OTL logfile created on: 8/19/2012 8:25:17 PM - Run 2
OTL by OldTimer - Version 3.2.58.0     Folder = E:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 50.48% Memory free
7.49 Gb Paging File | 5.54 Gb Available in Paging File | 73.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.79 Gb Total Space | 18.23 Gb Free Space | 8.33% Space Free | Partition Type: NTFS
Drive E: | 7.45 Gb Total Space | 2.55 Gb Free Space | 34.18% Space Free | Partition Type: FAT32
 
Computer Name: PC | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/08/19 09:48:56 | 000,598,016 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012/08/03 12:37:56 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012/08/03 12:08:00 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012/07/27 19:57:30 | 004,837,248 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASC.exe
PRC - [2012/05/28 15:56:36 | 000,288,128 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012/04/02 16:50:14 | 000,351,888 | ---- | M] (NDS Technologies) -- C:\Users\Bob\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2012/01/09 21:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/10 05:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/08/10 05:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/08/10 05:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/06/28 19:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/06/28 19:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/05/26 23:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/03/11 02:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/03/11 02:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/02/04 06:10:44 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
PRC - [2010/01/28 20:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009/01/09 20:00:52 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009/01/09 19:57:32 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/05/24 10:46:52 | 000,599,936 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\DiskMap.dll
MOD - [2012/05/24 10:46:44 | 008,902,016 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\WebUI.dll
MOD - [2012/05/24 10:46:34 | 000,564,752 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\sqlite3.dll
MOD - [2012/05/24 10:46:12 | 000,058,752 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\NtfsData.dll
MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\madexcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\madbasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\maddisAsm_.bpl
MOD - [2010/06/28 19:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2010/02/04 06:10:44 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
MOD - [2009/05/20 02:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2008/09/10 06:28:56 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll
MOD - [2008/09/10 06:28:45 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll
MOD - [2008/09/10 06:28:44 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudrs.dll
MOD - [2008/09/10 06:08:35 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll
MOD - [2008/07/29 13:55:14 | 000,969,728 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/05/23 08:02:14 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll
MOD - [2008/05/23 08:02:05 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducats.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012/07/14 10:01:26 | 000,827,560 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV:[b]64bit:[/b] - [2010/10/27 23:38:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2010/09/22 22:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010/06/11 18:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2010/01/28 20:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:[b]64bit:[/b] - [2009/10/16 16:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV:[b]64bit:[/b] - [2009/10/16 12:06:39 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV:[b]64bit:[/b] - [2009/06/03 16:38:36 | 000,277,032 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV - [2012/08/14 15:36:28 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/03 12:37:56 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/01/09 21:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/01/15 09:19:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/08/10 05:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/06/28 19:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/05/26 23:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe -- (MpfService)
SRV - [2009/10/16 16:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2009/10/16 12:06:30 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxducoms.exe -- (lxdu_device)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/07/14 10:01:42 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:[b]64bit:[/b] - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/01/09 18:59:32 | 000,485,680 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2012/01/09 18:59:30 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:[b]64bit:[/b] - [2012/01/09 18:59:30 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011/07/01 23:10:24 | 000,008,192 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Nccidx64.sys -- (Nccidx64)
DRV:[b]64bit:[/b] - [2011/05/24 19:40:10 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:[b]64bit:[/b] - [2011/05/07 17:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:[b]64bit:[/b] - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/10/28 00:11:44 | 007,877,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010/10/27 23:03:38 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2010/09/23 20:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2010/07/08 23:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:[b]64bit:[/b] - [2010/06/17 05:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2010/06/16 17:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:[b]64bit:[/b] - [2010/05/14 17:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2010/05/11 06:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2010/04/28 17:43:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2010/04/19 22:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2010/04/13 06:15:04 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2010/01/07 04:49:00 | 000,068,224 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64)
DRV:[b]64bit:[/b] - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/06/02 23:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:[b]64bit:[/b] - [2009/06/02 23:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:[b]64bit:[/b] - [2009/06/02 23:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:[b]64bit:[/b] - [2008/11/13 15:11:48 | 000,010,368 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\STCFUx64.sys -- (STCFUx64)
DRV:[b]64bit:[/b] - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2012/01/05 19:07:14 | 000,021,384 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2011/09/20 15:27:44 | 000,021,872 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2011/09/20 15:27:38 | 000,033,184 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {9F6EED98-A107-44F7-931C-9B40D6776F0C}
IE - HKCU\..\SearchScopes\{9F6EED98-A107-44F7-931C-9B40D6776F0C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=BIE9SM&pc=BIE9&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledItems: albumart@songbirdnest.com:1.0.11.2288
FF - prefs.js..extensions.enabledItems: gonzo@songbirdnest.com:1.10.3
FF - prefs.js..extensions.enabledItems: purplerain@songbirdnest.com:1.10.3
FF - prefs.js..extensions.enabledItems: audioscrobbler@songbirdnest.com:1.0.6.2288
FF - prefs.js..extensions.enabledItems: msc@songbirdnest.com:1.0.7.2288
FF - prefs.js..extensions.enabledItems: mtp@songbirdnest.com:1.0.22.2288
FF - prefs.js..extensions.enabledItems: windowsmedia@songbirdnest.com:1.0.10.2288
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\Bob\AppData\Local\DIRECTV Player\npPCShowPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Bob\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Bob\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Bob\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012/08/19 12:56:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/05 18:18:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012/08/19 15:49:13 | 000,000,000 | ---D | M]
 
[2012/06/09 12:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions
[2012/06/09 12:19:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
File not found (No name found) -- C:\PROGRAM FILES (X86)\SONGBIRD\EXTENSIONS\ALBUMART@SONGBIRDNEST.COM
File not found (No name found) -- C:\PROGRAM FILES (X86)\SONGBIRD\EXTENSIONS\GONZO@SONGBIRDNEST.COM
File not found (No name found) -- C:\PROGRAM FILES (X86)\SONGBIRD\EXTENSIONS\PURPLERAIN@SONGBIRDNEST.COM
[2012/06/09 12:22:57 | 000,000,000 | ---D | M] (Last.fm) -- C:\USERS\BOB\APPDATA\ROAMING\SONGBIRD2\PROFILES\8CNFN4ZY.DEFAULT\EXTENSIONS\AUDIOSCROBBLER@SONGBIRDNEST.COM
[2012/06/09 12:22:57 | 000,000,000 | ---D | M] (MSC Device Support) -- C:\USERS\BOB\APPDATA\ROAMING\SONGBIRD2\PROFILES\8CNFN4ZY.DEFAULT\EXTENSIONS\MSC@SONGBIRDNEST.COM
[2012/06/09 12:22:57 | 000,000,000 | ---D | M] (MTP Device Support) -- C:\USERS\BOB\APPDATA\ROAMING\SONGBIRD2\PROFILES\8CNFN4ZY.DEFAULT\EXTENSIONS\MTP@SONGBIRDNEST.COM
[2012/06/09 12:22:56 | 000,000,000 | ---D | M] (Windows Media Playback) -- C:\USERS\BOB\APPDATA\ROAMING\SONGBIRD2\PROFILES\8CNFN4ZY.DEFAULT\EXTENSIONS\WINDOWSMEDIA@SONGBIRDNEST.COM
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Bob\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bob\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bob\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: NDS PCShow Plugin (Enabled) = C:\Users\Bob\AppData\Local\DIRECTV Player\npPCShowPlugin.dll
CHR - plugin: PCShow Player Plugin (Enabled) = C:\Users\Bob\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Bob\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Bob\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: YouTube = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012/08/19 10:33:46 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:[b]64bit:[/b] - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:[b]64bit:[/b] - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:[b]64bit:[/b] - HKLM..\Run: []  File not found
O4:[b]64bit:[/b] - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:[b]64bit:[/b] - HKLM..\Run: [lxduamon] C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [lxdumon.exe] C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Lexmark 5600-6600 Series] C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [masqform.exe] C:\Program Files (x86)\PureEdge\Viewer 6.5\masqform.exe (PureEdge™ Solutions Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Bob\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [PCShowServer] C:\Users\Bob\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll] C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: bighammer.com ([homedepot] http in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{788E3078-7475-43C7-9A50-6AB39008029F}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\x-excid - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\x-owacid - No CLSID value found
O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\Windows\Downloaded Program Files\mimectl.dll (Microsoft Corporation)
O18 - Protocol\Handler\x-owacid {0215258f-f0a8-49de-bf1b-0ff02eda8807} - C:\Program Files (x86)\Microsoft\Outlook Web Access SMIME Client\mimectl.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (Userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk /p \??\C:)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/08/19 13:38:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/08/19 12:58:13 | 000,011,864 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl2.sys
[2012/08/19 12:58:10 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2012/08/19 12:57:59 | 000,485,680 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012/08/19 12:57:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012/08/19 12:56:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\ForceField Shared Files
[2012/08/19 12:56:55 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\CheckPoint
[2012/08/19 12:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2012/08/19 12:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2012/08/19 12:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2012/08/19 10:46:51 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{F695FF1C-AFFC-4D65-82AC-E58155FE28AF}
[2012/08/19 09:40:06 | 000,016,200 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/08/19 09:38:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2012/08/18 22:46:24 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{A4CC9031-0374-4821-BCA1-F1EA51735223}
[2012/08/18 19:31:12 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{378A7284-3803-45D1-8DBB-539AF118A2DB}
[2012/08/18 18:56:46 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{3BC0B842-2A16-4D11-84B7-FD875E20F110}
[2012/08/18 06:16:32 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{821273CD-909B-4DB2-8070-12441CA963B6}
[2012/08/17 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{755943BA-705C-4F63-96AC-285813FA409B}
[2012/08/17 20:19:23 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{E253A0C7-0367-47DC-9BD4-F2C4D67BE0BD}
[2012/08/17 09:40:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/17 08:18:47 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{03B220EE-40CD-4231-935F-F52857CF496C}
[2012/08/16 14:59:46 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{2C52187F-D094-4E22-B8D4-B2CB40E64920}
[2012/08/16 14:59:33 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{97AD54EC-1C38-4F88-8D52-7F731216E7C2}
[2012/08/13 12:42:32 | 000,000,000 | ---D | C] -- C:\Users\Bob\Desktop\Brayden
[2012/08/13 09:12:03 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{488D26A2-8E21-4799-AF3F-3B34869D3623}
[2012/08/12 21:11:32 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{D79EED29-0A4A-4264-9E24-72E3CBAF4673}
[2012/08/12 21:11:18 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{99B9C3AF-E68D-4594-9BEC-42C79F6EE169}
[2012/08/12 18:05:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/08/12 15:15:23 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Course 14
[2012/08/12 15:13:38 | 000,000,000 | ---D | C] -- C:\Users\Bob\Desktop\Course 14 Notes
[2012/08/12 15:06:24 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\OLDS
[2012/08/12 15:05:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Template
[2012/08/12 14:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2012/08/12 14:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2012/08/12 08:36:54 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{964AADB1-7A4A-4B5B-8675-77885ED407C0}
[2012/08/11 11:24:17 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{56DB7D26-E2F6-490C-9DDD-AF9E344608C8}
[2012/08/10 15:27:11 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{3671FF44-C7DA-4306-B854-859541B5D2D8}
[2012/08/09 17:52:56 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{4A9F59E8-E5B2-420A-9C93-0E0098AC3B60}
[2012/08/09 05:52:26 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{F666172F-74B9-4C41-9579-62CE9BF9A8EA}
[2012/08/08 05:46:56 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{EF243308-2C43-4210-8697-BD5E9FEDBCAC}
[2012/08/07 05:49:45 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{A9F89F82-A645-452F-8AB9-B471D2190DE8}
[2012/08/06 17:40:09 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{0424C1C9-8C93-4437-BE52-360792197AC7}
[2012/08/06 05:39:10 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{2762979D-AB71-4B61-8455-CD309A293814}
[2012/08/05 13:12:13 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{61BBF350-7AA0-4B23-874C-6656D804C215}
[2012/08/05 13:11:45 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{9A7B0FA8-623F-44CF-BAC5-B90109C870AA}
[2012/08/04 09:18:34 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{FCF59F1D-F881-4A8A-83CA-E9AB3F12FDE2}
[2012/08/03 11:28:46 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{2625DF25-5D57-4994-83B5-B6F42D9C7CE7}
[2012/08/02 20:14:06 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{8D9D69A5-8965-4E0D-BC49-2265A06D301E}
[2012/08/02 20:13:00 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{2559E5BF-7E6B-40A2-B813-3B78740F4D5B}
[2012/08/02 16:29:18 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Innovative Solutions
[2012/08/02 16:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Innovative Solutions
[2012/08/02 16:11:34 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{A2DC59E1-5595-482D-BC97-AD639F0647C5}
[2012/08/02 16:11:11 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B3EFDFBB-CB38-45DA-9D2D-771EC751D3ED}
[2012/08/02 14:07:46 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{5A3FE966-175B-4021-AEAA-E50EB90F5F54}
[2012/08/02 13:42:33 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{B95D0AAE-2B9F-40DD-A535-C9D8F83D471F}
[2012/08/01 19:56:15 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{8DC624D6-EC22-4E43-9C85-778B4397B5E8}
[2012/08/01 19:55:58 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{F5295F58-1547-46D8-9A30-60EB567CB757}
[2012/07/31 21:56:18 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{5F2CDBB2-7CBE-4BE5-B1CA-FCEB8B93C7A1}
[2012/07/31 08:50:31 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{2441B16D-F067-4E24-AB81-0662F68B9221}
[2012/07/30 09:11:29 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{96DF1A27-B6AD-4470-9962-56D66FA4F6BC}
[2012/07/29 11:31:41 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{8FBA694E-4F89-4EE3-B7CD-555B205C4205}
[2012/07/28 23:20:42 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{C354538C-7725-454C-9A34-A058D34BC289}
[2012/07/28 23:20:28 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{A63D1D74-6B7A-4A3A-8C33-69E29ED078DD}
[2012/07/28 06:53:38 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{99EF2DAE-798C-4004-8E66-5F862B189C95}
[2012/07/27 13:58:32 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\AFI
[2012/07/27 13:28:25 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{4206595A-2052-41C6-A36C-A6847E599001}
[2012/07/26 12:37:28 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{C6E208C5-8951-4193-8D52-BE43B6C586B0}
[2012/07/25 09:43:49 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{2AFB556C-F736-4911-9CB0-2235E572D07E}
[2012/07/24 21:43:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{407AD54A-C8CA-407A-A7AD-01AE3EC6B47C}
[2012/07/24 09:42:46 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{26410484-F111-497E-A11B-74E18A496905}
[2012/07/23 21:42:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{850FE8C0-E9DE-42EA-AFBC-332231CA519D}
[2012/07/23 09:41:43 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{92339747-72F0-4823-B6C7-DD1686595CC4}
[2012/07/22 21:40:54 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{32DBDE4E-474A-4D8D-B38A-58062CCDDB91}
[2012/07/22 09:39:17 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{1567FD5C-1508-4F4B-9248-8AC53EFF416B}
[2012/07/21 14:28:24 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{0718DAE0-FBB1-4B9B-916D-CAE0F5DBB5C6}
[2012/07/21 14:28:07 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\{319B44E3-D5BB-49F8-A693-46C10F66E598}
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/08/19 20:19:53 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2051389330-1497990960-3423481376-1001UA.job
[2012/08/19 20:18:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2051389330-1497990960-3423481376-1001Core.job
[2012/08/19 19:59:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/19 19:51:29 | 004,972,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/19 19:51:29 | 001,625,400 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/19 19:51:29 | 000,006,442 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/19 16:09:22 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/19 16:09:22 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/19 16:01:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/19 16:01:39 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/19 13:08:44 | 000,415,877 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2012/08/19 12:57:09 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012/08/19 10:33:46 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/08/19 09:40:06 | 000,016,200 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/08/17 18:02:07 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/08/17 09:54:16 | 000,001,240 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2012/08/17 09:54:16 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/08/16 14:57:32 | 000,335,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/16 11:03:50 | 000,019,043 | ---- | M] () -- C:\Users\Bob\Documents\HRD.odt
[2012/08/13 18:42:04 | 000,004,348 | ---- | M] () -- C:\Users\Bob\Desktop\CourseStart - Shortcut.lnk
[2012/08/12 15:05:13 | 000,000,000 | ---- | M] () -- C:\Users\Bob\AppData\Roaming\wklnhst.dat
[2012/07/23 15:59:14 | 000,024,960 | ---- | M] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/08/19 12:58:17 | 000,415,877 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2012/08/19 12:57:09 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012/08/13 20:04:36 | 000,019,043 | ---- | C] () -- C:\Users\Bob\Documents\HRD.odt
[2012/08/13 18:42:04 | 000,004,348 | ---- | C] () -- C:\Users\Bob\Desktop\CourseStart - Shortcut.lnk
[2012/08/12 15:05:13 | 000,000,000 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\wklnhst.dat
[2012/08/12 14:54:20 | 000,002,016 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2003.lnk
[2012/08/12 14:54:18 | 000,001,920 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2012/02/28 16:16:31 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/02/27 21:59:17 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDUinst.dll
[2012/02/27 21:59:17 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduinpa.dll
[2012/02/27 21:59:17 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduiesc.dll
[2012/02/27 21:59:17 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxducomx.dll
[2012/02/27 21:59:16 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdupmui.dll
[2012/02/27 21:59:15 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduserv.dll
[2012/02/27 21:59:15 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduusb1.dll
[2012/02/27 21:59:15 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdulmpm.dll
[2012/02/27 21:59:14 | 000,679,936 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduhbn3.dll
[2012/02/27 21:59:14 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducoms.exe
[2012/02/27 21:59:14 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomm.dll
[2012/02/27 21:59:14 | 000,323,584 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduih.exe
[2012/02/27 21:59:13 | 000,765,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomc.dll
[2012/02/27 21:59:13 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducfg.exe
[2012/02/27 21:48:08 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll
[2012/02/27 21:48:08 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps.dll
[2012/02/27 21:48:08 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxducnv4.dll
[2012/01/11 06:03:02 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{7a7cef20-a745-418d-fbec-9f22943b73f1}\@
[2012/01/11 06:03:02 | 000,002,048 | -HS- | C] () -- C:\Users\Bob\AppData\Local\{7a7cef20-a745-418d-fbec-9f22943b73f1}\@
[2011/12/30 15:50:47 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2011/09/17 04:34:59 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2011/08/03 17:18:07 | 000,006,424 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/29 12:11:40 | 000,000,880 | ---- | C] () -- C:\Windows\HBCIKRNL.INI
[2011/01/15 09:00:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/11/16 07:02:25 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/03/05 12:44:24 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\5600-6600 Series
[2012/08/19 12:56:55 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\CheckPoint
[2012/06/12 13:14:41 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\FileZilla
[2012/02/10 09:00:50 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\IObit
[2012/08/12 15:01:12 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Master Your CDC 4.5
[2012/06/18 13:47:56 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Notepad++
[2011/06/29 11:52:50 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OpenOffice.org
[2011/07/10 12:35:28 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\PureEdge
[2012/08/13 18:53:00 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\SoftGrid Client
[2012/06/09 12:19:30 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Songbird2
[2012/08/02 20:05:12 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TeamViewer
[2012/08/12 15:05:13 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Template
[2011/08/03 17:19:02 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\TP
[2012/08/19 20:18:01 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051389330-1497990960-3423481376-1001Core.job
[2012/08/19 20:19:53 | 000,000,920 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2051389330-1497990960-3423481376-1001UA.job
[2012/05/09 22:11:03 | 000,032,566 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >