ---- | M] (ArcSoft Inc.) ares hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Ares\Ares.exe -> File not found BlackBerryAutoUpdate hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe -> [2008/11/04 12:09:58 | 00,615,696 | ---- | M] (Research In Motion Limited) CognizanceTS hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll -> [2003/12/22 11:12:00 | 00,017,920 | R--- | M] (Cognizance Corporation) Cpqset hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Hewlett-Packard\Default Settings\Cpqset.exe -> [2007/05/03 09:52:22 | 00,057,344 | ---- | M] () ctfmon.exe hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found DetectorApp hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe -> [2005/08/31 05:15:00 | 00,102,400 | ---- | M] () DiskeeperSystray hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Executive Software\Diskeeper\DkIcon.exe -> [2005/07/26 16:52:24 | 00,184,408 | ---- | M] (Executive Software International, Inc.) dla hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found DtxQuickLaunch.exe hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Dentrix\DtxQuickLaunch.exe -> [2009/01/28 16:57:56 | 00,062,736 | ---- | M] (Henry Schein, Inc.) eehtrfeo hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Documents and Settings\Bruce\Local Settings\Application Data\bcaqoa\pxwusysguard.exe -> File not found EEventManager hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Epson Software\Event Manager\EEventManager.exe -> [2008/02/19 17:05:24 | 00,591,696 | ---- | M] (SEIKO EPSON CORPORATION) EPSON WorkForce 600 Series hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found Google Desktop Search hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -> [2009/11/02 03:35:53 | 00,030,192 | ---- | M] (Google) googletalk hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Google\Google Talk\googletalk.exe -> [2007/01/01 15:22:02 | 03,739,648 | ---- | M] (Google) GrooveMonitor hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe -> [2008/10/25 10:44:34 | 00,031,072 | ---- | M] (Microsoft Corporation) hpWirelessAssistant hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found IMJPMIG8.1 hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE -> [2004/08/04 07:00:00 | 00,208,952 | ---- | M] (Microsoft Corporation) IndexSearch hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe -> [2007/01/11 11:58:52 | 00,046,632 | ---- | M] (Nuance Communications, Inc.) IntelliPoint hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> c:\Program Files\Microsoft IntelliPoint\ipoint.exe -> [2009/06/01 12:51:52 | 01,468,296 | ---- | M] (Microsoft Corporation) ISUSScheduler hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> [2006/09/11 04:40:34 | 00,086,960 | ---- | M] (Macrovision Corporation) LightScribe Control Panel hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -> [2007/04/19 14:26:52 | 00,484,904 | ---- | M] (Hewlett-Packard Company) LogitechCommunicationsManager hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe -> [2008/08/14 16:11:48 | 00,565,008 | ---- | M] () LogitechQuickCamRibbon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Logitech\QuickCam\Quickcam.exe -> [2008/08/14 16:15:46 | 02,407,184 | ---- | M] () MaxMenuMgr hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe -> [2008/10/28 15:42:12 | 00,181,544 | ---- | M] (Seagate LLC) Messenger (Yahoo!) hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe -> [2009/05/26 21:06:32 | 04,351,216 | ---- | M] (Yahoo! Inc.) MsmqIntCert hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\System32\regsvr32.exe -> [2004/08/04 02:00:00 | 00,011,776 | ---- | M] (Microsoft Corporation) MsnMsgr hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe -> [2009/07/26 15:44:34 | 03,883,856 | ---- | M] (Microsoft Corporation) MSPY2002 hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found NvCplDaemon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found NvMediaCenter hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found nwiz hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found OpwareSE4 hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe -> [2005/11/14 17:32:06 | 00,069,632 | ---- | M] (ScanSoft, Inc.) PaperPort PTD hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe -> [2007/01/11 12:01:16 | 00,030,248 | ---- | M] (Nuance Communications, Inc.) PDF Complete hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\PDF Complete\pdfsty.exe -> [2007/05/08 09:38:44 | 00,331,552 | ---- | M] (PDF Complete Inc) PHIME2002A hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found PHIME2002ASync hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found PTHOSTTR hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE -> [2007/01/09 16:52:32 | 00,145,184 | ---- | M] (Hewlett-Packard Development Company, L.P.) QlbCtrl hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found QuickTime Task hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\QuickTime\qttask.exe -> [2008/09/06 14:09:14 | 00,413,696 | ---- | M] (Apple Inc.) Rainlendar2 hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Rainlendar2\Rainlendar2.exe -> File not found Recguard hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\SMINST\Recguard.exe -> [2005/12/20 17:51:40 | 01,187,840 | ---- | M] () Reminder hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\CREATOR\Remind_XP.exe -> [2006/03/09 18:38:42 | 00,806,912 | ---- | M] () RoxWatchTray hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe -> [2008/09/19 10:37:50 | 00,236,016 | ---- | M] (Sonic Solutions) Scheduler hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\SMINST\Scheduler.exe -> [2006/10/09 12:23:06 | 00,697,976 | ---- | M] () Skype hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Skype\Phone\Skype.exe -> [2009/05/26 18:41:16 | 24,264,488 | R--- | M] (Skype Technologies S.A.) SoftAuto.exe hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Creative\Software Update 3\SoftAuto.exe -> [2008/08/12 21:49:30 | 00,405,504 | ---- | M] (Creative Technology Ltd) SSBkgdUpdate hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -> [2006/10/25 08:03:38 | 00,210,472 | ---- | M] (Nuance Communications, Inc.) SUPERAntiSpyware hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE -> [2009/10/15 06:44:50 | 02,000,112 | ---- | M] (SUPERAntiSpyware.com) SynTPEnh hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Synaptics\SynTP\SynTPEnh.exe -> [2007/01/12 07:36:40 | 00,827,392 | ---- | M] (Synaptics, Inc.) TkBellExe hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2009/10/07 18:33:52 | 00,198,160 | ---- | M] (RealNetworks, Inc.) TrkMonitor hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Canon Electronics\DR1210C\TrkMonitor.exe -> [2006/01/24 16:21:28 | 00,069,632 | ---- | M] (Canon Electronics Inc.) WatchDog hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe -> [2007/05/23 10:00:08 | 00,192,512 | ---- | M] (InterVideo Inc.) < Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "bootini" -> 0 -> "services" -> 1 -> "startup" -> 1 -> "system.ini" -> 0 -> "win.ini" -> 0 -> < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> 6to4 -> [] -> Ias -> [] -> Iprip -> [] -> Irmon -> [] -> NWCWorkstation -> [] -> Nwsapagent -> [] -> WmdmPmSp -> [] -> helpsvc -> C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll] -> [2004/08/04 02:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {01A1A019-E1D8-482A-BE17-5E118D17C0A0} -> ArcSoft Print Creations - Brochure {02E73E50-6513-4802-8600-B5A5BA185BE3} -> ScanSoft PaperPort 11 {034E061B-B3A3-4123-842E-10C1B6B3C8C7} -> BlackBerry Desktop Software 4.7 {0394CDC8-FABD-4ed8-B104-03393876DFDF} -> Roxio Creator Tools {047815FB-4E38-42D5-95CB-8A131DDD8668} -> Microsoft Windows Theme Nunavut {082702D5-5DD8-4600-BCE5-48B15174687F} -> HP Doc Viewer {0A146245-DB79-4197-BF5D-FE1A699A2CC7} -> Camera Window DS {0A65A3BD-54B5-4d0d-B084-7688507813F5} -> SlideShow {0C5265EC-9687-433D-9928-D6AA39D8CD04} -> ScanSoft OmniPage SE 4.0 {0D397393-9B50-4c52-84D5-77E344289F87} -> Roxio Creator Data {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -> Roxio UDF Reader {130FA2D4-E5B3-4BA8-9C4A-70B615655319} -> Jing {15C0AF59-4877-49B6-B8C6-A61CE54515F5} -> cp_OnlineProjectsConfig {1746EA69-DCB6-4408-B5A5-E75F55439CDF} -> Scan {178832DE-9DE0-4C87-9F82-9315A9B03985} -> Windows Live Writer {18455581-E099-4BA8-BC6B-F34B2F06600C} -> Google Toolbar for Internet Explorer {1D14373E-7970-4F2F-A467-ACA4F0EA21E3} -> Google Earth {1DD47D49-F046-4919-831F-EE576A04D5B2} -> EOS Capture 1.1 {205C6BDD-7B73-42DE-8505-9A093F35A238} -> Windows Live Upload Tool {21657574-BD54-48A2-9450-EB03B2C7FC29} -> Roxio MyDVD {226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk -> Google Talk (remove only) {2288BE45-8868-47DD-A501-7F881C9184DD} -> Guru Limited Edition {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} -> MSVCRT {2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer {24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} -> Skype™ 4.0 {25569723-DC5A-4467-A639-79535BF01B71} -> Adobe Help Center 2.1 {26A24AE4-039D-4CA4-87B4-2F83216011FF} -> Java(TM) 6 Update 11 {2B618178-930B-46FA-9C93-0AE2EEB89EBC} -> DocProc {2BB67266-D1A3-4CCC-8EB2-16770AB1FB76} -> ArcSoft WebCam Companion 2 {2C0FD54A-3B99-40D5-8DC5-4A2CFD626F4E} -> Microsoft VC++9.0 redistributables {2DB165DC-DDB4-403F-B985-19F3EC7D0357} -> HP ProtectTools Security Manager {2F58D60D-2BFD-4467-9B4D-64E7355C329D} -> Sonic_PrimoSDK {30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Roxio Update Manager {3248F0A8-6813-11D6-A77B-00B0D0160000} -> Java(TM) SE Runtime Environment 6 {3248F0A8-6813-11D6-A77B-00B0D0160050} -> Java(TM) 6 Update 5 {3248F0A8-6813-11D6-A77B-00B0D0160070} -> Java(TM) 6 Update 7 {332CC6BF-E6C7-48EE-BA3D-435E576AD67F} -> PaperPort Image Printer {33BF0960-DBA3-4187-B6CC-C969FCFA2D25} -> SkinsHP1 {34D2AB40-150D-475D-AE32-BD23FB5EE355} -> HP Quick Launch Buttons 6.20 F2 {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP {35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} -> Sonic Activation Module {363790D2-DA98-41DD-9C9F-69FA36B169DE} -> PanoStandAlone {38D56396-298F-4874-B4EC-16B530B07879} -> HP Scanjet G4000 series 8.0 {3912A629-0020-0005-3131-2FBA74D4DF0A} -> InterVideo WinDVD {3AF8FCCD-F51A-4014-9002-F195E1CBC876} -> Logitech QuickCam {3B4E636E-9D65-4D67-BA61-189800823F52} -> Windows Live Communications Platform {3F9F7336-6DF8-476F-ABF6-C70A17FAF619} -> HP Backup and Recovery Manager Installer {41E776A5-9B12-416D-9A12-B4F7B044EBED} -> CP_Package_Basic1 {429E92A4-159F-4AEC-85A1-D693E1E4274D} -> HP 3D DriveGuard {43DCF766-6838-4F9A-8C91-D92DA586DFA7} -> Microsoft Windows Journal Viewer {4442AB48-DEC4-4B39-B067-1F75BF8017E7} -> Creative Centrale {44E24545-F317-4498-B7CD-240DE7BA8DE2} -> RAW Image Task {45B8A76B-57EC-4242-B019-066400CD8428} -> BufferChm {48F22622-1CC2-4A83-9C1E-644DD96F832D} -> Epson Event Manager {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} -> Microsoft Search Enhancement Pack {4DBBF091-FACD-422C-B43C-786335BD5398} -> MovieEdit Task {4EA684E9-5C81-4033-A696-3019EC57AC3A} -> HPProductAssistant {50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D} -> Camera Window DVC {51BA0AFE-6AA5-4B8C-8BA9-FA6AE5B1EEE0} -> Roxio Media Manager {521F72F4-FFE4-4959-AA88-EED06125211F} -> HP Notebook Accessories Product Tour {53735ECE-E461-4FD0-B742-23A352436D3A} -> Logitech Updater {53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C} -> FullDPAppQFolder {55B52830-024A-443E-AF61-61E1E71AFA1B} -> Device Access Manager for HP ProtectTools {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} -> Microsoft Office Live Add-in 1.3 {5A3F6A80-7913-475E-8B96-477A952CFA43} -> SupportSoft Assisted Service {5D97A4A7-C274-4B63-86D9-07A33435F505} -> InterVideo DVD Check {619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} -> Roxio Creator Copy {6412CECE-8172-4BE5-935B-6CECACD2CA87} -> Windows Live Mail {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Roxio Express Labeler 3 {66910000-8B30-4973-A159-6371345AFFA5} -> WebReg {6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C} -> RandMap {66E6CE0C-5A1E-430C-B40A-0C90FF1804A8} -> eSupportQFolder {67EC0AB2-8CF7-4415-9F70-7FBC593C0D5E} -> ScanSoft PDF Create! 4 {69333A04-5134-40A5-A055-9166A7AA1EC8} -> {6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update {69DAC00A-7665-4E9B-B441-093D40736429} -> HP BatteryCheck 1.00 A7 {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -> Windows Media Player Firefox Plugin {6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3} -> Power Tab Editor 1.7 {6C3A75A6-9A90-44A3-A703-82AC1EA6A85D} -> Camera Window MC {70CEFEBA-F757-4DBE-8A21-027C326137CE} -> Application Installer 4.00.B13 {716E0306-8318-4364-8B8F-0CC4E9376BAC} -> MSXML 4.0 SP2 Parser and SDK {71883667-71F2-48A1-AB72-28D518D8AC4A} -> Seagate Manager Installer {719842F9-FF69-4BA6-A6FE-52244575E0B3} -> ArcSoft VideoImpression 2 {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {76EF79CA-A6A8-41C4-AE49-E49BA075FA51} -> Diskeeper Professional Edition {770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 {7E545666-F422-45FD-B3DF-C0B99A1A579F} -> QuickBooks Pro 2007 {7FD8231E-3991-48D7-A2C8-2C42A7075FB1} -> HP User Guide Bluetooth Addendum 0062 {81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} -> Windows Live Essentials {81E76DE9-BBCB-449C-91BB-6E4E5436D496} -> Adobe Audition 1.0 {83FFCFC7-88C6-41c6-8752-958A45325C82} -> Roxio Creator Audio {84814E6B-2581-46EC-926A-823BD1C670F6} -> HP Integrated Module with Bluetooth wireless technology {84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1} -> Windows Live Sync {86604C06-DA30-425E-AECE-47304FE81C45} -> Creative Software Update {874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6} -> PhotoStitch {87E2B986-07E8-477a-93DC-AF0B6758B192} -> DocProcQFolder {87E91B85-9A4A-4B1E-930E-3429D146FEB3} -> ScannerCopy {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight {8A74E887-8F0F-4017-AF53-CBA42211AAA5} -> Microsoft Sync Framework Runtime Native v1.0 (x86) {8DC42D05-680B-41B0-8878-6C14D24602DB} -> QuickTime {90120000-0010-0409-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (English) 12 {90120000-0015-0409-0000-0000000FF1CE} -> Microsoft Office Access MUI (English) 2007 {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007 {90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007 {90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0019-0409-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (English) 2007 {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007 {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007 {90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007 {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007 {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007 {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system {90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007 {90120000-0030-0000-0000-0000000FF1CE} -> Microsoft Office Enterprise 2007 {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581) {90120000-0044-0409-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (English) 2007 {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007 {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007 {90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-00BA-0409-0000-0000000FF1CE} -> Microsoft Office Groove MUI (English) 2007 {90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0114-0409-0000-0000000FF1CE} -> Microsoft Office Groove Setup Metadata MUI (English) 2007 {90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007 {90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0117-0409-0000-0000000FF1CE} -> Microsoft Office Access Setup Metadata MUI (English) 2007 {90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {901F8ED7-13E8-43EF-B738-2FE89B0588EB} -> Camera Access Library {91208A47-5D08-4C79-986F-1931940F51BB} -> QuickBooks Product Listing Service {91810AFC-A4F8-4EBA-A5AA-B198BBC81144} -> InterVideo WinDVD {9422C8EA-B0C6-4197-B8FC-DC797658CA00} -> Windows Live Sign-in Assistant {95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting {95120000-0122-0409-0000-0000000FF1CE} -> Microsoft Office Outlook Connector {995F1E2E-F542-4310-8E1D-9926F5A279B3} -> Windows Live Toolbar {A1D0D14A-B776-4907-BC00-5149F2298086} -> Camera Support Core Library {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} -> Segoe UI {A29800BA-0BF1-4E63-9F31-DF05A87F4104} -> InstantShareDevices {A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F} -> Camera Window DVC {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2 {A589DA26-51BD-475D-8C32-E19E34145842} -> Camtasia Studio 6 {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B} -> Adobe Photoshop Elements 5.0 {A85FD55B-891B-4314-97A5-EA96C0BD80B5} -> Windows Live Messenger {A93C4E94-1005-489D-BEAA-B873C1AA6CFC} -> HP Help and Support {AB5D51AE-EBC3-438D-872C-705C7C2084B0} -> DeviceManagementQFolder {AC76BA86-1033-0000-7760-000000000001} -> Adobe Acrobat 6.0 Professional {AC76BA86-7AD7-1033-7B44-A81200000003} -> Adobe Reader 8.1.2 {ACF60000-22B9-4CE9-98D6-2CCF359BAC07} -> ABBYY FineReader 6.0 Sprint {AE4F0939-C456-4527-835A-D341F5B4441E} -> DENTRIX G4 {AF32C7FA-C218-406A-A520-536A8C148830} -> Appointment Book {B2157760-AA3C-4E2E-BFE6-D20BC52495D9} -> cp_PosterPrintConfig {B6286A44-7505-471A-A72B-04EC2DB2F442} -> CueTour {B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3} -> CP_Panorama1Config {BAF78226-3200-4DB4-BE33-4D922A799840} -> Windows Presentation Foundation {BBBC2B89-E193-4348-A83C-C8DD8210A4AC} -> Canon PhotoRecord {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} -> Microsoft Sync Framework Services Native v1.0 (x86) {BE41F3D2-FC73-4C3E-A2C2-5D2B08A5B2D0} -> Credential Manager for HP ProtectTools {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2 {C1704101-D142-42A4-83E5-F938F13DBD94} -> hpg4000QFolder {C1C6767D-B395-43CB-BF99-051B58B86DA6} -> PhotoGallery {C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2} -> Canon ZoomBrowser EX (E) {C74D0FA0-1D49-464F-A707-B427EE3385C1} -> BIOS Configuration for HP ProtectTools {C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476} -> SolutionCenter {C8B0680B-CDAE-4809-9F91-387B6DE00F7C} -> Roxio Creator Basic v9 {C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F} -> HP Update {CA634931-0CC3-4067-ABCC-7182E1DC23B7} -> HP Button Manager {CA9ED5E4-1548-485B-A293-417840060158} -> ArcSoft Print Creations - Photo Calendar {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1 {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware Free Edition {CE26F10F-C80F-4377-908B-1B7882AE2CE3} -> Crystal Reports Basic Runtime for Visual Studio 2008 {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1 {D1CA45BE-431A-4FA7-8E98-AFE546F96D58} -> EOS Viewer Utility 1.1 {D2F3B366-830E-4371-9130-A8D6BE751363} -> CapturePerfect 3.0 {D31612BB-C6D7-4142-96AE-16DB062354CF} -> HP Webcam User's Guide {D32067CD-7409-4792-BFA0-1469BCD8F0C8} -> HP Wireless Assistant {D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA} -> Windows Live Photo Gallery {D9B4D7EE-481C-4C36-86AB-A8F7417725FF} -> LightScribe 1.6.43.1 {DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38} -> HpSdpAppCoreApp {DD42CAE3-FADD-4B36-95B1-E1CB75BCD364} -> HP User Guides 0074 {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} -> Ad-Aware {E2DFE069-083E-4631-9B6C-43C48E991DE5} -> Junk Mail filter update {E6445FCC-EAF6-4E35-9E72-6EF105A4C177} -> HDView for Firefox {ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F} -> CP_CalendarTemplates1 {ED9775A0-383E-4EAA-8DA5-8CC6860D60A3} -> Canon Camera WIA Driver {EED6DFCD-3786-477A-B228-E89BB7D1CF92} -> Presto! BizCard 5 SE (English Version) {EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3} -> Microsoft IntelliPoint 7.0 {F0A37341-D692-11D4-A984-009027EC0A9C} -> SoundMAX {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU] {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} -> Microsoft Choice Guard {F18DB86D-BC16-4E01-BCCE-63F62B931D82} -> InterVideo Register Manager {F626E006-C06C-466A-B133-92C1991385CA} -> ArcSoft Print Creations {F6970FBD-809A-4C51-BAB3-D94A04C6C8E7} -> Garmin Communicator Plugin {F6BD194C-4190-4D73-B1B1-C48C99921BFE} -> Windows Live Call {F843AC27-704C-4731-A590-F57841B488F2} -> Drive Encryption for HP ProtectTools {FAB046D7-C187-4648-A1A9-FC875F7E3FCE} -> ArcSoft Magic-i 3 {FB15E224-67C3-491F-9F5C-F257BC418412} -> Destinations {FD7F3626-80DE-4E99-A11D-0BFB4350A00C} -> hpG4000 ActiveScan 2.0 -> Panda ActiveScan 2.0 Adobe Atmosphere Player -> Adobe Atmosphere Player for Acrobat and Adobe Reader Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Adobe Photoshop Elements 5 -> Adobe Photoshop Elements 5.0 Adobe Shockwave Player -> Adobe Shockwave Player 11.5 Amazon MP3 Downloader -> Amazon MP3 Downloader 1.0.3 AnyDVD -> AnyDVD Audacity 1.3 Beta (Unicode)_is1 -> Audacity 1.3.6 (Unicode) avast! -> avast! Antivirus AVGAntiSpyware75 -> AVG Anti-Spyware 7.5 BlackBerry_{034E061B-B3A3-4123-842E-10C1B6B3C8C7} -> BlackBerry Desktop Software 4.7 CloneDVDmobile -> CloneDVDmobile CNXT_MODEM_PCI_VEN_14F1&DEV_2C06_hpqZ3795 -> Soft Data Fax Modem with SmartCP Coupon Printer for Windows4.0 -> Coupon Printer for Windows Creative Centrale -> Creative Centrale DR-1210C Driver -> Canon DR-1210C Driver DR-1210C Job Tool -> DR-1210C Job Tool ENTERPRISE -> Microsoft Office Enterprise 2007 EPSON Scanner -> EPSON Scan EPSON WorkForce 600 Series -> EPSON WorkForce 600 Series Printer Uninstall FileZilla Client -> FileZilla Client 3.2.4 Freecorder Toolbar -> Freecorder Toolbar Freecorder Toolbar3.02 -> Freecorder Toolbar 3.02 Application Google Desktop -> Google Desktop Google Updater -> Google Updater HijackThis -> HijackThis 2.0.2 HP Imaging Device Functions -> HP Imaging Device Functions 7.0 HP Photo & Imaging -> HP Photosmart Premier Software 6.5 HP Solution Center & Imaging Support Tools -> HP Solution Center 7.0 HPOCR -> OCR Software by I.R.I.S 8.0 ie7 -> Windows Internet Explorer 7 InstallShield_{0A146245-DB79-4197-BF5D-FE1A699A2CC7} -> Canon Camera Window DSLR 5 for ZoomBrowser EX InstallShield_{1DD47D49-F046-4919-831F-EE576A04D5B2} -> Canon Utilities EOS Capture 1.1 InstallShield_{44E24545-F317-4498-B7CD-240DE7BA8DE2} -> Canon RAW Image Task for ZoomBrowser EX InstallShield_{4DBBF091-FACD-422C-B43C-786335BD5398} -> Canon MovieEdit Task for ZoomBrowser EX InstallShield_{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D} -> Canon Camera Window DC_DV 6 for ZoomBrowser EX InstallShield_{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D} -> Canon Camera Window MC 6 for ZoomBrowser EX InstallShield_{71883667-71F2-48A1-AB72-28D518D8AC4A} -> Seagate Manager Installer InstallShield_{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6} -> Canon Utilities PhotoStitch 3.1 InstallShield_{901F8ED7-13E8-43EF-B738-2FE89B0588EB} -> Canon Camera Access Library InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086} -> Canon Camera Support Core Library InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F} -> Canon Camera Window DC_DV 5 for ZoomBrowser EX InstallShield_{AE4F0939-C456-4527-835A-D341F5B4441E} -> DENTRIX G4 InstallShield_{AF32C7FA-C218-406A-A520-536A8C148830} -> Appointment Book InstallShield_{D1CA45BE-431A-4FA7-8E98-AFE546F96D58} -> Canon Utilities EOS Viewer Utility 1.1 InstallShield_{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3} -> Canon EOS 20D WIA Driver legacyqcam_10.51 -> Logitech Legacy USB Camera Driver Package LimeWire -> LimeWire 5.2.13 lvdrivers_11.80 -> Logitech QuickCam Driver Package Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1 Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1 Mozilla Firefox (3.5.4) -> Mozilla Firefox (3.5.4) MSTTS -> Microsoft Text-to-Speech Engine 4.0 (English) NVIDIA Drivers -> NVIDIA Drivers Nvu_is1 -> Nvu 1.0PR PC Pitstop Optimize3_is1 -> PC Pitstop Optimize3 3.0 PDF Complete -> PDF Complete PhotomatixPro3_is1 -> Photomatix Pro version 3.0.3RC2 Picasa 3 -> Picasa 3 PROSet -> Intel(R) PRO Network Connections Drivers RealPlayer 12.0 -> RealPlayer Send to Dentrix Document Center_is1 -> Send to Dentrix Document Center (novaPDF Professional Desktop O SynTPDeinstKey -> Synaptics Pointing Device Driver tv_enua -> Lernout & Hauspie TruVoice American English TTS Engine Wdf01005 -> Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Windows Media Format Runtime -> Windows Media Format 11 runtime Windows Media Player -> Windows Media Player 11 WinLiveSuite_Wave3 -> Windows Live Essentials XpsEPSC -> XML Paper Specification Shared Components Pack 1.0 Yahoo! Messenger -> Yahoo! Messenger ZENXFI2UG -> Creative ZEN X-Fi2 Documentation < Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> GoToMeeting -> GoToMeeting 4.0.0.320 Move Networks Player - IE -> Move Networks Media Player for Internet Explorer myPhotopipe ROES -> myPhotopipe ROES Octoshape add-in for Adobe Flash Player -> Octoshape add-in for Adobe Flash Player < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Antivirus [ Error ] 3/31/2008 5:08:44 PM Computer Name = PC155953175710 | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\4510d949928f6a1d9c55fb1b09e9\riprep.exe failed, 00000005. Antivirus [ Error ] 4/6/2008 4:54:42 PM Computer Name = PC155953175710 | Source = avast! | ID = 33554522 -> Description = Internal error has occurred in module aswar scan function failed!, function C0000005. Antivirus [ Error ] 4/7/2008 8:12:48 AM Computer Name = PC155953175710 | Source = avast! | ID = 33554522 -> Description = Internal error has occurred in module aswar scan function failed!, function C0000005. Antivirus [ Error ] 4/23/2008 11:57:51 AM Computer Name = PC155953175710 | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of \\dserver\Dentrix\DATA\Dtxdata.inf failed, 00000005. Antivirus [ Error ] 4/23/2008 11:58:30 AM Computer Name = PC155953175710 | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of \\dserver\Dentrix\DATA\DTXDATA.INF failed, 00000005. Antivirus [ Error ] 10/18/2008 7:48:11 AM Computer Name = PC155953175710 | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\BRUCE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\9LQE2F9C.DEFAULT\PREFS.JS failed, 00000005. Antivirus [ Error ] 1/13/2009 8:50:56 AM Computer Name = PC155953175710 | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://www.meetyourmessenger.co.uk/ScriptResource.axd?d=kbSOwBbNKmSS2hnywrnyrvQUJ-ePC4X1Piy7UlcI_SoUXPNSHgbiIks5hZCk0h8O4nF3PKp83Fawuf-DrZKOMXFz84b7N-3JL6HRNWKSYWY1&t=633281411389386327 failed, 0000A413. Antivirus [ Error ] 6/16/2009 8:54:21 PM Computer Name = PC155953175710 | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\BRUCE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\9LQE2F9C.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}\DEFAULTS\PREFERENCES\AIOS.JS failed, 00000005. Antivirus [ Error ] 6/16/2009 8:54:21 PM Computer Name = PC155953175710 | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\BRUCE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\9LQE2F9C.DEFAULT\EXTENSIONS\{0538E3E3-7E9B-4D49-8831-A227C80A7AD3}\DEFAULTS\PREFERENCES\FORECASTFOX.JS failed, 00000005. Antivirus [ Error ] 6/16/2009 8:54:21 PM Computer Name = PC155953175710 | Source = avast! | ID = 33554522 -> Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\DOCUMENTS AND SETTINGS\BRUCE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\9LQE2F9C.DEFAULT\PREFS.JS failed, 00000005. Application [ Error ] 10/18/2009 10:24:06 PM Computer Name = PC155953175710 | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 12.0.6514.5000, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 10/18/2009 10:46:21 PM Computer Name = PC155953175710 | Source = Application Hang | ID = 1002 -> Description = Hanging application Jing.exe, version 2.1.9181.1136, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 10/21/2009 11:34:08 AM Computer Name = PC155953175710 | Source = Windows Search Service | ID = 3013 -> Description = The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Application [ Error ] 10/21/2009 11:34:37 AM Computer Name = PC155953175710 | Source = Windows Search Service | ID = 3013 -> Description = The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Application [ Error ] 10/21/2009 11:34:39 AM Computer Name = PC155953175710 | Source = Windows Search Service | ID = 3013 -> Description = The entry in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Application [ Error ] 10/22/2009 3:16:14 PM Computer Name = PC155953175710 | Source = Application Hang | ID = 1002 -> Description = Hanging application Ledger.exe, version 14.0.105.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 10/22/2009 4:52:19 PM Computer Name = PC155953175710 | Source = Application Hang | ID = 1002 -> Description = Hanging application Ledger.exe, version 14.0.105.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 10/30/2009 8:29:19 AM Computer Name = PC155953175710 | Source = Windows Search Service | ID = 3024 -> Description = The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again. Context: Application, SystemIndex Catalog Application [ Error ] 11/9/2009 5:06:25 PM Computer Name = PC155953175710 | Source = Application Hang | ID = 1002 -> Description = Hanging application iexplore.exe, version 7.0.6000.16915, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Application [ Error ] 11/9/2009 5:06:32 PM Computer Name = PC155953175710 | Source = Application Hang | ID = 1001 -> Description = Fault bucket 1484861422. OSession [ Error ] 5/15/2009 1:56:22 PM Computer Name = PC155953175710 | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11095 seconds with 420 seconds of active time. This session ended with a crash. OSession [ Error ] 5/21/2009 6:26:35 PM Computer Name = PC155953175710 | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 35928 seconds with 600 seconds of active time. This session ended with a crash. OSession [ Error ] 6/3/2009 8:41:54 AM Computer Name = PC155953175710 | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 271 seconds with 0 seconds of active time. This session ended with a crash. OSession [ Error ] 9/14/2009 6:11:16 PM Computer Name = PC155953175710 | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 121 seconds with 60 seconds of active time. This session ended with a crash. System [ Error ] 11/9/2009 8:57:51 PM Computer Name = PC155953175710 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SeaPort with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA} System [ Error ] 11/9/2009 9:07:20 PM Computer Name = PC155953175710 | Source = Ftdisk | ID = 262189 -> Description = The system could not sucessfully load the crash dump driver. System [ Error ] 11/9/2009 9:07:20 PM Computer Name = PC155953175710 | Source = Ftdisk | ID = 262193 -> Description = Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. System [ Error ] 11/9/2009 9:20:04 PM Computer Name = PC155953175710 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SeaPort with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA} System [ Error ] 11/9/2009 9:53:54 PM Computer Name = PC155953175710 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SeaPort with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA} System [ Error ] 11/9/2009 10:18:15 PM Computer Name = PC155953175710 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SeaPort with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA} System [ Error ] 11/9/2009 10:47:12 PM Computer Name = PC155953175710 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SeaPort with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA} System [ Error ] 11/9/2009 11:47:05 PM Computer Name = PC155953175710 | Source = Ftdisk | ID = 262189 -> Description = The system could not sucessfully load the crash dump driver. System [ Error ] 11/9/2009 11:47:05 PM Computer Name = PC155953175710 | Source = Ftdisk | ID = 262193 -> Description = Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. System [ Error ] 11/10/2009 8:31:17 AM Computer Name = PC155953175710 | Source = DCOM | ID = 10005 -> Description = DCOM got error "%1058" attempting to start the service SeaPort with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA} [Files/Folders - Created Within 30 Days] atapi.sys -> C:\WINDOWS\System32\drivers\atapi.sys -> [2009/11/09 19:05:49 | 00,095,360 | ---- | C] (Microsoft Corporation) atapi.sys -> C:\WINDOWS\System32\dllcache\atapi.sys -> [2009/11/09 19:05:49 | 00,095,360 | ---- | C] (Microsoft Corporation) cmdcons -> C:\cmdcons -> [2009/11/09 19:04:05 | 00,000,000 | RHSD | C] SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2009/11/09 19:01:20 | 00,212,480 | ---- | C] (SteelWerX) SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2009/11/09 19:01:20 | 00,161,792 | ---- | C] (SteelWerX) SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2009/11/09 19:01:20 | 00,136,704 | ---- | C] (SteelWerX) NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2009/11/09 19:01:20 | 00,031,232 | ---- | C] (NirSoft) ERDNT -> C:\WINDOWS\ERDNT -> [2009/11/09 19:01:00 | 00,000,000 | ---D | C] Qoobox -> C:\Qoobox -> [2009/11/09 19:00:07 | 00,000,000 | ---D | C] Avenger -> C:\Avenger -> [2009/11/09 18:53:20 | 00,000,000 | ---D | C] mbam-setup.exe -> C:\Documents and Settings\Bruce\Desktop\mbam-setup.exe -> [2009/11/09 15:17:48 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) _OTS -> C:\_OTS -> [2009/11/09 15:08:35 | 00,000,000 | ---D | C] OTS.exe -> C:\Documents and Settings\Bruce\Desktop\OTS.exe -> [2009/11/09 12:26:16 | 00,525,312 | ---- | C] (OldTimer Tools) pss -> C:\WINDOWS\pss -> [2009/11/09 11:23:50 | 00,000,000 | ---D | C] SafeBootKeyRepair.exe -> C:\Documents and Settings\Bruce\Desktop\SafeBootKeyRepair.exe -> [2009/11/09 09:22:32 | 00,288,654 | ---- | C] ( ) avz4 -> C:\Documents and Settings\Bruce\Desktop\avz4 -> [2009/11/09 08:44:31 | 00,000,000 | ---D | C] SysProt -> C:\Documents and Settings\Bruce\Desktop\SysProt -> [2009/11/09 08:06:40 | 00,000,000 | ---D | C] C:\Documents and Settings\Bruce\Application Data\Malwarebytes -> C:\Documents and Settings\Bruce\Application Data\Malwarebytes -> [2009/11/08 21:14:59 | 00,000,000 | ---D | C] mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2009/11/08 21:12:09 | 00,038,224 | ---- | C] (Malwarebytes Corporation) mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2009/11/08 21:12:07 | 00,019,160 | ---- | C] (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2009/11/08 21:12:07 | 00,000,000 | ---D | C] C:\Documents and Settings\All Users\Application Data\Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2009/11/08 21:12:07 | 00,000,000 | ---D | C] C:\Documents and Settings\Bruce\Local Settings\Application Data\Yahoo -> C:\Documents and Settings\Bruce\Local Settings\Application Data\Yahoo -> [2009/11/06 18:46:17 | 00,000,000 | ---D | C] Camtasia Studio -> C:\Documents and Settings\Bruce\My Documents\Camtasia Studio -> [2009/11/04 13:04:33 | 00,000,000 | ---D | C] point32.sys -> C:\WINDOWS\System32\drivers\point32.sys -> [2009/10/27 18:22:24 | 00,027,792 | ---- | C] (Microsoft Corporation) hidserv.dll -> C:\WINDOWS\System32\drivers\hidserv.dll -> [2009/10/27 18:20:38 | 00,021,504 | ---- | C] (Microsoft Corporation) wdfcoinstaller01005.dll -> C:\WINDOWS\System32\wdfcoinstaller01005.dll -> [2009/10/27 18:20:27 | 01,418,120 | ---- | C] (Microsoft Corporation) nuidfltr.sys -> C:\WINDOWS\System32\drivers\nuidfltr.sys -> [2009/10/27 18:20:27 | 00,014,736 | ---- | C] (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint -> C:\Program Files\Microsoft IntelliPoint -> [2009/10/27 18:20:20 | 00,000,000 | ---D | C] OneNote Notebooks -> C:\Documents and Settings\Bruce\My Documents\OneNote Notebooks -> [2009/10/23 20:50:43 | 00,000,000 | ---D | C] tsccvid.dll -> C:\WINDOWS\System32\tsccvid.dll -> [2009/10/18 21:43:19 | 00,107,864 | ---- | C] (TechSmith Corporation) QuickTime -> C:\WINDOWS\System32\QuickTime -> [2009/10/18 21:43:18 | 00,000,000 | ---D | C] C:\Program Files\Common Files\TechSmith Shared -> C:\Program Files\Common Files\TechSmith Shared -> [2009/10/18 21:42:40 | 00,000,000 | ---D | C] WebCam Media -> C:\Documents and Settings\Bruce\My Documents\WebCam Media -> [2009/10/18 17:00:44 | 00,000,000 | ---D | C] WebCam Albums -> C:\Documents and Settings\Bruce\My Documents\WebCam Albums -> [2009/10/17 19:01:39 | 00,000,000 | ---D | C] afc.sys -> C:\WINDOWS\System32\drivers\afc.sys -> [2009/10/17 18:52:01 | 00,018,688 | ---- | C] (Arcsoft, Inc.) PCDLIB32.DLL -> C:\WINDOWS\PCDLIB32.DLL -> [2009/10/17 18:50:58 | 00,212,480 | ---- | C] (Eastman Kodak) unicows.dll -> C:\WINDOWS\System32\unicows.dll -> [2009/10/17 18:49:50 | 00,245,408 | ---- | C] (Microsoft Corporation) ArcFakeCapture.dll -> C:\WINDOWS\System32\ArcFakeCapture.dll -> [2009/10/17 18:49:42 | 00,049,152 | ---- | C] (ArcSoft, Inc.) ArcSoftVirtualCapture.sys -> C:\WINDOWS\System32\drivers\ArcSoftVirtualCapture.sys -> [2009/10/17 18:49:42 | 00,015,616 | ---- | C] (ArcSoft, Inc.) usbvideo.sys -> C:\WINDOWS\System32\drivers\usbvideo.sys -> [2009/10/17 18:37:49 | 00,078,464 | ---- | C] (Microsoft Corporation) usbvideo.sys -> C:\WINDOWS\System32\dllcache\usbvideo.sys -> [2009/10/17 18:37:49 | 00,078,464 | ---- | C] (Microsoft Corporation) dshowext.ax -> C:\WINDOWS\System32\dshowext.ax -> [2009/10/17 18:37:48 | 00,020,992 | ---- | C] (Microsoft Corporation) dshowext.ax -> C:\WINDOWS\System32\dllcache\dshowext.ax -> [2009/10/17 18:37:48 | 00,020,992 | ---- | C] (Microsoft Corporation) C:\Documents and Settings\Bruce\Local Settings\Application Data\TechSmith -> C:\Documents and Settings\Bruce\Local Settings\Application Data\TechSmith -> [2009/10/17 14:17:18 | 00,000,000 | ---D | C] C:\Program Files\TechSmith -> C:\Program Files\TechSmith -> [2009/10/17 14:16:57 | 00,000,000 | ---D | C] DSLLK175.dll -> C:\WINDOWS\System32\DSLLK175.dll -> [2008/03/31 14:32:59 | 00,118,867 | ---- | C] ( ) RCCOLLAB.DLL -> C:\WINDOWS\System32\RCCOLLAB.DLL -> [2004/04/05 07:44:22 | 00,053,248 | ---- | C] ( ) implode.dll -> C:\WINDOWS\System32\implode.dll -> [2002/04/15 15:06:42 | 00,018,944 | ---- | C] ( ) [Files/Folders - Modified Within 30 Days] wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2009/11/10 06:29:32 | 00,001,158 | ---- | M] () Google Software Updater.job -> C:\WINDOWS\tasks\Google Software Updater.job -> [2009/11/09 21:47:18 | 00,000,868 | ---- | M] () SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2009/11/09 21:46:56 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2009/11/09 21:46:51 | 00,002,048 | --S- | M] () NTUSER.DAT -> C:\Documents and Settings\Bruce\NTUSER.DAT -> [2009/11/09 21:45:36 | 07,077,888 | -H-- | M] () ntuser.ini -> C:\Documents and Settings\Bruce\ntuser.ini -> [2009/11/09 21:45:36 | 00,000,278 | -HS- | M] () system.ini -> C:\WINDOWS\system.ini -> [2009/11/09 19:17:05 | 00,000,227 | ---- | M] () boot.ini -> C:\boot.ini -> [2009/11/09 19:04:12 | 00,000,281 | RHS- | M] () Combo-Fix.exe -> C:\Documents and Settings\Bruce\Desktop\Combo-Fix.exe -> [2009/11/09 18:58:48 | 03,563,165 | R--- | M] () avenger.zip -> C:\Documents and Settings\Bruce\Desktop\avenger.zip -> [2009/11/09 18:51:10 | 00,724,952 | ---- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/11/09 15:19:35 | 00,000,696 | ---- | M] () mbam-setup.exe -> C:\Documents and Settings\Bruce\Desktop\mbam-setup.exe -> [2009/11/09 15:17:48 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) OTS.exe -> C:\Documents and Settings\Bruce\Desktop\OTS.exe -> [2009/11/09 12:26:16 | 00,525,312 | ---- | M] (OldTimer Tools) Win32kDiag.exe -> C:\Documents and Settings\Bruce\Desktop\Win32kDiag.exe -> [2009/11/09 12:14:21 | 00,047,616 | ---- | M] () exeHelper.com -> C:\Documents and Settings\Bruce\Desktop\exeHelper.com -> [2009/11/09 11:57:31 | 00,288,256 | ---- | M] () win.ini -> C:\WINDOWS\win.ini -> [2009/11/09 11:25:31 | 00,000,742 | ---- | M] () Boot.bak -> C:\Boot.bak -> [2009/11/09 11:25:31 | 00,000,211 | ---- | M] () def-Safe.reg -> C:\Documents and Settings\Bruce\Desktop\def-Safe.reg -> [2009/11/09 11:05:31 | 00,012,848 | ---- | M] () SafeBootKeyRepair.exe -> C:\Documents and Settings\Bruce\Desktop\SafeBootKeyRepair.exe -> [2009/11/09 09:21:35 | 00,288,654 | ---- | M] ( ) pool.bin -> C:\WINDOWS\System32\pool.bin -> [2009/11/09 09:03:17 | 00,000,256 | ---- | M] () .zreglib -> C:\Documents and Settings\All Users\Application Data\.zreglib -> [2009/11/09 09:01:37 | 00,000,088 | -HS- | M] () nvModes.001 -> C:\WINDOWS\System32\nvModes.001 -> [2009/11/09 08:58:20 | 00,108,699 | ---- | M] () avz4.zip -> C:\Documents and Settings\Bruce\Desktop\avz4.zip -> [2009/11/09 08:43:53 | 05,125,238 | ---- | M] () nvModes.dat -> C:\WINDOWS\System32\nvModes.dat -> [2009/11/09 07:40:19 | 00,108,699 | ---- | M] () mdphelps.exe -> C:\Documents and Settings\Bruce\My Documents\mdphelps.exe -> [2009/11/08 21:56:28 | 03,563,165 | ---- | M] () dentrix.ini -> C:\WINDOWS\dentrix.ini -> [2009/11/06 11:44:49 | 00,000,883 | ---- | M] () November hands-on roster.xlsx -> C:\Documents and Settings\Bruce\My Documents\November hands-on roster.xlsx -> [2009/11/06 11:31:27 | 00,011,558 | ---- | M] () PEV.exe -> C:\WINDOWS\PEV.exe -> [2009/11/06 10:53:52 | 00,267,264 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Bruce\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/11/06 00:16:14 | 00,032,256 | ---- | M] () Online backup article.docx -> C:\Documents and Settings\Bruce\My Documents\Online backup article.docx -> [2009/11/04 16:57:50 | 00,011,621 | ---- | M] () signature.html -> C:\Documents and Settings\Bruce\My Documents\signature.html -> [2009/11/02 13:55:09 | 00,002,075 | ---- | M] () Picasa.ini -> C:\Documents and Settings\Bruce\My Documents\Picasa.ini -> [2009/11/02 12:33:22 | 00,000,050 | ---- | M] () knowyourteeth.png -> C:\Documents and Settings\Bruce\My Documents\knowyourteeth.png -> [2009/11/02 11:47:12 | 00,028,865 | ---- | M] () perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2009/11/02 07:30:55 | 00,476,360 | ---- | M] () perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2009/11/02 07:30:55 | 00,082,318 | ---- | M] () PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2009/11/02 07:30:54 | 00,569,058 | ---- | M] () Microsoft Mouse.lnk -> C:\Documents and Settings\All Users\Desktop\Microsoft Mouse.lnk -> [2009/10/29 06:36:58 | 00,002,439 | ---- | M] () GDIPFONTCACHEV1.DAT -> C:\Documents and Settings\Bruce\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009/10/27 18:31:27 | 00,109,360 | ---- | M] () FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2009/10/27 18:28:06 | 00,383,224 | ---- | M] () Microsoft_Hardware_Launch_IPoint_exe.job -> C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job -> [2009/10/27 18:25:39 | 00,000,290 | ---- | M] () Msft_Kernel_NuidFltr_01005.Wdf -> C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf -> [2009/10/27 18:22:23 | 00,000,000 | -H-- | M] () imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2009/10/27 18:22:20 | 00,001,393 | ---- | M] () MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> [2009/10/27 18:22:20 | 00,000,000 | -H-- | M] () d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2009/10/27 17:49:32 | 00,000,664 | ---- | M] () FS_DentalCareers.pdf -> C:\Documents and Settings\Bruce\Desktop\FS_DentalCareers.pdf -> [2009/10/27 17:43:26 | 00,114,540 | ---- | M] () AGD3.pdf -> C:\Documents and Settings\Bruce\Desktop\AGD3.pdf -> [2009/10/27 17:38:46 | 00,159,707 | ---- | M] () Rector search volunteer.docx -> C:\Documents and Settings\Bruce\My Documents\Rector search volunteer.docx -> [2009/10/25 20:13:10 | 00,011,354 | ---- | M] () MBR.exe -> C:\WINDOWS\MBR.exe -> [2009/10/25 06:11:34 | 00,077,312 | ---- | M] () SALSA.docx -> C:\Documents and Settings\Bruce\My Documents\SALSA.docx -> [2009/10/23 11:01:54 | 00,010,960 | ---- | M] () mshtml.dll -> C:\WINDOWS\System32\mshtml.dll -> [2009/10/20 22:08:54 | 03,598,336 | ---- | M] (Microsoft Corporation) mshtml.dll -> C:\WINDOWS\System32\dllcache\mshtml.dll -> [2009/10/20 22:08:54 | 03,598,336 | ---- | M] (Microsoft Corporation) SetScan.ini -> C:\WINDOWS\SetScan.ini -> [2009/10/20 13:49:13 | 00,005,965 | ---- | M] () Camtasia Studio 6.lnk -> C:\Documents and Settings\All Users\Desktop\Camtasia Studio 6.lnk -> [2009/10/18 21:43:02 | 00,000,893 | ---- | M] () WebCam Companion 2.lnk -> C:\Documents and Settings\All Users\Desktop\WebCam Companion 2.lnk -> [2009/10/17 18:52:24 | 00,001,657 | ---- | M] () Video Impression 2.lnk -> C:\Documents and Settings\All Users\Desktop\Video Impression 2.lnk -> [2009/10/17 18:52:01 | 00,001,627 | ---- | M] () HP Webcam User's Guide.lnk -> C:\Documents and Settings\All Users\Desktop\HP Webcam User's Guide.lnk -> [2009/10/17 18:50:41 | 00,001,708 | ---- | M] () Magic-i 3.lnk -> C:\Documents and Settings\All Users\Desktop\Magic-i 3.lnk -> [2009/10/17 18:49:52 | 00,001,594 | ---- | M] () 2009-monthly-calendar-blue-portrait.ots -> C:\Documents and Settings\Bruce\Desktop\2009-monthly-calendar-blue-portrait.ots -> [2009/10/15 09:11:49 | 00,072,267 | ---- | M] () Patient call checklist.docx -> C:\Documents and Settings\Bruce\My Documents\Patient call checklist.docx -> [2009/10/14 07:50:53 | 00,011,859 | ---- | M] () Communication Slip.docx -> C:\Documents and Settings\Bruce\Desktop\Communication Slip.docx -> [2009/10/13 08:31:08 | 00,012,005 | ---- | M] () Technology and Web Use Council Meeting- Book(2).docx -> C:\Documents and Settings\Bruce\Desktop\Technology and Web Use Council Meeting- Book(2).docx -> [2009/10/13 07:55:13 | 12,845,442 | ---- | M] () [Files - No Company Name] Boot.bak -> C:\Boot.bak -> [2009/11/09 19:04:11 | 00,000,211 | ---- | C] () cmldr -> C:\cmldr -> [2009/11/09 19:04:07 | 00,260,272 | ---- | C] () PEV.exe -> C:\WINDOWS\PEV.exe -> [2009/11/09 19:01:20 | 00,267,264 | ---- | C] () sed.exe -> C:\WINDOWS\sed.exe -> [2009/11/09 19:01:20 | 00,098,816 | ---- | C] () grep.exe -> C:\WINDOWS\grep.exe -> [2009/11/09 19:01:20 | 00,080,412 | ---- | C] () MBR.exe -> C:\WINDOWS\MBR.exe -> [2009/11/09 19:01:20 | 00,077,312 | ---- | C] () zip.exe -> C:\WINDOWS\zip.exe -> [2009/11/09 19:01:20 | 00,068,096 | ---- | C] () Combo-Fix.exe -> C:\Documents and Settings\Bruce\Desktop\Combo-Fix.exe -> [2009/11/09 18:58:39 | 03,563,165 | R--- | C] () avenger.zip -> C:\Documents and Settings\Bruce\Desktop\avenger.zip -> [2009/11/09 18:51:10 | 00,724,952 | ---- | C] () Win32kDiag.exe -> C:\Documents and Settings\Bruce\Desktop\Win32kDiag.exe -> [2009/11/09 12:14:25 | 00,047,616 | ---- | C] () exeHelper.com -> C:\Documents and Settings\Bruce\Desktop\exeHelper.com -> [2009/11/09 11:57:31 | 00,288,256 | ---- | C] () def-Safe.reg -> C:\Documents and Settings\Bruce\Desktop\def-Safe.reg -> [2009/11/09 09:26:18 | 00,012,848 | ---- | C] () avz4.zip -> C:\Documents and Settings\Bruce\Desktop\avz4.zip -> [2009/11/09 08:43:53 | 05,125,238 | ---- | C] () mdphelps.exe -> C:\Documents and Settings\Bruce\My Documents\mdphelps.exe -> [2009/11/08 21:56:18 | 03,563,165 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/11/08 21:12:12 | 00,000,696 | ---- | C] () Online backup article.docx -> C:\Documents and Settings\Bruce\My Documents\Online backup article.docx -> [2009/11/04 16:57:49 | 00,011,621 | ---- | C] () signature.html -> C:\Documents and Settings\Bruce\My Documents\signature.html -> [2009/11/02 13:55:09 | 00,002,075 | ---- | C] () knowyourteeth.png -> C:\Documents and Settings\Bruce\My Documents\knowyourteeth.png -> [2009/11/02 11:47:09 | 00,028,865 | ---- | C] () Microsoft_Hardware_Launch_IPoint_exe.job -> C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job -> [2009/10/27 18:22:57 | 00,000,290 | ---- | C] () Microsoft Mouse.lnk -> C:\Documents and Settings\All Users\Desktop\Microsoft Mouse.lnk -> [2009/10/27 18:22:33 | 00,002,439 | ---- | C] () Msft_Kernel_NuidFltr_01005.Wdf -> C:\WINDOWS\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf -> [2009/10/27 18:22:23 | 00,000,000 | -H-- | C] () MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> [2009/10/27 18:22:20 | 00,000,000 | -H-- | C] () FS_DentalCareers.pdf -> C:\Documents and Settings\Bruce\Desktop\FS_DentalCareers.pdf -> [2009/10/27 17:43:26 | 00,114,540 | ---- | C] () AGD3.pdf -> C:\Documents and Settings\Bruce\Desktop\AGD3.pdf -> [2009/10/27 17:38:42 | 00,159,707 | ---- | C] () Rector search volunteer.docx -> C:\Documents and Settings\Bruce\My Documents\Rector search volunteer.docx -> [2009/10/25 20:13:10 | 00,011,354 | ---- | C] () SALSA.docx -> C:\Documents and Settings\Bruce\My Documents\SALSA.docx -> [2009/10/23 11:01:53 | 00,010,960 | ---- | C] () Camtasia Studio 6.lnk -> C:\Documents and Settings\All Users\Desktop\Camtasia Studio 6.lnk -> [2009/10/18 21:43:02 | 00,000,893 | ---- | C] () WebCam Companion 2.lnk -> C:\Documents and Settings\All Users\Desktop\WebCam Companion 2.lnk -> [2009/10/17 18:52:24 | 00,001,657 | ---- | C] () Video Impression 2.lnk -> C:\Documents and Settings\All Users\Desktop\Video Impression 2.lnk -> [2009/10/17 18:52:01 | 00,001,627 | ---- | C] () HP Webcam User's Guide.lnk -> C:\Documents and Settings\All Users\Desktop\HP Webcam User's Guide.lnk -> [2009/10/17 18:50:41 | 00,001,708 | ---- | C] () Magic-i 3.lnk -> C:\Documents and Settings\All Users\Desktop\Magic-i 3.lnk -> [2009/10/17 18:49:52 | 00,001,594 | ---- | C] () d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2009/10/17 15:04:37 | 00,000,664 | ---- | C] () 2009-monthly-calendar-blue-portrait.ots -> C:\Documents and Settings\Bruce\Desktop\2009-monthly-calendar-blue-portrait.ots -> [2009/10/15 09:11:47 | 00,072,267 | ---- | C] () Patient call checklist.docx -> C:\Documents and Settings\Bruce\My Documents\Patient call checklist.docx -> [2009/10/14 07:50:53 | 00,011,859 | ---- | C] () Communication Slip.docx -> C:\Documents and Settings\Bruce\Desktop\Communication Slip.docx -> [2009/10/13 08:31:08 | 00,012,005 | ---- | C] () Technology and Web Use Council Meeting- Book(2).docx -> C:\Documents and Settings\Bruce\Desktop\Technology and Web Use Council Meeting- Book(2).docx -> [2009/10/13 07:52:13 | 12,845,442 | ---- | C] () cdplayer.ini -> C:\WINDOWS\cdplayer.ini -> [2009/07/02 07:56:30 | 00,000,072 | ---- | C] () micr0st.dll -> C:\WINDOWS\System32\micr0st.dll -> [2009/06/15 17:33:11 | 00,000,004 | ---- | C] () EEventManager.INI -> C:\WINDOWS\EEventManager.INI -> [2009/01/19 19:45:23 | 00,000,000 | ---- | C] () PICSDK.ini -> C:\WINDOWS\System32\PICSDK.ini -> [2009/01/19 09:39:29 | 00,000,097 | ---- | C] () EPWF600.ini -> C:\WINDOWS\EPWF600.ini -> [2009/01/19 09:37:53 | 00,000,079 | ---- | C] () LTDLGFILE14N.INI -> C:\WINDOWS\LTDLGFILE14N.INI -> [2008/09/18 10:13:32 | 00,000,059 | ---- | C] () LVPr2Mon.sys -> C:\WINDOWS\System32\drivers\LVPr2Mon.sys -> [2008/07/26 07:25:02 | 00,025,624 | ---- | C] () OpPrintServer.INI -> C:\WINDOWS\OpPrintServer.INI -> [2008/04/29 17:30:31 | 00,000,000 | ---- | C] () wininit.ini -> C:\WINDOWS\wininit.ini -> [2008/04/28 20:55:08 | 00,000,184 | ---- | C] () DocCenter.INI -> C:\WINDOWS\DocCenter.INI -> [2008/04/17 07:50:40 | 00,000,000 | ---- | C] () maxlink.ini -> C:\WINDOWS\maxlink.ini -> [2008/03/31 14:41:59 | 00,031,955 | ---- | C] () pixcache.ini -> C:\WINDOWS\pixcache.ini -> [2008/03/29 05:42:13 | 00,005,104 | ---- | C] () ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2008/03/29 05:33:19 | 00,000,542 | ---- | C] () IVIresizeW7.dll -> C:\WINDOWS\System32\IVIresizeW7.dll -> [2008/03/28 18:49:24 | 00,204,800 | ---- | C] () IVIresizeA6.dll -> C:\WINDOWS\System32\IVIresizeA6.dll -> [2008/03/28 18:49:24 | 00,200,704 | ---- | C] () IVIresizeP6.dll -> C:\WINDOWS\System32\IVIresizeP6.dll -> [2008/03/28 18:49:24 | 00,192,512 | ---- | C] () IVIresizeM6.dll -> C:\WINDOWS\System32\IVIresizeM6.dll -> [2008/03/28 18:49:24 | 00,192,512 | ---- | C] () IVIresizePX.dll -> C:\WINDOWS\System32\IVIresizePX.dll -> [2008/03/28 18:49:24 | 00,188,416 | ---- | C] () IVIresize.dll -> C:\WINDOWS\System32\IVIresize.dll -> [2008/03/28 18:49:24 | 00,020,480 | ---- | C] () SetScan.ini -> C:\WINDOWS\SetScan.ini -> [2008/03/28 16:03:22 | 00,005,965 | ---- | C] () OGACheckControl.DLL -> C:\WINDOWS\System32\OGACheckControl.DLL -> [2008/02/04 17:23:10 | 00,693,792 | ---- | C] () idxcntrs.ini -> C:\WINDOWS\System32\idxcntrs.ini -> [2007/09/27 09:51:02 | 00,020,698 | ---- | C] () gsrvctr.ini -> C:\WINDOWS\System32\gsrvctr.ini -> [2007/09/27 09:48:48 | 00,030,628 | ---- | C] () gthrctr.ini -> C:\WINDOWS\System32\gthrctr.ini -> [2007/09/27 09:48:28 | 00,031,698 | ---- | C] () oeminfo.ini -> C:\WINDOWS\System32\oeminfo.ini -> [2007/07/16 22:46:36 | 00,028,510 | ---- | C] () HPMProp.INI -> C:\WINDOWS\HPMProp.INI -> [2007/07/16 22:45:57 | 00,000,000 | ---- | C] () rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2007/07/16 22:12:34 | 00,016,480 | ---- | C] () nvwdmcpl.dll -> C:\WINDOWS\System32\nvwdmcpl.dll -> [2007/05/25 06:07:00 | 01,703,936 | ---- | C] () nview.dll -> C:\WINDOWS\System32\nview.dll -> [2007/05/25 06:07:00 | 01,474,560 | ---- | C] () nvwimg.dll -> C:\WINDOWS\System32\nvwimg.dll -> [2007/05/25 06:07:00 | 01,019,904 | ---- | C] () nvshell.dll -> C:\WINDOWS\System32\nvshell.dll -> [2007/05/25 06:07:00 | 00,466,944 | ---- | C] () lvcoinst.ini -> C:\WINDOWS\System32\lvcoinst.ini -> [2007/05/09 19:35:54 | 00,066,482 | ---- | C] () flcdlmsg.dll -> C:\WINDOWS\System32\flcdlmsg.dll -> [2007/04/30 09:31:14 | 00,274,432 | ---- | C] () SafeBoot.sys -> C:\WINDOWS\System32\drivers\SafeBoot.sys -> [2007/04/26 20:23:06 | 00,100,095 | ---- | C] () hpgtg400.dll -> C:\WINDOWS\System32\hpgtg400.dll -> [2007/02/12 20:21:28 | 00,548,864 | ---- | C] () btwicons.dll -> C:\WINDOWS\System32\btwicons.dll -> [2007/02/06 14:20:00 | 02,842,624 | ---- | C] () btprn2k.dll -> C:\WINDOWS\System32\btprn2k.dll -> [2007/02/06 13:55:52 | 00,090,112 | ---- | C] () CddbPlaylist2Roxio.dll -> C:\WINDOWS\System32\CddbPlaylist2Roxio.dll -> [2006/09/19 00:02:40 | 00,520,192 | ---- | C] () CddbFileTaggerRoxio.dll -> C:\WINDOWS\System32\CddbFileTaggerRoxio.dll -> [2006/09/19 00:02:40 | 00,204,800 | ---- | C] () px.ini -> C:\WINDOWS\System32\px.ini -> [2005/09/08 03:52:52 | 00,000,000 | ---- | C] () BTNeighborhood.dll.manifest -> C:\WINDOWS\System32\BTNeighborhood.dll.manifest -> [2005/02/17 10:41:32 | 00,000,603 | ---- | C] () btcss.dll.manifest -> C:\WINDOWS\System32\btcss.dll.manifest -> [2005/02/17 10:41:30 | 00,000,593 | ---- | C] () smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2004/08/07 07:19:16 | 00,000,061 | ---- | C] () orun32.ini -> C:\WINDOWS\orun32.ini -> [2004/08/07 07:12:40 | 00,000,791 | ---- | C] () win.ini -> C:\WINDOWS\win.ini -> [2004/08/07 07:03:10 | 00,000,742 | ---- | C] () system.ini -> C:\WINDOWS\system.ini -> [2004/08/06 23:53:36 | 00,000,227 | ---- | C] () lttls14n.dll -> C:\WINDOWS\System32\lttls14n.dll -> [2004/06/29 11:27:26 | 00,144,384 | ---- | C] () Lvgl14N.dll -> C:\WINDOWS\System32\Lvgl14N.dll -> [2004/06/29 11:27:26 | 00,061,440 | ---- | C] () LtDlgRes14n.dll -> C:\WINDOWS\System32\LtDlgRes14n.dll -> [2004/06/29 11:27:22 | 00,974,848 | ---- | C] () ltcry14n.dll -> C:\WINDOWS\System32\ltcry14n.dll -> [2004/06/29 11:27:20 | 00,721,408 | ---- | C] () lffpx7.dll -> C:\WINDOWS\System32\lffpx7.dll -> [2004/06/29 11:27:18 | 00,338,944 | ---- | C] () lfkodak.dll -> C:\WINDOWS\System32\lfkodak.dll -> [2004/06/29 11:27:18 | 00,118,784 | ---- | C] () lfdrw14N.dll -> C:\WINDOWS\System32\lfdrw14N.dll -> [2004/06/29 11:27:18 | 00,073,728 | ---- | C] () dentrix.ini -> C:\WINDOWS\dentrix.ini -> [2002/04/15 15:07:34 | 00,000,883 | ---- | C] () u2lbar.dll -> C:\WINDOWS\System32\u2lbar.dll -> [2002/04/15 15:06:52 | 00,040,960 | ---- | C] () pg32conv.dll -> C:\WINDOWS\System32\pg32conv.dll -> [2002/04/15 15:06:50 | 00,100,352 | ---- | C] () p2solap.dll -> C:\WINDOWS\System32\p2solap.dll -> [2002/04/15 15:06:48 | 00,258,048 | ---- | C] () p2smcube.dll -> C:\WINDOWS\System32\p2smcube.dll -> [2002/04/15 15:06:46 | 00,282,624 | ---- | C] () p2molap.dll -> C:\WINDOWS\System32\p2molap.dll -> [2002/04/15 15:06:46 | 00,270,336 | ---- | C] () lcppn21.dll -> C:\WINDOWS\System32\lcppn21.dll -> [2001/11/14 11:56:00 | 01,802,240 | ---- | C] () ODMA32.dll -> C:\WINDOWS\System32\ODMA32.dll -> [1998/05/06 20:10:00 | 00,069,632 | R--- | C] () [File - Lop Check] C:\Documents and Settings\All Users\Application Data\COMMON FILES -> C:\Documents and Settings\All Users\Application Data\COMMON FILES -> [2008/07/29 10:30:10 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\DtxDocCenter -> C:\Documents and Settings\All Users\Application Data\DtxDocCenter -> [2009/04/03 11:09:43 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\EPSON -> C:\Documents and Settings\All Users\Application Data\EPSON -> [2009/01/19 09:44:40 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\espionServerData -> C:\Documents and Settings\All Users\Application Data\espionServerData -> [2009/06/07 20:36:21 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Grisoft -> C:\Documents and Settings\All Users\Application Data\Grisoft -> [2008/04/01 09:42:05 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\PCPitstop -> C:\Documents and Settings\All Users\Application Data\PCPitstop -> [2009/11/09 07:40:08 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\ScanSoft -> C:\Documents and Settings\All Users\Application Data\ScanSoft -> [2008/03/31 14:57:15 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Seagate -> C:\Documents and Settings\All Users\Application Data\Seagate -> [2009/03/11 21:57:12 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\SlySoft -> C:\Documents and Settings\All Users\Application Data\SlySoft -> [2009/10/09 17:20:05 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2008/03/31 09:11:13 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Zeon -> C:\Documents and Settings\All Users\Application Data\Zeon -> [2008/03/31 14:42:44 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24} -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24} -> [2009/10/09 11:14:04 | 00,000,000 | -H-D | M] C:\Documents and Settings\All Users\Application Data\{615DB4DC-B7C1-4125-9858-78EF460B76D2} -> C:\Documents and Settings\All Users\Application Data\{615DB4DC-B7C1-4125-9858-78EF460B76D2} -> [2009/10/09 11:14:52 | 00,000,000 | -H-D | M] C:\Documents and Settings\Bruce\Application Data\Amazon -> C:\Documents and Settings\Bruce\Application Data\Amazon -> [2009/02/09 18:52:37 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Audacity -> C:\Documents and Settings\Bruce\Application Data\Audacity -> [2008/12/11 11:09:52 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Blackberry Desktop -> C:\Documents and Settings\Bruce\Application Data\Blackberry Desktop -> [2008/05/29 06:17:14 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Canon Electronics -> C:\Documents and Settings\Bruce\Application Data\Canon Electronics -> [2009/09/22 07:07:48 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Epson -> C:\Documents and Settings\Bruce\Application Data\Epson -> [2009/01/19 18:41:14 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\FileZilla -> C:\Documents and Settings\Bruce\Application Data\FileZilla -> [2009/04/22 07:34:51 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\GARMIN -> C:\Documents and Settings\Bruce\Application Data\GARMIN -> [2008/12/25 22:53:59 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Grisoft -> C:\Documents and Settings\Bruce\Application Data\Grisoft -> [2008/04/01 09:42:40 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Leadertech -> C:\Documents and Settings\Bruce\Application Data\Leadertech -> [2008/03/31 10:23:11 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\LimeWire -> C:\Documents and Settings\Bruce\Application Data\LimeWire -> [2009/10/05 22:14:11 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Nvu -> C:\Documents and Settings\Bruce\Application Data\Nvu -> [2009/04/19 09:32:29 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\OfficeUpdate12 -> C:\Documents and Settings\Bruce\Application Data\OfficeUpdate12 -> [2008/03/31 08:25:36 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Opera -> C:\Documents and Settings\Bruce\Application Data\Opera -> [2009/04/21 20:33:41 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Research In Motion -> C:\Documents and Settings\Bruce\Application Data\Research In Motion -> [2008/05/28 21:41:52 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\SampleView -> C:\Documents and Settings\Bruce\Application Data\SampleView -> [2007/07/17 00:00:24 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\ScanSoft -> C:\Documents and Settings\Bruce\Application Data\ScanSoft -> [2008/03/31 14:57:40 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\SlySoft -> C:\Documents and Settings\Bruce\Application Data\SlySoft -> [2009/10/09 23:46:29 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Snapfish -> C:\Documents and Settings\Bruce\Application Data\Snapfish -> [2008/04/07 20:44:01 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Windows Desktop Search -> C:\Documents and Settings\Bruce\Application Data\Windows Desktop Search -> [2009/04/04 12:36:30 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Windows Search -> C:\Documents and Settings\Bruce\Application Data\Windows Search -> [2009/07/07 09:02:41 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Zeon -> C:\Documents and Settings\Bruce\Application Data\Zeon -> [2008/03/31 14:54:39 | 00,000,000 | ---D | M] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [2004/08/04 02:00:00 | 00,000,065 | RH-- | M] () SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [2009/11/09 21:46:56 | 00,000,006 | -H-- | M] () [File - Purity Scan] [Custom Scans] < %ALLUSERSPROFILE%\Application Data\*. > C:\Documents and Settings\All Users\Application Data\Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe -> [2009/06/07 20:36:22 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Apple -> C:\Documents and Settings\All Users\Application Data\Apple -> [2008/09/22 13:09:43 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Apple Computer -> C:\Documents and Settings\All Users\Application Data\Apple Computer -> [2008/09/22 13:10:02 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\ArcSoft -> C:\Documents and Settings\All Users\Application Data\ArcSoft -> [2009/10/17 18:52:40 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\COMMON FILES -> C:\Documents and Settings\All Users\Application Data\COMMON FILES -> [2008/07/29 10:30:10 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Creative -> C:\Documents and Settings\All Users\Application Data\Creative -> [2009/10/09 11:15:09 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\DtxDocCenter -> C:\Documents and Settings\All Users\Application Data\DtxDocCenter -> [2009/04/03 11:09:43 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\EPSON -> C:\Documents and Settings\All Users\Application Data\EPSON -> [2009/01/19 09:44:40 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\espionServerData -> C:\Documents and Settings\All Users\Application Data\espionServerData -> [2009/06/07 20:36:21 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Google -> C:\Documents and Settings\All Users\Application Data\Google -> [2009/10/27 17:51:59 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Google Updater -> C:\Documents and Settings\All Users\Application Data\Google Updater -> [2009/11/09 15:02:47 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Grisoft -> C:\Documents and Settings\All Users\Application Data\Grisoft -> [2008/04/01 09:42:05 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Hewlett-Packard -> C:\Documents and Settings\All Users\Application Data\Hewlett-Packard -> [2008/03/28 15:35:14 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\InstallShield -> C:\Documents and Settings\All Users\Application Data\InstallShield -> [2008/03/28 18:49:58 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Intuit -> C:\Documents and Settings\All Users\Application Data\Intuit -> [2008/07/29 10:34:38 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [2009/10/10 13:46:49 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Logishrd -> C:\Documents and Settings\All Users\Application Data\Logishrd -> [2008/08/24 08:55:42 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Logitech -> C:\Documents and Settings\All Users\Application Data\Logitech -> [2008/03/31 21:42:10 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2009/11/08 21:12:07 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\McAfee -> C:\Documents and Settings\All Users\Application Data\McAfee -> [2008/09/24 13:54:16 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft -> [2009/10/17 18:47:42 | 00,000,000 | --SD | M] C:\Documents and Settings\All Users\Application Data\Microsoft Help -> C:\Documents and Settings\All Users\Application Data\Microsoft Help -> [2009/10/27 02:06:50 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\nView_Profiles -> C:\Documents and Settings\All Users\Application Data\nView_Profiles -> [2007/07/17 00:00:31 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage -> [2008/03/31 08:20:08 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\PCPitstop -> C:\Documents and Settings\All Users\Application Data\PCPitstop -> [2009/11/09 07:40:08 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Real -> C:\Documents and Settings\All Users\Application Data\Real -> [2009/10/07 18:34:58 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Reality Engineering -> C:\Documents and Settings\All Users\Application Data\Reality Engineering -> [2009/04/06 08:35:27 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Roxio -> C:\Documents and Settings\All Users\Application Data\Roxio -> [2009/02/11 20:10:38 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\SBSI -> C:\Documents and Settings\All Users\Application Data\SBSI -> [2008/03/28 15:35:16 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\ScanSoft -> C:\Documents and Settings\All Users\Application Data\ScanSoft -> [2008/03/31 14:57:15 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Seagate -> C:\Documents and Settings\All Users\Application Data\Seagate -> [2009/03/11 21:57:12 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Skype -> C:\Documents and Settings\All Users\Application Data\Skype -> [2009/06/24 19:43:06 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\SlySoft -> C:\Documents and Settings\All Users\Application Data\SlySoft -> [2009/10/09 17:20:05 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Sonic -> C:\Documents and Settings\All Users\Application Data\Sonic -> [2009/03/14 09:57:39 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> [2008/04/01 11:31:04 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Symantec -> C:\Documents and Settings\All Users\Application Data\Symantec -> [2008/03/29 06:42:16 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Viewpoint -> C:\Documents and Settings\All Users\Application Data\Viewpoint -> [2008/03/31 09:11:13 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [2008/03/28 16:23:53 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\WLInstaller -> C:\Documents and Settings\All Users\Application Data\WLInstaller -> [2008/03/31 21:28:03 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Yahoo! -> C:\Documents and Settings\All Users\Application Data\Yahoo! -> [2009/11/06 18:44:44 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\Zeon -> C:\Documents and Settings\All Users\Application Data\Zeon -> [2008/03/31 14:42:44 | 00,000,000 | ---D | M] C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24} -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24} -> [2009/10/09 11:14:04 | 00,000,000 | -H-D | M] C:\Documents and Settings\All Users\Application Data\{615DB4DC-B7C1-4125-9858-78EF460B76D2} -> C:\Documents and Settings\All Users\Application Data\{615DB4DC-B7C1-4125-9858-78EF460B76D2} -> [2009/10/09 11:14:52 | 00,000,000 | -H-D | M] < %ALLUSERSPROFILE%\Application Data\*.exe /s > Setup.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\Setup.exe -> [2009/08/26 18:54:10 | 02,598,110 | ---- | M] (Creative Technology Ltd. ) MscMan.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\36460F0\4228404D\MscMan.exe -> [2007/10/29 20:32:14 | 00,124,928 | ---- | M] (Creative Technology Ltd.) CTDevSrv.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\461BBD30\CB33B640\CTDevSrv.exe -> [2007/04/02 00:15:40 | 00,061,440 | ---- | M] (Creative Technology Ltd) CTServiceCtDev.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\461BBD30\CB33B640\CTServiceCtDev.exe -> [2007/02/16 00:29:44 | 00,032,768 | ---- | M] (Creative Technology Ltd) ZcAuto.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\461BBD30\CB33B640\ZcAuto.exe -> [2008/05/28 20:04:54 | 00,175,104 | ---- | M] (Creative Technology Ltd) CTRegSvr.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\5A31C191\33A7C8F9\CTRegSvr.exe -> [2002/08/11 11:00:00 | 00,024,576 | ---- | M] (Creative Technology Ltd) CTRegSvu.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\5A31C191\33A7C8F9\CTRegSvu.exe -> [2008/11/04 05:24:12 | 00,081,920 | ---- | M] (Creative Technology Ltd) HELPER.EXE -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\73469C22\30B40138\HELPER.EXE -> [2000/04/09 11:02:00 | 00,005,520 | ---- | M] (Creative Technology Ltd.) InetReg.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\73469C22\30B40138\InetReg.exe -> [2007/08/16 04:12:24 | 00,755,312 | ---- | M] (Creative Technology Ltd) RegFlash.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\73469C22\30B40138\RegFlash.exe -> [2005/09/07 19:49:46 | 01,089,689 | ---- | M] (Macromedia, Inc.) ChnTag.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\747B3A4F\AEF10735\ChnTag.exe -> [2008/05/21 05:52:44 | 00,159,899 | ---- | M] (Creative Technology Ltd) CTUPnPFn.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\9A9B0F9F\F3743052\CTUPnPFn.exe -> [2008/06/23 20:26:10 | 00,102,400 | ---- | M] (Creative Technology Ltd) CTUPnPSv.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\9A9B0F9F\F3743052\CTUPnPSv.exe -> [2008/05/21 05:42:56 | 00,064,000 | ---- | M] (Creative Technology Ltd) AVCManU.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\9B8360E3\A3F1BD6D\AVCManU.exe -> [2009/08/17 02:15:56 | 00,323,584 | ---- | M] () CTRegSvu.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\9E0A6A1D\7BA3E7CC\CTRegSvu.exe -> [2005/03/06 12:00:00 | 00,023,552 | ---- | M] (Creative Technology Ltd) VFSvrU.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\A118A98F\6F6B2557\VFSvrU.exe -> [2007/09/24 04:53:10 | 00,114,688 | ---- | M] (Creative Technology Ltd.) CTRegRun.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\AAA9BC5C\9AC5E2CC\CTRegRun.exe -> [2006/10/06 00:17:34 | 00,053,248 | ---- | M] (Creative Technology Ltd ) UGRemove.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\C3C4B752\327F5056\UGRemove.exe -> [2008/10/27 11:02:00 | 00,053,248 | ---- | M] (Creative Technology Ltd.) Centrale.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\E629258\AD691181\Centrale.exe -> [2009/04/19 20:24:04 | 00,820,224 | ---- | M] (Creative Technology Ltd) CTOrSync.exe -> C:\Documents and Settings\All Users\Application Data\{1620E93A-24E3-4D30-86CE-F7F1ABB9CD24}\offline\E629258\AD691181\CTOrSync.exe -> [2009/08/03 21:18:18 | 00,311,296 | ---- | M] (Creative Technology Ltd.) setup.exe -> C:\Documents and Settings\All Users\Application Data\{615DB4DC-B7C1-4125-9858-78EF460B76D2}\setup.exe -> [2009/10/09 11:14:25 | 02,422,433 | ---- | M] (Creative Technology Ltd. ) SAFlashPlayer.exe -> C:\Documents and Settings\All Users\Application Data\Adobe\Photoshop Elements\5.0\Flash Galleries\Dynamic\flashplayer\windows\SAFlashPlayer.exe -> [2006/09/14 06:57:52 | 01,581,056 | ---- | M] (Macromedia, Inc.) AuthSWF.exe -> C:\Documents and Settings\All Users\Application Data\Adobe\Photoshop Elements\5.0\Flash Galleries\GeoWeb Gallery\gallery\resources\AuthSWF.exe -> [2006/09/14 06:58:04 | 00,077,824 | ---- | M] () E_S40RP7.EXE -> C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -> [2007/01/10 14:02:00 | 00,113,664 | ---- | M] (SEIKO EPSON CORPORATION) E_S40ST7.EXE -> C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE -> [2007/12/16 14:00:00 | 00,143,872 | ---- | M] (SEIKO EPSON CORPORATION) qbpatch.exe -> C:\Documents and Settings\All Users\Application Data\Intuit\QuickBooks 2007\Components\DownloadQB17\Patch\qbpatch.exe -> [2008/08/06 13:10:35 | 00,075,280 | ---- | M] () qbpatch2.exe -> C:\Documents and Settings\All Users\Application Data\Intuit\QuickBooks 2007\Components\DownloadQB17\Patch\qbpatch2.exe -> [2009/10/02 02:30:36 | 00,816,392 | ---- | M] (Intuit) aaw2008_upd.exe -> C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\aaw2008_upd.exe -> [2009/10/10 13:43:53 | 06,944,624 | ---- | M] () yupdater.exe -> C:\Documents and Settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe -> [2009/05/26 19:50:14 | 00,607,472 | ---- | M] (Yahoo! Inc.) < %APPDATA%\*. > C:\Documents and Settings\Bruce\Application Data\Adobe -> C:\Documents and Settings\Bruce\Application Data\Adobe -> [2009/06/07 20:36:18 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\AdobeUM -> C:\Documents and Settings\Bruce\Application Data\AdobeUM -> [2008/11/25 14:11:17 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Amazon -> C:\Documents and Settings\Bruce\Application Data\Amazon -> [2009/02/09 18:52:37 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Apple Computer -> C:\Documents and Settings\Bruce\Application Data\Apple Computer -> [2008/10/21 19:58:30 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Arcsoft -> C:\Documents and Settings\Bruce\Application Data\Arcsoft -> [2009/10/18 17:12:31 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Audacity -> C:\Documents and Settings\Bruce\Application Data\Audacity -> [2008/12/11 11:09:52 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Blackberry Desktop -> C:\Documents and Settings\Bruce\Application Data\Blackberry Desktop -> [2008/05/29 06:17:14 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Canon Electronics -> C:\Documents and Settings\Bruce\Application Data\Canon Electronics -> [2009/09/22 07:07:48 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Creative -> C:\Documents and Settings\Bruce\Application Data\Creative -> [2009/10/09 11:20:31 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Epson -> C:\Documents and Settings\Bruce\Application Data\Epson -> [2009/01/19 18:41:14 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\FileZilla -> C:\Documents and Settings\Bruce\Application Data\FileZilla -> [2009/04/22 07:34:51 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\GARMIN -> C:\Documents and Settings\Bruce\Application Data\GARMIN -> [2008/12/25 22:53:59 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Google -> C:\Documents and Settings\Bruce\Application Data\Google -> [2009/01/19 13:17:49 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Grisoft -> C:\Documents and Settings\Bruce\Application Data\Grisoft -> [2008/04/01 09:42:40 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Help -> C:\Documents and Settings\Bruce\Application Data\Help -> [2009/01/08 14:01:42 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\HP -> C:\Documents and Settings\Bruce\Application Data\HP -> [2009/03/14 10:12:06 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\hpqLog -> C:\Documents and Settings\Bruce\Application Data\hpqLog -> [2008/03/28 15:35:11 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Identities -> C:\Documents and Settings\Bruce\Application Data\Identities -> [2008/03/28 15:35:11 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\InstallShield -> C:\Documents and Settings\Bruce\Application Data\InstallShield -> [2009/02/11 20:13:33 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Intuit -> C:\Documents and Settings\Bruce\Application Data\Intuit -> [2008/07/29 10:44:50 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Leadertech -> C:\Documents and Settings\Bruce\Application Data\Leadertech -> [2008/03/31 10:23:11 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\LimeWire -> C:\Documents and Settings\Bruce\Application Data\LimeWire -> [2009/10/05 22:14:11 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Macromedia -> C:\Documents and Settings\Bruce\Application Data\Macromedia -> [2008/03/31 21:24:46 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Malwarebytes -> C:\Documents and Settings\Bruce\Application Data\Malwarebytes -> [2009/11/08 21:14:59 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Microsoft -> C:\Documents and Settings\Bruce\Application Data\Microsoft -> [2009/10/27 18:22:58 | 00,000,000 | --SD | M] C:\Documents and Settings\Bruce\Application Data\Move Networks -> C:\Documents and Settings\Bruce\Application Data\Move Networks -> [2009/06/19 10:52:08 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Mozilla -> C:\Documents and Settings\Bruce\Application Data\Mozilla -> [2008/08/26 05:44:42 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Nvu -> C:\Documents and Settings\Bruce\Application Data\Nvu -> [2009/04/19 09:32:29 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\OfficeUpdate12 -> C:\Documents and Settings\Bruce\Application Data\OfficeUpdate12 -> [2008/03/31 08:25:36 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Opera -> C:\Documents and Settings\Bruce\Application Data\Opera -> [2009/04/21 20:33:41 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Real -> C:\Documents and Settings\Bruce\Application Data\Real -> [2009/07/29 20:13:27 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Research In Motion -> C:\Documents and Settings\Bruce\Application Data\Research In Motion -> [2008/05/28 21:41:52 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Roxio -> C:\Documents and Settings\Bruce\Application Data\Roxio -> [2008/07/21 12:04:01 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\SampleView -> C:\Documents and Settings\Bruce\Application Data\SampleView -> [2007/07/17 00:00:24 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\ScanSoft -> C:\Documents and Settings\Bruce\Application Data\ScanSoft -> [2008/03/31 14:57:40 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Skype -> C:\Documents and Settings\Bruce\Application Data\Skype -> [2009/11/09 11:10:32 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\skypePM -> C:\Documents and Settings\Bruce\Application Data\skypePM -> [2009/11/09 08:03:47 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\SlySoft -> C:\Documents and Settings\Bruce\Application Data\SlySoft -> [2009/10/09 23:46:29 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Snapfish -> C:\Documents and Settings\Bruce\Application Data\Snapfish -> [2008/04/07 20:44:01 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Sun -> C:\Documents and Settings\Bruce\Application Data\Sun -> [2008/03/28 15:35:11 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\SUPERAntiSpyware.com -> C:\Documents and Settings\Bruce\Application Data\SUPERAntiSpyware.com -> [2008/04/01 11:31:00 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\U3 -> C:\Documents and Settings\Bruce\Application Data\U3 -> [2009/10/12 11:11:07 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Windows Desktop Search -> C:\Documents and Settings\Bruce\Application Data\Windows Desktop Search -> [2009/04/04 12:36:30 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\Windows Search -> C:\Documents and Settings\Bruce\Application Data\Windows Search -> [2009/07/07 09:02:41 | 00,000,000 | ---D | M] C:\Documents and Settings\Bruce\Application Data\yahoo! -> C:\Documents and Settings\Bruce\Application Data\yahoo! -> [2008/09/06 09:12:50 | 00,000,000 | -H-D | M] C:\Documents and Settings\Bruce\Application Data\Zeon -> C:\Documents and Settings\Bruce\Application Data\Zeon -> [2008/03/31 14:54:39 | 00,000,000 | ---D | M] < %APPDATA%\*.exe /s > crashreporter.exe -> C:\Documents and Settings\Bruce\Application Data\LimeWire\browser\xulrunner\crashreporter.exe -> [2009/03/05 11:42:56 | 00,163,840 | ---- | M] (Mozilla Foundation) updater.exe -> C:\Documents and Settings\Bruce\Application Data\LimeWire\browser\xulrunner\updater.exe -> [2009/03/05 11:42:57 | 00,196,608 | ---- | M] (Mozilla Foundation) xpcshell.exe -> C:\Documents and Settings\Bruce\Application Data\LimeWire\browser\xulrunner\xpcshell.exe -> [2009/03/05 11:42:57 | 00,014,848 | ---- | M] () xpicleanup.exe -> C:\Documents and Settings\Bruce\Application Data\LimeWire\browser\xulrunner\xpicleanup.exe -> [2009/03/05 11:42:57 | 00,077,824 | ---- | M] (Mozilla Foundation) xpidl.exe -> C:\Documents and Settings\Bruce\Application Data\LimeWire\browser\xulrunner\xpidl.exe -> [2009/03/05 11:42:57 | 00,266,240 | ---- | M] (Mozilla Foundation) xpt_dump.exe -> C:\Documents and Settings\Bruce\Application Data\LimeWire\browser\xulrunner\xpt_dump.exe -> [2009/03/05 11:42:57 | 00,018,432 | ---- | M] () xpt_link.exe -> C:\Documents and Settings\Bruce\Application Data\LimeWire\browser\xulrunner\xpt_link.exe -> [2009/03/05 11:42:57 | 00,014,336 | ---- | M] () xulrunner-stub.exe -> C:\Documents and Settings\Bruce\Application Data\LimeWire\browser\xulrunner\xulrunner-stub.exe -> [2009/03/05 11:42:57 | 00,073,728 | ---- | M] (Mozilla Foundation) xulrunner.exe -> C:\Documents and Settings\Bruce\Application Data\LimeWire\browser\xulrunner\xulrunner.exe -> [2009/03/05 11:42:57 | 00,102,400 | ---- | M] (Mozilla Foundation) octoshape.exe -> C:\Documents and Settings\Bruce\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe -> [2009/07/16 07:54:39 | 00,319,488 | ---- | M] (Octoshape ApS) DesktopMgr.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{034E061B-B3A3-4123-842E-10C1B6B3C8C7}\DesktopMgr.exe -> [2009/02/11 20:04:21 | 00,069,632 | R--- | M] (Macrovision Corporation) NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{034E061B-B3A3-4123-842E-10C1B6B3C8C7}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2009/02/11 20:04:21 | 00,026,694 | R--- | M] () RedirectorEXE1_770DFD1204C24F4DA163D64FACCB5CBD.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{034E061B-B3A3-4123-842E-10C1B6B3C8C7}\RedirectorEXE1_770DFD1204C24F4DA163D64FACCB5CBD.exe -> [2009/02/11 20:04:21 | 00,006,502 | R--- | M] () RedirectorEXE2_770DFD1204C24F4DA163D64FACCB5CBD.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{034E061B-B3A3-4123-842E-10C1B6B3C8C7}\RedirectorEXE2_770DFD1204C24F4DA163D64FACCB5CBD.exe -> [2009/02/11 20:04:21 | 00,006,502 | R--- | M] () RedirectorEXE_770DFD1204C24F4DA163D64FACCB5CBD.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{034E061B-B3A3-4123-842E-10C1B6B3C8C7}\RedirectorEXE_770DFD1204C24F4DA163D64FACCB5CBD.exe -> [2009/02/11 20:04:21 | 00,006,502 | R--- | M] () ARPPRODUCTICON.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{082702D5-5DD8-4600-BCE5-48B15174687F}\ARPPRODUCTICON.exe -> [2007/07/16 23:10:59 | 00,049,152 | R--- | M] (InstallShield Software Corp.) DesktopMgr.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{0D048BE8-AE02-4CB5-A428-616B9848E4A7}\DesktopMgr.exe -> [2009/02/11 19:29:15 | 00,069,632 | R--- | M] (Macrovision Corporation) NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{0D048BE8-AE02-4CB5-A428-616B9848E4A7}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2009/02/11 19:29:15 | 00,026,694 | R--- | M] () NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{0D048BE8-AE02-4CB5-A428-616B9848E4A7}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2009/02/11 19:29:15 | 00,026,694 | R--- | M] () NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{0D048BE8-AE02-4CB5-A428-616B9848E4A7}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2009/02/11 19:29:15 | 00,026,694 | R--- | M] () NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{0D048BE8-AE02-4CB5-A428-616B9848E4A7}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2009/02/11 19:29:15 | 00,026,694 | R--- | M] () NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{0D048BE8-AE02-4CB5-A428-616B9848E4A7}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2009/02/11 19:29:15 | 00,026,694 | R--- | M] () NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{0D048BE8-AE02-4CB5-A428-616B9848E4A7}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2009/02/11 19:29:15 | 00,026,694 | R--- | M] () NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{0D048BE8-AE02-4CB5-A428-616B9848E4A7}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2009/02/11 19:29:15 | 00,026,694 | R--- | M] () ARPPRODUCTICON.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{2288BE45-8868-47DD-A501-7F881C9184DD}\ARPPRODUCTICON.exe -> [2009/04/03 11:14:17 | 00,069,632 | R--- | M] (Macrovision Corporation) GURULite1_2288BE45886847DDA5017F881C9184DD.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{2288BE45-8868-47DD-A501-7F881C9184DD}\GURULite1_2288BE45886847DDA5017F881C9184DD.exe -> [2009/04/03 11:14:17 | 00,069,632 | R--- | M] (Macrovision Corporation) GURULite_2288BE45886847DDA5017F881C9184DD.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{2288BE45-8868-47DD-A501-7F881C9184DD}\GURULite_2288BE45886847DDA5017F881C9184DD.exe -> [2009/04/03 11:14:17 | 00,069,632 | R--- | M] (Macrovision Corporation) UNINST_Uninstall_G_7265F60E9DB4469AB159F5E07646D37D.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{2288BE45-8868-47DD-A501-7F881C9184DD}\UNINST_Uninstall_G_7265F60E9DB4469AB159F5E07646D37D.exe -> [2009/04/03 11:14:17 | 00,008,854 | R--- | M] () _16496df1.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_16496df1.exe -> [2009/03/31 19:22:12 | 00,003,310 | R--- | M] () _18be6784.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_18be6784.exe -> [2009/03/31 19:22:11 | 00,001,078 | R--- | M] () _294823.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_294823.exe -> [2009/03/31 19:22:11 | 00,001,078 | R--- | M] () _2cd672ae.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_2cd672ae.exe -> [2009/03/31 19:22:12 | 00,001,078 | R--- | M] () _4ae13d6c.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_4ae13d6c.exe -> [2009/03/31 19:22:12 | 00,001,078 | R--- | M] () _69525f90.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_69525f90.exe -> [2009/03/31 19:22:12 | 00,001,078 | R--- | M] () ARPPRODUCTICON.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{7FD8231E-3991-48D7-A2C8-2C42A7075FB1}\ARPPRODUCTICON.exe -> [2007/07/16 23:10:25 | 00,010,134 | R--- | M] () _bb32ea6.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{91208A47-5D08-4C79-986F-1931940F51BB}\_bb32ea6.exe -> [2008/07/29 10:44:49 | 00,092,854 | R--- | M] () DesktopMgr.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{C178B38F-613A-4EFE-B718-A675BD27A1E1}\DesktopMgr.exe -> [2008/05/28 21:31:24 | 00,069,632 | R--- | M] (Macrovision Corporation) NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{C178B38F-613A-4EFE-B718-A675BD27A1E1}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2008/05/28 21:31:24 | 00,026,694 | R--- | M] () NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{C178B38F-613A-4EFE-B718-A675BD27A1E1}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2008/05/28 21:31:24 | 00,026,694 | R--- | M] () NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{C178B38F-613A-4EFE-B718-A675BD27A1E1}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2008/05/28 21:31:24 | 00,026,694 | R--- | M] () NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{C178B38F-613A-4EFE-B718-A675BD27A1E1}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2008/05/28 21:31:24 | 00,026,694 | R--- | M] () NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{C178B38F-613A-4EFE-B718-A675BD27A1E1}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2008/05/28 21:31:24 | 00,026,694 | R--- | M] () NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{C178B38F-613A-4EFE-B718-A675BD27A1E1}\NewShortcut60_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2008/05/28 21:31:24 | 00,026,694 | R--- | M] () NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{C178B38F-613A-4EFE-B718-A675BD27A1E1}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe -> [2008/05/28 21:31:24 | 00,026,694 | R--- | M] () ARPPRODUCTICON.exe -> C:\Documents and Settings\Bruce\Application Data\Microsoft\Installer\{DD42CAE3-FADD-4B36-95B1-E1CB75BCD364}\ARPPRODUCTICON.exe -> [2007/07/16 23:12:50 | 00,010,134 | R--- | M] () MoveMediaPlayerWin_071503000010.exe -> C:\Documents and Settings\Bruce\Application Data\Move Networks\MoveMediaPlayerWin_071503000010.exe -> [2009/06/19 10:52:08 | 00,392,900 | ---- | M] () MovePlayerUpgrade.exe -> C:\Documents and Settings\Bruce\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe -> [2008/06/14 23:02:44 | 00,099,704 | ---- | M] () Uninst.exe -> C:\Documents and Settings\Bruce\Application Data\Move Networks\ie_bin\Uninst.exe -> [2008/09/30 21:57:37 | 00,034,064 | ---- | M] () AU_setup9.exe -> C:\Documents and Settings\Bruce\Application Data\Real\RealPlayer\setup\AU_setup9.exe -> [2009/10/07 18:31:30 | 00,452,104 | ---- | M] (RealNetworks, Inc.) RealPlayer11.exe -> C:\Documents and Settings\Bruce\Application Data\Real\RealPlayer\Update\RealPlayer11.exe -> [2009/05/21 06:34:21 | 00,390,664 | ---- | M] (RealNetworks, Inc.) cleanup.exe -> C:\Documents and Settings\Bruce\Application Data\U3\temp\cleanup.exe -> [2007/10/23 08:27:20 | 00,110,592 | ---- | M] () Launchpad Removal.exe -> C:\Documents and Settings\Bruce\Application Data\U3\temp\Launchpad Removal.exe -> [2008/05/02 09:41:48 | 03,493,888 | -H-- | M] (SanDisk Corporation) < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\eventlog.dll /s /md5 > eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\ERDNT\cache\eventlog.dll -> [2004/08/04 02:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=6D4FEB43EE538FC5428CC7F0565AA656 -> C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll -> [2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) eventlog.dll : MD5=82B24CB70E5944E6E34662205A2A5B78 -> C:\WINDOWS\system32\eventlog.dll -> [2004/08/04 02:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\scecli.dll /s /md5 > scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\ERDNT\cache\scecli.dll -> [2004/08/04 02:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -> C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll -> [2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=0F78E27F563F2AAF74B91A49E2ABF19A -> C:\WINDOWS\system32\scecli.dll -> [2004/08/04 02:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\netlogon.dll /s /md5 > netlogon.dll : MD5=96353FCECBA774BB8DA74A1C6507015A -> C:\WINDOWS\$NtUninstallKB968389$\netlogon.dll -> [2004/08/04 02:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=6C476D33D82F1054849790181E8F7772 -> C:\WINDOWS\ERDNT\cache\netlogon.dll -> [2009/02/06 12:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=1B7F071C51B77C272875C3A23E1E4550 -> C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll -> [2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=6C476D33D82F1054849790181E8F7772 -> C:\WINDOWS\system32\netlogon.dll -> [2009/02/06 12:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=6C476D33D82F1054849790181E8F7772 -> C:\WINDOWS\system32\dllcache\netlogon.dll -> [2009/02/06 12:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\cngaudit.dll /s /md5 > < %SYSTEMDRIVE%\sceclt.dll /s /md5 > < %SYSTEMDRIVE%\ntelogon.dll /s /md5 > < %SYSTEMDRIVE%\logevent.dll /s /md5 > < %SYSTEMDRIVE%\iaStor.sys /s /md5 > iastor.sys : MD5=11C62D1CE575B18E342F9F765C8206F2 -> C:\WINDOWS\SMINST\RPFiles\MiniNT\System32\Drivers\iastor.sys -> [2006/11/08 12:33:00 | 00,269,824 | ---- | M] (Intel Corporation) iaStor.sys : MD5=2BB8683F3D88DA2B40378A2A3CFE3C47 -> C:\WINDOWS\system32\drivers\iaStor.sys -> [2007/03/21 06:58:56 | 00,304,920 | ---- | M] (Intel Corporation) < %SYSTEMDRIVE%\nvstor.sys /s /md5 > < %SYSTEMDRIVE%\atapi.sys /s /md5 > atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\ERDNT\cache\atapi.sys -> [2004/08/03 18:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=9F3A2F5AA6875C72BF062C712CFA2674 -> C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys -> [2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\dllcache\atapi.sys -> [2004/08/03 18:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -> C:\WINDOWS\system32\drivers\atapi.sys -> [2004/08/03 18:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 > < %SYSTEMDRIVE%\viasraid.sys /s /md5 > < %SYSTEMDRIVE%\AGP440.sys /s /md5 > agp440.sys : MD5=08FD04AA961BDC77FB983F328334E3D7 -> C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys -> [2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) < %SYSTEMDRIVE%\vaxscsi.sys /s /md5 > < End of report > [/code]