Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Taskbar and desktop disabled

Started by aand , Jun 28 2010 12:47 PM

  • Please log in to reply

#1
aand
Posted 28 June 2010 - 12:47 PM

aand

    New Member

  • Member
  • Pip
  • 2 posts
The main problem right now is I cannot enable my taskbar/ desktop. The desktop is black, and right-click on it doesn't do anything. Clicking Taskbar and Start Menu in Control Panel doesn't do anything (after clicking that a few times explorer crashes). Cannot shutdown/restart etc. in Task Manager.

I think Avira didn't catch a trojan, so yesterday a process winupdate was taking up all my CPU. After a little while youtube videos started popping up and Avira detected some new infected .EXEs. I rebooted, entered safe mode, disabled some new services from starting, ran MBAM (found some things), GMER(nothing) and some other tools. Rebooted, removed Avira, installed Kaspersky (who found about 100 infected files).
What do I do?

Thanks!

EDIT: GMER gives an error on start "c:\windows\system32\config\system: The system cannot find the file specified". I click OK and the only scan options not greyed out are Services / Registry / Files / ADS. After the scan it says it hasn't found anything.

OTL logfile created on: 29-Jun-10 3:11:44 AM - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 34.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): e:\pagefile.sys 3069 3069 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 25.72 Gb Total Space | 2.49 Gb Free Space | 9.66% Space Free | Partition Type: NTFS
Drive D: | 19.90 Gb Total Space | 1.58 Gb Free Space | 7.96% Space Free | Partition Type: NTFS
Drive E: | 3.22 Gb Total Space | 0.18 Gb Free Space | 5.63% Space Free | Partition Type: NTFS
Drive F: | 62.67 Gb Total Space | 4.82 Gb Free Space | 7.70% Space Free | Partition Type: NTFS
Drive G: | 66.63 Gb Total Space | 2.95 Gb Free Space | 4.42% Space Free | Partition Type: NTFS
Drive H: | 80.44 Gb Total Space | 10.16 Gb Free Space | 12.63% Space Free | Partition Type: NTFS
Drive I: | 130.50 Gb Total Space | 8.83 Gb Free Space | 6.77% Space Free | Partition Type: NTFS
Drive J: | 199.55 Gb Total Space | 10.44 Gb Free Space | 5.23% Space Free | Partition Type: NTFS
Drive L: | 239.45 Gb Total Space | 25.01 Gb Free Space | 10.45% Space Free | Partition Type: NTFS

Computer Name: YOHO-PC
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010-06-29 03:10:16 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
PRC - [2010-06-16 11:57:22 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2010-05-21 12:16:50 | 000,594,200 | ---- | M] (Greatis Software) -- C:\Program Files (x86)\UnHackMe\hackmon.exe
PRC - [2009-12-25 16:43:40 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
PRC - [2009-12-21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe


========== Modules (SafeList) ==========

MOD - [2010-06-29 03:10:16 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
MOD - [2009-07-14 04:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 04:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-05-27 19:59:40 | 000,203,264 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-07-14 04:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009-07-14 04:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009-07-14 04:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 04:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009-07-14 04:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007-05-11 03:14:24 | 001,418,248 | ---- | M] (O&O Software GmbH) [Disabled | Stopped] -- C:\Windows\SysNative\oodag.exe -- (O&O Defrag)
SRV - [2010-06-25 09:11:13 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-06-25 05:18:07 | 000,075,064 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-06-11 11:16:10 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) [Disabled | Stopped] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010-03-18 17:23:04 | 000,044,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-12-25 16:43:40 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe -- (AVP)
SRV - [2009-12-21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2009-10-23 21:43:31 | 000,241,664 | ---- | M] (Tanuki Software, Ltd.) [Disabled | Stopped] -- F:\Freenet\bin\wrapper-windows-x86-32.exe -- (freenet_2)
SRV - [2009-10-23 21:43:31 | 000,241,664 | ---- | M] (Tanuki Software, Ltd.) [Disabled | Stopped] -- F:\Freenet\bin\wrapper-windows-x86-32.exe -- (freenet)
SRV - [2009-07-14 06:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009-07-14 06:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009-07-14 04:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009-07-13 23:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010-06-28 15:39:41 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010-06-09 22:02:48 | 000,023,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:64bit: - [2010-05-27 20:39:12 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-05-27 19:25:36 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-05-14 01:05:40 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2010-04-12 01:03:10 | 000,045,798 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kwflower.log -- (kwflower)
DRV:64bit: - [2010-03-05 14:48:14 | 000,048,144 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2010-03-05 14:48:12 | 000,158,736 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2010-03-05 14:48:12 | 000,037,392 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2010-03-04 16:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009-12-14 12:44:24 | 000,085,048 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
DRV:64bit: - [2009-12-14 12:44:24 | 000,066,104 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV:64bit: - [2009-11-12 19:46:43 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009-10-14 20:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2009-10-02 18:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009-09-30 17:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009-09-14 13:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009-09-01 14:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009-07-15 18:12:38 | 000,691,712 | ---- | M] (PixArt Imaging Incorporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GUCI_AVS.sys -- (GUCI_AVS)
DRV:64bit: - [2009-07-14 04:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009-07-14 04:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009-07-14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 04:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-14 04:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009-07-14 04:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009-07-14 04:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009-07-14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009-07-14 02:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009-07-14 02:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009-06-10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-06-10 11:21:58 | 001,422,080 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerA706_x64.sys -- (AVerA706_x64)
DRV:64bit: - [2009-05-04 19:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009-04-22 15:32:22 | 000,047,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmdLLD64.sys -- (AmdLLD64)
DRV:64bit: - [2009-03-23 10:25:54 | 000,030,208 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kvnet.sys -- (kvnet)
DRV:64bit: - [2009-02-17 18:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)
DRV:64bit: - [2008-04-28 12:03:46 | 000,047,160 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmdTools64.sys -- (AmdTools64)
DRV:64bit: - [2007-08-08 19:54:12 | 000,035,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATITool64.sys -- (ATITool)
DRV:64bit: - [2007-03-05 12:56:02 | 001,715,968 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerBDA3x_x64.sys -- (AVerBDA3x_x64)
DRV - [2010-06-28 13:32:46 | 000,024,416 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\regguard.sys -- (RegGuard)
DRV - [2010-06-28 08:36:33 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Stopped] -- C:\windows\system32\drivers\Partizan.sys -- (Partizan)
DRV - [2010-06-07 06:56:10 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2010-05-14 23:38:27 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2010-05-14 23:38:12 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010-05-11 16:58:19 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010-05-09 20:52:53 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2009-11-12 09:27:05 | 000,000,000 | ---D | M] [Kernel | Disabled | Stopped] -- C:\Windows\CSC -- (CSC)
DRV - [2009-06-11 00:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009-06-11 00:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2009-02-05 14:24:16 | 000,170,496 | ---- | M] (PixArt Imaging Incorporation) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\GUCI_AVS.ax -- (GUCI_AVS)
DRV - [2006-03-29 09:49:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ro/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A 2A 84 C2 71 E5 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 62.14.8.23:80

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010-06-22 03:40:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\THBExt [2010-06-28 15:39:56 | 000,000,000 | ---D | M]

[2010-06-22 03:40:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2010-06-22 03:40:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

Hosts file not found
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (SnapFlash Class) - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files (x86)\Common Files\justDo\Jd2002.dll File not found
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [HostsMan] C:\Program Files (x86)\HostsMan\hm.exe (abelhadigital.com)
O4 - HKCU..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4:64bit: - HKLM..\RunOnce: [GrpConv] C:\windows\SysNative\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [GrpConv] C:\windows\SysWow64\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] File not found
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\View running processes with Task Manager - Shortcut.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarLockAll = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoAddRemoveToolbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoDragToolbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoResize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoThumbnail = 0
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Save Flash with Flash Catcher - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Save Flash with Flash Catcher - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9 - Extra 'Tools' menuitem : Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files (x86)\Common Files\justDo\IECatcher.DLL (justDo Software)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\sbhook64.dll (Kaspersky Lab)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\sbhook.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (C:\windows\src\svchost.exe) - C:\windows\src\svchost.exe File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\src\svchost.exe) - C:\windows\src\svchost.exe File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-11-15 04:39:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006-01-01 01:44:26 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007-07-31 23:46:11 | 000,000,000 | ---D | M] - G:\AutoPlay Media Studio 4.0 -- [ NTFS ]
O32 - AutoRun File - [2009-11-04 02:08:59 | 000,000,000 | ---- | M] () - I:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - File not found
O34 - HKLM BootExecute: (Partizan) - C:\windows\SysWow64\Partizan.exe (Greatis Software)
O34 - HKLM BootExecute: (cute settings...) - File not found
O34 - HKLM BootExecute: (on\Explorer\Moun) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux4 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi4 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer4 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer5 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer6 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.HFYU - huffyuv.dll (Disappearing Inc.)
Drivers32:64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32:64bit: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave3 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave4 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave5 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave6 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux3 - wdmaud.drv (Microsoft Corporation)
Drivers32: aux4 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer5 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer6 - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.avis - ff_acm.acm ()
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.speex32 - speex32.acm File not found
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - ff_vfw.dll ()
Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.XVID - xvidvfw.dll File not found
Drivers32: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave5 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave6 - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 90 Days ==========

[2010-06-29 03:10:16 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2010-06-28 22:34:38 | 000,000,000 | ---D | C] -- C:\ERDNT
[2010-06-28 22:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010-06-28 22:33:13 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Administrator\Desktop\erunt_setup.exe
[2010-06-28 22:28:18 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\TFC.exe
[2010-06-28 15:47:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Journal
[2010-06-28 15:47:55 | 000,000,000 | ---D | C] -- C:\windows\ShellNew
[2010-06-28 15:40:01 | 000,085,048 | ---- | C] (Infowatch) -- C:\windows\SysNative\drivers\CSCrySec.sys
[2010-06-28 15:40:01 | 000,066,104 | ---- | C] (Infowatch) -- C:\windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2010-06-28 15:39:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010-06-28 15:39:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2010-06-28 15:39:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
[2010-06-28 15:39:41 | 000,353,296 | ---- | C] (Kaspersky Lab) -- C:\windows\SysNative\drivers\klif.sys
[2010-06-28 13:56:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\IceSword122en
[2010-06-28 13:32:46 | 000,024,416 | ---- | C] (Greatis Software) -- C:\windows\SysWow64\drivers\regguard.sys
[2010-06-28 08:37:15 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\windows\SysNative\drivers\SBREDrv.sys
[2010-06-28 08:36:33 | 000,037,600 | ---- | C] (Greatis Software) -- C:\windows\SysWow64\Partizan.exe
[2010-06-28 08:36:33 | 000,035,816 | ---- | C] (Greatis Software) -- C:\windows\SysWow64\drivers\Partizan.sys
[2010-06-28 08:36:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\RegRun2
[2010-06-28 08:36:12 | 000,012,808 | ---- | C] (Greatis Software, LLC.) -- C:\windows\SysWow64\drivers\UnHackMeDrv.sys
[2010-06-28 08:36:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\regruninfo
[2010-06-28 08:36:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnHackMe
[2010-06-28 08:28:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
[2010-06-28 08:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-06-28 08:24:51 | 097,364,760 | ---- | C] (Lavasoft ) -- C:\Users\Administrator\Desktop\Ad-AwareInstaller.exe
[2010-06-28 08:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2010-06-28 08:20:06 | 008,776,240 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Administrator\Desktop\SUPERAntiSpyware.exe
[2010-06-28 08:19:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\QuickScan
[2010-06-28 08:04:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2010-06-28 07:56:06 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\0TL.exe
[2010-06-28 07:55:58 | 000,472,064 | ---- | C] ( ) -- C:\Users\Administrator\Desktop\ootRepeal.exe
[2010-06-28 05:28:56 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010-06-28 05:18:54 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Administrator\Desktop\HijackThis.exe
[2010-06-28 05:18:13 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Administrator\Desktop\mbam-setup-1.46.exe
[2010-06-28 05:17:29 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Administrator\Desktop\spybotsd162.exe
[2010-06-28 04:56:14 | 016,020,895 | ---- | C] (Antiy Labs ) -- C:\Users\Administrator\Desktop\AVL.exe
[2010-06-28 04:29:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010-06-28 04:29:08 | 095,393,408 | ---- | C] (Kaspersky Lab) -- C:\Users\Administrator\Desktop\pure9.0.0.192en.exe
[2010-06-28 04:25:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live Safety Center
[2010-06-28 02:26:31 | 000,000,000 | RHSD | C] -- C:\windows\SysWow64\test
[2010-06-28 02:06:29 | 000,000,000 | RHSD | C] -- C:\windows\src
[2010-06-28 02:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-06-28 02:04:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\WinRar 3.93 - 32 & 64 bit
[2010-06-26 07:18:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\CS plugins TF2 compatible
[2010-06-26 03:45:10 | 000,323,376 | ---- | C] (BitTorrent, Inc.) -- C:\Users\Administrator\Desktop\utorrent.exe
[2010-06-25 15:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010-06-25 15:04:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\MiSteam_10_06_2010
[2010-06-25 06:38:06 | 000,000,000 | --SD | C] -- C:\Program Files (x86)\HLSW
[2010-06-25 06:38:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\HLSW
[2010-06-25 06:36:53 | 011,455,272 | ---- | C] (Timo Stripf ) -- C:\Users\Administrator\Desktop\hlsw_1_3_3_7b_setup.exe
[2010-06-25 05:12:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\PunkBuster
[2010-06-25 05:05:56 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Qtracker
[2010-06-25 05:04:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qtracker
[2010-06-25 03:01:37 | 000,000,000 | ---D | C] -- C:\PITESTI
[2010-06-24 14:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Attest
[2010-06-24 14:56:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2010-06-24 14:45:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-06-24 14:44:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Layton_Technology,_Inc
[2010-06-24 14:37:38 | 000,090,112 | ---- | C] (MindVision Software) -- C:\windows\unvise32.exe
[2010-06-23 20:20:39 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Nitro PDF
[2010-06-23 20:19:05 | 000,028,992 | ---- | C] (Nitro PDF Software) -- C:\windows\SysNative\nitrolocalmon.dll
[2010-06-23 20:19:05 | 000,017,216 | ---- | C] (Nitro PDF Software) -- C:\windows\SysNative\nitrolocalui.dll
[2010-06-23 20:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF
[2010-06-23 20:17:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Downloaded Installations
[2010-06-22 16:53:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Key Metric Software
[2010-06-22 16:42:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Key Metric Software
[2010-06-22 16:42:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Key Metric Software
[2010-06-22 16:41:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1C53AEFE-978A-4FA2-896E-FD4330A2EACC}
[2010-06-22 16:41:31 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\PackageAware
[2010-06-22 16:40:42 | 007,367,248 | ---- | C] (Key Metric Software ) -- C:\Users\Administrator\Desktop\FolderSizes4.8.3-Setup.exe
[2010-06-22 04:10:34 | 001,383,496 | ---- | C] (Paglo Labs Inc ) -- C:\Users\Administrator\Desktop\control RemoteVNC_Setup_1.0.0.exe
[2010-06-22 04:10:08 | 004,220,840 | ---- | C] (Paglo Labs Inc.) -- C:\Users\Administrator\Desktop\wireless RogueScannerSetup_2_6_0_0.exe
[2010-06-22 04:05:20 | 000,708,658 | ---- | C] ( ) -- C:\Users\Administrator\Desktop\ypops-win-0.9.7.3.exe
[2010-06-22 03:40:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2010-06-22 03:40:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Thunderbird
[2010-06-22 03:40:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2010-06-19 23:06:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVtoolnix
[2010-06-19 22:39:22 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\RTCOM
[2010-06-19 22:39:10 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\WavesGUILib.dll
[2010-06-19 22:39:10 | 001,736,536 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioRealtek.dll
[2010-06-19 22:39:10 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSTSX64.dll
[2010-06-19 22:39:10 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEP64A.dll
[2010-06-19 22:39:10 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxVolumeSDAPO.dll
[2010-06-19 22:39:10 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DHT64.dll
[2010-06-19 22:39:10 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RP3DAA64.dll
[2010-06-19 22:39:10 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSTSH64.dll
[2010-06-19 22:39:10 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEED64A.dll
[2010-06-19 22:39:10 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSHP64.dll
[2010-06-19 22:39:10 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\windows\SysNative\SRSWOW64.dll
[2010-06-19 22:39:10 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEL64A.dll
[2010-06-19 22:39:10 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\windows\SysNative\RTEEG64A.dll
[2010-06-19 22:39:09 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioEQ.dll
[2010-06-19 22:39:09 | 001,325,328 | ---- | C] (DTS) -- C:\windows\SysNative\DTSS2SpeakerDLL64.dll
[2010-06-19 22:39:09 | 001,178,384 | ---- | C] (DTS) -- C:\windows\SysNative\DTSS2HeadphoneDLL64.dll
[2010-06-19 22:39:09 | 001,110,800 | ---- | C] (DTS) -- C:\windows\SysNative\DTSBoostDLL64.dll
[2010-06-19 22:39:09 | 000,504,592 | ---- | C] (DTS) -- C:\windows\SysNative\DTSBassEnhancementDLL64.dll
[2010-06-19 22:39:09 | 000,489,744 | ---- | C] (DTS) -- C:\windows\SysNative\DTSSymmetryDLL64.dll
[2010-06-19 22:39:09 | 000,474,896 | ---- | C] (DTS) -- C:\windows\SysNative\DTSVoiceClarityDLL64.dll
[2010-06-19 22:39:09 | 000,335,192 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO30.dll
[2010-06-19 22:39:09 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\windows\SysNative\FMAPO64.dll
[2010-06-19 22:39:09 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO20.dll
[2010-06-19 22:39:09 | 000,315,152 | ---- | C] (DTS) -- C:\windows\SysNative\DTSNeoPCDLL64.dll
[2010-06-19 22:39:09 | 000,268,560 | ---- | C] (DTS) -- C:\windows\SysNative\DTSLimiterDLL64.dll
[2010-06-19 22:39:09 | 000,265,488 | ---- | C] (DTS) -- C:\windows\SysNative\DTSGainCompensatorDLL64.dll
[2010-06-19 22:39:09 | 000,124,176 | ---- | C] (DTS) -- C:\windows\SysNative\DTSLFXAPO64.dll
[2010-06-19 22:39:09 | 000,123,664 | ---- | C] (DTS) -- C:\windows\SysNative\DTSGFXAPO64.dll
[2010-06-19 22:39:09 | 000,123,152 | ---- | C] (DTS) -- C:\windows\SysNative\DTSGFXAPONS64.dll
[2010-06-19 03:51:04 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\frost-wot
[2010-06-19 03:50:18 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\DC searches
[2010-06-19 00:55:58 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010-06-18 16:30:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Poz
[2010-06-17 19:03:37 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\exm
[2010-06-17 15:14:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Para
[2010-06-16 02:04:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org
[2010-06-16 02:03:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRE
[2010-06-16 02:03:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2010-06-15 16:41:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vidalia Bundle
[2010-06-15 16:41:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Vidalia
[2010-06-15 16:41:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Tor
[2010-06-15 02:26:27 | 015,923,265 | ---- | C] (Igor Pavlov) -- C:\Users\Administrator\Desktop\tor-browser-1.3.6_en-US.exe
[2010-06-14 02:17:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\True Audio
[2010-06-12 16:53:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\STEAM
[2010-06-12 16:50:39 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Poze
[2010-06-12 16:48:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Progz
[2010-06-12 16:47:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\funny
[2010-06-12 16:46:56 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\monitor
[2010-06-11 11:16:10 | 000,065,856 | ---- | C] (Nalpeiron Ltd.) -- C:\windows\SysWow64\NLSSRV32.EXE
[2010-06-10 16:29:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\DEMO
[2010-06-10 05:15:31 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\AGRESIV.PREZINTA-AP.71.HOSTED.By.EuGEN.DIGITAL.MIXTAPE.WWW.AGRESIVMUSIC.COM
[2010-06-08 14:40:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\facebook
[2010-06-03 21:57:08 | 000,000,000 | ---D | C] -- C:\@ DC Incomplete
[2010-06-01 17:37:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune Pro
[2010-05-31 14:19:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\fla
[2010-05-31 01:43:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\torrents
[2010-05-30 05:22:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2010-05-30 03:56:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Mp3tag
[2010-05-30 03:56:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3tag
[2010-05-30 02:59:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Pa
[2010-05-30 01:20:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaMonkey
[2010-05-30 00:52:34 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\covers
[2010-05-28 04:21:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Neat Image
[2010-05-27 20:27:24 | 000,000,000 | ---D | C] -- C:\windows\rescache
[2010-05-27 20:00:10 | 000,458,752 | ---- | C] (AMD) -- C:\windows\SysNative\atieclxx.exe
[2010-05-27 19:59:40 | 000,203,264 | ---- | C] (AMD) -- C:\windows\SysNative\atiesrxx.exe
[2010-05-27 19:58:42 | 000,120,320 | ---- | C] (AMD) -- C:\windows\SysNative\atitmm64.dll
[2010-05-27 19:58:24 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysNative\atipdl64.dll
[2010-05-27 19:58:18 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysWow64\atipdlxx.dll
[2010-05-27 19:58:10 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysWow64\Oemdspif.dll
[2010-05-27 19:58:06 | 000,012,288 | ---- | C] (AMD) -- C:\windows\SysNative\atimuixx.dll
[2010-05-27 19:58:02 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysNative\atiedu64.dll
[2010-05-27 19:57:58 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\SysWow64\ati2edxx.dll
[2010-05-27 01:44:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veetle
[2010-05-24 04:53:28 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\content
[2010-05-24 04:43:37 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Mozilla
[2010-05-24 04:43:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mektek.net
[2010-05-21 17:10:52 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Azureus
[2010-05-19 03:48:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\.Tribler
[2010-05-16 02:03:54 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\World Machine Documents
[2010-05-16 02:03:54 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\World Machine 2.2 Professional
[2010-05-16 01:39:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Pamela
[2010-05-16 01:37:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Pamela
[2010-05-16 01:37:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pamela
[2010-05-16 00:09:18 | 000,000,000 | ---D | C] -- C:\HattrickOrganizer
[2010-05-15 14:38:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\StarCraft II Beta
[2010-05-15 14:38:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Blizzard Entertainment
[2010-05-15 14:38:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010-05-15 14:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2010-05-15 04:10:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010-05-15 04:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010-05-15 03:56:20 | 000,000,000 | ---D | C] -- C:\ATI
[2010-05-14 01:05:40 | 000,037,888 | ---- | C] (AnchorFree Inc) -- C:\windows\SysNative\drivers\taphss.sys
[2010-05-12 22:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Valve
[2010-05-12 16:32:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lightsmark 2008
[2010-05-12 07:10:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\SOURCE
[2010-05-10 03:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\oZone3D
[2010-05-10 00:59:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\poze
[2010-05-10 00:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2010-05-09 05:10:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2010-05-09 05:09:47 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\windows\iun6002.exe
[2010-05-09 05:09:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameFace Messenger
[2010-05-09 05:07:20 | 000,018,048 | ---- | C] (ASUSTeK Computer Inc.) -- C:\windows\SysNative\drivers\asusgsb64.sys
[2010-05-09 01:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2010-05-09 00:26:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Video
[2010-05-09 00:23:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\skul
[2010-05-09 00:16:43 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\New folder (2)
[2010-05-08 23:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2010-05-08 23:42:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\atitray
[2010-05-08 23:41:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ray Adams
[2010-05-07 20:31:01 | 000,047,160 | ---- | C] (AMD, Inc.) -- C:\windows\SysNative\drivers\AmdTools64.sys
[2010-05-07 20:31:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD GPU Clock Tool
[2010-05-07 04:13:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Adobe
[2010-05-07 04:08:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe Systems Shared
[2010-05-07 03:52:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Thinstall
[2010-05-07 03:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound
[2010-05-06 13:02:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\12Voip
[2010-05-05 23:32:28 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Google
[2010-05-05 15:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2010-05-03 01:38:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\mkvtoolnix
[2010-05-02 23:26:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010-05-02 23:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010-05-02 23:25:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-05-02 22:39:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\uTorrent
[2010-05-01 00:40:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2xtreme
[2010-04-28 22:57:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Real
[2010-04-28 22:56:46 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\windows\SysWow64\pncrt.dll
[2010-04-28 22:56:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real Alternative
[2010-04-28 11:59:08 | 000,000,000 | ---D | C] -- C:\Users\Administrator\fontconfig
[2010-04-28 11:55:50 | 000,000,000 | ---D | C] -- C:\Users\Administrator\.smplayer
[2010-04-27 06:20:31 | 000,346,144 | ---- | C] (Realtek ) -- C:\windows\SysNative\drivers\Rt64win7.sys
[2010-04-27 06:20:31 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\windows\SysNative\RTNUninst64.dll
[2010-04-27 06:18:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2010-04-27 05:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2010-04-24 03:05:52 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Unigine Heaven
[2010-04-24 03:00:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Unigine Tropics
[2010-04-24 02:56:47 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Unigine Sanctuary
[2010-04-23 16:25:26 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\OCCT
[2010-04-23 15:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Kombustor
[2010-04-23 14:30:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\ASUS
[2010-04-23 10:31:47 | 000,150,528 | ---- | C] (ASUSTeK Computer Inc.) -- C:\windows\SysNative\atkdxtdispx.dll
[2010-04-23 10:31:47 | 000,039,424 | ---- | C] (ASUSTeK Computer Inc.) -- C:\windows\SysNative\drivers\ATKDispLowFilter.sys
[2010-04-23 10:31:47 | 000,017,792 | ---- | C] (ASUSTeK Computer Inc.) -- C:\windows\SysNative\drivers\asusgsb.sys
[2010-04-23 10:25:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DNA
[2010-04-23 00:21:24 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010-04-22 22:28:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark
[2010-04-22 22:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2010-04-17 03:36:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Noel Danjou
[2010-04-17 02:44:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OSCAR Editor
[2010-04-17 02:44:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OscarX7
[2010-04-17 02:42:33 | 000,691,712 | ---- | C] (PixArt Imaging Incorporation) -- C:\windows\SysNative\drivers\GUCI_AVS.sys
[2010-04-17 02:42:33 | 000,014,336 | ---- | C] (PixArt Imaging Inc.) -- C:\windows\SysWow64\GUCI_AVS.dll
[2010-04-17 02:42:33 | 000,009,216 | ---- | C] (PixArt Imaging Inc.) -- C:\windows\SysNative\COINST_080603.dll
[2010-04-17 02:42:33 | 000,000,000 | ---D | C] -- C:\windows\PixArt
[2010-04-17 02:42:32 | 000,170,496 | ---- | C] (PixArt Imaging Incorporation) -- C:\windows\SysWow64\GUCI_AVS.ax
[2010-04-17 02:42:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PAP7501
[2010-04-16 21:40:54 | 000,000,000 | ---D | C] -- C:\ipTime
[2010-04-13 04:31:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\legal
[2010-04-12 23:13:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes
[2010-04-12 23:13:39 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2010-04-12 23:13:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010-04-12 23:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-04-12 12:32:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SQLyog
[2010-04-12 12:31:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SQLyog
[2010-04-07 02:58:42 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\cs.
[2010-04-06 09:29:50 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\HD Tune Pro
[2010-04-05 17:48:46 | 000,000,000 | ---D | C] -- C:\Downloads
[2010-04-03 16:21:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Kerio
[2010-04-03 16:12:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kerio
[2010-04-02 21:27:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\JLC's Software
[2010-04-02 21:27:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JLC's Software
[2010-04-02 00:19:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BSPViewer
[2010-04-02 00:16:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Crafty
[2010-04-02 00:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GCFScape
[2010-04-01 18:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe

========== Files - Modified Within 90 Days ==========

[2010-06-29 03:10:44 | 004,718,592 | -HS- | M] () -- C:\Users\Administrator\NTUSER.DAT
[2010-06-29 03:10:16 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2010-06-29 02:57:51 | 000,284,915 | ---- | M] () -- C:\Users\Administrator\Desktop\gmer.zip
[2010-06-29 02:51:59 | 000,000,888 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2414671398-1902475782-81204049-500Core.job
[2010-06-29 02:42:16 | 000,000,940 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2414671398-1902475782-81204049-500UA.job
[2010-06-28 23:22:23 | 003,390,536 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2010-06-28 23:22:23 | 001,044,322 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2010-06-28 23:22:23 | 000,006,230 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2010-06-28 22:36:09 | 000,019,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-06-28 22:36:09 | 000,019,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-06-28 22:34:10 | 000,000,929 | ---- | M] () -- C:\Users\Administrator\Desktop\NTREGOPT.lnk
[2010-06-28 22:34:10 | 000,000,910 | ---- | M] () -- C:\Users\Administrator\Desktop\ERUNT.lnk
[2010-06-28 22:33:39 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Administrator\Desktop\erunt_setup.exe
[2010-06-28 22:31:06 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\Ikeext.etl
[2010-06-28 22:31:03 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010-06-28 22:31:01 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010-06-28 22:30:58 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2010-06-28 22:30:58 | 000,457,718 | ---- | M] () -- C:\windows\SysNative\oodbs.lor
[2010-06-28 22:28:23 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\TFC.exe
[2010-06-28 21:36:25 | 000,011,154 | ---- | M] () -- C:\Users\Administrator\Desktop\revApps.ini
[2010-06-28 21:04:39 | 000,001,502 | ---- | M] () -- C:\Users\Administrator\Desktop\WinRar.rar
[2010-06-28 15:52:26 | 000,001,672 | ---- | M] () -- C:\Users\Administrator\Desktop\avp.exe - Shortcut.lnk
[2010-06-28 15:44:12 | 000,149,773 | ---- | M] () -- C:\windows\SysNative\drivers\klin.dat
[2010-06-28 15:44:12 | 000,106,765 | ---- | M] () -- C:\windows\SysNative\drivers\klick.dat
[2010-06-28 15:39:41 | 000,353,296 | ---- | M] (Kaspersky Lab) -- C:\windows\SysNative\drivers\klif.sys
[2010-06-28 13:53:08 | 002,205,157 | ---- | M] () -- C:\Users\Administrator\Desktop\IceSword122en.zip
[2010-06-28 13:39:10 | 000,000,393 | ---- | M] () -- C:\windows\SysWow64\Partizan.RRI
[2010-06-28 13:32:46 | 000,024,416 | ---- | M] (Greatis Software) -- C:\windows\SysWow64\drivers\regguard.sys
[2010-06-28 08:37:43 | 000,000,958 | ---- | M] () -- C:\Users\Administrator\Desktop\Reanimator.lnk
[2010-06-28 08:37:14 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\windows\SysNative\drivers\SBREDrv.sys
[2010-06-28 08:36:33 | 000,037,600 | ---- | M] (Greatis Software) -- C:\windows\SysWow64\Partizan.exe
[2010-06-28 08:36:33 | 000,035,816 | ---- | M] (Greatis Software) -- C:\windows\SysWow64\drivers\Partizan.sys
[2010-06-28 08:36:22 | 000,000,002 | RHS- | M] () -- C:\windows\winstart.bat
[2010-06-28 08:36:22 | 000,000,002 | RHS- | M] () -- C:\windows\SysWow64\CONFIG.NT
[2010-06-28 08:36:22 | 000,000,002 | RHS- | M] () -- C:\windows\SysWow64\AUTOEXEC.NT
[2010-06-28 08:36:12 | 000,000,948 | ---- | M] () -- C:\Users\Administrator\Desktop\UnHackMe.lnk
[2010-06-28 08:35:53 | 009,474,886 | ---- | M] () -- C:\Users\Administrator\Desktop\unhackme.zip
[2010-06-28 08:25:05 | 097,364,760 | ---- | M] (Lavasoft ) -- C:\Users\Administrator\Desktop\Ad-AwareInstaller.exe
[2010-06-28 08:21:19 | 001,181,383 | ---- | M] () -- C:\Users\Administrator\Desktop\sarsfx.exe
[2010-06-28 08:20:07 | 008,776,240 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Administrator\Desktop\SUPERAntiSpyware.exe
[2010-06-28 08:04:04 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-06-28 07:56:06 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\0TL.exe
[2010-06-28 07:55:58 | 000,472,064 | ---- | M] ( ) -- C:\Users\Administrator\Desktop\ootRepeal.exe
[2010-06-28 07:50:58 | 000,293,376 | ---- | M] () -- C:\Users\Administrator\Desktop\jr13yfkb.exe
[2010-06-28 07:35:46 | 000,005,644 | RHS- | M] () -- C:\Users\Administrator\ntuser.pol
[2010-06-28 06:56:24 | 000,002,521 | ---- | M] () -- C:\Users\Administrator\Desktop\xp_taskbar_desktop_fixall.vbs
[2010-06-28 05:43:35 | 000,113,023 | ---- | M] () -- C:\Users\Administrator\Desktop\viruys attachments_06_28_2010.zip
[2010-06-28 05:22:16 | 000,363,520 | ---- | M] () -- C:\Users\Administrator\Desktop\rkill.com
[2010-06-28 05:18:54 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Administrator\Desktop\HijackThis.exe
[2010-06-28 05:18:13 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Administrator\Desktop\mbam-setup-1.46.exe
[2010-06-28 05:17:30 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\Administrator\Desktop\spybotsd162.exe
[2010-06-28 04:57:41 | 016,020,895 | ---- | M] (Antiy Labs ) -- C:\Users\Administrator\Desktop\AVL.exe
[2010-06-28 04:29:35 | 095,393,408 | ---- | M] (Kaspersky Lab) -- C:\Users\Administrator\Desktop\pure9.0.0.192en.exe
[2010-06-28 04:00:46 | 000,000,036 | ---- | M] () -- C:\Users\Administrator\AppData\Local\housecall.guid.cache
[2010-06-28 02:34:37 | 000,000,008 | ---- | M] () -- C:\windows\SysWow64\msyvers32d.srq
[2010-06-28 02:11:10 | 000,003,839 | ---- | M] () -- C:\windows\SysWow64\launchhh.bat
[2010-06-28 02:09:35 | 000,000,142 | ---- | M] () -- C:\windows\SysWow64\launchhh.vbs
[2010-06-28 02:09:35 | 000,000,141 | ---- | M] () -- C:\windows\SysWow64\launchh.vbs
[2010-06-28 02:04:18 | 001,364,522 | ---- | M] () -- C:\Users\Administrator\Desktop\wrar393.exe
[2010-06-28 02:04:14 | 001,531,593 | ---- | M] () -- C:\Users\Administrator\Desktop\winrar-x64-393.exe
[2010-06-28 02:03:33 | 000,175,104 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\SQLite3.dll
[2010-06-28 00:26:12 | 000,029,354 | ---- | M] () -- C:\Users\Administrator\Desktop\vulcanu 2d455d16476cf98e0df6344183c8bf91.jpg
[2010-06-27 22:38:56 | 000,000,952 | ---- | M] () -- C:\Users\Administrator\Desktop\hl2.exe - Shortcut.lnk
[2010-06-27 22:09:23 | 000,030,208 | ---- | M] () -- C:\Users\Administrator\Desktop\REZULTATE ŞI DISCUŢII.doc
[2010-06-27 21:12:20 | 000,000,664 | ---- | M] () -- C:\Users\Administrator\Desktop\DEATHMATCH.lnk
[2010-06-27 14:22:42 | 000,000,776 | ---- | M] () -- C:\Users\Administrator\Desktop\srcds.exe - NEW.lnk
[2010-06-27 00:25:40 | 000,060,040 | ---- | M] () -- C:\Users\Administrator\Desktop\DSC07350.jpg
[2010-06-26 19:28:06 | 004,460,699 | ---- | M] () -- C:\Users\Administrator\Desktop\CSS-CLIENT-V58 2.7z
[2010-06-26 19:27:52 | 001,719,920 | ---- | M] () -- C:\Users\Administrator\Desktop\CSS-CLIENT-V58.7z
[2010-06-26 07:45:11 | 000,012,560 | ---- | M] () -- C:\Users\Administrator\Documents\2010-06-26.hrf
[2010-06-26 03:45:10 | 000,323,376 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Administrator\Desktop\utorrent.exe
[2010-06-26 03:14:23 | 002,706,868 | -H-- | M] () -- C:\Users\Administrator\AppData\Local\IconCache.db
[2010-06-25 23:48:26 | 000,022,528 | ---- | M] () -- C:\Users\Administrator\Desktop\CUPRINS biulia.doc
[2010-06-25 23:38:43 | 000,227,307 | ---- | M] () -- C:\Users\Administrator\Desktop\kim before after.jpg
[2010-06-25 16:10:03 | 000,000,994 | ---- | M] () -- C:\Users\Administrator\Desktop\CS Nou.lnk
[2010-06-25 15:37:34 | 000,000,503 | ---- | M] () -- C:\Users\Administrator\Desktop\SUp.exe - Shortcut.lnk
[2010-06-25 15:19:24 | 000,006,212 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010-06-25 15:02:32 | 000,118,256 | ---- | M] () -- C:\Users\Administrator\Desktop\MiSteam_10_06_2010.7z
[2010-06-25 15:02:20 | 000,118,760 | ---- | M] () -- C:\Users\Administrator\Desktop\MiSteamPrep_01_06_2010.7z
[2010-06-25 15:02:14 | 002,044,962 | ---- | M] () -- C:\Users\Administrator\Desktop\MiSteamPrep_1_0_3.7z
[2010-06-25 15:01:26 | 000,048,712 | ---- | M] () -- C:\Users\Administrator\Desktop\MiSteamInfo_1_0.7z
[2010-06-25 15:00:30 | 000,136,157 | ---- | M] () -- C:\Users\Administrator\Desktop\MiSteamTools_1_0_3.7z
[2010-06-25 13:34:35 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010-06-25 12:26:06 | 000,451,921 | ---- | M] () -- C:\Users\Administrator\Desktop\ClientRegistry Toolkit 0.5.1.rar
[2010-06-25 12:15:46 | 000,675,576 | ---- | M] () -- C:\Users\Administrator\Desktop\eSTEAMATiON.v2.0.Release.Candiate.4-ViTYAN.7z
[2010-06-25 09:20:03 | 000,035,755 | ---- | M] () -- C:\Users\Administrator\Desktop\SteamUp.2010-REVOLUTiON.rar
[2010-06-25 09:17:28 | 000,041,939 | ---- | M] () -- C:\Users\Administrator\Desktop\iSteam_2.0.rar
[2010-06-25 09:13:23 | 000,000,866 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010-06-25 08:57:17 | 004,432,927 | ---- | M] () -- C:\Users\Administrator\Desktop\CounterStrikeSourceBeta.rar
[2010-06-25 08:03:31 | 000,219,128 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.xtr
[2010-06-25 08:03:31 | 000,219,128 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.exe
[2010-06-25 06:38:09 | 000,000,956 | ---- | M] () -- C:\Users\Administrator\Desktop\HLSW.lnk
[2010-06-25 06:36:59 | 011,455,272 | ---- | M] (Timo Stripf ) -- C:\Users\Administrator\Desktop\hlsw_1_3_3_7b_setup.exe
[2010-06-25 05:24:16 | 004,503,759 | ---- | M] () -- C:\Users\Administrator\Desktop\COD4_servers.rar
[2010-06-25 05:18:07 | 000,075,064 | ---- | M] () -- C:\windows\SysWow64\PnkBstrA.exe
[2010-06-25 05:05:14 | 000,001,846 | ---- | M] () -- C:\Users\Administrator\Desktop\Qtracker.lnk
[2010-06-25 04:53:43 | 002,568,308 | ---- | M] () -- C:\Users\Administrator\Desktop\Cod4_1.7_SP_MP_CRACK.rar
[2010-06-25 03:39:52 | 000,420,406 | ---- | M] () -- C:\Users\Administrator\Desktop\rev-emu_9_8_3-logging.rar
[2010-06-25 03:33:58 | 077,882,668 | ---- | M] () -- C:\Users\Administrator\Desktop\Alien.Shooter.Revisited.7z
[2010-06-25 03:14:29 | 020,890,511 | ---- | M] () -- C:\Users\Administrator\Desktop\alien_shooter_content.ncf__v0_.7z
[2010-06-25 02:37:14 | 000,000,984 | ---- | M] () -- C:\Users\Administrator\Desktop\7yb9887g8gxqcvv-dlc.dlc
[2010-06-24 14:41:49 | 000,000,126 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010-06-24 00:52:16 | 023,352,761 | ---- | M] () -- C:\Ion Creanga - Povestea pulei.mp3
[2010-06-23 11:08:48 | 000,008,911 | ---- | M] () -- C:\Users\Administrator\Desktop\freenet.ods
[2010-06-23 02:41:18 | 000,495,057 | ---- | M] () -- C:\Users\Administrator\Desktop\dandiaconescu2.jpg
[2010-06-22 16:42:07 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\FolderSizes 4.lnk
[2010-06-22 16:41:25 | 007,367,248 | ---- | M] (Key Metric Software ) -- C:\Users\Administrator\Desktop\FolderSizes4.8.3-Setup.exe
[2010-06-22 07:20:45 | 057,260,732 | ---- | M] () -- C:\Users\Administrator\Desktop\fileshare.ro_DrDreKit.rar
[2010-06-22 05:47:55 | 000,122,882 | ---- | M] () -- C:\Users\Administrator\Desktop\webmail_notifier-2.4.3-fx+tb+sm.xpi
[2010-06-22 04:22:11 | 001,126,467 | ---- | M] () -- C:\Users\Administrator\Desktop\POPPeeper-Install.exe
[2010-06-22 04:10:34 | 001,383,496 | ---- | M] (Paglo Labs Inc ) -- C:\Users\Administrator\Desktop\control RemoteVNC_Setup_1.0.0.exe
[2010-06-22 04:10:08 | 004,220,840 | ---- | M] (Paglo Labs Inc.) -- C:\Users\Administrator\Desktop\wireless RogueScannerSetup_2_6_0_0.exe
[2010-06-22 04:05:20 | 000,708,658 | ---- | M] ( ) -- C:\Users\Administrator\Desktop\ypops-win-0.9.7.3.exe
[2010-06-22 03:40:18 | 000,000,000 | ---- | M] () -- C:\windows\nsreg.dat
[2010-06-22 03:40:12 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2010-06-22 00:57:24 | 000,001,515 | ---- | M] () -- C:\Users\Administrator\Desktop\MKVExtractGUI2.exe - Shortcut.lnk
[2010-06-21 03:12:54 | 000,000,691 | ---- | M] () -- C:\Users\Public\Desktop\Freenet.lnk
[2010-06-19 23:06:08 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2010-06-19 00:47:39 | 000,001,141 | ---- | M] () -- C:\Users\Administrator\Desktop\vddc 1.143.lnk
[2010-06-19 00:31:31 | 000,001,171 | ---- | M] () -- C:\Users\Administrator\Desktop\810 940.lnk
[2010-06-19 00:21:41 | 000,001,135 | ---- | M] () -- C:\Users\Administrator\Desktop\restore.lnk
[2010-06-19 00:16:03 | 000,001,179 | ---- | M] () -- C:\Users\Administrator\Desktop\250 300.lnk
[2010-06-18 21:52:31 | 000,012,561 | ---- | M] () -- C:\Users\Administrator\Documents\2010-06-18.hrf
[2010-06-18 16:29:24 | 029,104,793 | ---- | M] () -- C:\Users\Administrator\Desktop\transfer_ro-18jun-de0054d95fb6.zip
[2010-06-17 20:14:54 | 000,303,528 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2010-06-17 15:57:41 | 034,015,091 | ---- | M] () -- C:\Users\Administrator\Desktop\parazitii_arde.mp4
[2010-06-17 14:10:03 | 000,099,790 | ---- | M] () -- C:\Users\Administrator\Desktop\Par.jpg
[2010-06-16 02:08:01 | 000,066,528 | ---- | M] () -- C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-06-16 02:04:19 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010-06-15 20:57:56 | 000,000,054 | ---- | M] () -- C:\windows\JascCmdFile.INI
[2010-06-15 06:39:46 | 000,002,319 | ---- | M] () -- C:\Users\Administrator\Desktop\Google Chrome.lnk
[2010-06-15 02:27:02 | 015,923,265 | ---- | M] (Igor Pavlov) -- C:\Users\Administrator\Desktop\tor-browser-1.3.6_en-US.exe
[2010-06-14 16:04:25 | 000,054,156 | -H-- | M] () -- C:\windows\QTFont.qfn
[2010-06-14 16:04:25 | 000,001,409 | ---- | M] () -- C:\windows\QTFont.for
[2010-06-14 05:51:03 | 000,060,615 | ---- | M] () -- C:\Users\Administrator\Desktop\snoopCD.png
[2010-06-14 05:50:49 | 000,064,520 | ---- | M] () -- C:\Users\Administrator\Desktop\snoopV.png
[2010-06-14 01:28:24 | 000,353,550 | ---- | M] () -- C:\Users\Administrator\Desktop\Collection_2.5.6_private.7z
[2010-06-12 14:48:31 | 000,012,563 | ---- | M] () -- C:\Users\Administrator\Documents\2010-06-12.hrf
[2010-06-11 11:16:10 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) -- C:\windows\SysWow64\NLSSRV32.EXE
[2010-06-11 11:14:54 | 000,017,216 | ---- | M] (Nitro PDF Software) -- C:\windows\SysNative\nitrolocalui.dll
[2010-06-11 11:14:52 | 000,028,992 | ---- | M] (Nitro PDF Software) -- C:\windows\SysNative\nitrolocalmon.dll
[2010-06-10 16:26:46 | 000,036,864 | ---- | M] () -- C:\Users\Administrator\Desktop\Contacte Waldorf.xls
[2010-06-10 01:23:35 | 000,001,067 | ---- | M] () -- C:\Users\Administrator\Desktop\MSI Kombustor.lnk
[2010-06-08 19:14:48 | 000,000,062 | ---- | M] () -- C:\Users\Administrator\Documents\microlab -bass -highs (edit bass+ treble+).feq
[2010-06-06 23:36:25 | 000,012,109 | ---- | M] () -- C:\Users\Administrator\Documents\2010-06-06.hrf
[2010-06-05 03:03:06 | 000,011,934 | ---- | M] () -- C:\Users\Administrator\Documents\2010-06-05.hrf
[2010-06-02 17:14:32 | 000,001,042 | ---- | M] () -- C:\Users\Administrator\Desktop\CF Toolbox.lnk
[2010-06-01 05:43:16 | 000,025,884 | ---- | M] () -- C:\Users\Administrator\Desktop\Factura_ContractT.pdf
[2010-06-01 01:51:49 | 000,694,514 | ---- | M] () -- C:\Users\Administrator\Desktop\AlbumArtDownloaderXUI-0.34.1.exe
[2010-05-31 19:14:25 | 000,520,192 | ---- | M] () -- C:\Users\Administrator\Desktop\foo_facets.dll
[2010-05-31 19:11:10 | 000,401,408 | ---- | M] () -- C:\Users\Administrator\Desktop\foo_discogs.dll
[2010-05-30 01:09:28 | 000,011,952 | ---- | M] () -- C:\Users\Administrator\Documents\2010-05-30.hrf
[2010-05-30 00:51:58 | 000,001,463 | ---- | M] () -- C:\Users\Administrator\Desktop\ApexDC-x64.exe - Shortcut (2).lnk
[2010-05-28 22:20:24 | 003,170,832 | ---- | M] () -- C:\Users\Administrator\Desktop\YouTubeDownloaderSetup255.exe
[2010-05-28 03:04:46 | 000,027,536 | ---- | M] () -- C:\windows\SysNative\xfcodec64.dll
[2010-05-27 20:03:08 | 000,057,480 | ---- | M] () -- C:\windows\SysNative\atiapfxx.blb
[2010-05-27 20:00:10 | 000,458,752 | ---- | M] (AMD) -- C:\windows\SysNative\atieclxx.exe
[2010-05-27 19:59:40 | 000,203,264 | ---- | M] (AMD) -- C:\windows\SysNative\atiesrxx.exe
[2010-05-27 19:58:42 | 000,120,320 | ---- | M] (AMD) -- C:\windows\SysNative\atitmm64.dll
[2010-05-27 19:58:24 | 000,421,376 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\SysNative\atipdl64.dll
[2010-05-27 19:58:18 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\SysWow64\atipdlxx.dll
[2010-05-27 19:58:10 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\SysWow64\Oemdspif.dll
[2010-05-27 19:58:06 | 000,012,288 | ---- | M] (AMD) -- C:\windows\SysNative\atimuixx.dll
[2010-05-27 19:58:02 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\SysNative\atiedu64.dll
[2010-05-27 19:57:58 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\SysWow64\ati2edxx.dll
[2010-05-27 19:35:18 | 000,055,296 | ---- | M] (AMD) -- C:\windows\SysNative\coinst.dll
[2010-05-27 19:34:44 | 000,534,960 | ---- | M] () -- C:\windows\SysNative\atiumd6a.cap
[2010-05-27 19:31:14 | 000,534,960 | ---- | M] () -- C:\windows\SysWow64\atiumdva.cap
[2010-05-27 16:25:55 | 001,136,515 | ---- | M] () -- C:\Users\Administrator\Documents\bulllet wound.pspimage
[2010-05-26 19:46:56 | 002,218,373 | ---- | M] () -- C:\Users\Administrator\Desktop\LAN management system lms-1.10.7.tar.gz
[2010-05-26 16:17:07 | 000,011,960 | ---- | M] () -- C:\Users\Administrator\Documents\2010-05-26.hrf
[2010-05-24 05:01:47 | 000,001,142 | ---- | M] () -- C:\Users\Administrator\Desktop\OCCT.exe - Shortcut.lnk
[2010-05-21 12:16:58 | 000,012,808 | ---- | M] (Greatis Software, LLC.) -- C:\windows\SysWow64\drivers\UnHackMeDrv.sys
[2010-05-17 03:02:53 | 000,013,149 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\View running processes with Task Manager - Shortcut.lnk
[2010-05-16 21:18:37 | 001,009,595 | ---- | M] () -- C:\Users\Administrator\Desktop\qimonda gddr5 go-IDGV51-05A1F1C-40X.pdf
[2010-05-16 05:34:16 | 033,633,737 | ---- | M] () -- C:\Users\Administrator\Desktop\TC’s feat. Snoop Dogg – Shut You Down.flv
[2010-05-16 01:37:55 | 000,175,104 | ---- | M] () -- C:\windows\SysWow64\RemoteControl.dll
[2010-05-16 00:15:57 | 000,010,956 | ---- | M] () -- C:\Users\Administrator\Documents\2010-05-16.hrf
[2010-05-16 00:09:20 | 000,001,490 | ---- | M] () -- C:\Users\Public\Desktop\Hattrick Organizer.lnk
[2010-05-15 15:42:01 | 000,000,664 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\myMPQ.ini
[2010-05-15 14:41:42 | 000,000,654 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II Beta.lnk
[2010-05-15 04:37:57 | 000,131,072 | ---- | M] () -- C:\Users\Administrator\Documents\4870 FAN + VOLTAGE LOW 2D - 500, 900, 1.203 3D - 750, 900, 1.263.rom
[2010-05-14 23:38:27 | 000,030,528 | ---- | M] () -- C:\windows\GVTDrv64.sys
[2010-05-14 15:21:34 | 000,123,152 | ---- | M] (DTS) -- C:\windows\SysNative\DTSGFXAPONS64.dll
[2010-05-14 10:04:58 | 000,124,176 | ---- | M] (DTS) -- C:\windows\SysNative\DTSLFXAPO64.dll
[2010-05-14 01:05:40 | 000,037,888 | ---- | M] (AnchorFree Inc) -- C:\windows\SysNative\drivers\taphss.sys
[2010-05-13 22:28:18 | 000,123,664 | ---- | M] (DTS) -- C:\windows\SysNative\DTSGFXAPO64.dll
[2010-05-13 15:12:29 | 000,002,070 | -H-- | M] () -- C:\Users\Administrator\Documents\Default.rdp
[2010-05-12 16:09:06 | 000,108,032 | ---- | M] () -- C:\windows\SysWow64\ff_vfw.dll
[2010-05-12 15:25:33 | 000,000,551 | ---- | M] () -- C:\Users\Administrator\Desktop\symLink CS.bat
[2010-05-11 22:21:40 | 000,050,688 | ---- | M] () -- C:\windows\SysWow64\ff_acm.acm
[2010-05-10 23:57:01 | 011,016,784 | ---- | M] () -- C:\Users\Administrator\Desktop\05 Clock Work_Result.mp3
[2010-05-09 20:16:45 | 000,131,072 | ---- | M] () -- C:\Users\Administrator\Documents\4870 gpuz stock RV770.bin
[2010-05-09 20:06:03 | 000,131,072 | ---- | M] () -- C:\Users\Administrator\Documents\4870 2D - 500, 900, 1.263 3D - 750, 900, 1.263.rom
[2010-05-09 05:09:44 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\windows\iun6002.exe
[2010-05-09 02:01:40 | 000,001,135 | ---- | M] () -- C:\Users\Administrator\Desktop\AMD GPU Clock Tool.lnk
[2010-05-06 17:34:26 | 000,335,192 | ---- | M] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO30.dll
[2010-05-06 17:34:24 | 000,334,680 | ---- | M] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxVolumeSDAPO.dll
[2010-05-06 16:43:30 | 002,601,816 | ---- | M] (Waves Audio Ltd.) -- C:\windows\SysNative\WavesGUILib.dll
[2010-05-06 16:43:24 | 001,736,536 | ---- | M] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioRealtek.dll
[2010-05-04 21:35:38 | 000,021,360 | ---- | M] () -- C:\windows\atiogl.xml
[2010-05-03 04:46:45 | 000,001,650 | ---- | M] () -- C:\Users\Administrator\Desktop\chrome Cache.lnk
[2010-04-29 18:37:26 | 000,002,137 | ---- | M] () -- C:\windows\SysWow64\atipblag.dat
[2010-04-29 18:37:26 | 000,002,137 | ---- | M] () -- C:\windows\SysNative\atipblag.dat
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2010-04-29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2010-04-27 13:50:46 | 000,330,656 | ---- | M] (Fortemedia Corporation) -- C:\windows\SysNative\FMAPO64.dll
[2010-04-25 17:14:04 | 000,000,193 | ---- | M] () -- C:\windows\wordpad.INI
[2010-04-24 00:55:15 | 000,000,982 | ---- | M] () -- C:\windows\win.ini
[2010-04-18 02:14:03 | 000,000,003 | ---- | M] () -- C:\windows\treeskp.sys
[2010-04-18 02:14:03 | 000,000,003 | ---- | M] () -- C:\windows\sbacknt.bin
[2010-04-18 02:11:56 | 000,152,904 | ---- | M] () -- C:\windows\SysWow64\vghd.scr
[2010-04-14 17:56:00 | 000,318,808 | ---- | M] (Waves Audio Ltd.) -- C:\windows\SysNative\MaxxAudioAPO20.dll
[2010-04-11 22:12:25 | 000,314,660 | ---- | M] () -- C:\windows\SysNative\drivers\etc\HOSTS.bak
[2010-04-10 05:10:19 | 000,001,367 | ---- | M] () -- C:\Users\Administrator\Desktop\Remote Desktop Connection.lnk
[2010-04-06 20:54:32 | 000,203,336 | ---- | M] () -- C:\windows\SysNative\atiicdxx.dat
[2010-04-02 03:08:20 | 000,466,456 | ---- | M] (Creative Labs) -- C:\windows\SysNative\wrap_oal.dll
[2010-04-02 03:08:20 | 000,444,952 | ---- | M] (Creative Labs) -- C:\windows\SysWow64\wrap_oal.dll
[2010-04-02 03:08:20 | 000,122,904 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\windows\SysNative\OpenAL32.dll
[2010-04-02 03:08:20 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\windows\SysWow64\OpenAL32.dll
[2010-04-01 18:12:57 | 000,001,134 | ---- | M] () -- C:\Users\Administrator\Desktop\aand66.lnk
[2010-03-31 13:03:14 | 000,001,439 | ---- | M] () -- C:\Users\Administrator\Desktop\Internet Explorer.lnk
[2010-03-31 12:48:22 | 000,001,131 | ---- | M] () -- C:\Users\Administrator\Desktop\JDownloader.exe - Shortcut.lnk

========== Files Created - No Company Name ==========

[2010-06-29 02:57:51 | 000,284,915 | ---- | C] () -- C:\Users\Administrator\Desktop\gmer.zip
[2010-06-28 22:34:10 | 000,000,929 | ---- | C] () -- C:\Users\Administrator\Desktop\NTREGOPT.lnk
[2010-06-28 22:34:10 | 000,000,910 | ---- | C] () -- C:\Users\Administrator\Desktop\ERUNT.lnk
[2010-06-28 21:36:11 | 000,011,154 | ---- | C] () -- C:\Users\Administrator\Desktop\revApps.ini
[2010-06-28 15:52:26 | 000,001,672 | ---- | C] () -- C:\Users\Administrator\Desktop\avp.exe - Shortcut.lnk
[2010-06-28 15:40:26 | 000,149,773 | ---- | C] () -- C:\windows\SysNative\drivers\klin.dat
[2010-06-28 15:40:26 | 000,106,765 | ---- | C] () -- C:\windows\SysNative\drivers\klick.dat
[2010-06-28 13:53:08 | 002,205,157 | ---- | C] () -- C:\Users\Administrator\Desktop\IceSword122en.zip
[2010-06-28 13:32:53 | 000,000,393 | ---- | C] () -- C:\windows\SysWow64\Partizan.RRI
[2010-06-28 08:37:43 | 000,000,958 | ---- | C] () -- C:\Users\Administrator\Desktop\Reanimator.lnk
[2010-06-28 08:36:22 | 000,000,002 | RHS- | C] () -- C:\windows\winstart.bat
[2010-06-28 08:36:22 | 000,000,002 | RHS- | C] () -- C:\windows\SysWow64\CONFIG.NT
[2010-06-28 08:36:22 | 000,000,002 | RHS- | C] () -- C:\windows\SysWow64\AUTOEXEC.NT
[2010-06-28 08:36:12 | 000,000,948 | ---- | C] () -- C:\Users\Administrator\Desktop\UnHackMe.lnk
[2010-06-28 08:34:41 | 009,474,886 | ---- | C] () -- C:\Users\Administrator\Desktop\unhackme.zip
[2010-06-28 08:21:18 | 001,181,383 | ---- | C] () -- C:\Users\Administrator\Desktop\sarsfx.exe
[2010-06-28 08:04:04 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-06-28 07:50:58 | 000,293,376 | ---- | C] () -- C:\Users\Administrator\Desktop\jr13yfkb.exe
[2010-06-28 07:22:19 | 000,005,644 | RHS- | C] () -- C:\Users\Administrator\ntuser.pol
[2010-06-28 06:56:24 | 000,002,521 | ---- | C] () -- C:\Users\Administrator\Desktop\xp_taskbar_desktop_fixall.vbs
[2010-06-28 05:43:35 | 000,113,023 | ---- | C] () -- C:\Users\Administrator\Desktop\viruys attachments_06_28_2010.zip
[2010-06-28 05:22:16 | 000,363,520 | ---- | C] () -- C:\Users\Administrator\Desktop\rkill.com
[2010-06-28 04:00:46 | 000,000,036 | ---- | C] () -- C:\Users\Administrator\AppData\Local\housecall.guid.cache
[2010-06-28 02:30:06 | 000,000,008 | ---- | C] () -- C:\windows\SysWow64\msyvers32d.srq
[2010-06-28 02:11:10 | 000,003,839 | ---- | C] () -- C:\windows\SysWow64\launchhh.bat
[2010-06-28 02:09:35 | 000,000,142 | ---- | C] () -- C:\windows\SysWow64\launchhh.vbs
[2010-06-28 02:09:35 | 000,000,141 | ---- | C] () -- C:\windows\SysWow64\launchh.vbs
[2010-06-28 02:04:18 | 001,364,522 | ---- | C] () -- C:\Users\Administrator\Desktop\wrar393.exe
[2010-06-28 02:04:14 | 001,531,593 | ---- | C] () -- C:\Users\Administrator\Desktop\winrar-x64-393.exe
[2010-06-28 02:03:34 | 000,175,104 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\SQLite3.dll
[2010-06-28 02:02:15 | 000,001,502 | ---- | C] () -- C:\Users\Administrator\Desktop\WinRar_3.93_-_32___64_bit.rar
[2010-06-28 00:26:12 | 000,029,354 | ---- | C] () -- C:\Users\Administrator\Desktop\vulcanu 2d455d16476cf98e0df6344183c8bf91.jpg
[2010-06-27 22:09:21 | 000,030,208 | ---- | C] () -- C:\Users\Administrator\Desktop\REZULTATE ŞI DISCUŢII.doc
[2010-06-27 00:25:39 | 000,060,040 | ---- | C] () -- C:\Users\Administrator\Desktop\DSC07350.jpg
[2010-06-26 19:27:45 | 004,460,699 | ---- | C] () -- C:\Users\Administrator\Desktop\CSS-CLIENT-V58 2.7z
[2010-06-26 19:25:09 | 001,719,920 | ---- | C] () -- C:\Users\Administrator\Desktop\CSS-CLIENT-V58.7z
[2010-06-26 18:57:01 | 000,000,776 | ---- | C] () -- C:\Users\Administrator\Desktop\srcds.exe - NEW.lnk
[2010-06-26 07:45:11 | 000,012,560 | ---- | C] () -- C:\Users\Administrator\Documents\2010-06-26.hrf
[2010-06-26 05:25:59 | 026,472,824 | ---- | C] () -- C:\Users\Administrator\Desktop\Lasgo - Something.flac
[2010-06-26 03:26:36 | 000,001,042 | ---- | C] () -- C:\Users\Administrator\Desktop\CF Toolbox.lnk
[2010-06-25 23:38:43 | 000,227,307 | ---- | C] () -- C:\Users\Administrator\Desktop\kim before after.jpg
[2010-06-25 22:52:09 | 000,022,528 | ---- | C] () -- C:\Users\Administrator\Desktop\CUPRINS biulia.doc
[2010-06-25 17:32:25 | 000,000,994 | ---- | C] () -- C:\Users\Administrator\Desktop\CS Nou.lnk
[2010-06-25 15:37:34 | 000,000,503 | ---- | C] () -- C:\Users\Administrator\Desktop\SteamUp.exe - Shortcut.lnk
[2010-06-25 15:02:32 | 000,118,256 | ---- | C] () -- C:\Users\Administrator\Desktop\MiSteam_10_06_2010.7z
[2010-06-25 15:02:20 | 000,118,760 | ---- | C] () -- C:\Users\Administrator\Desktop\MiSteamPrep_01_06_2010.7z
[2010-06-25 15:02:13 | 002,044,962 | ---- | C] () -- C:\Users\Administrator\Desktop\MiSteamPrep_1_0_3.7z
[2010-06-25 15:01:26 | 000,048,712 | ---- | C] () -- C:\Users\Administrator\Desktop\MiSteamInfo_1_0.7z
[2010-06-25 15:00:30 | 000,136,157 | ---- | C] () -- C:\Users\Administrator\Desktop\MiSteamTools_1_0_3.7z
[2010-06-25 12:26:05 | 000,451,921 | ---- | C] () -- C:\Users\Administrator\Desktop\ClientRegistry Toolkit 0.5.1.rar
[2010-06-25 12:15:45 | 000,675,576 | ---- | C] () -- C:\Users\Administrator\Desktop\eSTEAMATiON.v2.0.Release.Candiate.4-ViTYAN.7z
[2010-06-25 09:20:03 | 000,035,755 | ---- | C] () -- C:\Users\Administrator\Desktop\SteamUp.2010-REVOLUTiON.rar
[2010-06-25 09:17:28 | 000,041,939 | ---- | C] () -- C:\Users\Administrator\Desktop\iSteam_2.0.rar
[2010-06-25 08:54:08 | 000,000,535 | ---- | C] () -- C:\Users\Administrator\Desktop\Steam.lnk
[2010-06-25 08:50:15 | 004,432,927 | ---- | C] () -- C:\Users\Administrator\Desktop\CounterStrikeSourceBeta.rar
[2010-06-25 06:38:09 | 000,000,956 | ---- | C] () -- C:\Users\Administrator\Desktop\HLSW.lnk
[2010-06-25 05:23:46 | 004,503,759 | ---- | C] () -- C:\Users\Administrator\Desktop\COD4_servers.rar
[2010-06-25 05:18:25 | 000,219,128 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2010-06-25 05:18:12 | 000,219,128 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.xtr
[2010-06-25 05:18:07 | 000,075,064 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2010-06-25 05:05:14 | 000,001,846 | ---- | C] () -- C:\Users\Administrator\Desktop\Qtracker.lnk
[2010-06-25 04:53:30 | 002,568,308 | ---- | C] () -- C:\Users\Administrator\Desktop\CoK.rar
[2010-06-25 03:39:52 | 000,420,406 | ---- | C] () -- C:\Users\Administrator\Desktop\rev-g.rar
[2010-06-25 03:29:46 | 077,882,668 | ---- | C] () -- C:\Users\Administrator\Desktop\Alien.Shooter.Revisited.7z
[2010-06-25 03:11:54 | 020,890,511 | ---- | C] () -- C:\Users\Administrator\Desktop\alien_shooter_content.ncf__v0_.7z
[2010-06-25 02:37:14 | 000,000,984 | ---- | C] () -- C:\Users\Administrator\Desktop\7yb9887g8gxqcvv-dlc.dlc
[2010-06-24 14:41:49 | 000,000,126 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010-06-24 00:51:41 | 023,352,761 | ---- | C] () -- C:\Ion Creanga - Povestea pulei.mp3
[2010-06-23 11:04:16 | 000,008,911 | ---- | C] () -- C:\Users\Administrator\Desktop\freenet.ods
[2010-06-23 02:41:06 | 000,495,057 | ---- | C] () -- C:\Users\Administrator\Desktop\dandiaconescu2.jpg
[2010-06-22 16:42:07 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\FolderSizes 4.lnk
[2010-06-22 07:20:28 | 057,260,732 | ---- | C] () -- C:\Users\Administrator\Desktop\fileshare.ro_DrDreKit.rar
[2010-06-22 05:47:55 | 000,122,882 | ---- | C] () -- C:\Users\Administrator\Desktop\webmail_notifier-2.4.3-fx+tb+sm.xpi
[2010-06-22 04:22:09 | 001,126,467 | ---- | C] () -- C:\Users\Administrator\Desktop\POPPeeper-Install.exe
[2010-06-22 03:40:18 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2010-06-22 03:40:12 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2010-06-22 00:57:24 | 000,001,515 | ---- | C] () -- C:\Users\Administrator\Desktop\MKVExtractGUI2.exe - Shortcut.lnk
[2010-06-21 03:12:54 | 000,000,691 | ---- | C] () -- C:\Users\Public\Desktop\Freenet.lnk
[2010-06-19 23:06:08 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2010-06-19 00:47:04 | 000,001,141 | ---- | C] () -- C:\Users\Administrator\Desktop\vddc 1.143.lnk
[2010-06-19 00:21:29 | 000,001,135 | ---- | C] () -- C:\Users\Administrator\Desktop\restore.lnk
[2010-06-19 00:04:47 | 000,001,179 | ---- | C] () -- C:\Users\Administrator\Desktop\250 300.lnk
[2010-06-19 00:04:09 | 000,001,171 | ---- | C] () -- C:\Users\Administrator\Desktop\810 940.lnk
[2010-06-18 21:07:02 | 000,012,561 | ---- | C] () -- C:\Users\Administrator\Documents\2010-06-18.hrf
[2010-06-18 16:29:09 | 029,104,793 | ---- | C] () -- C:\Users\Administrator\Desktop\transfer_ro-18jun-de0054d95fb6.zip
[2010-06-17 15:57:34 | 034,015,091 | ---- | C] () -- C:\Users\Administrator\Desktop\parazitii_arde.mp4
[2010-06-17 14:10:02 | 000,099,790 | ---- | C] () -- C:\Users\Administrator\Desktop\Parazitii-Tot-ce-e-bun-tre-sa-dispara.jpg
[2010-06-16 02:04:19 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010-06-15 06:39:46 | 000,002,319 | ---- | C] () -- C:\Users\Administrator\Desktop\Google Chrome.lnk
[2010-06-14 16:04:25 | 000,054,156 | -H-- | C] () -- C:\windows\QTFont.qfn
[2010-06-14 16:04:25 | 000,001,409 | ---- | C] () -- C:\windows\QTFont.for
[2010-06-14 05:51:02 | 000,060,615 | ---- | C] () -- C:\Users\Administrator\Desktop\snoopCD.png
[2010-06-14 05:50:33 | 000,064,520 | ---- | C] () -- C:\Users\Administrator\Desktop\snoopV.png
[2010-06-14 02:26:20 | 041,261,348 | ---- | C] () -- C:\Users\Administrator\Desktop\Lasgo - Something (Extended Edit).flac
[2010-06-14 01:28:24 | 000,353,550 | ---- | C] () -- C:\Users\Administrator\Desktop\Collection_2.5.6_private.7z
[2010-06-12 06:47:34 | 000,012,563 | ---- | C] () -- C:\Users\Administrator\Documents\2010-06-12.hrf
[2010-06-10 16:26:46 | 000,036,864 | ---- | C] () -- C:\Users\Administrator\Desktop\Contacte Waldorf.xls
[2010-06-08 19:14:47 | 000,000,062 | ---- | C] () -- C:\Users\Administrator\Documents\microlab -bass -highs (edit bass+ treble+).feq
[2010-06-06 23:36:25 | 000,012,109 | ---- | C] () -- C:\Users\Administrator\Documents\2010-06-06.hrf
[2010-06-05 03:03:06 | 000,011,934 | ---- | C] () -- C:\Users\Administrator\Documents\2010-06-05.hrf
[2010-06-01 05:43:16 | 000,025,884 | ---- | C] () -- C:\Users\Administrator\Desktop\Factura_ContractT.pdf
[2010-06-01 02:38:01 | 001,576,007 | ---- | C] () -- C:\windows\libfftw3-3.dll
[2010-06-01 02:38:01 | 001,527,650 | ---- | C] () -- C:\windows\libfftw3f-3.dll
[2010-06-01 02:38:01 | 001,038,577 | ---- | C] () -- C:\windows\libfftw3l-3.dll
[2010-06-01 01:51:49 | 000,694,514 | ---- | C] () -- C:\Users\Administrator\Desktop\AlbumArtDownloaderXUI-0.34.1.exe
[2010-05-31 19:14:25 | 000,520,192 | ---- | C] () -- C:\Users\Administrator\Desktop\foo_facets.dll
[2010-05-31 19:11:10 | 000,401,408 | ---- | C] () -- C:\Users\Administrator\Desktop\foo_discogs.dll
[2010-05-30 01:09:28 | 000,011,952 | ---- | C] () -- C:\Users\Administrator\Documents\2010-05-30.hrf
[2010-05-30 00:51:58 | 000,001,463 | ---- | C] () -- C:\Users\Administrator\Desktop\ApexDC-x64.exe - Shortcut (2).lnk
[2010-05-28 22:20:23 | 003,170,832 | ---- | C] () -- C:\Users\Administrator\Desktop\YouTubeDownloaderSetup255.exe
[2010-05-28 03:21:24 | 000,037,369 | ---- | C] () -- C:\Users\Administrator\Documents\PL .pspimage
[2010-05-28 03:04:46 | 000,027,536 | ---- | C] () -- C:\windows\SysNative\xfcodec64.dll
[2010-05-27 20:03:08 | 000,057,480 | ---- | C] () -- C:\windows\SysNative\atiapfxx.blb
[2010-05-27 19:34:44 | 000,534,960 | ---- | C] () -- C:\windows\SysNative\atiumd6a.cap
[2010-05-27 19:31:14 | 000,534,960 | ---- | C] () -- C:\windows\SysWow64\atiumdva.cap
[2010-05-27 16:25:55 | 001,136,515 | ---- | C] () -- C:\Users\Administrator\Documents\bulllet wound.pspimage
[2010-05-26 19:46:56 | 002,218,373 | ---- | C] () -- C:\Users\Administrator\Desktop\LAN management system lms-1.10.7.tar.gz
[2010-05-26 16:17:07 | 000,011,960 | ---- | C] () -- C:\Users\Administrator\Documents\2010-05-26.hrf
[2010-05-17 03:02:53 | 000,013,149 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\View running processes with Task Manager - Shortcut.lnk
[2010-05-16 21:18:37 | 001,009,595 | ---- | C] () -- C:\Users\Administrator\Desktop\qimonda gddr5 go-IDGV51-05A1F1C-40X.pdf
[2010-05-16 05:33:50 | 033,633,737 | ---- | C] () -- C:\Users\Administrator\Desktop\TC’s feat. Snoop Dogg – Shut You Down.flv
[2010-05-16 01:37:55 | 000,175,104 | ---- | C] () -- C:\windows\SysWow64\RemoteControl.dll
[2010-05-16 00:15:57 | 000,010,956 | ---- | C] () -- C:\Users\Administrator\Documents\2010-05-16.hrf
[2010-05-16 00:09:20 | 000,001,490 | ---- | C] () -- C:\Users\Public\Desktop\Hattrick Organizer.lnk
[2010-05-15 15:40:39 | 000,000,664 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\myMPQ.ini
[2010-05-15 14:38:06 | 000,000,654 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II Beta.lnk
[2010-05-15 04:37:57 | 000,131,072 | ---- | C] () -- C:\Users\Administrator\Documents\4870 FAN + VOLTAGE LOW 2D - 500, 900, 1.203 3D - 750, 900, 1.263.rom
[2010-05-13 22:16:41 | 000,000,952 | ---- | C] () -- C:\Users\Administrator\Desktop\hl2.exe - Shortcut.lnk
[2010-05-12 20:26:18 | 000,000,664 | ---- | C] () -- C:\Users\Administrator\Desktop\DEATHMATCH.lnk
[2010-05-12 15:17:08 | 000,000,551 | ---- | C] () -- C:\Users\Administrator\Desktop\symLink CS.bat
[2010-05-10 23:56:31 | 011,016,784 | ---- | C] () -- C:\Users\Administrator\Desktop\05 Clock Work_Result.mp3
[2010-05-09 20:16:45 | 000,131,072 | ---- | C] () -- C:\Users\Administrator\Documents\4870 gpuz stock RV770.bin
[2010-05-09 20:06:03 | 000,131,072 | ---- | C] () -- C:\Users\Administrator\Documents\4870 2D - 500, 900, 1.263 3D - 750, 900, 1.263.rom
[2010-05-09 02:01:40 | 000,001,135 | ---- | C] () -- C:\Users\Administrator\Desktop\AMD GPU Clock Tool.lnk
[2010-05-05 23:32:31 | 000,000,940 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2414671398-1902475782-81204049-500UA.job
[2010-05-05 23:32:30 | 000,000,888 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2414671398-1902475782-81204049-500Core.job
[2010-05-05 15:14:40 | 000,065,536 | ---- | C] () -- C:\windows\SysNative\Ikeext.etl
[2010-05-04 21:35:38 | 000,021,360 | ---- | C] () -- C:\windows\atiogl.xml
[2010-05-03 04:46:45 | 000,001,650 | ---- | C] () -- C:\Users\Administrator\Desktop\chrome Cache.lnk
[2010-04-29 18:37:26 | 000,002,137 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2010-04-29 18:37:26 | 000,002,137 | ---- | C] () -- C:\windows\SysNative\atipblag.dat
[2010-04-27 06:35:14 | 000,030,528 | ---- | C] () -- C:\windows\GVTDrv64.sys
[2010-04-27 06:20:31 | 000,074,272 | ---- | C] () -- C:\windows\SysNative\RtNicProp64.dll
[2010-04-25 17:14:04 | 000,000,193 | ---- | C] () -- C:\windows\wordpad.INI
[2010-04-24 06:07:37 | 000,001,142 | ---- | C] () -- C:\Users\Administrator\Desktop\OCCT.exe - Shortcut.lnk
[2010-04-23 15:00:22 | 000,001,067 | ---- | C] () -- C:\Users\Administrator\Desktop\MSI Kombustor.lnk
[2010-04-18 02:11:58 | 000,000,003 | ---- | C] () -- C:\windows\treeskp.sys
[2010-04-18 02:11:58 | 000,000,003 | ---- | C] () -- C:\windows\sbacknt.bin
[2010-04-18 02:11:56 | 000,152,904 | ---- | C] () -- C:\windows\SysWow64\vghd.scr
[2010-04-17 02:42:33 | 000,002,107 | ---- | C] () -- C:\windows\SysWow64\GUCI_AVS.ini
[2010-04-10 05:10:19 | 000,001,367 | ---- | C] () -- C:\Users\Administrator\Desktop\Remote Desktop Connection.lnk
[2010-04-06 20:54:32 | 000,203,336 | ---- | C] () -- C:\windows\SysNative\atiicdxx.dat
[2010-04-01 18:12:57 | 000,001,134 | ---- | C] () -- C:\Users\Administrator\Desktop\aa6.lnk
[2010-03-31 13:03:14 | 000,001,439 | ---- | C] () -- C:\Users\Administrator\Desktop\Internet Explorer.lnk
[2010-03-31 12:48:22 | 000,001,131 | ---- | C] () -- C:\Users\Administrator\Desktop\JDownloader.exe - Shortcut.lnk
[2010-01-27 21:21:04 | 001,627,136 | ---- | C] () -- C:\windows\fftw3.dll
[2010-01-27 18:27:45 | 000,004,608 | ---- | C] () -- C:\windows\AvsRecursion.dll
[2010-01-07 02:59:38 | 000,001,075 | ---- | C] () -- C:\windows\WINCMD.INI
[2009-12-28 22:09:50 | 000,005,185 | ---- | C] () -- C:\windows\UEDIT32.INI
[2009-12-16 19:34:49 | 000,006,212 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2009-12-02 23:16:01 | 000,000,054 | ---- | C] () -- C:\windows\JascCmdFile.INI
[2009-11-28 13:20:39 | 000,108,032 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2009-11-12 03:03:29 | 000,197,912 | ---- | C] () -- C:\windows\SysWow64\physxcudart_20.dll
[2009-11-12 00:49:02 | 000,000,000 | ---- | C] () -- C:\windows\oodcnt.INI
[2009-11-12 00:37:31 | 000,034,308 | ---- | C] () -- C:\windows\SysWow64\BASSMOD.dll
[2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat
[2009-09-16 17:27:58 | 000,508,224 | ---- | C] () -- C:\windows\SysWow64\ICCProfiles.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSwedish.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSpanish.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelPortugese.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelKorean.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelJapanese.dll
[2009-08-03 01:21:52 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelGerman.dll
[2009-08-03 01:21:52 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelFrench.dll
[2009-07-14 02:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009-07-14 00:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2004-04-23 10:36:40 | 000,298,496 | ---- | C] () -- C:\windows\SysWow64\dbfb.dll

========== LOP Check ==========

[2010-05-21 17:39:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.Tribler
[2010-05-06 13:05:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\12Voip
[2010-03-29 13:58:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\abelhadigital.com
[2010-06-02 22:35:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Audacity
[2010-02-24 16:35:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Autodesk
[2010-05-21 17:40:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Azureus
[2009-12-29 02:23:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Bioshock
[2009-11-13 18:11:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Braid
[2009-12-02 23:00:39 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\cPicture
[2009-11-17 12:49:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
[2010-06-25 07:13:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Downloaded Installations
[2010-06-28 15:45:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\foobar2000
[2010-04-06 09:49:26 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Free Download Manager
[2010-04-06 09:30:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\HD Tune Pro
[2010-06-25 08:53:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\HLSW
[2010-04-02 23:34:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\JLC's Software
[2010-04-03 16:21:57 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Kerio
[2010-06-22 16:53:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Key Metric Software
[2010-03-28 20:41:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Miranda
[2010-05-03 01:38:21 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\mkvtoolnix
[2010-06-17 15:40:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mp3tag
[2010-01-19 16:23:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\National Instruments
[2010-06-23 20:20:39 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nitro PDF
[2009-11-13 15:03:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Notepad++
[2010-06-16 02:04:57 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org
[2009-12-13 00:48:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera
[2010-05-16 01:50:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Pamela
[2010-01-11 01:54:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ProcessLasso
[2010-06-28 08:20:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\QuickScan
[2009-12-19 19:30:06 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\runic games
[2009-11-13 21:21:14 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SEGA
[2009-11-13 15:18:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SpaceMonger
[2010-05-09 02:00:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SQLyog
[2010-03-25 13:58:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Stereoscopic Player
[2010-05-07 03:52:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thinstall
[2010-06-22 03:40:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2009-12-13 21:04:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Trillian
[2010-06-28 02:33:57 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent
[2010-05-16 02:03:54 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\World Machine 2.2 Professional
[2010-01-04 18:51:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\XRay Engine
[2010-05-10 14:18:50 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009-12-16 19:34:51 | 000,001,024 | ---- | M] () -- C:\.rnd
[2009-11-17 13:57:50 | 000,065,536 | ---- | M] () -- C:\2D - 500, 993, --- 3D - 625, 993, ---.rom
[2010-06-28 13:45:04 | 000,000,668 | ---- | M] () -- C:\aaw7boot.log
[2009-11-15 04:39:10 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-01-17 14:56:34 | 000,000,573 | -HS- | M] () -- C:\boot.ini
[2009-07-14 04:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009-11-15 04:39:10 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-11-17 01:58:25 | 000,003,837 | ---- | M] () -- C:\Crysis.txt
[2010-04-19 09:38:20 | 000,000,164 | ---- | M] () -- C:\DevList.txt
[2010-01-17 15:52:28 | 000,204,868 | RHS- | M] () -- C:\grldr
[2010-06-28 22:30:58 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2009-11-15 04:39:10 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-06-24 00:52:16 | 023,352,761 | ---- | M] () -- C:\Ion Creanga - Povestea pulei.mp3
[2006-12-02 00:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2009-11-15 04:39:10 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2005-03-25 15:00:00 | 000,047,772 | RHS- | M] () -- C:\NTDETECT.COM
[2007-02-18 17:12:38 | 000,297,072 | RHS- | M] () -- C:\ntldr
[2009-11-10 00:26:10 | 000,654,960 | ---- | M] () -- C:\RBE_121.exe
[2009-11-26 16:31:26 | 002,459,094 | ---- | M] () -- C:\riva tuner Crysis CPU Benchmark.bmp
[2010-06-28 05:30:05 | 000,000,366 | ---- | M] () -- C:\rkill.log
[2009-11-16 21:57:46 | 000,005,120 | ---- | M] () -- C:\table1.dat
[2010-01-07 01:16:10 | 000,000,133 | ---- | M] () -- C:\wcsrestore 24fps crop qed.avs
[2010-01-07 00:40:47 | 000,000,168 | ---- | M] () -- C:\wcsrestore 24fps.avs
[2010-01-09 03:18:31 | 000,010,310 | ---- | M] () -- C:\wection RecentProfile.dnp
[2009-11-12 05:57:16 | 536,870,912 | -HS- | M] () -- C:\WinPEpge.sys
[2010-01-17 15:52:28 | 000,000,000 | RHS- | M] () -- C:\winx.ld

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2009-07-14 08:32:31 | 000,026,040 | ---- | M] () -- C:\windows\Fonts\GlobalMonospace.CompositeFont
[2009-07-14 08:32:31 | 000,026,489 | ---- | M] () -- C:\windows\Fonts\GlobalSansSerif.CompositeFont
[2009-07-14 08:32:31 | 000,029,779 | ---- | M] () -- C:\windows\Fonts\GlobalSerif.CompositeFont
[2009-07-14 08:32:31 | 000,043,318 | ---- | M] () -- C:\windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009-07-14 04:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\msvbvm60.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\user32.dll /md5 >
[2009-07-14 04:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2009-07-14 04:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2009-07-14 04:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\SysWOW64\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:8C35AEA7
< End of report >






OTL Extras logfile created on: 28-Jun-10 7:57:17 AM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 37.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): e:\pagefile.sys 3069 3069 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 25.72 Gb Total Space | 3.22 Gb Free Space | 12.54% Space Free | Partition Type: NTFS
Drive D: | 19.90 Gb Total Space | 1.58 Gb Free Space | 7.96% Space Free | Partition Type: NTFS
Drive E: | 3.22 Gb Total Space | 0.18 Gb Free Space | 5.63% Space Free | Partition Type: NTFS
Drive F: | 62.67 Gb Total Space | 4.81 Gb Free Space | 7.67% Space Free | Partition Type: NTFS
Drive G: | 66.63 Gb Total Space | 2.85 Gb Free Space | 4.27% Space Free | Partition Type: NTFS
Drive H: | 80.44 Gb Total Space | 10.16 Gb Free Space | 12.63% Space Free | Partition Type: NTFS
Drive I: | 130.50 Gb Total Space | 8.87 Gb Free Space | 6.80% Space Free | Partition Type: NTFS
Drive J: | 199.55 Gb Total Space | 10.38 Gb Free Space | 5.20% Space Free | Partition Type: NTFS
Drive L: | 239.45 Gb Total Space | 14.33 Gb Free Space | 5.98% Space Free | Partition Type: NTFS

Computer Name: YOHO-PC
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\opera.exe (Opera Software)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc.enqueue] -- "G:\Kits\@ Codec\#HIGHSPEED\mplayerc_homecinema_x86_v1.2.908.0\mpc-hc.exe" /add "%1" (mpc-hc@Sourceforge)
Directory [mplayerc.play] -- "G:\Kits\@ Codec\#HIGHSPEED\mplayerc_homecinema_x86_v1.2.908.0\mpc-hc.exe" "%1" (mpc-hc@Sourceforge)
Directory [SpaceMonger] -- "C:\Program Files (x86)\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc.enqueue] -- "G:\Kits\@ Codec\#HIGHSPEED\mplayerc_homecinema_x86_v1.2.908.0\mpc-hc.exe" /add "%1" (mpc-hc@Sourceforge)
Directory [mplayerc.play] -- "G:\Kits\@ Codec\#HIGHSPEED\mplayerc_homecinema_x86_v1.2.908.0\mpc-hc.exe" "%1" (mpc-hc@Sourceforge)
Directory [SpaceMonger] -- "C:\Program Files (x86)\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0+ (r404)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{22950922-8438-4c84-80d5-a17e6c2a5717}.sdb" = Adobe Audition 3 Vista Compatibility
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java™ 6 Update 20 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FBB2E98-1A3B-396A-A662-73E17009C076}" = ATI Catalyst Install Manager
"{53480360-C6AA-4E73-A4E3-1C4C915E049F}" = O&O Defrag Professional Edition
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{AF58CE7A-B48F-4DDF-8FB7-838DDC22D63C}" = Paragon Hard Disk Manager™ 2010 Server
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"{ED066E02-C49A-D5D9-7ACD-1014EB7571D1}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"MatlabR2007b" = MATLAB R2007b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis®
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor v1.0.10
"{151F4583-1A05-46D9-8A0E-8F61B9C3502B}_is1" = Call Of Pripyat Benchmark 1.0
"{17FE8F8E-D8FA-440E-9ACF-3C51787E7225}" = FolderSizes 4
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20535ABD-7D5E-472E-9077-6AF48480DD82}" = ASUS GameOSD Utility
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = oZone3D.Net FurMark v1.8.2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{36034653-333B-430B-9C22-7E622D27BF27}" = Opera 10.54
"{37B1F7CD-13E4-47DA-9E84-51AD6972ADC5}" = Stereoscopic Player
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{6ED53E0C-EAC0-4F0F-947D-6BA817E4C8C3}" = HostsMan 3.2.73
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75E607CF-7BAE-4B88-84B3-97F3DF44BA28}" = FEARCombat
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{867AE74B-855F-4ABD-BCA1-7B4C0ECF2DD9}" = FlashCatcher
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare™ 1.6 Patch
"{8B681A3B-C924-23F9-AAD0-9FB1715C763A}" = Catalyst Control Center InstallProxy
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"{96ED9087-7A6A-22A9-135F-901AF77474AC}" = ccc-core-static
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout™ Paradise The Ultimate Box
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{AC76BA86-7AD7-2448-0000-900000000003}" = Chinese Traditional Fonts Support For Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B93E815A-ED3F-436C-8175-C0BB1AD4AA36}" = OSCAR Editor
"{C441297F-C9F2-4177-9D5F-1B10F0358E32}" = Opera 10.54
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C6A0FD8A-F107-44CA-AA1B-49341936F76A}" = PAP7501(0038.2009.1117.2002)
"{C6E6B1D1-EC88-7270-3819-AA924908CFDA}" = Catalyst Control Center Graphics Previews Vista
"{C7027BD9-C90F-79C7-8CFF-8F32E2806631}" = CCC Help English
"{CDEBE7FF-C832-4B91-9214-A4CA610D78C9}" = Adobe Audition 3.0.1 Patch
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8365857-3233-E29E-65C6-6C0AB4F99622}" = Catalyst Control Center Graphics Previews Common
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AaaaaAAaaaAAAaaAAAAaAAAAA!!! - A Reckless Disreg~5122E60D_is1" = AaaaaAAaaaAAAaaAAAAaAAAAA!!! - A Reckless Disregard for Gravity
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Afterburner" = MSI Afterburner 1.6.0
"AMCap" = AMCap
"AMD GPU Clock Tool" = AMD GPU Clock Tool
"ATITool" = ATITool Overclocking Utility
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.5 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"Bink and Smacker" = Bink and Smacker
"BSPViewer_is1" = BSPViewer 1.5.6
"Crafty_is1" = Crafty 1.0.1
"EnRo Dictionary_is1" = EnRo Dictionary 1.0
"Exact Audio Copy" = Exact Audio Copy 0.99pb4
"ffdshow_is1" = ffdshow v1.1.3476 [2010-06-15]
"FolderSizes 4" = FolderSizes 4
"FolderSizes_is1" = FolderSizes 1.0
"foobar2000" = foobar2000 v1.0.3
"Fraps" = Fraps (remove only)
"Free Download Manager_is1" = Free Download Manager 3.0
"Freenet" = Freenet
"GameSpy Arcade" = GameSpy Arcade
"GCFScape_is1" = GCFScape 1.7.5
"HaaliMkx" = Haali Media Splitter
"Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool
"Hattrick Organizer" = Hattrick Organizer (remove only)
"HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0
"HD Tune Pro_is1" = HD Tune Pro 4.50
"HLSW_is1" = HLSW v1.3.3.7b
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare™ 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"InstallShield_{B93E815A-ED3F-436C-8175-C0BB1AD4AA36}" = OSCAR Editor
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"JDownloader" = JDownloader
"Machinarium" = Machinarium
"Magic ISO Maker v5.5 (build 0272)" = Magic ISO Maker v5.5 (build 0272)
"MediaInfo" = MediaInfo 0.7.7.8
"MeGUI" = MeGUI (remove only)
"MKVtoolnix" = MKVtoolnix 4.0.0
"Mozilla Thunderbird (3.0.5)" = Mozilla Thunderbird (3.0.5)
"Mp3tag" = Mp3tag v2.46a
"MSI Kombustor_is1" = MSI Kombustor v1.0.0
"Neat Image_is1" = Neat Image v5.9 Pro+
"Neat Video for VirtualDub_is1" = Neat Video v2.0 Demo plug-in for Virtual Dub
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"oZone3D.Net FluidMark_is1" = oZone3D.Net FluidMark v1.1.1
"Pamela" = Pamela Pro 4.5
"PE iDentifier v0.94_is1" = PEiD.0.94.With.ALL.Plugins
"PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0
"Polipo" = Polipo 1.0.4.1
"Politie Bucuresti_is1" = Politie Bucuresti 1.0
"Qtracker" = Qtracker
"QuicktimeAlt_is1" = QuickTime Alternative 2.5.0
"RealAlt_is1" = Real Alternative 2.0.2
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SpaceMonger" = SpaceMonger 2.1.1
"SQLyog" = SQLyog 8.3
"StarCraft II Beta" = StarCraft II Beta
"Steam App 500" = Left 4 Dead
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"ToneGen" = NCH Tone Generator
"Tor" = Tor 0.2.1.26
"UltraISO_is1" = UltraISO Premium V8.51
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.17
"Vidalia" = Vidalia 0.2.9
"VTF Explorer_is1" = VTF Explorer 1.33
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"xvid" = XviD MPEG-4 Video Codec
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ApexDC++" = ApexDC++ - Pinnacle of File Sharing
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4251

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

29-Jun-10 3:46:53 AM
mbam-log-2010-06-29 (03-46-53).txt

Scan type: Quick scan
Objects scanned: 126594
Time elapsed: 2 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Edited by aand, 28 June 2010 - 05:49 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP