Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Avast detected something then crashed.


  • Please log in to reply

#1
VanirDr

VanirDr

    New Member

  • Member
  • Pip
  • 1 posts
I was browsing on firefox when suddenly Avast came up with multiple warnings of trojans - new webpages were trying to open until I turned off the wireless.
I checked Avast, but nearly as soon as I did, it crashed completely, it came back and doesn't seem to be having an issue at the moment, but I still suspect something weird is going on, and I'm worried there's something in the background now.

Things have been moving very slowly recently, and seeming to stutter very slightly - a few things, so far never the mouse itself, will seem to freeze, even become unresponsive for a moment before going back to normal, it doesn't always happen, but it's getting more frequent it seems.

Thank you for your time and consideration with this issue!



OTL logfile created on: 22/10/2011 5:42:07 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Home\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.75 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 33.47% Memory free
7.49 Gb Paging File | 3.04 Gb Available in Paging File | 40.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 674.98 Gb Total Space | 477.60 Gb Free Space | 70.76% Space Free | Partition Type: NTFS
Drive D: | 23.36 Gb Total Space | 3.41 Gb Free Space | 14.60% Space Free | Partition Type: NTFS
Drive E: | 1.24 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 98.87 Mb Total Space | 88.73 Mb Free Space | 89.75% Space Free | Partition Type: FAT32

Computer Name: HOME-HP | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/22 05:40:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Downloads\OTL.exe
PRC - [2011/10/17 23:09:28 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/10/02 12:47:19 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/06 13:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/04 19:25:08 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/06/14 14:29:22 | 000,587,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011/06/14 14:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/05/21 16:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/11/20 04:17:58 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/11/09 15:16:22 | 000,154,816 | ---- | M] (Zecter Inc.) -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe
PRC - [2010/09/28 12:59:06 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2010/09/15 12:30:08 | 000,739,664 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
PRC - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/07/29 20:39:24 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2008/10/20 16:32:48 | 000,210,208 | ---- | M] (Acresso Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/17 23:09:28 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/10/17 23:09:27 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/10/17 23:09:27 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/10/17 23:09:27 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/10/17 23:09:27 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/10/13 12:38:58 | 008,522,400 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/10/13 11:41:51 | 000,379,904 | ---- | M] () -- C:\Users\Home\AppData\Local\Temp\libsqlitejdbc-9221805160884559977.lib
MOD - [2011/10/13 11:41:38 | 000,199,168 | ---- | M] () -- C:\Users\Home\AppData\Local\Temp\WindowsAPI.dll4786090960626957405.lib
MOD - [2011/10/02 12:47:18 | 001,833,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/15 22:53:48 | 002,513,216 | -HS- | M] () -- \\?\C:\ProgramData\Microsoft\PlayReady\Cache\S-1-5-21-3004833578-907524057-3570713342-1000\MSPRindiv01.key
MOD - [2011/06/04 14:26:06 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/06/04 14:26:06 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
MOD - [2011/02/02 21:39:56 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\Java\jre6\bin\jp2native.dll
MOD - [2010/09/28 13:10:14 | 001,699,384 | ---- | M] () -- C:\Users\Home\AppData\Roaming\PictureMover\EN-US\Presentation.dll
MOD - [2010/09/28 12:59:20 | 012,286,008 | ---- | M] () -- C:\Users\Home\AppData\Roaming\PictureMover\Bin\Core.dll
MOD - [2010/08/16 14:21:30 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/08/16 14:21:30 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/08/16 14:21:30 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
MOD - [2009/07/13 18:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/04/20 19:02:16 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010/10/08 16:17:42 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/15 12:30:34 | 000,440,144 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2010/09/14 16:57:34 | 000,263,168 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/09/14 16:57:26 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2010/08/05 19:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/07/29 20:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/07/21 14:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/02/23 08:38:54 | 002,192,176 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/10/17 23:09:28 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/06/21 15:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/06/14 14:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/21 16:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/06/01 16:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/23 08:19:02 | 001,799,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/06 13:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/09/06 13:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/09/06 13:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/09/06 13:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/09/06 13:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/09/06 13:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/04/20 19:02:22 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/04/20 19:02:00 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/01 10:12:24 | 000,097,040 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 01:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/10/08 16:18:06 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/10/08 16:18:04 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/10/08 16:18:04 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010/10/08 16:17:44 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/10/08 16:17:44 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/10/05 16:42:54 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/09/14 17:06:08 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/09/14 17:01:30 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/09/14 16:57:40 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/09/14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/09/03 18:13:32 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/09/02 00:52:50 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/08/19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/07/20 14:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/20 14:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/20 14:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/14 07:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/03/02 15:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 19:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 13:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 13:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2011/02/26 02:32:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011/02/26 02:33:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/02/26 02:33:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/02/26 02:33:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/02 12:47:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/04 14:23:29 | 000,000,000 | ---D | M]

[2011/05/21 00:16:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Extensions
[2011/10/13 02:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\j1lj88iq.default\extensions
[2011/06/04 14:23:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/04 14:23:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J1LJ88IQ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/10/02 12:47:20 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/02 12:47:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Corel File Shell Monitor] c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe File not found
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZumoDrive] C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk ()
O4 - HKCU..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [ZumoDrive] C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk ()
O4 - Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 75.154.133.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85995416-59FD-485A-A09C-FA4CEA8CB51F}: DhcpNameServer = 192.168.1.254 75.154.133.100
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences Pro\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/04 06:48:29 | 000,000,223 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{af06089a-7b93-11e0-bf91-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{af06089a-7b93-11e0-bf91-806e6f6e6963}\Shell\AutoRun\command - "" = E:\winopen.exe \Start.pdf
O33 - MountPoints2\{af06089a-7b93-11e0-bf91-806e6f6e6963}\Shell\pdf\command - "" = install\Adobe Reader 7.0\AdbeRdr708_en_us
O33 - MountPoints2\{af06089a-7b93-11e0-bf91-806e6f6e6963}\Shell\viewreadme\command - "" = E:\winopen.exe \readme.html
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/22 04:30:13 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{2B672890-F44C-4054-8A5E-247D84E801F0}
[2011/10/22 04:29:30 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{15E7C11F-BBD1-4C46-A98C-0F58D46182B1}
[2011/10/21 16:29:13 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{A084394C-79B1-4B25-B235-27C563873937}
[2011/10/21 16:28:56 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{89E3C1E3-3963-4250-AC5A-191B771AA32C}
[2011/10/21 04:19:24 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{F1C017D1-F49C-4B86-A379-C5800F28CB9F}
[2011/10/21 04:19:12 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{72C3E2B4-412A-4397-BE6C-68DA930B3DA7}
[2011/10/20 16:18:57 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{D90CFB37-F165-406D-BF48-B8E6AC1DDB62}
[2011/10/20 16:18:43 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{FE2A7FEB-A0EF-4E5A-9345-9984E7F6E4E6}
[2011/10/20 04:18:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{7E17EF31-DD61-4855-9E23-624F24BD162E}
[2011/10/20 04:18:10 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{F5C908DD-6431-46D5-92B4-AE19AB574266}
[2011/10/19 16:17:52 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{C7F5E33B-D562-4D53-9610-68675105939E}
[2011/10/19 16:17:40 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{81F3EC75-42D6-4D97-A2FD-DCE3F0F0148F}
[2011/10/16 04:35:52 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{425EE615-60E7-4B6A-A0CC-665F8341172B}
[2011/10/16 04:35:21 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{5FC4E7BE-C263-405F-AE1A-0AEA8231FB92}
[2011/10/15 11:53:38 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{5FC61B81-8658-4A70-A4A9-B3048AD148F6}
[2011/10/15 11:53:12 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{EBD337EF-6DB1-4CFD-B51F-63E9AFFE9A2D}
[2011/10/14 23:52:55 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{EBC53BDE-B3CB-4122-AAB7-988EDE187AFF}
[2011/10/14 23:52:43 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{0BA09461-0E74-4A9C-B65D-C739CEB2EC56}
[2011/10/14 11:43:12 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{3E605FC3-5C04-43E5-BAC0-16A206B79726}
[2011/10/14 11:43:01 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{83002F34-781A-41EC-9A79-B95B4FCF1583}
[2011/10/13 23:42:44 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{BA67DDCE-89CE-469F-A1E2-E8D4BB55A4F5}
[2011/10/13 23:42:32 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{F21EE9C0-D76C-4FE6-89BD-D901A6CA9AC6}
[2011/10/13 11:42:08 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{448F7FBF-D572-4A84-8428-A378C9508E5B}
[2011/10/13 11:41:52 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{890F70C9-D237-404E-AF52-ADB7F703AB22}
[2011/10/13 03:02:08 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/10/13 03:02:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/10/13 03:02:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/10/13 03:02:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/10/13 03:02:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/10/13 03:02:00 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/10/13 03:02:00 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/10/13 03:01:59 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/10/13 03:01:58 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/10/12 23:19:35 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{4AC9F75E-537C-424B-9510-58C38E345F5D}
[2011/10/12 23:19:23 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{00191A70-75B7-4F90-8E69-A8725DD77E09}
[2011/10/12 11:27:18 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/10/12 11:27:17 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/10/12 11:27:12 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/10/12 11:27:12 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/12 11:27:12 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/12 11:27:11 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/10/12 10:19:08 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{07C2EC9A-65FB-46F9-B340-847CC8821154}
[2011/10/12 10:18:50 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{12C4379B-A0C3-45CD-9F76-CABAB2C2363E}
[2011/10/11 22:18:33 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{F3EF78C9-47B0-4631-B86B-BAF4B82BFB1C}
[2011/10/11 22:18:21 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{CEB52798-EBE6-4734-8F79-71C861A2FCB5}
[2011/10/11 10:18:04 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{FFFCD2A8-6511-4CFE-B205-E64FF782786D}
[2011/10/11 10:17:36 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{DA80674F-13C4-4DB5-83AB-3185D37E47D6}
[2011/10/10 22:17:19 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{74F18156-585C-4290-84F7-861A95D6D3D1}
[2011/10/10 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{DEB518FE-E766-4047-8A5F-7B062AFF6A65}
[2011/10/10 10:16:35 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{99ACA34B-719D-498E-A2B6-B1DD9AF91EFA}
[2011/10/10 10:16:07 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{ECD77864-98A8-4B18-A761-0DDA99A6F63F}
[2011/10/09 22:15:50 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{5E6C4FE1-D559-4748-BEF7-650C7B63C0A8}
[2011/10/09 22:15:22 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{02E1C326-A95B-4611-9308-46EC7E5965DA}
[2011/10/09 06:03:38 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{151B4FFD-6C7E-4121-B9D4-EF8588A9E3A6}
[2011/10/09 06:03:26 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{A9B3EFF3-FC21-4DC0-904C-8D56127BB155}
[2011/10/08 18:03:10 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{C9DB5A4B-3D5D-4921-A96A-203296464376}
[2011/10/08 18:02:58 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{2B5311E1-8416-4612-811F-09206BFD8D17}
[2011/10/08 06:02:42 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{576FAF27-5CC5-4F3D-B07B-ABA2D111F011}
[2011/10/08 06:02:13 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{1DF73C07-D6FB-472B-B20A-AA3B2132CBE8}
[2011/10/07 18:01:55 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{18629E16-435E-4680-9429-693F6E71A867}
[2011/10/07 18:01:27 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{D5461C89-9848-4BEA-AAB1-02F51008755F}
[2011/10/06 22:38:01 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{83C3B0F8-CD70-40FE-8770-D2BD244093A6}
[2011/10/06 22:37:27 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{9F446E54-8B6E-4E4C-9EF8-CF701EF77F8E}
[2011/10/05 21:53:22 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{5827D438-C010-4FE6-B0C8-F2097A440165}
[2011/10/05 21:52:57 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{81F97185-BB89-49B0-A1DB-0423A0C5E0AF}
[2011/10/05 21:52:38 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{31F955B1-03C9-4319-A6ED-B0F0A0845241}
[2011/10/03 03:31:00 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\com.tametick.CardinalQuest
[2011/10/03 03:30:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\cardinalquest
[2011/10/03 03:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cardinal Quest
[2011/10/03 03:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/10/03 03:29:22 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\cq 1.1
[2011/10/03 02:18:02 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{B03730D8-D2A3-464D-ABCA-2E5D757B1A3D}
[2011/10/03 02:17:50 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{741F0F77-DB6D-489C-8F40-CF2B7A987D0F}
[2011/10/02 13:38:48 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{5E0AFFC5-03A0-4D52-B849-0E6CDFB94EC2}
[2011/10/02 13:38:36 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{68A8695D-4EF5-42DD-8CE3-207DD9A98905}
[2011/10/01 15:31:10 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{5C2741ED-0703-40E7-B7C7-ADCA266AAE81}
[2011/10/01 15:30:58 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{0E636CAD-82A9-4913-901F-B7241CC6915F}
[2011/09/30 00:34:42 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{1F2EEAC2-1367-4929-904A-661749F1B263}
[2011/09/30 00:34:29 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{FC26599E-432E-4B95-B736-BAFFC3990A40}
[2011/09/29 12:34:12 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{69D277F4-1EF0-41DF-A42D-2DE33989B0C1}
[2011/09/29 12:34:00 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{15D7C75F-EDBE-4859-99CB-C33620A1BD87}
[2011/09/29 00:33:43 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{8E93341F-005B-4933-98D5-07065FB99FED}
[2011/09/29 00:33:27 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{7645EFF2-42A0-486F-9028-0D98D97A9922}
[2011/09/27 19:32:09 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{D28F88B9-32C8-4E53-BCA9-4D5550D9121A}
[2011/09/27 19:31:57 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{AA17674C-1473-43E0-BF35-6727D2A6D074}
[2011/09/27 13:51:49 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{A85C94AF-3950-4098-9E8C-5029E3AEC4BD}
[2011/09/27 08:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2011/09/27 08:53:02 | 000,000,000 | ---D | C] -- C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
[2011/09/25 21:31:10 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{A7DDED47-FA75-4F29-98D9-405FFA4AB4DF}
[2011/09/25 21:30:53 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{C6E3AA34-70A0-4720-B46A-E0E6051FB03A}
[2011/09/25 09:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker 2003
[2011/09/25 09:43:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\rpg2003
[2011/09/25 09:30:35 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{3D104F12-E7A2-46D8-8CBE-5AA0CE526C48}
[2011/09/25 09:30:22 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{A5FE7D0D-25E1-41C7-AA9C-FB684F587763}
[2011/09/24 21:21:06 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{1A5A0C20-C96F-47E8-8E9D-203A42A732BF}
[2011/09/24 21:20:34 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{FA54CBD4-8B98-421C-B748-CA336BF5C9D4}
[2011/09/24 09:20:16 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{617C736C-4F96-485A-B8E5-8EA93DE16093}
[2011/09/24 09:19:38 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\{7F299FE6-8C7D-4E23-8FDB-62FED79A3F77}
[2011/09/23 21:49:24 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\DolbyAxon
[2011/09/23 21:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby Axon
[2011/09/23 21:48:08 | 002,262,960 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.CommandBars.v13.0.0.ocx
[2011/09/23 21:48:08 | 000,571,312 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.SkinFramework.Unicode.v13.0.0.ocx
[2011/09/23 21:48:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DolbyAxon
[2011/09/23 18:11:36 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\SEGA Genesis Classics
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/21 19:36:50 | 000,001,424 | ---- | M] () -- C:\Users\Home\Desktop\Unepic.lnk
[2011/10/21 18:05:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/18 17:54:15 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHome.job
[2011/10/18 13:34:24 | 000,000,162 | -H-- | M] () -- C:\Users\Home\Desktop\~$ysics lab 4.odt
[2011/10/13 12:38:58 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/10/13 12:38:09 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/13 12:38:09 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/13 07:39:45 | 000,780,156 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/13 07:39:45 | 000,665,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/13 07:39:45 | 000,125,890 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/13 07:32:39 | 000,339,056 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/13 07:31:56 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/09 22:53:27 | 003,303,005 | ---- | M] () -- C:\Users\Home\Documents\swineflu.pdf
[2011/10/06 16:12:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHOME-HP$.job
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/21 19:36:49 | 000,001,424 | ---- | C] () -- C:\Users\Home\Desktop\Unepic.lnk
[2011/10/18 13:34:24 | 000,000,162 | -H-- | C] () -- C:\Users\Home\Desktop\~$ysics lab 4.odt
[2011/10/09 22:52:41 | 003,303,005 | ---- | C] () -- C:\Users\Home\Documents\swineflu.pdf
[2011/06/30 20:58:14 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/06/14 10:04:32 | 000,001,854 | ---- | C] () -- C:\Users\Home\AppData\Roaming\GhostObjGAFix.xml
[2011/05/23 22:06:03 | 000,766,068 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/26 02:01:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/02/26 01:49:13 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2011/02/26 01:49:13 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/11/05 19:46:27 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/10/08 16:17:48 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/09/21 11:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP