Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows 7 64Bit tcpip.sys Frequent BSOD

Started by miketars , Jun 25 2011 12:14 PM

  • Please log in to reply

#1
miketars
Posted 25 June 2011 - 12:14 PM

miketars

    New Member

  • Member
  • Pip
  • 3 posts
My computer has recently been having blue screens of death about every 5 minutes or so.
currently its running in Safe mode as i am unable to use it otherwise.
it has to do with the driver tcpip.sys
i'll post the minidump.


MiniDump




OTL logfile created on: 6/25/2011 10:57:07 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Michael\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.99 Gb Total Physical Memory | 5.15 Gb Available Physical Memory | 85.94% Memory free
11.98 Gb Paging File | 11.17 Gb Available in Paging File | 93.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 14.32 Gb Free Space | 3.08% Space Free | Partition Type: NTFS
Drive D: | 0.38 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MICHAEL-PC | User Name: Michael | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/25 10:56:41 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Downloads\OTL.exe


========== Modules (SafeList) ==========

MOD - [2011/06/25 10:56:41 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Downloads\OTL.exe
MOD - [2010/08/20 22:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/08 19:04:10 | 000,166,704 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service)
SRV:64bit: - [2009/10/04 17:53:34 | 000,039,424 | ---- | M] (KSE - Korndörfer Software Engineering) [Auto | Stopped] -- C:\Program Files\nHancer\nHancerService.exe -- (nHancer)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/07/29 14:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2011/05/25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/04/27 15:37:00 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011/04/06 16:53:36 | 001,117,144 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2011/02/18 11:14:04 | 000,371,472 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2011/01/20 13:27:12 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/11/30 17:11:25 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/08/06 08:48:08 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/07/24 23:26:02 | 000,884,736 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2010/07/09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/10/24 04:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/08/16 02:02:41 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009/04/27 11:39:50 | 000,170,016 | ---- | M] (NVIDIA) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009/04/15 09:42:56 | 000,273,952 | ---- | M] (NVIDIA) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2007/08/23 15:05:00 | 000,045,056 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe -- (MagicTuneEngine)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/21 13:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 10:07:24 | 000,282,440 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2011/03/10 09:08:22 | 000,279,344 | ---- | M] (PC Tools) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD)
DRV:64bit: - [2011/01/25 01:08:55 | 000,513,080 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/01/20 13:27:12 | 000,074,824 | --S- | M] (PC Tools) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TFSysMon)
DRV:64bit: - [2011/01/20 13:27:12 | 000,065,072 | --S- | M] (PC Tools) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2011/01/20 13:27:12 | 000,041,888 | --S- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2011/01/17 09:09:58 | 000,334,976 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:64bit: - [2010/12/16 07:46:10 | 000,092,896 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:64bit: - [2010/11/04 15:12:04 | 000,014,952 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\iPodDrv.sys -- (iPodDrv)
DRV:64bit: - [2010/09/22 12:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2010/08/31 13:32:44 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdispm.sys -- (RDPDISPM)
DRV:64bit: - [2010/07/16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010/06/29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/15 09:38:46 | 000,161,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdm.sys -- (s1039mdm)
DRV:64bit: - [2010/03/15 09:38:46 | 000,158,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV:64bit: - [2010/03/15 09:38:46 | 000,141,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2010/03/15 09:38:46 | 000,137,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039obex.sys -- (s1039obex)
DRV:64bit: - [2010/03/15 09:38:46 | 000,034,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV:64bit: - [2010/03/15 09:38:46 | 000,019,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV:64bit: - [2010/03/15 09:38:38 | 000,127,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV:64bit: - [2009/09/16 08:14:45 | 000,314,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009/09/16 08:14:45 | 000,043,680 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/08/17 16:28:10 | 000,156,688 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/08 10:13:10 | 000,120,960 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hwmob01.sys -- (hwmobilehsn)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/25 06:51:00 | 000,207,872 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/12/16 16:32:06 | 000,184,232 | ---- | M] (EldoS Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\cbfs_x64.sys -- (CbFs)
DRV:64bit: - [2008/09/17 14:14:00 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV:64bit: - [2008/01/24 15:08:04 | 000,032,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2007/08/12 19:48:52 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2006/11/01 00:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2005/09/19 13:57:36 | 000,142,336 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbVM31b.sys -- (DCamUSBVM)
DRV - [2010/11/03 15:51:56 | 000,014,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\EVGA Precision\RTCore64.sys -- (RTCore64)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/09/10 00:50:16 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2009/08/16 11:30:25 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys -- (RivaTuner64)
DRV - [2007/02/07 11:27:46 | 000,014,104 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2000/10/01 19:31:24 | 000,018,768 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\SECDRV.SYS -- (secdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...earchTerms}&f=4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autoco...si=10208&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.autoco...si=10208&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.autoco...si=10208&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ostpl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 DA 20 07 FF 1D CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autoco...si=10208&bi=400
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.autoco...si=10208&bi=400
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:0.1.2008d
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.523.0\firefox\extensions [2010/09/07 16:23:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions
FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\Spyware Doctor\BDT\Firefox\ [2011/05/11 22:53:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files (x86)\RelevantKnowledge
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/05 16:44:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/05 16:44:18 | 000,000,000 | ---D | M]

[2010/09/07 16:57:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\Mozilla\Extensions
[2010/01/08 01:00:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/05/25 18:49:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\3na5smso.default\extensions
[2010/12/07 17:19:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\3na5smso.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/07 17:28:06 | 000,000,000 | ---D | M] (Stealther) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\3na5smso.default\extensions\{4776510a-a1f4-41f3-a3c8-35b474ecef23}
[2010/10/13 16:06:08 | 000,000,000 | ---D | M] (HyperCam Toolbar) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\3na5smso.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2011/02/06 19:51:52 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\3na5smso.default\extensions\[email protected]
[2010/09/07 16:57:21 | 000,000,000 | ---D | M] (Veoh Video Compass) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\3na5smso.default\extensions\[email protected]
[2011/05/25 18:49:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/08 17:23:47 | 000,000,000 | ---D | M] (QuestDns) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{C91E1C68-B60A-4C9F-B53B-AAAEF0E7EF97}
[2010/09/07 16:30:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/12 15:44:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/16 12:38:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/18 11:39:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/09/07 16:30:58 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2010/09/07 16:23:21 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\[email protected]
[2010/09/07 16:23:21 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\[email protected]
[2010/09/07 16:23:21 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\[email protected]
[2010/09/07 16:23:21 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\[email protected]
[2010/09/07 16:23:21 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\[email protected]
[2010/09/07 16:23:21 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\[email protected]
[2010/09/07 16:23:21 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\[email protected]
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/05/25 09:09:48 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
[2010/12/16 00:29:41 | 000,003,189 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\acpro.xml
[2010/12/30 03:47:50 | 000,002,037 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchostpl.xml

O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - File not found
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files (x86)\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Ai Nap] C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\Spyware Doctor\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [TurboV] C:\Program Files (x86)\ASUS\TurboV\TurboV.exe ()
O4 - HKCU..\Run: [bluebirds] C:\Users\Michael\Bluebirds\BlueBirds.exe (LG Electronics)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefi...er_5.0.31.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Michael\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Michael\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/29 02:02:01 | 000,000,055 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{345d5d70-9ed1-11e0-82ed-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{345d5d70-9ed1-11e0-82ed-00248cfdfcf5}\Shell\AutoRun\command - "" = E:\PcOptions.exe
O33 - MountPoints2\{70ed6658-9399-11e0-8489-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{70ed6658-9399-11e0-8489-00248cfdfcf5}\Shell\AutoRun\command - "" = F:\PcOptions.exe
O33 - MountPoints2\{7d43997a-fe41-11df-8f9a-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{7d43997a-fe41-11df-8f9a-00248cfdfcf5}\Shell\AutoRun\command - "" = E:\PcOptions.exe
O33 - MountPoints2\{7d43997d-fe41-11df-8f9a-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{7d43997d-fe41-11df-8f9a-00248cfdfcf5}\Shell\AutoRun\command - "" = F:\PcOptions.exe
O33 - MountPoints2\{85433a48-87cb-11e0-a3fe-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{85433a48-87cb-11e0-a3fe-00248cfdfcf5}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{8b3d79ec-51ca-11e0-83c8-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{8b3d79ec-51ca-11e0-83c8-00248cfdfcf5}\Shell\AutoRun\command - "" = F:\PcOptions.exe
O33 - MountPoints2\{a0705940-285a-11e0-a44f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a0705940-285a-11e0-a44f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{a147a1f6-3772-11e0-8bce-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{a147a1f6-3772-11e0-8bce-00248cfdfcf5}\Shell\AutoRun\command - "" = F:\PcOptions.exe
O33 - MountPoints2\{c340b079-75e1-11e0-9d72-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{c340b079-75e1-11e0-9d72-00248cfdfcf5}\Shell\AutoRun\command - "" = F:\PcOptions.exe
O33 - MountPoints2\{d0572024-0bb0-11df-bb2f-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{d0572024-0bb0-11df-bb2f-00248cfdfcf5}\Shell\AutoRun\command - "" = F:\HPLauncher.exe
O33 - MountPoints2\{d1180cf5-069f-11e0-adfd-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{d1180cf5-069f-11e0-adfd-00248cfdfcf5}\Shell\AutoRun\command - "" = E:\PcOptions.exe
O33 - MountPoints2\{d1180d01-069f-11e0-adfd-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{d1180d01-069f-11e0-adfd-00248cfdfcf5}\Shell\AutoRun\command - "" = F:\PcOptions.exe
O33 - MountPoints2\{f198e52e-1904-11e0-8471-00248cfdfcf5}\Shell - "" = AutoRun
O33 - MountPoints2\{f198e52e-1904-11e0-8471-00248cfdfcf5}\Shell\AutoRun\command - "" = E:\PcOptions.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\PcOptions.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/06/24 03:01:21 | 000,000,000 | ---D | C] -- C:\b9e9a42321ef07d40945
[2011/06/22 21:43:44 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\My Games
[2011/06/17 19:28:12 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Stakhanov
[2011/06/16 03:17:31 | 000,000,000 | ---D | C] -- C:\97b7dfa4a99c5f090c61ac329aefcf0d
[2011/06/13 20:47:09 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\English12
[2011/06/13 08:49:46 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Nero
[2011/06/09 15:32:45 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\RayMike
[2011/05/30 18:39:49 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Hotfix
[2011/05/30 18:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/05/30 18:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2011/05/26 15:12:29 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/03/15 08:36:37 | 000,121,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2010/09/21 18:44:31 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpeA684.dll
[7 C:\Users\Michael\Documents\*.tmp files -> C:\Users\Michael\Documents\*.tmp -> ]
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/25 10:51:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/25 10:51:49 | 529,883,135 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/25 10:44:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/25 10:38:27 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/25 10:38:27 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/25 10:37:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/25 10:16:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-516909639-2884588229-3746838117-1000UA.job
[2011/06/24 20:00:00 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/06/24 19:17:28 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-516909639-2884588229-3746838117-1000Core.job
[2011/06/22 11:31:49 | 000,001,284 | ---- | M] () -- C:\Users\Michael\Desktop\Launch Sid Meier's Civilization 4.lnk
[2011/06/21 13:31:39 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/06/21 13:31:39 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/06/21 13:30:18 | 000,005,206 | ---- | M] () -- C:\Users\Michael\Desktop\Windows Compatibility Report.htm
[2011/06/19 12:43:54 | 000,013,277 | ---- | M] () -- C:\Users\Michael\Documents\th.vfs
[2011/06/16 14:55:47 | 000,001,964 | ---- | M] () -- C:\Users\Michael\Desktop\vba.ini
[2011/06/16 03:40:37 | 002,225,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/15 07:54:38 | 001,661,436 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/06/14 18:34:31 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/06/14 18:34:31 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/06/14 18:33:39 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/06/14 18:17:06 | 000,002,409 | ---- | M] () -- C:\Users\Michael\Desktop\Google Chrome.lnk
[2011/06/13 08:50:00 | 000,000,256 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/06/12 15:59:33 | 000,785,826 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/12 15:59:33 | 000,669,104 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/12 15:59:33 | 000,127,296 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/11 09:48:05 | 2440,424,963 | ---- | M] () -- C:\Users\Michael\Desktop\VindictusSetupV127.exe.downloading
[2011/06/10 13:48:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\192.168.1.67
[2011/05/26 15:08:57 | 000,001,923 | ---- | M] () -- C:\Users\Michael\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/26 15:08:57 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[7 C:\Users\Michael\Documents\*.tmp files -> C:\Users\Michael\Documents\*.tmp -> ]
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/22 11:18:16 | 000,001,284 | ---- | C] () -- C:\Users\Michael\Desktop\Launch Sid Meier's Civilization 4.lnk
[2011/06/21 19:32:55 | 000,200,734 | R--- | C] () -- C:\Users\Michael\Desktop\Readme.htm
[2011/06/21 13:20:20 | 000,005,206 | ---- | C] () -- C:\Users\Michael\Desktop\Windows Compatibility Report.htm
[2011/06/16 14:55:38 | 000,001,964 | ---- | C] () -- C:\Users\Michael\Desktop\vba.ini
[2011/06/11 09:48:05 | 2440,424,963 | ---- | C] () -- C:\Users\Michael\Desktop\VindictusSetupV127.exe.downloading
[2011/06/10 13:48:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\192.168.1.67
[2011/05/30 19:00:54 | 001,839,104 | ---- | C] () -- C:\Users\Michael\Desktop\mt420.iso
[2011/05/26 15:12:32 | 000,002,409 | ---- | C] () -- C:\Users\Michael\Desktop\Google Chrome.lnk
[2011/05/26 15:11:11 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-516909639-2884588229-3746838117-1000UA.job
[2011/05/26 15:11:08 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-516909639-2884588229-3746838117-1000Core.job
[2011/05/26 15:08:57 | 000,001,923 | ---- | C] () -- C:\Users\Michael\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/26 15:08:57 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/22 11:50:14 | 000,000,000 | ---- | C] () -- C:\Users\Michael\AppData\Local\{E6F16347-4523-4385-9461-6812C596DFD4}
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/15 08:36:38 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/03/15 08:36:37 | 002,600,448 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011/03/15 08:36:37 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/03/15 08:36:37 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/03/15 08:36:36 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/02/24 00:51:40 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2011/02/17 17:31:12 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2011/02/10 16:30:13 | 000,000,055 | ---- | C] () -- C:\Windows\SQ.INI
[2011/01/24 14:47:37 | 000,000,291 | ---- | C] () -- C:\Windows\PowerReg.dat
[2011/01/24 14:47:34 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2011/01/16 16:53:11 | 000,258,864 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2010/12/16 00:22:37 | 000,000,002 | ---- | C] () -- C:\Users\Michael\AppData\Roaming\keyboardlayout.bmp
[2010/11/07 13:24:41 | 000,000,095 | ---- | C] () -- C:\Users\Michael\AppData\Local\fusioncache.dat
[2010/09/30 22:21:34 | 002,427,248 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010/09/27 20:03:58 | 000,014,336 | ---- | C] () -- C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/14 22:43:15 | 000,127,184 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/09/07 16:14:27 | 000,771,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/09 12:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010/07/02 13:51:09 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/06/01 23:02:01 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/04/14 16:05:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\sam.ini
[2010/04/14 16:01:44 | 000,487,424 | ---- | C] () -- C:\Windows\SysWow64\FDRpage.dll
[2010/04/14 16:01:43 | 000,007,548 | ---- | C] () -- C:\Windows\SysWow64\drivers\Samhid.sys
[2010/04/14 16:01:40 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\CreateDir.exe
[2010/03/17 19:00:26 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/03/17 19:00:26 | 000,763,832 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/03/14 16:29:13 | 000,280,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/03/14 16:29:11 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/03/14 16:29:11 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/03/12 19:30:32 | 000,000,618 | ---- | C] () -- C:\Windows\SysWow64\winpdf.ini
[2010/03/09 19:20:47 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010/03/09 19:20:47 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010/03/09 19:20:47 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010/03/09 19:17:48 | 000,038,286 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2010/02/26 15:21:02 | 000,000,135 | ---- | C] () -- C:\Windows\SysWow64\msexcr.ini
[2010/01/21 21:10:38 | 000,038,215 | ---- | C] () -- C:\Windows\scunin.dat
[2010/01/12 19:59:03 | 000,000,256 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/01/10 12:41:21 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2009/11/15 00:03:50 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009/11/07 22:34:02 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009/11/04 21:08:27 | 000,004,279 | R--- | C] () -- C:\Program Files (x86)\WAR2.EXE
[2009/10/15 19:49:16 | 000,171,520 | ---- | C] () -- C:\Windows\SysWow64\PATCHW32.DLL
[2009/10/15 19:49:16 | 000,034,304 | ---- | C] () -- C:\Windows\SysWow64\DRVMGT.DLL
[2009/10/15 19:49:16 | 000,018,768 | ---- | C] () -- C:\Windows\SysWow64\SECDRV.SYS
[2009/10/15 19:49:15 | 000,286,208 | ---- | C] () -- C:\Windows\SysWow64\BINKW32.DLL
[2009/10/15 19:49:15 | 000,225,331 | ---- | C] () -- C:\Windows\SysWow64\Blowfish.dll
[2009/10/15 19:49:14 | 000,129,024 | ---- | C] () -- C:\Windows\SysWow64\ra2.exe
[2009/10/15 19:49:14 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\RA2-Trn-Myth.exe
[2009/10/15 19:49:14 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\MPH.EXE
[2009/10/15 19:49:14 | 000,025,088 | ---- | C] () -- C:\Windows\SysWow64\Keygen.exe
[2009/10/15 19:49:14 | 000,001,668 | ---- | C] () -- C:\Windows\SysWow64\RA2.INI
[2009/09/20 09:26:06 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/09/10 18:40:07 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2009/08/29 20:13:05 | 000,000,362 | ---- | C] () -- C:\Windows\vm_CustomPage.ini
[2009/08/29 20:05:39 | 000,049,152 | R--- | C] () -- C:\Windows\amcap.exe
[2009/08/29 20:05:35 | 000,073,728 | ---- | C] () -- C:\Windows\VMInstNT.exe
[2009/08/29 20:05:35 | 000,069,632 | ---- | C] () -- C:\Windows\VMInst64.exe
[2009/08/29 20:05:34 | 000,138,752 | ---- | C] () -- C:\Windows\VM303Uninst64.exe
[2009/08/29 20:05:34 | 000,040,960 | ---- | C] () -- C:\Windows\VM303UninstNT.exe
[2009/08/29 14:02:44 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009/08/29 10:56:49 | 000,000,000 | ---- | C] () -- C:\Windows\iPlayer.INI
[2009/08/19 22:03:02 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/08/19 19:36:01 | 000,484,656 | ---- | C] () -- C:\Windows\ssndii.exe
[2009/08/16 02:01:15 | 000,015,872 | ---- | C] () -- C:\Windows\AsTaskSched.dll
[2009/08/16 01:31:58 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009/08/16 01:31:58 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009/08/16 01:31:52 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/08/16 01:31:52 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/08/15 23:31:34 | 000,013,312 | ---- | C] () -- C:\Windows\SysWow64\drivers\MTictwl.sys
[2009/08/15 15:27:23 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/15 15:27:20 | 000,056,880 | ---- | C] () -- C:\Windows\SysWow64\scvideo.dll
[2009/08/15 14:40:19 | 000,028,276 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/08/15 14:40:16 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009/08/15 14:39:55 | 000,028,276 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/12/28 00:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007/06/27 18:13:51 | 000,516,096 | ---- | C] () -- C:\Windows\SysWow64\RegisterDialog.dll
[2003/01/07 08:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

========== LOP Check ==========

[2011/05/14 20:47:39 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\.minecraft
[2011/02/10 17:57:31 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Ableton
[2010/09/07 16:56:47 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Autodesk
[2010/10/09 00:57:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\AVG10
[2010/11/27 12:05:26 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Bioshock
[2010/09/07 16:56:48 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\BMExtreme
[2011/04/05 08:13:05 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\cacaoweb
[2010/09/07 16:56:48 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Canneverbe Limited
[2010/08/15 22:11:09 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\ClickPotatoLite
[2009/09/17 21:34:31 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\CrystalSpace
[2010/09/07 16:56:48 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DAEMON Tools Lite
[2010/10/28 00:07:05 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DiskAid
[2011/05/26 19:07:30 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DNA
[2010/09/07 16:56:48 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Docx2Rtf
[2010/09/07 16:56:48 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\FlashGet
[2010/10/11 16:23:01 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\FOG Downloader
[2010/09/07 16:56:48 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Folding@home-gpu
[2011/06/25 02:07:33 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\foobar2000
[2010/12/26 14:13:31 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\FreeAudioPack
[2010/09/07 16:56:48 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\fretsonfire
[2010/12/15 23:56:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\GetRightToGo
[2009/12/29 20:03:27 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\GrabPro
[2010/09/07 16:56:48 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Greyfirst
[2010/09/07 16:56:50 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\ImTOO
[2011/05/25 22:01:03 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\iPhone.F4B6EDD4861104DF103CA831FC6755522BBBD9C1.1
[2010/09/07 16:56:50 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\JGsoft
[2010/09/07 16:57:21 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\nHancer
[2011/05/15 15:57:47 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Notepad++
[2010/09/07 16:57:21 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\NwDocx
[2011/05/26 15:21:04 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Orbit
[2010/09/07 16:57:21 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\OtakuSoftware
[2011/05/22 13:13:47 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\PCTools
[2010/09/07 16:57:22 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\PlaneShift
[2010/12/07 17:21:26 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\ProgSense
[2010/09/07 16:57:22 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Propellerhead Software
[2011/02/10 17:51:08 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Psicraft
[2010/09/07 16:57:22 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Red Alert 3
[2011/03/08 23:21:55 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Registry Mechanic
[2010/09/07 16:57:22 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\rockbox.org
[2010/09/07 16:57:22 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Sierra
[2010/09/07 16:57:23 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\SoundSpectrum
[2010/09/07 16:57:24 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Ubisoft
[2010/09/07 16:57:24 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Unity
[2011/06/23 13:25:10 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\uTorrent
[2010/10/06 19:41:17 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\WhiteSmoke
[2011/02/01 00:31:56 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\WindSolutions
[2011/06/24 20:00:00 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/05/23 12:31:56 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2009/11/19 22:05:55 | 000,000,000 | ---D | M](C:\Users\Michael\Documents\???? ??????) -- C:\Users\Michael\Documents\ウリスシ ヌテキッアラ
[2009/11/19 22:05:55 | 000,000,000 | ---D | C](C:\Users\Michael\Documents\???? ??????) -- C:\Users\Michael\Documents\ウリスシ ヌテキッアラ

========== Alternate Data Streams ==========

@Alternate Data Stream - 202 bytes -> C:\ProgramData\TEMP:AC6124CA
@Alternate Data Stream - 185 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP