Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I'm getting BSOD and slow download starts

Started by docfxit , Mar 21 2012 04:33 PM

  • Please log in to reply

#1
docfxit
Posted 21 March 2012 - 04:33 PM

docfxit

    Member

  • Member
  • PipPipPip
  • 102 posts
I'm getting a number of BSOD
Everytime when windows starts up I get a Windows Installer window then much later I get another window saying Please run setup.exe to install quickbooks.
This PC takes a long time to open web pages.
It takes a long time to download any file.

Running:
XP Pro sp3 with all current updates.
Bitdefender
I have uninstalled ZoneAlarm for testing.

OTL logfile created on: 3/21/2012 3:02:27 PM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Dnload\SpywareRemovers
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.93 Gb Total Physical Memory | 0.74 Gb Available Physical Memory | 38.24% Memory free
3.77 Gb Paging File | 2.56 Gb Available in Paging File | 67.97% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 61.48 Gb Total Space | 8.17 Gb Free Space | 13.28% Space Free | Partition Type: NTFS

Computer Name: DOCFXITLT | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/01 11:05:18 | 001,183,080 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
PRC - [2012/03/01 11:05:15 | 001,552,368 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
PRC - [2012/02/20 18:39:54 | 000,224,920 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
PRC - [2012/02/16 07:40:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Firefox\firefox.exe
PRC - [2012/02/16 07:40:41 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Firefox\plugin-container.exe
PRC - [2012/02/09 09:22:22 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2012/02/09 09:21:59 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2012/01/23 20:23:06 | 000,050,128 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
PRC - [2011/12/28 13:40:48 | 006,148,096 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files\Free Download Manager\fdm.exe
PRC - [2011/12/06 09:48:02 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/10/13 23:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\PSI\sua.exe
PRC - [2011/10/02 03:42:52 | 000,665,608 | ---- | M] (NTWind Software) -- C:\Program Files\WinSnap\WinSnap.exe
PRC - [2011/09/23 17:59:43 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Dnload\SpywareRemovers\OTL ver. 3.2.29.1.exe
PRC - [2011/08/27 12:16:10 | 000,434,960 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2011/08/27 12:16:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2011/08/19 22:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/06/22 20:32:46 | 001,407,248 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2011/06/22 20:32:40 | 000,370,960 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2011/06/22 20:32:36 | 000,882,960 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2011/06/22 19:49:24 | 000,866,576 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2011/06/22 19:33:14 | 001,210,640 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2011/05/26 19:43:12 | 000,328,040 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011/05/18 22:40:06 | 002,016,504 | ---- | M] (UltraVNC) -- C:\Program Files\ultravnc\winvnc.exe
PRC - [2011/04/20 10:04:40 | 000,130,920 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe
PRC - [2011/04/07 16:41:32 | 000,138,680 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2011/04/04 11:43:36 | 000,135,528 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
PRC - [2011/04/04 10:27:20 | 000,045,496 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2011/03/31 19:31:34 | 000,132,392 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2011/03/29 13:41:08 | 000,064,952 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011/01/14 15:51:56 | 000,041,320 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2010/11/29 16:32:44 | 000,069,560 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2010/11/12 06:54:50 | 000,819,291 | ---- | M] () -- C:\Program Files\TVMOBiLi\bin\tvMobiliService.exe
PRC - [2010/11/08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/10/29 20:25:12 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
PRC - [2010/09/22 14:18:46 | 001,463,672 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
PRC - [2010/09/22 14:18:46 | 000,607,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
PRC - [2010/09/22 14:18:46 | 000,349,528 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2010/09/19 14:00:02 | 000,097,792 | ---- | M] () -- C:\Program Files\Stunnel\stunnel.exe
PRC - [2010/09/17 16:40:06 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010/09/02 00:57:48 | 001,774,992 | ---- | M] (ALTAP) -- C:\Program Files\Salamander 2.5\salamand.exe
PRC - [2010/08/09 05:47:54 | 000,248,832 | ---- | M] (FileHippo.com) -- C:\Program Files\Filehippo.com\UpdateChecker.exe
PRC - [2010/05/03 12:54:36 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/05/03 12:54:32 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/05/03 12:54:28 | 001,522,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
PRC - [2010/04/01 14:50:44 | 000,043,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
PRC - [2009/11/18 14:22:26 | 000,226,304 | ---- | M] (Uwe Sieber - www.uwe-sieber.de) -- C:\Program Files\USBDLM\USBDLM.exe
PRC - [2009/09/04 16:22:56 | 001,391,136 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files\DU Meter\DUMeterSvc.exe
PRC - [2009/06/02 13:49:56 | 000,020,480 | ---- | M] (Intuit, Inc.) -- C:\Program Files\Common Files\Intuit\Entitlement Client\v6.0\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe
PRC - [2009/01/14 10:29:18 | 003,981,312 | ---- | M] (Brooks Internet Software, Inc.) -- C:\Program Files\RPM\RpmSrv.exe
PRC - [2008/12/09 20:54:40 | 000,143,360 | ---- | M] (PFU LIMITED) -- C:\WINDOWS\twain_32\Fjscan32\SOP\FtLnSOP.exe
PRC - [2008/10/30 15:23:52 | 000,031,744 | ---- | M] (Ricoh co.,Ltd.) -- C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe
PRC - [2008/09/03 19:27:58 | 000,186,360 | ---- | M] () -- C:\WINDOWS\system32\MNSFramework.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/19 12:30:46 | 002,558,464 | R--- | M] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\system32\hasplms.exe
PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/02/21 01:15:02 | 000,112,208 | ---- | M] (Corel, Inc.) -- C:\Program Files\Photo Album 6\MediaDetect.exe
PRC - [2007/02/08 18:14:10 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005/11/30 14:34:18 | 000,068,608 | ---- | M] () -- C:\Program Files\ClipX\clipx.exe
PRC - [2005/04/27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2005/03/11 20:26:46 | 000,622,592 | ---- | M] () -- C:\Program Files\SpyTheSpy\SpyTheSpy.exe
PRC - [2004/01/12 05:59:14 | 000,110,592 | ---- | M] () -- C:\Program Files\IconSaver\IconSaver.exe
PRC - [2002/03/19 17:30:00 | 000,045,632 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe
PRC - [2001/12/28 22:33:14 | 000,214,016 | ---- | M] (Actiontec Electronics, Inc) -- C:\WINDOWS\system32\AEIWLSTA.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/14 05:12:09 | 000,578,024 | ---- | M] () -- C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\bdsmartdb.dll
MOD - [2012/03/14 05:12:09 | 000,092,328 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\bdmetrics.dll
MOD - [2012/03/01 11:05:20 | 000,107,520 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\UI\popup.ui
MOD - [2012/03/01 11:05:17 | 001,226,400 | ---- | M] () -- \\?\C:\Program Files\Bitdefender\Bitdefender 2012\wslib.dll
MOD - [2012/03/01 11:05:08 | 000,270,536 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\avc3al.dll
MOD - [2012/02/28 18:14:34 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2012/02/22 10:27:20 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\f9977bade8fa997882aa57b430820765\System.ServiceProcess.ni.dll
MOD - [2012/02/22 09:31:55 | 009,091,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\9c4788acc8f93c33214865395cee2e1c\System.ni.dll
MOD - [2012/02/20 18:39:54 | 000,224,920 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
MOD - [2012/02/16 07:40:41 | 001,911,768 | ---- | M] () -- C:\Program Files\Firefox\mozjs.dll
MOD - [2012/02/01 18:20:16 | 000,004,608 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\UI\imsecurityal.ui
MOD - [2012/01/23 20:27:20 | 000,035,208 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\procinfo.dll
MOD - [2012/01/23 20:20:54 | 000,139,208 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\popup.dll
MOD - [2012/01/23 20:15:40 | 000,059,392 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\bdmltusrsrv.dll
MOD - [2012/01/23 20:14:56 | 000,110,880 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\connector.dll
MOD - [2012/01/23 20:14:00 | 000,061,440 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\excludemgr.dll
MOD - [2012/01/23 20:13:40 | 000,154,152 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\framework.dll
MOD - [2012/01/19 15:36:40 | 000,157,200 | ---- | M] () -- \\?\C:\Program Files\Bitdefender\Bitdefender 2012\bdnimbus.dll
MOD - [2012/01/09 10:03:32 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a86c12788293105a0d9fda1bc90c90bc\Microsoft.VisualBasic.ni.dll
MOD - [2012/01/09 10:03:30 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2012/01/09 10:03:25 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\62e34cfb5a8b233667c7c5a47a32ad93\System.Web.ni.dll
MOD - [2012/01/09 10:03:19 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3c272cad7afb127e2a2bdb8a5a808512\System.Runtime.Remoting.ni.dll
MOD - [2012/01/09 09:52:49 | 000,679,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll
MOD - [2012/01/09 09:52:46 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2012/01/09 09:12:34 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2012/01/09 09:12:31 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2012/01/09 09:12:23 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2012/01/09 09:12:10 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2012/01/09 09:12:04 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2012/01/09 09:09:13 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll
MOD - [2012/01/06 16:27:34 | 000,035,720 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\strdecoder.dll
MOD - [2012/01/06 16:27:28 | 000,202,032 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\txmlutil.dll
MOD - [2012/01/06 16:27:20 | 000,003,072 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\UI\accessl.ui
MOD - [2011/12/28 14:13:24 | 003,522,048 | ---- | M] () -- C:\Program Files\Free Download Manager\fdmbtsupp.dll
MOD - [2011/12/28 12:49:14 | 000,086,528 | ---- | M] () -- C:\Program Files\Free Download Manager\fdmumsp.dll
MOD - [2011/12/28 12:48:54 | 000,230,400 | ---- | M] () -- C:\Program Files\Free Download Manager\iefdm2.dll
MOD - [2011/11/03 08:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/27 15:07:06 | 000,362,736 | ---- | M] () -- \\?\C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\trufos.dll
MOD - [2011/10/21 14:04:28 | 001,910,272 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpfr.mdl
MOD - [2011/10/21 14:04:28 | 001,909,760 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpph.mdl
MOD - [2011/10/21 14:04:28 | 001,858,560 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimf.mdl
MOD - [2011/10/21 14:04:28 | 000,952,832 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttprbl.mdl
MOD - [2011/10/21 14:04:28 | 000,632,832 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpbr.mdl
MOD - [2011/10/21 14:04:28 | 000,444,416 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimdsp.mdl
MOD - [2011/10/21 14:04:26 | 002,054,144 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpf.mdl
MOD - [2011/10/21 14:04:26 | 000,509,440 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpdsp.mdl
MOD - [2011/10/21 14:04:26 | 000,389,632 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimbr.mdl
MOD - [2011/05/19 19:34:22 | 000,056,224 | ---- | M] () -- \\?\C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\Antivirus_08314_136\avxdisk.dll
MOD - [2011/03/31 19:31:02 | 000,066,856 | ---- | M] () -- C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
MOD - [2011/02/18 18:47:09 | 002,228,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.EntitlementClient.Common\6.0.1.0__7ce6deabcb36a8ea\Intuit.Spc.Map.EntitlementClient.Common.dll
MOD - [2011/02/18 18:29:24 | 000,229,376 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.EntitlementClient.Api\6.0.1.0__7ce6deabcb36a8ea\Intuit.Spc.Map.EntitlementClient.Api.dll
MOD - [2010/11/12 06:54:50 | 000,819,291 | ---- | M] () -- C:\Program Files\TVMOBiLi\bin\tvMobiliService.exe
MOD - [2010/09/22 14:18:56 | 002,860,384 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2010/09/22 14:18:56 | 000,075,112 | ---- | M] () -- C:\Program Files\ThinkPad\Bluetooth Software\BTKeyInd.dll
MOD - [2010/09/19 14:00:02 | 000,097,792 | ---- | M] () -- C:\Program Files\Stunnel\stunnel.exe
MOD - [2010/06/07 07:26:46 | 000,101,376 | ---- | M] () -- C:\Program Files\Stunnel\zlib1.dll
MOD - [2009/01/14 10:29:18 | 000,010,752 | ---- | M] () -- C:\Program Files\RPM\udf\fbudf.dll
MOD - [2008/09/03 19:27:58 | 000,186,360 | ---- | M] () -- C:\WINDOWS\system32\MNSFramework.exe
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/02/08 18:14:10 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2005/11/30 14:34:18 | 000,068,608 | ---- | M] () -- C:\Program Files\ClipX\clipx.exe
MOD - [2005/10/28 20:29:52 | 000,208,896 | ---- | M] () -- C:\Program Files\Lenovo\PkgMgr\HOTKEY\tpfnf7.dll
MOD - [2005/03/11 20:26:46 | 000,622,592 | ---- | M] () -- C:\Program Files\SpyTheSpy\SpyTheSpy.exe
MOD - [2004/02/27 12:24:30 | 000,026,448 | ---- | M] () -- C:\WINDOWS\system32\smfaxmon.dll
MOD - [2004/01/12 05:59:14 | 000,110,592 | ---- | M] () -- C:\Program Files\IconSaver\IconSaver.exe
MOD - [2004/01/12 05:58:35 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\IconSaver.cpl
MOD - [2004/01/12 05:40:08 | 000,049,152 | ---- | M] () -- C:\Program Files\IconSaver\Shell Extension.dll
MOD - [2003/10/19 07:12:58 | 000,061,440 | ---- | M] () -- C:\Program Files\IconSaver\IconSaverLib.dll
MOD - [2003/10/19 05:11:40 | 000,094,208 | ---- | M] () -- C:\Program Files\IconSaver\IconSaver Editor.dll
MOD - [2003/07/03 23:49:30 | 000,024,576 | ---- | M] () -- C:\Program Files\Lenovo\PkgMgr\HOTKEY_2\tphk_2k.dll
MOD - [2002/03/19 17:30:00 | 000,045,632 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe
MOD - [2001/07/31 10:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHealr.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (GSService)
SRV - File not found [On_Demand | Stopped] -- -- (B-Service)
SRV - [2012/03/01 11:05:15 | 001,552,368 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (vsserv)
SRV - [2012/02/20 18:39:54 | 000,224,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV - [2012/02/09 09:22:22 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2012/02/09 09:21:59 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/01/23 20:23:06 | 000,050,128 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV)
SRV - [2011/12/06 09:48:02 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/10/14 23:57:36 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2011/10/13 23:01:50 | 000,994,360 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/10/13 23:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/08/27 12:16:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/08/19 22:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/08/19 22:30:58 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2011/06/22 20:32:40 | 000,370,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2011/06/22 20:32:36 | 000,882,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2011/06/22 19:49:24 | 000,866,576 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2011/05/18 22:40:06 | 002,016,504 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\UltraVNC\WinVNC.exe -- (uvnc_service)
SRV - [2011/04/20 10:04:40 | 000,130,920 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV - [2011/04/04 10:27:20 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2011/03/29 13:41:08 | 000,064,952 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2011/01/14 15:51:56 | 000,041,320 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV - [2010/12/23 08:20:24 | 000,245,760 | ---- | M] (SMServer) [Disabled | Stopped] -- C:\WINDOWS\System32\snmvtsvc.exe -- (SMServer)
SRV - [2010/12/23 06:03:32 | 000,385,024 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\SoundTaxi Media Suite\STSService.exe -- (STSService)
SRV - [2010/11/12 06:54:50 | 000,819,291 | ---- | M] () [Auto | Running] -- C:\Program Files\TVMOBiLi\bin\tvMobiliService.exe -- (tvMobiliService)
SRV - [2010/11/08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/10/04 13:33:40 | 002,735,992 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Intuit\QuickBooks Point of Sale 9.0\DatabaseServer\QBPOSDBService.exe -- (QBPOSDBServiceV9)
SRV - [2010/09/22 14:18:46 | 000,349,528 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2010/09/19 14:00:02 | 000,097,792 | ---- | M] () [Auto | Running] -- C:\Program Files\Stunnel\stunnel.exe -- (stunnel)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/07/01 23:55:40 | 003,827,056 | ---- | M] (MediaMall Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2010/06/25 10:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/05/03 12:54:36 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/05/03 12:54:32 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/02/24 04:13:24 | 001,313,368 | ---- | M] (South River Technologies, LLC) [Disabled | Stopped] -- C:\Program Files\WebDrive\wdService.exe -- (WebDriveService)
SRV - [2009/12/29 15:57:56 | 000,057,344 | ---- | M] (Gravic) [On_Demand | Stopped] -- C:\Program Files\Common Files\Gravic\RemarkFTPUtility12.exe -- (Remark FTP Utility)
SRV - [2009/11/18 14:22:26 | 000,226,304 | ---- | M] (Uwe Sieber - www.uwe-sieber.de) [Auto | Running] -- C:\Program Files\USBDLM\USBDLM.exe -- (USBDLM)
SRV - [2009/09/04 16:22:56 | 001,391,136 | ---- | M] (Hagel Technologies Ltd.) [On_Demand | Running] -- C:\Program Files\DU Meter\DUMeterSvc.exe -- (DUMeterSvc)
SRV - [2009/06/02 13:49:56 | 000,020,480 | ---- | M] (Intuit, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Entitlement Client\v6.0\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe -- (Intuit Entitlement Service v6.0)
SRV - [2009/04/20 14:17:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/01/14 10:29:18 | 003,981,312 | ---- | M] (Brooks Internet Software, Inc.) [Auto | Running] -- C:\Program Files\RPM\rpmsrv.exe -- (rpm)
SRV - [2008/09/03 19:27:58 | 000,186,360 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\MNSFramework.exe -- (MNSFramework)
SRV - [2008/03/19 12:30:46 | 002,558,464 | R--- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\WINDOWS\System32\hasplms.exe -- (hasplms)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/06/26 22:20:16 | 000,010,240 | ---- | M] (NeoSmart Technologies) [Disabled | Stopped] -- C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe -- (TTFixerService)
SRV - [2007/03/21 11:57:56 | 000,516,096 | ---- | M] (Locktime Software) [On_Demand | Stopped] -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe -- (nlsvc)
SRV - [2007/03/08 17:23:04 | 000,045,056 | ---- | M] (PFU LIMITED) [Disabled | Stopped] -- C:\WINDOWS\twain_32\Fjscan32\FJTWMKSV.exe -- (FJTWMKSV)
SRV - [2007/02/08 18:14:10 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/06/29 21:57:50 | 000,032,768 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\TpKmpSvc.exe -- (TpKmpSVC)
SRV - [2005/04/27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2001/05/08 05:10:00 | 000,053,248 | ---- | M] (IBM Corporation) [On_Demand | Stopped] -- C:\WINDOWS\cwbrxd.exe -- (Cwbrxd)


========== Driver Services (SafeList) ==========

DRV - [2012/03/01 11:05:15 | 000,447,208 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avckf.sys -- (avckf)
DRV - [2012/03/01 11:05:11 | 000,130,384 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys -- (bdselfpr)
DRV - [2012/03/01 11:05:10 | 000,609,984 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avc3.sys -- (avc3)
DRV - [2012/02/29 20:43:08 | 000,340,624 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trufos.sys -- (trufos)
DRV - [2012/02/29 20:43:06 | 000,360,976 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2012/02/20 18:40:18 | 000,012,952 | ---- | M] (Paramount Software UK Ltd) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PSVolAcc.sys -- (PSVolAcc)
DRV - [2012/02/20 18:40:08 | 000,016,024 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pssnap.sys -- (pssnap)
DRV - [2012/02/09 09:22:03 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2012/02/03 09:37:08 | 000,063,056 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bdsandbox.sys -- (bdsandbox)
DRV - [2011/11/25 14:59:40 | 000,240,184 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avchv.sys -- (avchv)
DRV - [2011/11/14 20:16:28 | 000,130,640 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2011/10/26 10:45:27 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2011/10/03 09:15:22 | 000,025,984 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VSPE.sys -- (EterlogicVirtualSerialDriver)
DRV - [2011/09/13 10:36:24 | 000,011,496 | ---- | M] (UVNC BVBA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mv2.sys -- (mv2)
DRV - [2011/08/31 03:58:00 | 000,130,320 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2011/08/03 18:15:00 | 007,473,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwNx32.sys -- (NETwNx32) ___ Intel®
DRV - [2011/07/13 07:16:56 | 000,141,432 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CprDrvr.sys -- (CprDrvr)
DRV - [2011/06/02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2011/03/30 17:16:18 | 000,170,464 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2011/03/30 16:04:56 | 000,581,984 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011/03/18 09:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2011/01/19 18:47:12 | 000,022,504 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011/01/13 11:18:50 | 000,132,608 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\5U877.sys -- (5U877)
DRV - [2010/12/23 13:43:12 | 000,023,608 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SndTAudio.sys -- (SndTAudio)
DRV - [2010/11/25 14:59:16 | 000,606,056 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8192su.sys -- (RTL8192su)
DRV - [2010/10/20 02:09:58 | 001,761,920 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAU32.sys -- (CnxtHdAudService)
DRV - [2010/09/23 09:14:30 | 000,993,576 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2010/09/17 16:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/09/17 16:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/09/16 19:00:00 | 000,051,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2010/09/07 14:09:06 | 000,013,680 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2010/09/01 01:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/08/16 15:31:26 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2010/08/16 15:31:22 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2010/07/22 09:38:14 | 000,167,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress) Intel®
DRV - [2010/06/25 10:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2010/06/22 03:37:40 | 000,091,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2010/06/16 13:44:38 | 000,120,432 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2010/06/16 13:44:38 | 000,020,592 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2010/05/19 23:15:04 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2010/05/11 12:00:34 | 000,020,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2010/02/24 14:11:40 | 000,023,920 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2010/02/24 04:13:20 | 000,201,176 | ---- | M] () [File_System | Auto | Running] -- C:\Program Files\WebDrive\wdfsd.sys -- (WebDriveFSD)
DRV - [2010/01/19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bdvedisk.sys -- (BDVEDISK)
DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/11/11 10:48:00 | 000,027,519 | ---- | M] (Billionton Corporation Reserved.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBKR100.SYS -- (USB-100)
DRV - [2009/10/26 12:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/09/18 13:54:38 | 000,533,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009/09/17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2009/09/08 01:40:26 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssecmdm.sys -- (ssecmdm)
DRV - [2009/09/08 01:40:26 | 000,086,528 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssecbus.sys -- (ssecbus) Samsung Mobile Modem Device driver (WDM)
DRV - [2009/09/08 01:40:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssecmdfl.sys -- (ssecmdfl)
DRV - [2009/07/06 11:09:06 | 000,051,200 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/06/30 11:59:00 | 000,986,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2009/06/30 11:58:00 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2009/06/30 11:58:00 | 000,210,304 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2009/05/22 11:46:42 | 000,010,536 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Hmonitor.sys -- (hmonitor)
DRV - [2009/04/15 23:53:20 | 000,340,736 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2009/03/13 13:47:26 | 000,012,560 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp) SMI Helper Driver (smihlp)
DRV - [2009/02/12 14:43:00 | 000,045,056 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimspe86.sys -- (rimspci)
DRV - [2008/11/16 19:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/07/24 17:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/07/03 10:59:54 | 000,193,696 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2008/03/18 15:09:16 | 000,350,720 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2008/02/27 13:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/02/11 15:55:04 | 000,586,240 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2008/02/04 17:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/12/17 16:57:14 | 000,045,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\intelsmb.sys -- (smbusp) Intel®
DRV - [2007/07/19 16:16:54 | 000,016,512 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\iPig\Client\tcpredir.sys -- (tcpredir)
DRV - [2007/06/19 23:35:40 | 000,024,096 | ---- | M] (TamoSoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ts_lb.sys -- (ts_lb)
DRV - [2007/06/08 09:58:46 | 000,021,504 | ---- | M] (STMicroelectronics, INC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\stm_tpm.sys -- (stmtpm)
DRV - [2007/04/23 04:03:04 | 000,082,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nltdi.sys -- (nltdi)
DRV - [2007/04/09 09:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/04/09 09:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/04/09 09:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/02/18 22:56:46 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007/02/06 23:38:32 | 001,133,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/12/28 14:44:40 | 000,260,096 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvm323.sys -- (ZSMC326) VIMICRO USB2.0 PC Camera(VC0323)
DRV - [2006/12/25 15:32:52 | 000,049,489 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mamotou.sys -- (mamotou)
DRV - [2006/12/07 22:04:48 | 000,019,240 | ---- | M] (TamoSoft) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cv2k1.sys -- (CV2K1)
DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/10/02 01:55:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SMAPINT.SYS -- (Smapint)
DRV - [2006/10/02 01:55:00 | 000,009,343 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TDSMAPI.SYS -- (TDSMAPI)
DRV - [2006/08/08 12:25:40 | 000,476,672 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmfilter323.sys -- (vmfilter323)
DRV - [2006/06/09 05:49:41 | 000,019,200 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2006/05/18 09:49:00 | 000,061,067 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/05/18 09:48:00 | 000,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2005/08/18 12:44:44 | 000,011,473 | ---- | M] (Mobile Action Technology Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\MaVc2K.sys -- (MaVctrl)
DRV - [2005/04/20 01:38:00 | 000,016,384 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWR.SYS -- (TPPWR)
DRV - [2005/03/03 01:14:18 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2005/03/03 01:14:04 | 000,006,016 | ---- | M] (RDV Soft) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vnccom.SYS -- (vnccom)
DRV - [2004/08/24 15:16:54 | 000,003,584 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SMDRV.SYS -- (SMDRV)
DRV - [2002/05/02 12:52:22 | 000,018,189 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - [2002/05/02 12:52:22 | 000,017,134 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2002/01/23 08:28:32 | 000,089,984 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PhilDecN.sys -- (phildecn) Philips WDM Video Decoder (PHILDECN)
DRV - [2002/01/15 13:04:06 | 001,088,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2001/12/28 22:10:16 | 000,050,688 | ---- | M] (Actiontec Electronics, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AEIWLNDS.sys -- (AEIWL)
DRV - [1996/04/03 12:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.8.1: "C:\Program Files\VideoLAN\VLC\mozilla\npvlc.dll" File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Firefox\components [2012/02/22 11:31:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Firefox\plugins [2012/02/18 15:58:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\

[2011/09/01 16:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Extensions
[2012/03/11 10:25:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\go3ojoq5.default\extensions
[2011/12/02 10:32:12 | 000,000,000 | ---D | M] (Qualys BrowserCheck) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\go3ojoq5.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
[2012/01/28 09:55:04 | 000,000,000 | ---D | M] (PriceBlink) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\go3ojoq5.default\extensions\[email protected]
[2012/02/07 18:43:57 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\go3ojoq5.default\extensions\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\GARY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GO3OJOQ5.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\GARY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GO3OJOQ5.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\GARY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GO3OJOQ5.DEFAULT\EXTENSIONS\[email protected]

O1 HOSTS File: ([2012/03/15 23:07:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [AEIWLSTA.EXE] C:\WINDOWS\System32\AEIWLSTA.exe (Actiontec Electronics, Inc)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [BMMGAG] C:\Program Files\ThinkPad\Utilities\PWRMONIT.DLL (IBM Corp.)
O4 - HKLM..\Run: [Client Access Express Welcome] C:\Program Files\Client Access\cwbwlwiz.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Service] C:\Program Files\Client Access\cwbsvstr.exe (IBM Corporation)
O4 - HKLM..\Run: [ClipX] C:\Program Files\ClipX\clipx.exe ()
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKLM..\Run: [frymxins] C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [FtLnSOP_setup] C:\WINDOWS\twain_32\Fjscan32\SOP\FtLnSOP.exe (PFU LIMITED)
O4 - HKLM..\Run: [IconSaver] C:\Program Files\IconSaver\IconSaver.exe ()
O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [pdfFactory Pro Dispatcher v3] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [RotateImage] C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [SMSI Loader] C:\Program Files\Common Files\Smith Micro Shared\Fax\SMLoader.exe (Smith Micro Software, Inc.)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\Startup Delayer\Startup Launcher GUI.exe (r2 studios)
O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKCU..\Run: [AnyTime Organizer] C:\Program Files\AnyTime Deluxe\AtDem.exe (Individual Software, Inc.)
O4 - HKCU..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [WinSnap] C:\Program Files\WinSnap\WinSnap.exe (NTWind Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SpyTheSpy.lnk = C:\Program Files\SpyTheSpy\SpyTheSpy.exe ()
O4 - Startup: C:\Documents and Settings\Gary\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files\WordPerfectX5\WordPerfect Office X5\Programs\WPLauncher.hta ()
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\HTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\HTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll ()
O9 - Extra 'Tools' menuitem : Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: download.microsoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: endicia.com ([www.postage] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ibm.com ([icm1.teleweb.ca] https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: lenovo.com ([chat.lel] https in Trusted sites)
O15 - HKCU\..Trusted Domains: lenovo.com ([expertslive] https in Trusted sites)
O15 - HKCU\..Trusted Domains: lenovo.com ([rto1.lel] https in Trusted sites)
O15 - HKCU\..Trusted Domains: lenovo.com ([rto2.lel] https in Trusted sites)
O15 - HKCU\..Trusted Domains: magicjack.com ([my] * in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: talk4free.com ([reg] * in Trusted sites)
O15 - HKCU\..Trusted Domains: update.microsoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: update.microsoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.microsoft.com ([]http in Trusted sites)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {43E3F87D-DE7F-4087-BD4F-0DC854981158} http://download.micr...dd/clearadj.CAB (Reg Error: Key error.)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.s...abs/tgctlsr.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1306702878968 (WUWebControl Class)
O16 - DPF: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} http://update.micros...b?1306702799546 (MUWebControl Class)
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www.ca.com/us...nfo/webscan.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.micr...44/igdtoolx.cab (IGDTester Class)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.micr...04/clearadj.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.we...ort/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.51.205.100 66.51.206.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{250DB406-BC7D-4209-B3DC-8B44D1C7A457}: NameServer = 66.51.205.100,66.51.206.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30ECAD80-1BF9-4942-B34F-08F80B882B76}: DhcpNameServer = 66.51.205.100 66.51.206.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30ECAD80-1BF9-4942-B34F-08F80B882B76}: NameServer = 66.51.205.100,66.51.206.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7084C14A-C055-4B77-B74E-52C57C1D665D}: NameServer = 66.51.205.100,66.51.206.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3F3ED5D-F192-4913-9E8E-DFC35EACD207}: NameServer = 66.51.205.100,66.51.206.100
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\g7ps {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll (G7 Productivity Systems, Inc.)
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\qbpos {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\Program Files\Common Files\Intuit\QuickBooks\QBPOSProtocol.dll (Intuit Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) -C:\WINDOWS\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Gary\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gary\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/08/28 19:41:20 | 000,565,760 | ---- | M] (Microsoft Corporation) - C:\AUTOCHK.EXE -- [ NTFS ]
O32 - AutoRun File - [2002/07/24 09:55:44 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/09/01 17:37:41 | 000,001,094 | ---- | M] () - C:\AUTOEXEC2.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/21 12:24:59 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/03/15 22:54:13 | 004,436,988 | R--- | C] (Swearware) -- C:\Documents and Settings\Gary\Desktop\ComboFix.exe
[2012/03/11 10:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Application Data\Free Download Manager
[2012/03/11 10:25:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Free Download Manager
[2012/03/11 10:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2012/03/04 11:28:47 | 000,114,304 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssecmdm.sys
[2012/03/04 11:28:47 | 000,086,528 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssecbus.sys
[2012/03/04 11:28:47 | 000,014,976 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssecmdfl.sys
[2012/03/04 11:28:47 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssecwhnt.sys
[2012/03/04 11:28:47 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssecwh.sys
[2012/03/04 11:28:47 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sseccmnt.sys
[2012/03/04 11:28:47 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sseccm.sys
[2012/03/04 11:28:26 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2012/03/04 11:27:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/02/29 20:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\bdch
[2012/02/29 20:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Application Data\Bitdefender
[2012/02/29 20:05:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bitdefender
[2012/02/29 19:30:48 | 000,340,624 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2012/02/29 19:30:47 | 000,360,976 | ---- | C] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys
[2012/02/29 18:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/02/29 16:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012/02/22 11:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Macrium
[2012/02/22 11:38:16 | 000,000,000 | ---D | C] -- C:\Program Files\Macrium
[2012/02/20 18:40:18 | 000,012,952 | ---- | C] (Paramount Software UK Ltd) -- C:\WINDOWS\System32\drivers\PSVolAcc.sys
[2012/02/20 18:40:08 | 000,016,024 | ---- | C] (Macrium Software) -- C:\WINDOWS\System32\drivers\pssnap.sys
[2012/02/20 18:40:00 | 000,047,256 | ---- | C] (Macrium Software) -- C:\WINDOWS\System32\drivers\psmounter.sys
[2004/11/05 12:09:41 | 000,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\Uwimm.dll

========== Files - Modified Within 30 Days ==========

[2012/03/21 14:43:11 | 000,000,220 | ---- | M] () -- C:\WINDOWS\System32\checkdnsid.xml
[2012/03/21 14:40:36 | 000,034,805 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012/03/20 22:53:34 | 000,003,140 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2012/03/15 23:23:47 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/03/15 23:23:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/15 23:22:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/15 23:22:41 | 2067,443,712 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/15 23:07:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/03/15 22:54:26 | 004,436,988 | R--- | M] (Swearware) -- C:\Documents and Settings\Gary\Desktop\ComboFix.exe
[2012/03/15 07:32:37 | 2067,447,808 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2012/03/12 13:09:50 | 000,000,385 | ---- | M] () -- C:\WINDOWS\SMDebug.ini
[2012/03/12 13:01:50 | 000,000,430 | ---- | M] () -- C:\WINDOWS\System32\HFMC.CFG
[2012/03/12 13:00:13 | 000,000,369 | ---- | M] () -- C:\WINDOWS\SMSI.INI
[2012/03/12 12:42:35 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HotFax Message Center.lnk
[2012/03/12 11:49:48 | 000,000,396 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/03/12 11:45:53 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\talkShakeIcon.job
[2012/03/12 11:44:15 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Talk.lnk
[2012/03/11 10:25:27 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk
[2012/03/01 11:05:15 | 000,447,208 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\avckf.sys
[2012/03/01 11:05:10 | 000,609,984 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\avc3.sys
[2012/02/29 20:53:44 | 000,444,564 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1330569044.bdinstall.bin
[2012/02/29 20:43:08 | 000,340,624 | ---- | M] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2012/02/29 20:43:06 | 000,360,976 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys
[2012/02/29 20:12:01 | 000,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2012/02/29 20:10:27 | 000,001,873 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Bitdefender Antivirus Plus 2012.lnk
[2012/02/29 18:35:50 | 000,139,870 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1330559400.bdinstall.bin
[2012/02/29 18:32:07 | 000,000,089 | ---- | M] () -- C:\WINDOWS\Spell Catcher.INI
[2012/02/29 09:48:59 | 000,000,229 | ---- | M] () -- C:\WINDOWS\vuepro32.ini
[2012/02/28 18:14:34 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/02/26 10:54:48 | 000,497,916 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/26 10:54:48 | 000,087,224 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/23 09:47:17 | 002,536,744 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/22 11:43:27 | 000,002,285 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Reflect.lnk
[2012/02/22 11:31:26 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/22 11:31:26 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/02/20 18:40:18 | 000,012,952 | ---- | M] (Paramount Software UK Ltd) -- C:\WINDOWS\System32\drivers\PSVolAcc.sys
[2012/02/20 18:40:08 | 000,016,024 | ---- | M] (Macrium Software) -- C:\WINDOWS\System32\drivers\pssnap.sys
[2012/02/20 18:40:00 | 000,047,256 | ---- | M] (Macrium Software) -- C:\WINDOWS\System32\drivers\psmounter.sys

========== Files Created - No Company Name ==========

[2012/03/12 11:49:48 | 000,000,396 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/03/12 11:45:52 | 000,000,268 | ---- | C] () -- C:\WINDOWS\tasks\talkShakeIcon.job
[2012/03/12 09:45:48 | 2067,443,712 | -HS- | C] () -- C:\hiberfil.sys
[2012/03/11 10:25:27 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk
[2012/03/08 09:11:24 | 000,000,220 | ---- | C] () -- C:\WINDOWS\System32\checkdnsid.xml
[2012/02/29 20:53:44 | 000,444,564 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1330569044.bdinstall.bin
[2012/02/29 20:12:01 | 000,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2012/02/29 20:10:27 | 000,001,873 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Bitdefender Antivirus Plus 2012.lnk
[2012/02/29 18:35:50 | 000,139,870 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1330559400.bdinstall.bin
[2012/02/22 11:38:52 | 000,002,285 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Reflect.lnk
[2012/02/22 09:15:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/22 09:15:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/14 11:28:51 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/02 17:50:29 | 000,639,320 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-133707808-2752991226-3942243025-1004-0.dat
[2012/02/02 17:50:27 | 000,602,918 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/01 19:33:13 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2012/01/27 20:02:35 | 000,171,164 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1327718518.bdinstall.bin
[2012/01/27 17:23:43 | 000,302,042 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1327708936.bdinstall.bin
[2012/01/27 10:20:01 | 000,617,052 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1327682970.bdinstall.bin
[2012/01/26 21:19:03 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\Gary\Application Data\Sys2662.Config.Repository.bin
[2011/12/17 10:15:18 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\0782A18B0A.sys
[2011/10/26 10:45:27 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2011/10/03 09:15:22 | 000,025,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\VSPE.sys
[2011/09/25 14:17:39 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\A4DABE9A09.sys
[2011/09/22 21:01:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/09/22 21:01:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/22 21:01:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/09/22 21:01:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/09/22 21:01:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/21 11:04:44 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\rootrepeal.sys
[2011/09/18 23:09:23 | 000,000,220 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\profile.wkp
[2011/09/06 22:04:43 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\archCalc.Prefs
[2011/08/31 09:31:08 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\587E447A25.sys
[2011/08/26 09:54:51 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\51B05C58E0.sys
[2011/08/23 22:38:41 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\1617EC5C27.sys
[2011/08/22 09:46:49 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\215AFABA7D.sys
[2011/08/15 12:31:05 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\B21765FADC.sys
[2011/08/12 12:55:32 | 000,000,251 | ---- | C] () -- C:\WINDOWS\System32\drivers\hlldrvr.sys
[2011/08/12 12:55:01 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbwiz.dll
[2011/08/12 12:55:00 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\cwbrw.dll
[2011/07/13 07:16:56 | 000,141,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\CprDrvr.sys
[2011/07/13 07:15:14 | 000,106,208 | ---- | C] () -- C:\WINDOWS\System32\CprIf.dll
[2011/06/16 07:14:40 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\D09F512B2C.sys
[2011/05/31 09:14:36 | 000,725,064 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2011/05/31 09:14:26 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2011/05/31 09:14:25 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2011/05/31 07:29:57 | 000,463,864 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/05/31 07:21:02 | 000,000,661 | ---- | C] () -- C:\WINDOWS\System32\VoipUpdate.ini
[2011/05/30 08:41:21 | 000,034,805 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011/05/30 08:09:15 | 000,217,928 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/05/30 08:09:12 | 000,217,928 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/05/30 08:09:12 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/05/30 08:08:11 | 002,186,342 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011/01/21 10:58:31 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\SMDRV.SYS
[2011/01/21 08:58:45 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/01/21 08:58:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011/01/21 08:58:40 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/01/21 08:58:39 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/21 08:58:38 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/12/17 21:32:59 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2010/12/02 22:50:13 | 000,099,877 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\Talk.dmp
[2010/11/12 22:24:48 | 000,003,140 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/11/12 22:24:48 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\ECB69BB7BF.sys
[2010/11/09 18:09:07 | 000,093,417 | ---- | C] () -- C:\WINDOWS\LookDisk Uninstaller.exe
[2010/11/04 04:53:49 | 000,005,904 | ---- | C] () -- C:\WINDOWS\System32\CLIP.EXE
[2010/09/22 14:18:56 | 002,860,384 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2010/09/19 11:32:42 | 000,000,698 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2010/09/19 10:26:48 | 000,100,584 | ---- | C] () -- C:\WINDOWS\hpgins14.dat
[2010/09/14 12:58:18 | 000,094,215 | ---- | C] () -- C:\WINDOWS\hpqins09.dat.temp
[2010/09/09 15:49:27 | 000,116,987 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2010/09/09 15:49:27 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2010/09/09 13:09:35 | 000,094,215 | ---- | C] () -- C:\WINDOWS\hpqins09.dat
[2010/08/17 19:22:02 | 000,070,721 | ---- | C] () -- C:\WINDOWS\hpqins01.dat
[2010/06/27 10:11:30 | 000,065,536 | ---- | C] () -- C:\Program Files\Logger Pro 3
[2010/06/25 10:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/06/18 10:31:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2010/05/14 15:59:12 | 000,097,697 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2010/05/05 17:54:08 | 000,000,036 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2010/04/24 15:27:03 | 000,000,178 | ---- | C] () -- C:\WINDOWS\WattsUpUSB.ini
[2010/04/09 08:13:36 | 000,000,400 | ---- | C] () -- C:\WINDOWS\crackpdf.INI
[2010/03/08 11:36:17 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini
[2010/03/08 11:36:17 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini
[2010/03/08 11:35:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\Twscan32.dll
[2010/03/08 11:35:00 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Png32.dll
[2010/03/08 11:35:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Tga32.dll
[2010/03/08 11:34:59 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\Image32.dll
[2010/03/08 11:34:59 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2010/03/08 11:34:59 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Pcx32.dll
[2010/02/23 14:06:14 | 000,000,225 | ---- | C] () -- C:\WINDOWS\DAZZLE.INI
[2009/12/30 22:31:24 | 000,000,173 | -H-- | C] () -- C:\Documents and Settings\Gary\Application Data\lakerda1967.sys
[2009/12/30 22:30:44 | 000,010,584 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\docXConverter (3).ini
[2009/12/18 11:35:06 | 000,212,992 | ---- | C] () -- C:\WINDOWS\VMSnap23.exe
[2009/12/18 11:35:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\VMCap323.exe
[2009/11/28 11:37:36 | 000,000,712 | ---- | C] () -- C:\WINDOWS\FJTWSTI.INI
[2009/11/27 15:32:35 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi60fex0419.dll
[2009/11/27 15:32:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0419.dll
[2009/11/27 15:32:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0419.dll
[2009/11/27 15:32:32 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0419.dll
[2009/11/27 15:32:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0C0A.dll
[2009/11/27 15:32:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0419.dll
[2009/11/27 15:32:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0416.dll
[2009/11/27 15:32:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0410.dll
[2009/11/27 15:32:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex040C.dll
[2009/11/27 15:32:31 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0412.dll
[2009/11/27 15:32:31 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0411.dll
[2009/11/27 15:32:31 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0409.dll
[2009/11/27 15:32:31 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0804.dll
[2009/11/27 15:32:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0407.dll
[2009/11/27 15:32:30 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0404.dll
[2009/11/27 15:32:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0C0A.dll
[2009/11/27 15:32:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0419.dll
[2009/11/27 15:32:28 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0804.dll
[2009/11/27 15:32:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0410.dll
[2009/11/27 15:32:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex040C.dll
[2009/11/27 15:32:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0409.dll
[2009/11/27 15:32:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0407.dll
[2009/11/27 15:32:27 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0412.dll
[2009/11/27 15:32:27 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0411.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0C0A.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0419.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0416.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0410.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex040C.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0407.dll
[2009/11/27 15:32:26 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0409.dll
[2009/11/27 15:32:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0804.dll
[2009/11/27 15:32:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0412.dll
[2009/11/27 15:32:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0411.dll
[2009/11/27 15:32:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0404.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0C0A.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0419.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0416.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0410.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex040C.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0407.dll
[2009/11/27 15:32:25 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0409.dll
[2009/11/27 15:32:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0804.dll
[2009/11/27 15:32:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0412.dll
[2009/11/27 15:32:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0411.dll
[2009/11/27 15:32:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0404.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0C0A.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0419.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0416.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0410.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex040C.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0407.dll
[2009/11/27 15:32:23 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0409.dll
[2009/11/27 15:32:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0804.dll
[2009/11/27 15:32:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0412.dll
[2009/11/27 15:32:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0411.dll
[2009/11/27 15:32:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0404.dll
[2009/11/27 15:32:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0C0A.dll
[2009/11/27 15:32:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0419.dll
[2009/11/27 15:32:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0412.dll
[2009/11/27 15:32:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0411.dll
[2009/11/27 15:32:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0804.dll
[2009/11/27 15:32:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0410.dll
[2009/11/27 15:32:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex040C.dll
[2009/11/27 15:32:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0409.dll
[2009/11/27 15:32:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0407.dll
[2009/11/27 15:32:21 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0404.dll
[2009/11/27 15:32:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0C0A.dll
[2009/11/27 15:32:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0419.dll
[2009/11/27 15:32:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0410.dll
[2009/11/27 15:32:20 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0412.dll
[2009/11/27 15:32:20 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0411.dll
[2009/11/27 15:32:20 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0804.dll
[2009/11/27 15:32:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex040C.dll
[2009/11/27 15:32:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0409.dll
[2009/11/27 15:32:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0407.dll
[2009/11/27 15:32:19 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0404.dll
[2009/11/27 15:32:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0C0A.dll
[2009/11/27 15:32:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0419.dll
[2009/11/27 15:32:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0416.dll
[2009/11/27 15:32:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0804.dll
[2009/11/27 15:32:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0410.dll
[2009/11/27 15:32:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex040C.dll
[2009/11/27 15:32:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0409.dll
[2009/11/27 15:32:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0407.dll
[2009/11/27 15:32:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0412.dll
[2009/11/27 15:32:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0411.dll
[2009/11/27 15:32:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0404.dll
[2009/11/27 15:32:15 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0C0A.dll
[2009/11/27 15:32:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0804.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0419.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0416.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0410.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex040C.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0409.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0407.dll
[2009/11/27 15:32:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0412.dll
[2009/11/27 15:32:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0411.dll
[2009/11/27 15:32:14 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0404.dll
[2009/11/27 15:32:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0C0A.dll
[2009/11/27 15:32:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0419.dll
[2009/11/27 15:32:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0416.dll
[2009/11/27 15:32:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0410.dll
[2009/11/27 15:32:11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0412.dll
[2009/11/27 15:32:11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0411.dll
[2009/11/27 15:32:11 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0804.dll
[2009/11/27 15:32:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex040C.dll
[2009/11/27 15:32:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0409.dll
[2009/11/27 15:32:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0407.dll
[2009/11/27 15:32:10 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0404.dll
[2009/11/27 15:32:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0C0A.dll
[2009/11/27 15:32:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0419.dll
[2009/11/27 15:32:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0416.dll
[2009/11/27 15:32:09 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0412.dll
[2009/11/27 15:32:09 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0804.dll
[2009/11/27 15:32:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0410.dll
[2009/11/27 15:32:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex040C.dll
[2009/11/27 15:32:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0409.dll
[2009/11/27 15:32:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0407.dll
[2009/11/27 15:32:08 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0411.dll
[2009/11/27 15:32:08 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0404.dll
[2009/11/02 17:10:33 | 000,001,927 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Principia Products.zip
[2009/10/05 14:46:40 | 000,003,116 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2009/09/09 16:07:30 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[2009/09/06 16:50:05 | 000,000,239 | ---- | C] () -- C:\WINDOWS\AQUALAND.INI
[2009/09/01 14:25:19 | 000,009,216 | ---- | C] () -- C:\WINDOWS\nvapi.dll
[2009/07/17 20:13:34 | 000,010,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\Hmonitor.sys
[2009/07/17 19:15:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\windowfx3.ini
[2009/07/17 19:12:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\windowfx2.ini
[2009/07/17 13:12:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\setupfilter.exe
[2009/07/16 08:49:02 | 000,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2009/05/12 14:35:00 | 000,857,307 | ---- | C] () -- C:\WINDOWS\System32\SSCProt.dll
[2009/03/19 08:57:34 | 000,000,052 | ---- | C] () -- C:\WINDOWS\pdf2rtf.INI
[2009/03/19 08:56:44 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\pdf2word.DAT
[2009/02/13 12:36:32 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\REGISTRY.INI
[2009/01/31 15:42:47 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/01/28 23:40:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OODCNT.INI
[2008/11/06 09:33:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/10/18 19:30:26 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\8DC136AF17.sys
[2008/09/17 12:19:12 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\fusioncache.dat
[2008/09/17 10:53:58 | 000,089,277 | ---- | C] () -- C:\WINDOWS\hpoins06.dat.temp
[2008/09/17 10:53:58 | 000,005,389 | ---- | C] () -- C:\WINDOWS\hpomdl06.dat.temp
[2008/09/03 19:27:58 | 000,186,360 | ---- | C] () -- C:\WINDOWS\System32\MNSFramework.exe
[2008/08/27 00:52:46 | 000,180,134 | ---- | C] () -- C:\WINDOWS\hpwins14.dat.temp
[2008/08/27 00:52:46 | 000,001,108 | ---- | C] () -- C:\WINDOWS\hpwmdl14.dat.temp
[2008/08/26 17:42:33 | 000,012,998 | R--- | C] () -- C:\WINDOWS\hpwscr14.dat
[2008/08/15 23:15:40 | 000,164,623 | ---- | C] () -- C:\WINDOWS\hpoins21.dat
[2008/08/15 23:15:40 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat
[2008/07/13 18:49:45 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\D626B87732.sys
[2008/07/04 17:13:29 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll
[2008/07/04 17:08:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\TpKmpSvc.exe
[2008/07/04 16:26:56 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2008/07/04 15:33:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/07/04 15:18:46 | 000,061,440 | ---- | C] () -- C:\WINDOWS\ContextMenuExt.dll
[2008/05/27 22:42:20 | 000,000,029 | ---- | C] () -- C:\WINDOWS\Atw.INI
[2008/05/15 13:34:14 | 000,026,448 | ---- | C] () -- C:\WINDOWS\System32\smfaxmon.dll
[2008/05/04 09:41:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/04/17 22:34:20 | 000,000,395 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/03/13 21:26:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/01/30 15:34:18 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\PUTTY.RND
[2008/01/14 16:47:06 | 000,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll
[2008/01/03 21:23:41 | 000,098,304 | R--- | C] () -- C:\WINDOWS\Opdirdel.exe
[2007/12/30 15:55:16 | 000,000,050 | ---- | C] () -- C:\WINDOWS\winzipme.ini
[2007/12/11 09:40:07 | 000,000,099 | ---- | C] () -- C:\WINDOWS\(null)toolkit.ini
[2007/11/17 20:21:27 | 000,000,230 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2007/11/15 07:51:27 | 000,011,254 | ---- | C] () -- C:\WINDOWS\System32\locate.com
[2007/11/13 07:56:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2007/11/13 07:56:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBFC.dat
[2007/10/17 08:34:27 | 000,133,632 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2007/10/17 08:34:27 | 000,003,300 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Windows Media Audio 9 Codec.dat
[2007/08/27 09:12:43 | 000,004,964 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/08/23 16:57:43 | 000,092,192 | ---- | C] () -- C:\WINDOWS\System32\mapi32x.dll
[2007/08/09 04:26:44 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2007/06/18 22:10:11 | 000,026,641 | ---- | C] () -- C:\WINDOWS\CONSETUP.EXE
[2007/05/29 11:57:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pp.ini
[2007/03/08 15:47:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ftdiunin.exe
[2007/03/08 15:47:15 | 000,000,089 | R--- | C] () -- C:\WINDOWS\System32\FTD2XXUN.ini
[2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/02/08 18:14:10 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2007/01/07 17:57:01 | 000,000,968 | ---- | C] () -- C:\WINDOWS\seRapid.INI
[2006/11/26 13:25:26 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Progs_.ini
[2006/11/15 10:54:47 | 000,000,283 | ---- | C] () -- C:\WINDOWS\MLTCLIP.INI
[2006/11/14 16:48:49 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\CBNDLL.DLL
[2006/11/14 16:48:49 | 000,015,408 | ---- | C] () -- C:\WINDOWS\System32\CB560WIN.DLL
[2006/11/14 16:48:49 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\CBNVDD.DLL
[2006/11/12 22:34:51 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHealr.dll
[2006/11/12 15:53:06 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpspmins.dll
[2006/11/07 23:45:26 | 000,001,385 | ---- | C] () -- C:\WINDOWS\PhoneDialer.ini
[2006/11/05 11:24:09 | 000,130,560 | ---- | C] () -- C:\WINDOWS\System32\ZIPDLL.DLL
[2006/11/05 11:24:09 | 000,125,440 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.DLL
[2006/11/05 11:24:08 | 000,090,112 | ---- | C] () -- C:\WINDOWS\inst_tsp.exe
[2006/11/02 08:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006/10/28 08:48:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\graphedit.INI
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0C0A.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0410.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex040C.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0407.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0C0A.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0419.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0410.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex040C.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0409.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0407.dll
[2006/10/27 21:27:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0409.dll
[2006/10/27 21:27:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0412.dll
[2006/10/27 21:27:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0411.dll
[2006/10/27 21:27:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0804.dll
[2006/10/27 21:27:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0411.dll
[2006/10/27 21:27:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0804.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0419.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0409.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0407.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0419.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0409.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0407.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0409.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0407.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0407.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0407.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0407.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0412.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0411.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0412.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0411.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0411.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0409.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0409.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0409.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0411.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0411.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0411.dll
[2006/10/27 21:27:16 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex.dll
[2006/10/27 21:27:16 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex.dll
[2006/10/27 21:27:16 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0C0A.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0410.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex040C.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0407.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0C0A.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0410.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex040C.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0407.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0409.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0409.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0c0a.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0410.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex040C.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0409.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0407.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0C0A.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0410.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex040C.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0409.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0407.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0C0A.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0410.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex040C.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0409.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0407.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0804.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0411.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0804.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0411.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0804.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0411.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0804.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0411.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0804.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0411.dll
[2006/10/26 13:10:28 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/10/14 21:33:51 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\nmocod.dll
[2006/10/14 12:51:03 | 000,000,305 | ---- | C] () -- C:\WINDOWS\PICKLIST.INI
[2006/10/14 12:30:09 | 000,000,298 | ---- | C] () -- C:\WINDOWS\MIREPAIR.INI
[2006/10/14 12:30:09 | 000,000,058 | ---- | C] () -- C:\WINDOWS\MITCHELL.INI
[2006/10/14 12:28:22 | 000,003,299 | ---- | C] () -- C:\WINDOWS\ODWIN.INI
[2006/10/14 12:28:22 | 000,000,754 | ---- | C] () -- C:\WINDOWS\BTI.INI
[2006/08/27 22:34:27 | 000,000,229 | ---- | C] () -- C:\WINDOWS\vuepro32.ini
[2006/08/26 11:39:11 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\syswd36.ini
[2006/08/25 22:15:31 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\syswd31.ini
[2006/08/25 22:15:30 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\syswd1.ini
[2006/07/26 23:28:24 | 000,012,499 | ---- | C] () -- C:\WINDOWS\System32\Seagate.bin
[2006/07/03 15:02:51 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Print.ini
[2006/06/20 12:42:49 | 000,000,385 | ---- | C] () -- C:\WINDOWS\SMDebug.ini
[2006/06/14 14:48:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/05/13 11:20:14 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
[2006/04/14 15:16:06 | 000,111,376 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2006/04/14 15:16:06 | 000,040,792 | ---- | C] () -- C:\WINDOWS\System32\agcrypto.dll
[2006/04/03 21:54:39 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/04/01 12:30:09 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\rfwdui.dll
[2006/04/01 12:30:08 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\rfstrres.dll
[2006/03/25 23:41:30 | 000,000,131 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2006/02/28 10:27:40 | 000,684,100 | ---- | C] () -- C:\WINDOWS\System32\PC_ExplorerExtension.dll
[2006/02/04 14:19:07 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/01/23 15:53:25 | 000,000,745 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/22 22:33:05 | 000,393,264 | ---- | C] () -- C:\WINDOWS\System32\D125UR.DAT
[2006/01/22 22:33:05 | 000,008,575 | ---- | C] () -- C:\WINDOWS\System32\D125UFW.INI
[2006/01/09 13:46:04 | 000,000,283 | ---- | C] () -- C:\WINDOWS\vuepro32.ini.org
[2005/12/27 17:03:41 | 000,000,369 | ---- | C] () -- C:\WINDOWS\SMSI.INI
[2005/12/27 15:47:30 | 000,000,076 | ---- | C] () -- C:\WINDOWS\eFaxView.ini
[2005/12/21 17:53:06 | 000,000,459 | ---- | C] () -- C:\WINDOWS\qpw.INI
[2005/12/21 09:19:08 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2005/12/19 23:11:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TEXTART.INI
[2005/12/19 21:44:14 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2005/12/19 21:00:29 | 000,107,134 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2005/12/19 20:59:53 | 000,004,590 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/12/19 13:23:54 | 000,000,089 | ---- | C] () -- C:\WINDOWS\Spell Catcher.INI
[2005/11/30 20:16:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll
[2005/09/05 13:52:38 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2005/08/31 21:01:13 | 000,000,577 | ---- | C] () -- C:\WINDOWS\System32\gmsblist.dll
[2005/08/26 14:28:34 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2005/08/26 14:28:20 | 000,024,576 | ---- | C] () -- C:\WINDOWS\shortcut.exe
[2005/08/26 14:27:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2005/08/19 22:49:28 | 000,000,033 | ---- | C] () -- C:\WINDOWS\System32\gr6rlzay.dll
[2005/07/05 23:45:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll
[2005/04/08 17:42:06 | 000,087,540 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/03/25 16:42:50 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/03/11 11:34:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/03/11 11:34:10 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/03/11 11:34:10 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/03/11 11:34:09 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/03/11 11:34:09 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/03/11 11:34:08 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/02/01 17:00:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2005/02/01 17:00:44 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/10/27 12:59:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\RSADLLACE.DLL
[2004/10/27 12:59:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\RSADLL32.DLL
[2004/08/03 19:38:34 | 000,047,564 | ---- | C] () -- C:\WINDOWS\ntdetect.com
[2004/08/03 17:07:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/02 06:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/06/30 16:04:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SDelete.dll
[2004/05/27 09:44:03 | 000,143,414 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2004/05/27 09:44:03 | 000,049,852 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2004/05/20 20:47:20 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\Elmdll1.dll
[2004/03/07 14:51:00 | 000,024,924 | ---- | C] () -- C:\WINDOWS\System32\openports.dll
[2004/01/30 10:37:50 | 000,000,133 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2003/11/09 20:00:35 | 000,385,072 | ---- | C] () -- C:\WINDOWS\System32\HPRrm.dll
[2003/10/15 20:02:25 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\DrvTrNTl.dll
[2003/09/22 13:11:48 | 000,001,003 | ---- | C] () -- C:\WINDOWS\Corpscon.ini
[2003/05/15 17:19:08 | 000,294,400 | ---- | C] () -- C:\WINDOWS\System32\RSTOOL32.DLL
[2003/04/10 15:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/02/28 22:29:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\zdbui.ini
[2003/01/23 20:24:47 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/01 20:17:28 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\PnPscan.exe
[2002/11/01 19:15:44 | 000,200,765 | ---- | C] () -- C:\WINDOWS\System32\scandll.dll
[2002/10/10 11:03:08 | 000,151,610 | ---- | C] () -- C:\WINDOWS\System32\uddliv.exe
[2002/10/10 11:03:08 | 000,151,610 | ---- | C] () -- C:\WINDOWS\System32\uddbraxs.exe
[2002/10/10 11:03:08 | 000,151,610 | ---- | C] () -- C:\WINDOWS\System32\uddbraxp.exe
[2002/10/10 11:03:06 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DrvInit.exe
[2002/10/07 18:15:36 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2002/09/05 08:58:15 | 001,213,440 | ---- | C] () -- C:\WINDOWS\System32\opengl.dll
[2002/09/05 08:58:14 | 000,315,904 | ---- | C] () -- C:\WINDOWS\System32\glu.dll
[2002/09/05 08:58:14 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\glut.dll
[2002/07/19 15:34:03 | 000,106,496 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2002/07/19 15:33:53 | 000,377,600 | ---- | C] () -- C:\WINDOWS\System32\BOCOLE.DLL
[2002/07/19 15:33:53 | 000,167,456 | ---- | C] () -- C:\WINDOWS\System32\Bocof.dll
[2002/07/19 15:33:53 | 000,004,052 | ---- | C] () -- C:\WINDOWS\unwise.ini
[2002/07/19 15:27:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/07/19 15:23:40 | 000,184,320 | ---- | C] () -- C:\WINDOWS\TPBATHLP.EXE
[2002/07/19 15:20:34 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/07/19 15:20:16 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2002/07/19 15:17:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/07/19 15:11:28 | 000,022,024 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/07/19 15:04:35 | 000,004,387 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/07/19 15:03:41 | 002,536,744 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/04/16 08:14:44 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2002/04/16 08:14:42 | 000,338,944 | R--- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2002/03/21 15:39:02 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2002/03/21 13:51:52 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2002/03/21 12:51:52 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2002/03/21 12:51:52 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2002/03/21 12:51:52 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2002/03/21 12:51:52 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2002/03/21 12:51:52 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2002/03/21 12:51:52 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2002/03/20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002/03/20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002/03/20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002/03/20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[2002/03/19 19:30:00 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\mag.dll
[2002/03/19 18:30:00 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\msvdm.dll
[2002/03/19 17:30:00 | 000,045,632 | ---- | C] () -- C:\WINDOWS\System32\TaskSwitch.exe
[2002/03/04 19:45:46 | 000,151,610 | ---- | C] () -- C:\WINDOWS\System32\UpdateDD.exe
[2002/03/01 15:43:34 | 000,028,008 | ---- | C] () -- C:\WINDOWS\System32\SUSUSB.SYS
[2001/12/03 17:50:58 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\LTTLS13N.DLL
[2001/12/03 17:50:20 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\LTCRY13N.DLL
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/10/02 13:32:26 | 000,000,319 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001/08/31 15:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll
[2001/08/29 20:57:40 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\addurl41.DLL
[2001/08/23 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 05:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/19 09:03:04 | 000,002,858 | ---- | C] () -- C:\WINDOWS\System32\egathdrv.sys
[2001/07/10 15:43:16 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\winwatch.DLL
[2001/07/06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2001/06/08 14:54:30 | 000,003,478 | ---- | C] () -- C:\WINDOWS\translat.ini
[2000/07/22 16:49:46 | 000,431,104 | ---- | C] () -- C:\WINDOWS\System32\VFCodec.dll
[2000/07/07 07:49:30 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\LTDLL.DLL
[1996/04/03 12:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[1980/01/01 00:00:00 | 000,497,916 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[1980/01/01 00:00:00 | 000,087,224 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[1980/01/01 00:00:00 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\tp4uires.dll
[1980/01/01 00:00:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\tp4unins.exe
[1980/01/01 00:00:00 | 000,003,745 | ---- | C] () -- C:\WINDOWS\System32\tp4table.dat
[1980/01/01 00:00:00 | 000,002,481 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[1980/01/01 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

< End of report >



Please help me remove any Malware/Virus/Trojans

Thank you,

Docfxit
  • 0

Advertisements

#2
BlackOxide
Posted 28 March 2012 - 01:42 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Hi, docfxit! My name is BlackOxide and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :)

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just incase you are unable to access this site.

Please note the following:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply, unless I specifically need you to attach them.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for me to analyse and fix your PC in the long run.
  • I will always try and respond to replies as soon as possible, but please be patient as some logs require more time than others to fully analyse.
  • If you are not sure of anything along the way, just ask.

OK, lets start ;)

First of all, sorry for the delay, it's quite busy around here lately. Lets start trying to get you sorted now :)

Could you do the following for me please....



1)
OTL Quick Scan
  • Double click on the OTL icon to run it.
  • When the window appears, underneath Output at the top, make sure Standard Output is selected.
  • Tick the Scan All Users box at the top
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window.
  • Please post the contents of this log



2)
Download aswMBR.exe (1.8mb) to your desktop.

Double click aswMBR.exe to run it.

If it asks to download the Avast defintions, just click No.

Click the "Scan" button to start the scan.

Posted Image


On completion of the scan click save log, save it to your desktop and post it in your next reply.

Posted Image




3)
Could you give me an update as to how the PC is behaving. Is it still blue screening? If so, how often does it blue screen? Is the internet still running slowly?



In your next reply
Please post the contents of...
OTL log
aswMBR log
Update on how the PC is running
  • 0

#3
docfxit
Posted 28 March 2012 - 04:29 PM

docfxit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Hi BlackOxide,

Thank you for taking on this case and trying to help me.

OTL logfile created on: 3/28/2012 2:57:58 PM - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Dnload\SpywareRemovers
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.93 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 53.93% Memory free
3.77 Gb Paging File | 2.80 Gb Available in Paging File | 74.21% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 61.48 Gb Total Space | 2.84 Gb Free Space | 4.62% Space Free | Partition Type: NTFS
Drive F: | 7.40 Gb Total Space | 6.67 Gb Free Space | 90.03% Space Free | Partition Type: FAT32

Computer Name: DOCFXITLT | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/01 11:05:18 | 001,183,080 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
PRC - [2012/03/01 11:05:15 | 001,552,368 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
PRC - [2012/02/20 18:39:54 | 000,224,920 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
PRC - [2012/02/09 09:22:22 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2012/02/09 09:21:59 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2012/01/23 20:23:06 | 000,050,128 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
PRC - [2011/12/28 13:40:48 | 006,148,096 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files\Free Download Manager\fdm.exe
PRC - [2011/12/06 09:48:02 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/10/02 03:42:52 | 000,665,608 | ---- | M] (NTWind Software) -- C:\Program Files\WinSnap\WinSnap.exe
PRC - [2011/09/23 17:59:43 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Dnload\SpywareRemovers\OTL ver. 3.2.29.1.exe
PRC - [2011/08/27 12:16:10 | 000,434,960 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2011/08/27 12:16:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/08/19 22:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/06/22 20:32:46 | 001,407,248 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2011/06/22 20:32:40 | 000,370,960 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2011/06/22 20:32:36 | 000,882,960 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2011/06/22 19:49:24 | 000,866,576 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2011/06/22 19:33:14 | 001,210,640 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2011/05/26 19:43:12 | 000,328,040 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011/05/18 22:40:06 | 002,016,504 | ---- | M] (UltraVNC) -- C:\Program Files\ultravnc\winvnc.exe
PRC - [2011/04/20 10:04:40 | 000,130,920 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe
PRC - [2011/04/07 16:41:32 | 000,138,680 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2011/04/04 11:43:36 | 000,135,528 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
PRC - [2011/04/04 10:27:20 | 000,045,496 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2011/03/31 19:31:34 | 000,132,392 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2011/03/29 13:41:08 | 000,064,952 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011/01/14 15:51:56 | 000,041,320 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2010/11/29 16:32:44 | 000,069,560 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2010/11/12 06:54:50 | 000,819,291 | ---- | M] () -- C:\Program Files\TVMOBiLi\bin\tvMobiliService.exe
PRC - [2010/11/08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/10/29 20:25:12 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
PRC - [2010/09/22 14:18:46 | 001,463,672 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
PRC - [2010/09/22 14:18:46 | 000,607,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
PRC - [2010/09/22 14:18:46 | 000,349,528 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2010/09/19 14:00:02 | 000,097,792 | ---- | M] () -- C:\Program Files\Stunnel\stunnel.exe
PRC - [2010/09/17 16:40:06 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010/09/02 00:57:48 | 001,774,992 | ---- | M] (ALTAP) -- C:\Program Files\Salamander 2.5\salamand.exe
PRC - [2010/06/23 22:45:38 | 002,749,984 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files\DU Meter\DUMeter.exe
PRC - [2010/05/03 12:54:36 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/05/03 12:54:32 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/05/03 12:54:28 | 001,522,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
PRC - [2010/04/01 14:50:44 | 000,043,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
PRC - [2009/11/18 14:22:26 | 000,226,304 | ---- | M] (Uwe Sieber - www.uwe-sieber.de) -- C:\Program Files\USBDLM\USBDLM.exe
PRC - [2009/09/04 16:22:56 | 001,391,136 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files\DU Meter\DUMeterSvc.exe
PRC - [2009/06/02 13:49:56 | 000,020,480 | ---- | M] (Intuit, Inc.) -- C:\Program Files\Common Files\Intuit\Entitlement Client\v6.0\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe
PRC - [2009/01/14 10:29:18 | 003,981,312 | ---- | M] (Brooks Internet Software, Inc.) -- C:\Program Files\RPM\RpmSrv.exe
PRC - [2008/12/09 20:54:40 | 000,143,360 | ---- | M] (PFU LIMITED) -- C:\WINDOWS\twain_32\Fjscan32\SOP\FtLnSOP.exe
PRC - [2008/10/30 15:23:52 | 000,031,744 | ---- | M] (Ricoh co.,Ltd.) -- C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe
PRC - [2008/09/03 19:27:58 | 000,186,360 | ---- | M] () -- C:\WINDOWS\system32\MNSFramework.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/19 12:30:46 | 002,558,464 | R--- | M] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\system32\hasplms.exe
PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/05/03 12:23:29 | 001,037,216 | ---- | M] (Rainmaker Research, Inc.) -- C:\Program Files\Spell Catcher Plus\Spell Catcher.exe
PRC - [2007/02/21 01:15:02 | 000,112,208 | ---- | M] (Corel, Inc.) -- C:\Program Files\Photo Album 6\MediaDetect.exe
PRC - [2007/02/08 18:14:10 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005/11/30 14:34:18 | 000,068,608 | ---- | M] () -- C:\Program Files\ClipX\clipx.exe
PRC - [2005/04/27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2005/03/11 20:26:46 | 000,622,592 | ---- | M] () -- C:\Program Files\SpyTheSpy\SpyTheSpy.exe
PRC - [2004/10/12 13:01:52 | 000,032,768 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Common Files\Smith Micro Shared\Fax\SMLoader.exe
PRC - [2004/01/12 05:59:14 | 000,110,592 | ---- | M] () -- C:\Program Files\IconSaver\IconSaver.exe
PRC - [2002/03/19 17:30:00 | 000,045,632 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe
PRC - [2001/12/28 22:33:14 | 000,214,016 | ---- | M] (Actiontec Electronics, Inc) -- C:\WINDOWS\system32\AEIWLSTA.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/14 05:12:09 | 000,578,024 | ---- | M] () -- C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\bdsmartdb.dll
MOD - [2012/03/14 05:12:09 | 000,092,328 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\bdmetrics.dll
MOD - [2012/03/01 11:05:20 | 000,107,520 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\UI\popup.ui
MOD - [2012/03/01 11:05:17 | 001,226,400 | ---- | M] () -- \\?\C:\Program Files\Bitdefender\Bitdefender 2012\wslib.dll
MOD - [2012/03/01 11:05:08 | 000,270,536 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\avc3al.dll
MOD - [2012/02/22 10:28:31 | 013,346,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\0816c3b4ab4f25931be80ef29db36024\System.Data.Entity.ni.dll
MOD - [2012/02/22 10:27:20 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\f9977bade8fa997882aa57b430820765\System.ServiceProcess.ni.dll
MOD - [2012/02/22 10:27:19 | 001,189,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\55479b2c4a07d81798bc2095bc063469\System.Data.OracleClient.ni.dll
MOD - [2012/02/22 10:27:18 | 001,925,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\d254912e273fe438ef06051ce181e57d\System.Web.Services.ni.dll
MOD - [2012/02/22 10:27:16 | 012,079,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\3420481899719b86b8bb597ad0cf0db0\System.Web.ni.dll
MOD - [2012/02/22 10:27:09 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\9eb937785d5a8bc2767ae7efcdd29d43\System.Runtime.Remoting.ni.dll
MOD - [2012/02/22 10:27:07 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\06c498e1b0e11e9de295c02f1519b8ff\System.EnterpriseServices.ni.dll
MOD - [2012/02/22 10:27:07 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\07db951fbbd939fc70b0b91a8fa83185\System.Transactions.ni.dll
MOD - [2012/02/22 10:27:05 | 002,647,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\7aa036e91909e1bc5e1d35b673defab2\System.Runtime.Serialization.ni.dll
MOD - [2012/02/22 10:27:03 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\35b997b2652f8f564b062e6a6e59055f\System.Xml.Linq.ni.dll
MOD - [2012/02/22 09:32:11 | 006,815,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\25a90057cd6623c3b3cc07e53c8de77a\System.Data.ni.dll
MOD - [2012/02/22 09:32:09 | 013,138,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\edfa0f31cc4950e16011ecb549f553f7\System.Windows.Forms.ni.dll
MOD - [2012/02/22 09:32:05 | 007,069,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\b6ac99f2787a9a672d7a696ef25588ee\System.Core.ni.dll
MOD - [2012/02/22 09:32:01 | 005,617,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\a588133985ef7510d4cc8cc7924f8ec3\System.Xml.ni.dll
MOD - [2012/02/22 09:32:01 | 000,736,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\f7ddf9585d0b4b46437dc07b50955b64\System.Security.ni.dll
MOD - [2012/02/22 09:32:00 | 000,982,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\1702c5e18cdd96c022d87c38561f19c9\System.Configuration.ni.dll
MOD - [2012/02/22 09:31:57 | 001,652,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\9d5b252266a6084a611b2be84fac9e1c\System.Drawing.ni.dll
MOD - [2012/02/22 09:31:55 | 009,091,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\9c4788acc8f93c33214865395cee2e1c\System.ni.dll
MOD - [2012/02/20 18:39:54 | 000,224,920 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
MOD - [2012/02/01 18:20:16 | 000,004,608 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\UI\imsecurityal.ui
MOD - [2012/01/23 20:27:20 | 000,035,208 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\procinfo.dll
MOD - [2012/01/23 20:20:54 | 000,139,208 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\popup.dll
MOD - [2012/01/23 20:15:40 | 000,059,392 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\bdmltusrsrv.dll
MOD - [2012/01/23 20:14:56 | 000,110,880 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\connector.dll
MOD - [2012/01/23 20:14:00 | 000,061,440 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\excludemgr.dll
MOD - [2012/01/23 20:13:40 | 000,154,152 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\framework.dll
MOD - [2012/01/19 15:36:40 | 000,157,200 | ---- | M] () -- \\?\C:\Program Files\Bitdefender\Bitdefender 2012\bdnimbus.dll
MOD - [2012/01/09 10:03:30 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2012/01/09 10:03:19 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3c272cad7afb127e2a2bdb8a5a808512\System.Runtime.Remoting.ni.dll
MOD - [2012/01/09 09:52:49 | 000,679,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\36c12de583ee81e9c99acb72b09d77ac\System.Security.ni.dll
MOD - [2012/01/09 09:52:46 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2012/01/09 09:12:34 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2012/01/09 09:12:31 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2012/01/09 09:12:23 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2012/01/09 09:12:10 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2012/01/09 09:12:04 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2012/01/09 09:09:43 | 000,145,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\97126244f88693adb36f94116d8d0dda\System.Numerics.ni.dll
MOD - [2012/01/09 09:09:13 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll
MOD - [2012/01/06 16:27:34 | 000,035,720 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\strdecoder.dll
MOD - [2012/01/06 16:27:28 | 000,202,032 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\txmlutil.dll
MOD - [2012/01/06 16:27:20 | 000,003,072 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\UI\accessl.ui
MOD - [2011/12/28 14:13:24 | 003,522,048 | ---- | M] () -- C:\Program Files\Free Download Manager\fdmbtsupp.dll
MOD - [2011/12/28 12:48:54 | 000,230,400 | ---- | M] () -- C:\Program Files\Free Download Manager\iefdm2.dll
MOD - [2011/10/27 15:07:06 | 000,362,736 | ---- | M] () -- \\?\C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\trufos.dll
MOD - [2011/10/21 14:04:28 | 001,910,272 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpfr.mdl
MOD - [2011/10/21 14:04:28 | 001,909,760 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpph.mdl
MOD - [2011/10/21 14:04:28 | 001,858,560 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimf.mdl
MOD - [2011/10/21 14:04:28 | 000,952,832 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttprbl.mdl
MOD - [2011/10/21 14:04:28 | 000,632,832 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpbr.mdl
MOD - [2011/10/21 14:04:28 | 000,444,416 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimdsp.mdl
MOD - [2011/10/21 14:04:26 | 002,054,144 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpf.mdl
MOD - [2011/10/21 14:04:26 | 000,509,440 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\ashttpdsp.mdl
MOD - [2011/10/21 14:04:26 | 000,389,632 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2012\as2core\asimbr.mdl
MOD - [2011/05/19 19:34:22 | 000,056,224 | ---- | M] () -- \\?\C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\Antivirus_08436_196\avxdisk.dll
MOD - [2011/03/31 19:31:02 | 000,066,856 | ---- | M] () -- C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
MOD - [2011/02/18 18:47:09 | 002,228,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.EntitlementClient.Common\6.0.1.0__7ce6deabcb36a8ea\Intuit.Spc.Map.EntitlementClient.Common.dll
MOD - [2011/02/18 18:29:24 | 000,229,376 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.EntitlementClient.Api\6.0.1.0__7ce6deabcb36a8ea\Intuit.Spc.Map.EntitlementClient.Api.dll
MOD - [2010/11/12 06:54:50 | 000,819,291 | ---- | M] () -- C:\Program Files\TVMOBiLi\bin\tvMobiliService.exe
MOD - [2010/09/22 14:18:56 | 002,860,384 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2010/09/22 14:18:56 | 000,075,112 | ---- | M] () -- C:\Program Files\ThinkPad\Bluetooth Software\BTKeyInd.dll
MOD - [2010/09/19 14:00:02 | 000,097,792 | ---- | M] () -- C:\Program Files\Stunnel\stunnel.exe
MOD - [2010/06/07 07:26:46 | 000,101,376 | ---- | M] () -- C:\Program Files\Stunnel\zlib1.dll
MOD - [2009/01/14 10:29:18 | 000,010,752 | ---- | M] () -- C:\Program Files\RPM\udf\fbudf.dll
MOD - [2008/09/03 19:27:58 | 000,186,360 | ---- | M] () -- C:\WINDOWS\system32\MNSFramework.exe
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/02/08 18:14:10 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2005/11/30 14:34:18 | 000,068,608 | ---- | M] () -- C:\Program Files\ClipX\clipx.exe
MOD - [2005/10/28 20:29:52 | 000,208,896 | ---- | M] () -- C:\Program Files\Lenovo\PkgMgr\HOTKEY\tpfnf7.dll
MOD - [2005/03/11 20:26:46 | 000,622,592 | ---- | M] () -- C:\Program Files\SpyTheSpy\SpyTheSpy.exe
MOD - [2004/02/27 12:24:30 | 000,026,448 | ---- | M] () -- C:\WINDOWS\system32\smfaxmon.dll
MOD - [2004/01/12 05:59:14 | 000,110,592 | ---- | M] () -- C:\Program Files\IconSaver\IconSaver.exe
MOD - [2004/01/12 05:58:35 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\IconSaver.cpl
MOD - [2003/10/19 07:12:58 | 000,061,440 | ---- | M] () -- C:\Program Files\IconSaver\IconSaverLib.dll
MOD - [2003/10/19 05:11:40 | 000,094,208 | ---- | M] () -- C:\Program Files\IconSaver\IconSaver Editor.dll
MOD - [2003/07/03 23:49:30 | 000,024,576 | ---- | M] () -- C:\Program Files\Lenovo\PkgMgr\HOTKEY_2\tphk_2k.dll
MOD - [2002/03/19 17:30:00 | 000,045,632 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe
MOD - [2001/07/31 10:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHealr.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (GSService)
SRV - File not found [On_Demand | Stopped] -- -- (B-Service)
SRV - [2012/03/01 11:05:15 | 001,552,368 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe -- (vsserv)
SRV - [2012/02/20 18:39:54 | 000,224,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV - [2012/02/09 09:22:22 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2012/02/09 09:21:59 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/01/23 20:23:06 | 000,050,128 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe -- (UPDATESRV)
SRV - [2011/12/06 09:48:02 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/10/14 23:57:36 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2011/08/27 12:16:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/08/19 22:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/08/19 22:30:58 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2011/06/22 20:32:40 | 000,370,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2011/06/22 20:32:36 | 000,882,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2011/06/22 19:49:24 | 000,866,576 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2011/05/18 22:40:06 | 002,016,504 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Program Files\UltraVNC\WinVNC.exe -- (uvnc_service)
SRV - [2011/04/20 10:04:40 | 000,130,920 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV - [2011/04/04 10:27:20 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2011/03/29 13:41:08 | 000,064,952 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2011/01/14 15:51:56 | 000,041,320 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV - [2010/12/23 08:20:24 | 000,245,760 | ---- | M] (SMServer) [Disabled | Stopped] -- C:\WINDOWS\System32\snmvtsvc.exe -- (SMServer)
SRV - [2010/12/23 06:03:32 | 000,385,024 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\SoundTaxi Media Suite\STSService.exe -- (STSService)
SRV - [2010/11/12 06:54:50 | 000,819,291 | ---- | M] () [Auto | Running] -- C:\Program Files\TVMOBiLi\bin\tvMobiliService.exe -- (tvMobiliService)
SRV - [2010/11/08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/10/04 13:33:40 | 002,735,992 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Intuit\QuickBooks Point of Sale 9.0\DatabaseServer\QBPOSDBService.exe -- (QBPOSDBServiceV9)
SRV - [2010/09/22 14:18:46 | 000,349,528 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2010/09/19 14:00:02 | 000,097,792 | ---- | M] () [Auto | Running] -- C:\Program Files\Stunnel\stunnel.exe -- (stunnel)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/07/01 23:55:40 | 003,827,056 | ---- | M] (MediaMall Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2010/06/25 10:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/05/03 12:54:36 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/05/03 12:54:32 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/02/24 04:13:24 | 001,313,368 | ---- | M] (South River Technologies, LLC) [Disabled | Stopped] -- C:\Program Files\WebDrive\wdService.exe -- (WebDriveService)
SRV - [2009/12/29 15:57:56 | 000,057,344 | ---- | M] (Gravic) [On_Demand | Stopped] -- C:\Program Files\Common Files\Gravic\RemarkFTPUtility12.exe -- (Remark FTP Utility)
SRV - [2009/11/18 14:22:26 | 000,226,304 | ---- | M] (Uwe Sieber - www.uwe-sieber.de) [Auto | Running] -- C:\Program Files\USBDLM\USBDLM.exe -- (USBDLM)
SRV - [2009/09/04 16:22:56 | 001,391,136 | ---- | M] (Hagel Technologies Ltd.) [On_Demand | Running] -- C:\Program Files\DU Meter\DUMeterSvc.exe -- (DUMeterSvc)
SRV - [2009/06/02 13:49:56 | 000,020,480 | ---- | M] (Intuit, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Entitlement Client\v6.0\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe -- (Intuit Entitlement Service v6.0)
SRV - [2009/04/20 14:17:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/01/14 10:29:18 | 003,981,312 | ---- | M] (Brooks Internet Software, Inc.) [Auto | Running] -- C:\Program Files\RPM\rpmsrv.exe -- (rpm)
SRV - [2008/09/03 19:27:58 | 000,186,360 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\MNSFramework.exe -- (MNSFramework)
SRV - [2008/03/19 12:30:46 | 002,558,464 | R--- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\WINDOWS\System32\hasplms.exe -- (hasplms)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/06/26 22:20:16 | 000,010,240 | ---- | M] (NeoSmart Technologies) [Disabled | Stopped] -- C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe -- (TTFixerService)
SRV - [2007/03/21 11:57:56 | 000,516,096 | ---- | M] (Locktime Software) [On_Demand | Stopped] -- C:\Program Files\NetLimiter 2 Pro\nlsvc.exe -- (nlsvc)
SRV - [2007/03/08 17:23:04 | 000,045,056 | ---- | M] (PFU LIMITED) [Disabled | Stopped] -- C:\WINDOWS\twain_32\Fjscan32\FJTWMKSV.exe -- (FJTWMKSV)
SRV - [2007/02/08 18:14:10 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/06/29 21:57:50 | 000,032,768 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\system32\TpKmpSvc.exe -- (TpKmpSVC)
SRV - [2005/04/27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
SRV - [2001/05/08 05:10:00 | 000,053,248 | ---- | M] (IBM Corporation) [On_Demand | Stopped] -- C:\WINDOWS\cwbrxd.exe -- (Cwbrxd)


========== Driver Services (SafeList) ==========

DRV - [2012/03/01 11:05:15 | 000,447,208 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avckf.sys -- (avckf)
DRV - [2012/03/01 11:05:11 | 000,130,384 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys -- (bdselfpr)
DRV - [2012/03/01 11:05:10 | 000,609,984 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avc3.sys -- (avc3)
DRV - [2012/02/29 20:43:08 | 000,340,624 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trufos.sys -- (trufos)
DRV - [2012/02/29 20:43:06 | 000,360,976 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2012/02/20 18:40:18 | 000,012,952 | ---- | M] (Paramount Software UK Ltd) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PSVolAcc.sys -- (PSVolAcc)
DRV - [2012/02/20 18:40:08 | 000,016,024 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pssnap.sys -- (pssnap)
DRV - [2012/02/09 09:22:03 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2012/02/03 09:37:08 | 000,063,056 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bdsandbox.sys -- (bdsandbox)
DRV - [2011/11/25 14:59:40 | 000,240,184 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avchv.sys -- (avchv)
DRV - [2011/11/14 20:16:28 | 000,130,640 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2011/10/26 10:45:27 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2011/10/03 09:15:22 | 000,025,984 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VSPE.sys -- (EterlogicVirtualSerialDriver)
DRV - [2011/09/13 10:36:24 | 000,011,496 | ---- | M] (UVNC BVBA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mv2.sys -- (mv2)
DRV - [2011/08/31 03:58:00 | 000,130,320 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2011/08/03 18:15:00 | 007,473,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwNx32.sys -- (NETwNx32) ___ Intel®
DRV - [2011/07/13 07:16:56 | 000,141,432 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CprDrvr.sys -- (CprDrvr)
DRV - [2011/06/02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2011/03/30 17:16:18 | 000,170,464 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2011/03/30 16:04:56 | 000,581,984 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011/03/18 09:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2011/01/19 18:47:12 | 000,022,504 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011/01/13 11:18:50 | 000,132,608 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\5U877.sys -- (5U877)
DRV - [2010/12/23 13:43:12 | 000,023,608 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SndTAudio.sys -- (SndTAudio)
DRV - [2010/11/25 14:59:16 | 000,606,056 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8192su.sys -- (RTL8192su)
DRV - [2010/10/20 02:09:58 | 001,761,920 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAU32.sys -- (CnxtHdAudService)
DRV - [2010/09/23 09:14:30 | 000,993,576 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2010/09/17 16:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/09/17 16:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/09/16 19:00:00 | 000,051,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2010/09/07 14:09:06 | 000,013,680 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2010/08/16 15:31:26 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2010/08/16 15:31:22 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2010/07/22 09:38:14 | 000,167,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress) Intel®
DRV - [2010/06/25 10:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2010/06/22 03:37:40 | 000,091,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2010/06/16 13:44:38 | 000,120,432 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2010/06/16 13:44:38 | 000,020,592 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2010/05/19 23:15:04 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2010/05/11 12:00:34 | 000,020,072 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133)
DRV - [2010/02/24 14:11:40 | 000,023,920 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2010/02/24 04:13:20 | 000,201,176 | ---- | M] () [File_System | Auto | Running] -- C:\Program Files\WebDrive\wdfsd.sys -- (WebDriveFSD)
DRV - [2010/01/19 19:32:40 | 000,085,128 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\bdvedisk.sys -- (BDVEDISK)
DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/11/11 10:48:00 | 000,027,519 | ---- | M] (Billionton Corporation Reserved.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBKR100.SYS -- (USB-100)
DRV - [2009/10/26 12:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/09/18 13:54:38 | 000,533,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009/09/17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2009/09/08 01:40:26 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssecmdm.sys -- (ssecmdm)
DRV - [2009/09/08 01:40:26 | 000,086,528 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssecbus.sys -- (ssecbus) Samsung Mobile Modem Device driver (WDM)
DRV - [2009/09/08 01:40:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssecmdfl.sys -- (ssecmdfl)
DRV - [2009/07/06 11:09:06 | 000,051,200 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/06/30 11:59:00 | 000,986,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2009/06/30 11:58:00 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2009/06/30 11:58:00 | 000,210,304 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2009/05/22 11:46:42 | 000,010,536 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Hmonitor.sys -- (hmonitor)
DRV - [2009/04/15 23:53:20 | 000,340,736 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2009/03/13 13:47:26 | 000,012,560 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp) SMI Helper Driver (smihlp)
DRV - [2009/02/12 14:43:00 | 000,045,056 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimspe86.sys -- (rimspci)
DRV - [2008/11/16 19:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/07/24 17:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/07/03 10:59:54 | 000,193,696 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2008/03/18 15:09:16 | 000,350,720 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2008/02/27 13:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/02/11 15:55:04 | 000,586,240 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2008/02/04 17:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/12/17 16:57:14 | 000,045,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\intelsmb.sys -- (smbusp) Intel®
DRV - [2007/07/19 16:16:54 | 000,016,512 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\iPig\Client\tcpredir.sys -- (tcpredir)
DRV - [2007/06/19 23:35:40 | 000,024,096 | ---- | M] (TamoSoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ts_lb.sys -- (ts_lb)
DRV - [2007/06/08 09:58:46 | 000,021,504 | ---- | M] (STMicroelectronics, INC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\stm_tpm.sys -- (stmtpm)
DRV - [2007/04/23 04:03:04 | 000,082,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nltdi.sys -- (nltdi)
DRV - [2007/04/09 09:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/04/09 09:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/04/09 09:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/02/18 22:56:46 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2007/02/06 23:38:32 | 001,133,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/12/28 14:44:40 | 000,260,096 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvm323.sys -- (ZSMC326) VIMICRO USB2.0 PC Camera(VC0323)
DRV - [2006/12/25 15:32:52 | 000,049,489 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mamotou.sys -- (mamotou)
DRV - [2006/12/07 22:04:48 | 000,019,240 | ---- | M] (TamoSoft) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cv2k1.sys -- (CV2K1)
DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/10/02 01:55:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SMAPINT.SYS -- (Smapint)
DRV - [2006/10/02 01:55:00 | 000,009,343 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TDSMAPI.SYS -- (TDSMAPI)
DRV - [2006/08/08 12:25:40 | 000,476,672 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmfilter323.sys -- (vmfilter323)
DRV - [2006/06/09 05:49:41 | 000,019,200 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2006/05/18 09:49:00 | 000,061,067 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/05/18 09:48:00 | 000,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2005/08/18 12:44:44 | 000,011,473 | ---- | M] (Mobile Action Technology Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\MaVc2K.sys -- (MaVctrl)
DRV - [2005/04/20 01:38:00 | 000,016,384 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWR.SYS -- (TPPWR)
DRV - [2005/03/03 01:14:18 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2005/03/03 01:14:04 | 000,006,016 | ---- | M] (RDV Soft) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vnccom.SYS -- (vnccom)
DRV - [2004/08/24 15:16:54 | 000,003,584 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SMDRV.SYS -- (SMDRV)
DRV - [2002/05/02 12:52:22 | 000,018,189 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5)
DRV - [2002/05/02 12:52:22 | 000,017,134 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2002/01/23 08:28:32 | 000,089,984 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PhilDecN.sys -- (phildecn) Philips WDM Video Decoder (PHILDECN)
DRV - [2002/01/15 13:04:06 | 001,088,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2001/12/28 22:10:16 | 000,050,688 | ---- | M] (Actiontec Electronics, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AEIWLNDS.sys -- (AEIWL)
DRV - [1996/04/03 12:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.8.1: "C:\Program Files\VideoLAN\VLC\mozilla\npvlc.dll" File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Firefox\components [2012/02/22 11:31:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Firefox\plugins [2012/02/18 15:58:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\

[2011/09/01 16:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Extensions
[2012/03/11 10:25:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\go3ojoq5.default\extensions
[2011/12/02 10:32:12 | 000,000,000 | ---D | M] (Qualys BrowserCheck) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\go3ojoq5.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
[2012/01/28 09:55:04 | 000,000,000 | ---D | M] (PriceBlink) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\go3ojoq5.default\extensions\[email protected]
[2012/02/07 18:43:57 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\go3ojoq5.default\extensions\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\GARY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GO3OJOQ5.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\GARY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GO3OJOQ5.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\DOCUMENTS AND SETTINGS\GARY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GO3OJOQ5.DEFAULT\EXTENSIONS\[email protected]

O1 HOSTS File: ([2012/03/15 23:07:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O3 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [AEIWLSTA.EXE] C:\WINDOWS\System32\AEIWLSTA.exe (Actiontec Electronics, Inc)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [BMMGAG] C:\Program Files\ThinkPad\Utilities\PWRMONIT.DLL (IBM Corp.)
O4 - HKLM..\Run: [Client Access Express Welcome] C:\Program Files\Client Access\cwbwlwiz.exe (IBM Corporation)
O4 - HKLM..\Run: [Client Access Service] C:\Program Files\Client Access\cwbsvstr.exe (IBM Corporation)
O4 - HKLM..\Run: [ClipX] C:\Program Files\ClipX\clipx.exe ()
O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKLM..\Run: [frymxins] C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [FtLnSOP_setup] C:\WINDOWS\twain_32\Fjscan32\SOP\FtLnSOP.exe (PFU LIMITED)
O4 - HKLM..\Run: [IconSaver] C:\Program Files\IconSaver\IconSaver.exe ()
O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [pdfFactory Pro Dispatcher v3] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [RotateImage] C:\Program Files\Integrated Camera Driver\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [SMSI Loader] C:\Program Files\Common Files\Smith Micro Shared\Fax\SMLoader.exe (Smith Micro Software, Inc.)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\Startup Delayer\Startup Launcher GUI.exe (r2 studios)
O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004..\Run: [AnyTime Organizer] C:\Program Files\AnyTime Deluxe\AtDem.exe (Individual Software, Inc.)
O4 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004..\Run: [WinSnap] C:\Program Files\WinSnap\WinSnap.exe (NTWind Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SpyTheSpy.lnk = C:\Program Files\SpyTheSpy\SpyTheSpy.exe ()
O4 - Startup: C:\Documents and Settings\Gary\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files\WordPerfectX5\WordPerfect Office X5\Programs\WPLauncher.hta ()
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\HTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\HTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll ()
O9 - Extra 'Tools' menuitem : Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\.DEFAULT\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: download.microsoft.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: endicia.com ([www.postage] https in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: ibm.com ([icm1.teleweb.ca] https in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: lenovo.com ([chat.lel] https in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: lenovo.com ([expertslive] https in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: lenovo.com ([rto1.lel] https in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: lenovo.com ([rto2.lel] https in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: magicjack.com ([my] * in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: talk4free.com ([reg] * in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: update.microsoft.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: update.microsoft.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-133707808-2752991226-3942243025-1004\..Trusted Domains: windowsupdate.microsoft.com ([]http in Trusted sites)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {43E3F87D-DE7F-4087-BD4F-0DC854981158} http://download.micr...dd/clearadj.CAB (Reg Error: Key error.)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.s...abs/tgctlsr.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1306702878968 (WUWebControl Class)
O16 - DPF: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} http://update.micros...b?1306702799546 (MUWebControl Class)
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www.ca.com/us...nfo/webscan.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.micr...44/igdtoolx.cab (IGDTester Class)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.micr...04/clearadj.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.we...ort/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.51.205.100 66.51.206.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{250DB406-BC7D-4209-B3DC-8B44D1C7A457}: NameServer = 66.51.205.100,66.51.206.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30ECAD80-1BF9-4942-B34F-08F80B882B76}: DhcpNameServer = 66.51.205.100 66.51.206.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30ECAD80-1BF9-4942-B34F-08F80B882B76}: NameServer = 66.51.205.100,66.51.206.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7084C14A-C055-4B77-B74E-52C57C1D665D}: NameServer = 66.51.205.100,66.51.206.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3F3ED5D-F192-4913-9E8E-DFC35EACD207}: NameServer = 66.51.205.100,66.51.206.100
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\g7ps {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll (G7 Productivity Systems, Inc.)
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\qbpos {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\Program Files\Common Files\Intuit\QuickBooks\QBPOSProtocol.dll (Intuit Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) -C:\WINDOWS\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Gary\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gary\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/08/28 19:41:20 | 000,565,760 | ---- | M] (Microsoft Corporation) - C:\AUTOCHK.EXE -- [ NTFS ]
O32 - AutoRun File - [2002/07/24 09:55:44 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/09/01 17:37:41 | 000,001,094 | ---- | M] () - C:\AUTOEXEC2.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/26 14:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/26 14:28:04 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/03/26 14:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/03/23 17:43:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\IsolatedStorage
[2012/03/23 17:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TurboTax 2011
[2012/03/21 12:24:59 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/03/15 22:54:13 | 004,436,988 | R--- | C] (Swearware) -- C:\Documents and Settings\Gary\Desktop\ComboFix.exe
[2012/03/11 10:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Application Data\Free Download Manager
[2012/03/11 10:25:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Free Download Manager
[2012/03/11 10:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2012/03/04 11:28:47 | 000,114,304 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssecmdm.sys
[2012/03/04 11:28:47 | 000,086,528 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssecbus.sys
[2012/03/04 11:28:47 | 000,014,976 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssecmdfl.sys
[2012/03/04 11:28:47 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssecwhnt.sys
[2012/03/04 11:28:47 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssecwh.sys
[2012/03/04 11:28:47 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sseccmnt.sys
[2012/03/04 11:28:47 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sseccm.sys
[2012/03/04 11:28:26 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2012/03/04 11:27:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/02/29 20:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\bdch
[2012/02/29 20:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gary\Application Data\Bitdefender
[2012/02/29 20:05:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Bitdefender
[2012/02/29 19:30:48 | 000,340,624 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2012/02/29 19:30:47 | 000,360,976 | ---- | C] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys
[2012/02/29 18:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/02/29 16:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2004/11/05 12:09:41 | 000,098,304 | ---- | C] ( ) -- C:\WINDOWS\System32\Uwimm.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/28 14:59:07 | 000,000,221 | ---- | M] () -- C:\WINDOWS\System32\checkdnsid.xml
[2012/03/28 14:31:34 | 000,000,212 | ---- | M] () -- C:\WINDOWS\vuepro32.ini
[2012/03/28 07:06:28 | 000,034,805 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012/03/26 15:04:33 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/03/26 15:03:44 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/26 15:02:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/26 15:02:37 | 2067,443,712 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/26 14:40:51 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/03/26 14:40:51 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/26 11:30:05 | 000,003,140 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2012/03/23 17:50:08 | 000,000,590 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2012/03/23 17:41:59 | 000,001,880 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TurboTax 2011.lnk
[2012/03/23 14:36:35 | 000,001,664 | ---- | M] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\UltraEdit.lnk
[2012/03/23 14:36:35 | 000,001,646 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\UltraEdit.lnk
[2012/03/23 09:22:19 | 2067,447,808 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2012/03/15 23:07:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/03/15 22:54:26 | 004,436,988 | R--- | M] (Swearware) -- C:\Documents and Settings\Gary\Desktop\ComboFix.exe
[2012/03/12 13:09:50 | 000,000,385 | ---- | M] () -- C:\WINDOWS\SMDebug.ini
[2012/03/12 13:01:50 | 000,000,430 | ---- | M] () -- C:\WINDOWS\System32\HFMC.CFG
[2012/03/12 13:00:13 | 000,000,369 | ---- | M] () -- C:\WINDOWS\SMSI.INI
[2012/03/12 12:42:35 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HotFax Message Center.lnk
[2012/03/12 11:49:48 | 000,000,396 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/03/12 11:45:53 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\talkShakeIcon.job
[2012/03/12 11:44:15 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Talk.lnk
[2012/03/11 10:25:27 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk
[2012/03/01 11:05:15 | 000,447,208 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\avckf.sys
[2012/03/01 11:05:10 | 000,609,984 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\avc3.sys
[2012/02/29 20:53:44 | 000,444,564 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1330569044.bdinstall.bin
[2012/02/29 20:43:08 | 000,340,624 | ---- | M] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys
[2012/02/29 20:43:06 | 000,360,976 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys
[2012/02/29 20:12:01 | 000,000,385 | ---- | M] () -- C:\WINDOWS\System32\user_gensett.xml
[2012/02/29 20:10:27 | 000,001,873 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Bitdefender Antivirus Plus 2012.lnk
[2012/02/29 18:35:50 | 000,139,870 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\1330559400.bdinstall.bin
[2012/02/29 18:32:07 | 000,000,089 | ---- | M] () -- C:\WINDOWS\Spell Catcher.INI
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/26 14:28:05 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/03/26 14:28:05 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/23 17:42:12 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2012/03/23 17:41:59 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TurboTax 2011.lnk
[2012/03/23 14:36:35 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\UltraEdit.lnk
[2012/03/23 14:36:35 | 000,001,646 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\UltraEdit.lnk
[2012/03/12 11:49:48 | 000,000,396 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/03/12 11:45:52 | 000,000,268 | ---- | C] () -- C:\WINDOWS\tasks\talkShakeIcon.job
[2012/03/12 09:45:48 | 2067,443,712 | -HS- | C] () -- C:\hiberfil.sys
[2012/03/11 10:25:27 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk
[2012/03/08 09:11:24 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\checkdnsid.xml
[2012/02/29 20:53:44 | 000,444,564 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1330569044.bdinstall.bin
[2012/02/29 20:12:01 | 000,000,385 | ---- | C] () -- C:\WINDOWS\System32\user_gensett.xml
[2012/02/29 20:10:27 | 000,001,873 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Bitdefender Antivirus Plus 2012.lnk
[2012/02/29 18:35:50 | 000,139,870 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1330559400.bdinstall.bin
[2012/02/22 09:15:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/14 11:28:51 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/02 17:50:29 | 000,639,320 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-133707808-2752991226-3942243025-1004-0.dat
[2012/02/02 17:50:27 | 000,602,918 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/01 19:33:13 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2012/01/27 20:02:35 | 000,171,164 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1327718518.bdinstall.bin
[2012/01/27 17:23:43 | 000,302,042 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1327708936.bdinstall.bin
[2012/01/27 10:20:01 | 000,617,052 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1327682970.bdinstall.bin
[2012/01/26 21:19:03 | 000,000,022 | -HS- | C] () -- C:\Documents and Settings\Gary\Application Data\Sys2662.Config.Repository.bin
[2011/12/17 10:15:18 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\0782A18B0A.sys
[2011/10/26 10:45:27 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2011/10/03 09:15:22 | 000,025,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\VSPE.sys
[2011/09/25 14:17:39 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\A4DABE9A09.sys
[2011/09/22 21:01:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/09/22 21:01:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/22 21:01:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/09/22 21:01:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/09/22 21:01:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/21 11:04:44 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\rootrepeal.sys
[2011/09/18 23:09:23 | 000,000,220 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\profile.wkp
[2011/09/06 22:04:43 | 000,000,116 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\archCalc.Prefs
[2011/08/31 09:31:08 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\587E447A25.sys
[2011/08/26 09:54:51 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\51B05C58E0.sys
[2011/08/23 22:38:41 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\1617EC5C27.sys
[2011/08/22 09:46:49 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\215AFABA7D.sys
[2011/08/15 12:31:05 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\B21765FADC.sys
[2011/08/12 12:55:32 | 000,000,251 | ---- | C] () -- C:\WINDOWS\System32\drivers\hlldrvr.sys
[2011/08/12 12:55:01 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\cwbwiz.dll
[2011/08/12 12:55:00 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\cwbrw.dll
[2011/07/13 07:16:56 | 000,141,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\CprDrvr.sys
[2011/07/13 07:15:14 | 000,106,208 | ---- | C] () -- C:\WINDOWS\System32\CprIf.dll
[2011/06/16 07:14:40 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\D09F512B2C.sys
[2011/05/31 09:14:36 | 000,725,064 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2011/05/31 09:14:26 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2011/05/31 09:14:25 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2011/05/31 07:29:57 | 000,463,864 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/05/31 07:21:02 | 000,000,661 | ---- | C] () -- C:\WINDOWS\System32\VoipUpdate.ini
[2011/05/30 08:41:21 | 000,034,805 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011/05/30 08:09:15 | 000,217,928 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/05/30 08:09:12 | 000,217,928 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/05/30 08:09:12 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/05/30 08:08:11 | 002,186,342 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011/01/21 10:58:31 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\SMDRV.SYS
[2011/01/21 08:58:45 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/01/21 08:58:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011/01/21 08:58:40 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/01/21 08:58:39 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/21 08:58:38 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/12/17 21:32:59 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2010/12/02 22:50:13 | 000,099,877 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\Talk.dmp
[2010/11/12 22:24:48 | 000,003,140 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/11/12 22:24:48 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\ECB69BB7BF.sys
[2010/11/09 18:09:07 | 000,093,417 | ---- | C] () -- C:\WINDOWS\LookDisk Uninstaller.exe
[2010/11/04 04:53:49 | 000,005,904 | ---- | C] () -- C:\WINDOWS\System32\CLIP.EXE
[2010/09/22 14:18:56 | 002,860,384 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2010/09/19 11:32:42 | 000,000,698 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2010/09/19 10:26:48 | 000,100,584 | ---- | C] () -- C:\WINDOWS\hpgins14.dat
[2010/09/14 12:58:18 | 000,094,215 | ---- | C] () -- C:\WINDOWS\hpqins09.dat.temp
[2010/09/09 15:49:27 | 000,116,987 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2010/09/09 15:49:27 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2010/09/09 13:09:35 | 000,094,215 | ---- | C] () -- C:\WINDOWS\hpqins09.dat
[2010/08/17 19:22:02 | 000,070,721 | ---- | C] () -- C:\WINDOWS\hpqins01.dat
[2010/06/27 10:11:30 | 000,065,536 | ---- | C] () -- C:\Program Files\Logger Pro 3
[2010/06/25 10:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/06/18 10:31:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2010/05/14 15:59:12 | 000,097,697 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2010/05/05 17:54:08 | 000,000,036 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2010/04/24 15:27:03 | 000,000,178 | ---- | C] () -- C:\WINDOWS\WattsUpUSB.ini
[2010/04/09 08:13:36 | 000,000,400 | ---- | C] () -- C:\WINDOWS\crackpdf.INI
[2010/03/08 11:36:17 | 000,001,571 | ---- | C] () -- C:\WINDOWS\Faxcpp1.ini
[2010/03/08 11:36:17 | 000,000,422 | ---- | C] () -- C:\WINDOWS\Faxcpp.ini
[2010/03/08 11:35:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\Twscan32.dll
[2010/03/08 11:35:00 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\Png32.dll
[2010/03/08 11:35:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Tga32.dll
[2010/03/08 11:34:59 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\Image32.dll
[2010/03/08 11:34:59 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2010/03/08 11:34:59 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Pcx32.dll
[2010/02/23 14:06:14 | 000,000,225 | ---- | C] () -- C:\WINDOWS\DAZZLE.INI
[2009/12/30 22:31:24 | 000,000,173 | -H-- | C] () -- C:\Documents and Settings\Gary\Application Data\lakerda1967.sys
[2009/12/30 22:30:44 | 000,010,584 | ---- | C] () -- C:\Documents and Settings\Gary\Application Data\docXConverter (3).ini
[2009/12/18 11:35:06 | 000,212,992 | ---- | C] () -- C:\WINDOWS\VMSnap23.exe
[2009/12/18 11:35:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\VMCap323.exe
[2009/11/28 11:37:36 | 000,000,712 | ---- | C] () -- C:\WINDOWS\FJTWSTI.INI
[2009/11/27 15:32:35 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi60fex0419.dll
[2009/11/27 15:32:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0419.dll
[2009/11/27 15:32:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0419.dll
[2009/11/27 15:32:32 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0419.dll
[2009/11/27 15:32:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0C0A.dll
[2009/11/27 15:32:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0419.dll
[2009/11/27 15:32:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0416.dll
[2009/11/27 15:32:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0410.dll
[2009/11/27 15:32:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex040C.dll
[2009/11/27 15:32:31 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0412.dll
[2009/11/27 15:32:31 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0411.dll
[2009/11/27 15:32:31 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0409.dll
[2009/11/27 15:32:31 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0804.dll
[2009/11/27 15:32:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0407.dll
[2009/11/27 15:32:30 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5900ex0404.dll
[2009/11/27 15:32:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0C0A.dll
[2009/11/27 15:32:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0419.dll
[2009/11/27 15:32:28 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0804.dll
[2009/11/27 15:32:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0410.dll
[2009/11/27 15:32:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex040C.dll
[2009/11/27 15:32:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0409.dll
[2009/11/27 15:32:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0407.dll
[2009/11/27 15:32:27 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0412.dll
[2009/11/27 15:32:27 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi55302ex0411.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0C0A.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0419.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0416.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0410.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex040C.dll
[2009/11/27 15:32:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0407.dll
[2009/11/27 15:32:26 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0409.dll
[2009/11/27 15:32:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0804.dll
[2009/11/27 15:32:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0412.dll
[2009/11/27 15:32:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0411.dll
[2009/11/27 15:32:26 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6750ex0404.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0C0A.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0419.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0416.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0410.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex040C.dll
[2009/11/27 15:32:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0407.dll
[2009/11/27 15:32:25 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0409.dll
[2009/11/27 15:32:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0804.dll
[2009/11/27 15:32:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0412.dll
[2009/11/27 15:32:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0411.dll
[2009/11/27 15:32:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6670ex0404.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0C0A.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0419.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0416.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0410.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex040C.dll
[2009/11/27 15:32:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0407.dll
[2009/11/27 15:32:23 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0409.dll
[2009/11/27 15:32:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0804.dll
[2009/11/27 15:32:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0412.dll
[2009/11/27 15:32:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0411.dll
[2009/11/27 15:32:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6770ex0404.dll
[2009/11/27 15:32:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0C0A.dll
[2009/11/27 15:32:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0419.dll
[2009/11/27 15:32:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0412.dll
[2009/11/27 15:32:22 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0411.dll
[2009/11/27 15:32:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0804.dll
[2009/11/27 15:32:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0410.dll
[2009/11/27 15:32:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex040C.dll
[2009/11/27 15:32:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0409.dll
[2009/11/27 15:32:21 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0407.dll
[2009/11/27 15:32:21 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6230Tex0404.dll
[2009/11/27 15:32:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0C0A.dll
[2009/11/27 15:32:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0419.dll
[2009/11/27 15:32:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0410.dll
[2009/11/27 15:32:20 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0412.dll
[2009/11/27 15:32:20 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0411.dll
[2009/11/27 15:32:20 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0804.dll
[2009/11/27 15:32:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex040C.dll
[2009/11/27 15:32:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0409.dll
[2009/11/27 15:32:19 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0407.dll
[2009/11/27 15:32:19 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6130Tex0404.dll
[2009/11/27 15:32:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0C0A.dll
[2009/11/27 15:32:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0419.dll
[2009/11/27 15:32:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0416.dll
[2009/11/27 15:32:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0804.dll
[2009/11/27 15:32:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0410.dll
[2009/11/27 15:32:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex040C.dll
[2009/11/27 15:32:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0409.dll
[2009/11/27 15:32:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0407.dll
[2009/11/27 15:32:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0412.dll
[2009/11/27 15:32:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0411.dll
[2009/11/27 15:32:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6230ex0404.dll
[2009/11/27 15:32:15 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0C0A.dll
[2009/11/27 15:32:15 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0804.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0419.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0416.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0410.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex040C.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0409.dll
[2009/11/27 15:32:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0407.dll
[2009/11/27 15:32:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0412.dll
[2009/11/27 15:32:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0411.dll
[2009/11/27 15:32:14 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6130ex0404.dll
[2009/11/27 15:32:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0C0A.dll
[2009/11/27 15:32:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0419.dll
[2009/11/27 15:32:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0416.dll
[2009/11/27 15:32:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0410.dll
[2009/11/27 15:32:11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0412.dll
[2009/11/27 15:32:11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0411.dll
[2009/11/27 15:32:11 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0804.dll
[2009/11/27 15:32:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex040C.dll
[2009/11/27 15:32:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0409.dll
[2009/11/27 15:32:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0407.dll
[2009/11/27 15:32:10 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6240ex0404.dll
[2009/11/27 15:32:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0C0A.dll
[2009/11/27 15:32:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0419.dll
[2009/11/27 15:32:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0416.dll
[2009/11/27 15:32:09 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0412.dll
[2009/11/27 15:32:09 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0804.dll
[2009/11/27 15:32:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0410.dll
[2009/11/27 15:32:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex040C.dll
[2009/11/27 15:32:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0409.dll
[2009/11/27 15:32:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0407.dll
[2009/11/27 15:32:08 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0411.dll
[2009/11/27 15:32:08 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi6140ex0404.dll
[2009/11/02 17:10:33 | 000,001,927 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Principia Products.zip
[2009/10/05 14:46:40 | 000,003,116 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2009/09/09 16:07:30 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[2009/09/06 16:50:05 | 000,000,239 | ---- | C] () -- C:\WINDOWS\AQUALAND.INI
[2009/09/01 14:25:19 | 000,009,216 | ---- | C] () -- C:\WINDOWS\nvapi.dll
[2009/07/17 20:13:34 | 000,010,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\Hmonitor.sys
[2009/07/17 19:15:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\windowfx3.ini
[2009/07/17 19:12:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\windowfx2.ini
[2009/07/17 13:12:11 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\setupfilter.exe
[2009/07/16 08:49:02 | 000,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2009/05/12 14:35:00 | 000,857,307 | ---- | C] () -- C:\WINDOWS\System32\SSCProt.dll
[2009/03/19 08:57:34 | 000,000,052 | ---- | C] () -- C:\WINDOWS\pdf2rtf.INI
[2009/03/19 08:56:44 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\pdf2word.DAT
[2009/02/13 12:36:32 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\REGISTRY.INI
[2009/01/31 15:42:47 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/01/28 23:40:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OODCNT.INI
[2008/11/06 09:33:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/10/18 19:30:26 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\8DC136AF17.sys
[2008/09/17 12:19:12 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\fusioncache.dat
[2008/09/17 10:53:58 | 000,089,277 | ---- | C] () -- C:\WINDOWS\hpoins06.dat.temp
[2008/09/17 10:53:58 | 000,005,389 | ---- | C] () -- C:\WINDOWS\hpomdl06.dat.temp
[2008/09/03 19:27:58 | 000,186,360 | ---- | C] () -- C:\WINDOWS\System32\MNSFramework.exe
[2008/08/27 00:52:46 | 000,180,134 | ---- | C] () -- C:\WINDOWS\hpwins14.dat.temp
[2008/08/27 00:52:46 | 000,001,108 | ---- | C] () -- C:\WINDOWS\hpwmdl14.dat.temp
[2008/08/26 17:42:33 | 000,012,998 | R--- | C] () -- C:\WINDOWS\hpwscr14.dat
[2008/08/15 23:15:40 | 000,164,623 | ---- | C] () -- C:\WINDOWS\hpoins21.dat
[2008/08/15 23:15:40 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat
[2008/07/13 18:49:45 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\D626B87732.sys
[2008/07/04 17:13:29 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll
[2008/07/04 17:08:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\TpKmpSvc.exe
[2008/07/04 16:26:56 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2008/07/04 15:33:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/07/04 15:18:46 | 000,061,440 | ---- | C] () -- C:\WINDOWS\ContextMenuExt.dll
[2008/05/27 22:42:20 | 000,000,029 | ---- | C] () -- C:\WINDOWS\Atw.INI
[2008/05/15 13:34:14 | 000,026,448 | ---- | C] () -- C:\WINDOWS\System32\smfaxmon.dll
[2008/05/04 09:41:26 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/04/17 22:34:20 | 000,000,395 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/03/13 21:26:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/01/30 15:34:18 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Gary\Local Settings\Application Data\PUTTY.RND
[2008/01/14 16:47:06 | 000,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll
[2008/01/03 21:23:41 | 000,098,304 | R--- | C] () -- C:\WINDOWS\Opdirdel.exe
[2007/12/30 15:55:16 | 000,000,050 | ---- | C] () -- C:\WINDOWS\winzipme.ini
[2007/12/11 09:40:07 | 000,000,099 | ---- | C] () -- C:\WINDOWS\(null)toolkit.ini
[2007/11/17 20:21:27 | 000,000,230 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2007/11/15 07:51:27 | 000,011,254 | ---- | C] () -- C:\WINDOWS\System32\locate.com
[2007/11/13 07:56:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2007/11/13 07:56:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBFC.dat
[2007/10/17 08:34:27 | 000,133,632 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2007/10/17 08:34:27 | 000,003,300 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Windows Media Audio 9 Codec.dat
[2007/08/27 09:12:43 | 000,004,964 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/08/23 16:57:43 | 000,092,192 | ---- | C] () -- C:\WINDOWS\System32\mapi32x.dll
[2007/08/09 04:26:44 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2007/06/18 22:10:11 | 000,026,641 | ---- | C] () -- C:\WINDOWS\CONSETUP.EXE
[2007/05/29 11:57:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pp.ini
[2007/03/08 15:47:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\ftdiunin.exe
[2007/03/08 15:47:15 | 000,000,089 | R--- | C] () -- C:\WINDOWS\System32\FTD2XXUN.ini
[2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/02/08 18:14:10 | 000,174,656 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2007/01/07 17:57:01 | 000,000,968 | ---- | C] () -- C:\WINDOWS\seRapid.INI
[2006/11/26 13:25:26 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Progs_.ini
[2006/11/15 10:54:47 | 000,000,283 | ---- | C] () -- C:\WINDOWS\MLTCLIP.INI
[2006/11/14 16:48:49 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\CBNDLL.DLL
[2006/11/14 16:48:49 | 000,015,408 | ---- | C] () -- C:\WINDOWS\System32\CB560WIN.DLL
[2006/11/14 16:48:49 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\CBNVDD.DLL
[2006/11/12 22:34:51 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHealr.dll
[2006/11/12 15:53:06 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpspmins.dll
[2006/11/07 23:45:26 | 000,001,385 | ---- | C] () -- C:\WINDOWS\PhoneDialer.ini
[2006/11/05 11:24:09 | 000,130,560 | ---- | C] () -- C:\WINDOWS\System32\ZIPDLL.DLL
[2006/11/05 11:24:09 | 000,125,440 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.DLL
[2006/11/05 11:24:08 | 000,090,112 | ---- | C] () -- C:\WINDOWS\inst_tsp.exe
[2006/11/02 08:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006/10/28 08:48:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\graphedit.INI
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0C0A.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0410.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex040C.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0407.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0C0A.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0419.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0410.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex040C.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0409.dll
[2006/10/27 21:27:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0407.dll
[2006/10/27 21:27:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0409.dll
[2006/10/27 21:27:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0412.dll
[2006/10/27 21:27:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0411.dll
[2006/10/27 21:27:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0804.dll
[2006/10/27 21:27:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi60Fex0411.dll
[2006/10/27 21:27:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5220ex0804.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0419.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0409.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0407.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0419.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0409.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0407.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0409.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0407.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0407.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0407.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0C0A.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0410.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex040C.dll
[2006/10/27 21:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0407.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0412.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0411.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0412.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0411.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0411.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0409.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0409.dll
[2006/10/27 21:27:17 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0409.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5530ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5120ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5110ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4340ex0411.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi42202ex0411.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0804.dll
[2006/10/27 21:27:17 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi41202ex0411.dll
[2006/10/27 21:27:16 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex.dll
[2006/10/27 21:27:16 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex.dll
[2006/10/27 21:27:16 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0C0A.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0410.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex040C.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0407.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0C0A.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0410.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex040C.dll
[2006/10/27 21:27:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0407.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0409.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0409.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0c0a.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0410.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex040C.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0409.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0407.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0C0A.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0410.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex040C.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0409.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0407.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0C0A.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0410.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex040C.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0409.dll
[2006/10/27 21:27:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0407.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0804.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5750ex0411.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0804.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi5650ex0411.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0804.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4530ex0411.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0804.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4220ex0411.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0804.dll
[2006/10/27 21:27:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\fi4120ex0411.dll
[2006/10/26 13:10:28 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/10/14 21:33:51 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\nmocod.dll
[2006/10/14 12:51:03 | 000,000,305 | ---- | C] () -- C:\WINDOWS\PICKLIST.INI
[2006/10/14 12:30:09 | 000,000,298 | ---- | C] () -- C:\WINDOWS\MIREPAIR.INI
[2006/10/14 12:30:09 | 000,000,058 | ---- | C] () -- C:\WINDOWS\MITCHELL.INI
[2006/10/14 12:28:22 | 000,003,299 | ---- | C] () -- C:\WINDOWS\ODWIN.INI
[2006/10/14 12:28:22 | 000,000,754 | ---- | C] () -- C:\WINDOWS\BTI.INI
[2006/08/27 22:34:27 | 000,000,212 | ---- | C] () -- C:\WINDOWS\vuepro32.ini
[2006/08/26 11:39:11 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\syswd36.ini
[2006/08/25 22:15:31 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\syswd31.ini
[2006/08/25 22:15:30 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\syswd1.ini
[2006/07/26 23:28:24 | 000,012,499 | ---- | C] () -- C:\WINDOWS\System32\Seagate.bin
[2006/07/03 15:02:51 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Print.ini
[2006/06/20 12:42:49 | 000,000,385 | ---- | C] () -- C:\WINDOWS\SMDebug.ini
[2006/06/14 14:48:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/05/13 11:20:14 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
[2006/04/14 15:16:06 | 000,111,376 | ---- | C] () -- C:\WINDOWS\System32\expat.dll
[2006/04/14 15:16:06 | 000,040,792 | ---- | C] () -- C:\WINDOWS\System32\agcrypto.dll
[2006/04/03 21:54:39 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/04/01 12:30:09 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\rfwdui.dll
[2006/04/01 12:30:08 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\rfstrres.dll
[2006/03/25 23:41:30 | 000,000,131 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2006/02/28 10:27:40 | 000,684,100 | ---- | C] () -- C:\WINDOWS\System32\PC_ExplorerExtension.dll
[2006/02/04 14:19:07 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/01/23 15:53:25 | 000,000,745 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/22 22:33:05 | 000,393,264 | ---- | C] () -- C:\WINDOWS\System32\D125UR.DAT
[2006/01/22 22:33:05 | 000,008,575 | ---- | C] () -- C:\WINDOWS\System32\D125UFW.INI
[2006/01/09 13:46:04 | 000,000,283 | ---- | C] () -- C:\WINDOWS\vuepro32.ini.org
[2005/12/27 17:03:41 | 000,000,369 | ---- | C] () -- C:\WINDOWS\SMSI.INI
[2005/12/27 15:47:30 | 000,000,076 | ---- | C] () -- C:\WINDOWS\eFaxView.ini
[2005/12/21 17:53:06 | 000,000,459 | ---- | C] () -- C:\WINDOWS\qpw.INI
[2005/12/21 09:19:08 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2005/12/19 23:11:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TEXTART.INI
[2005/12/19 21:44:14 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2005/12/19 21:00:29 | 000,107,134 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2005/12/19 20:59:53 | 000,004,590 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/12/19 13:23:54 | 000,000,089 | ---- | C] () -- C:\WINDOWS\Spell Catcher.INI
[2005/11/30 20:16:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll
[2005/09/05 13:52:38 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2005/08/31 21:01:13 | 000,000,577 | ---- | C] () -- C:\WINDOWS\System32\gmsblist.dll
[2005/08/26 14:28:34 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2005/08/26 14:28:20 | 000,024,576 | ---- | C] () -- C:\WINDOWS\shortcut.exe
[2005/08/26 14:27:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2005/08/19 22:49:28 | 000,000,033 | ---- | C] () -- C:\WINDOWS\System32\gr6rlzay.dll
[2005/07/05 23:45:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll
[2005/04/08 17:42:06 | 000,087,540 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/03/25 16:42:50 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/03/11 11:34:10 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/03/11 11:34:10 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/03/11 11:34:10 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/03/11 11:34:09 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/03/11 11:34:09 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/03/11 11:34:08 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/02/01 17:00:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2005/02/01 17:00:44 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/10/27 12:59:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\RSADLLACE.DLL
[2004/10/27 12:59:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\RSADLL32.DLL
[2004/08/03 19:38:34 | 000,047,564 | ---- | C] () -- C:\WINDOWS\ntdetect.com
[2004/08/03 17:07:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/02 06:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/06/30 16:04:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SDelete.dll
[2004/05/27 09:44:03 | 000,143,414 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2004/05/27 09:44:03 | 000,049,852 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2004/05/20 20:47:20 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\Elmdll1.dll
[2004/03/07 14:51:00 | 000,024,924 | ---- | C] () -- C:\WINDOWS\System32\openports.dll
[2004/01/30 10:37:50 | 000,000,133 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2003/11/09 20:00:35 | 000,385,072 | ---- | C] () -- C:\WINDOWS\System32\HPRrm.dll
[2003/10/15 20:02:25 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\DrvTrNTl.dll
[2003/09/22 13:11:48 | 000,001,003 | ---- | C] () -- C:\WINDOWS\Corpscon.ini
[2003/05/15 17:19:08 | 000,294,400 | ---- | C] () -- C:\WINDOWS\System32\RSTOOL32.DLL
[2003/04/10 15:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/02/28 22:29:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\zdbui.ini
[2003/01/23 20:24:47 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/01 20:17:28 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\PnPscan.exe
[2002/11/01 19:15:44 | 000,200,765 | ---- | C] () -- C:\WINDOWS\System32\scandll.dll
[2002/10/10 11:03:08 | 000,151,610 | ---- | C] () -- C:\WINDOWS\System32\uddliv.exe
[2002/10/10 11:03:08 | 000,151,610 | ---- | C] () -- C:\WINDOWS\System32\uddbraxs.exe
[2002/10/10 11:03:08 | 000,151,610 | ---- | C] () -- C:\WINDOWS\System32\uddbraxp.exe
[2002/10/10 11:03:06 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DrvInit.exe
[2002/10/07 18:15:36 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2002/09/05 08:58:15 | 001,213,440 | ---- | C] () -- C:\WINDOWS\System32\opengl.dll
[2002/09/05 08:58:14 | 000,315,904 | ---- | C] () -- C:\WINDOWS\System32\glu.dll
[2002/09/05 08:58:14 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\glut.dll
[2002/07/19 15:34:03 | 000,106,496 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2002/07/19 15:33:53 | 000,377,600 | ---- | C] () -- C:\WINDOWS\System32\BOCOLE.DLL
[2002/07/19 15:33:53 | 000,167,456 | ---- | C] () -- C:\WINDOWS\System32\Bocof.dll
[2002/07/19 15:33:53 | 000,004,052 | ---- | C] () -- C:\WINDOWS\unwise.ini
[2002/07/19 15:27:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/07/19 15:23:40 | 000,184,320 | ---- | C] () -- C:\WINDOWS\TPBATHLP.EXE
[2002/07/19 15:20:34 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/07/19 15:20:16 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2002/07/19 15:17:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/07/19 15:11:28 | 000,022,024 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/07/19 15:04:35 | 000,004,387 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/07/19 15:03:41 | 002,536,744 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/04/16 08:14:44 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2002/04/16 08:14:42 | 000,338,944 | R--- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2002/03/21 15:39:02 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2002/03/21 13:51:52 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2002/03/21 12:51:52 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2002/03/21 12:51:52 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2002/03/21 12:51:52 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2002/03/21 12:51:52 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2002/03/21 12:51:52 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2002/03/21 12:51:52 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2002/03/20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002/03/20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002/03/20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002/03/20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
[2002/03/19 19:30:00 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\mag.dll
[2002/03/19 18:30:00 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\msvdm.dll
[2002/03/19 17:30:00 | 000,045,632 | ---- | C] () -- C:\WINDOWS\System32\TaskSwitch.exe
[2002/03/04 19:45:46 | 000,151,610 | ---- | C] () -- C:\WINDOWS\System32\UpdateDD.exe
[2002/03/01 15:43:34 | 000,028,008 | ---- | C] () -- C:\WINDOWS\System32\SUSUSB.SYS
[2001/12/03 17:50:58 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\LTTLS13N.DLL
[2001/12/03 17:50:20 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\LTCRY13N.DLL
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/10/02 13:32:26 | 000,000,319 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001/08/31 15:33:58 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\VxDMDcDlg.dll
[2001/08/29 20:57:40 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\addurl41.DLL
[2001/08/23 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 05:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/19 09:03:04 | 000,002,858 | ---- | C] () -- C:\WINDOWS\System32\egathdrv.sys
[2001/07/10 15:43:16 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\winwatch.DLL
[2001/07/06 16:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2001/06/08 14:54:30 | 000,003,478 | ---- | C] () -- C:\WINDOWS\translat.ini
[2000/07/22 16:49:46 | 000,431,104 | ---- | C] () -- C:\WINDOWS\System32\VFCodec.dll
[2000/07/07 07:49:30 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\LTDLL.DLL
[1996/04/03 12:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
[1980/01/01 00:00:00 | 000,497,916 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[1980/01/01 00:00:00 | 000,087,224 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[1980/01/01 00:00:00 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\tp4uires.dll
[1980/01/01 00:00:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\tp4unins.exe
[1980/01/01 00:00:00 | 000,003,745 | ---- | C] () -- C:\WINDOWS\System32\tp4table.dat
[1980/01/01 00:00:00 | 000,002,481 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[1980/01/01 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2008/07/09 15:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Individual Software
[2011/05/31 14:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Lenovo
[2008/08/11 08:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Locktime
[2008/07/09 15:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
[2008/08/19 08:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\r2 Studios
[2008/07/08 08:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Spearit
[2008/07/09 15:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\URSoft
[2008/07/09 15:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\VERITAS
[2012/02/03 17:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BDLogging
[2012/02/29 20:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bitdefender
[2012/02/29 16:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2008/07/08 22:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/01/26 19:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brooks Internet Software
[2011/02/10 18:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/12/27 16:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
[2011/12/27 16:23:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2008/07/08 22:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2010/05/06 08:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\G7PS
[2008/07/25 14:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2011/02/01 10:49:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gravic
[2008/12/14 16:45:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GrebleSoft
[2008/07/08 22:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GroupPolicy
[2008/07/11 01:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
[2010/02/07 17:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JudysApps
[2010/07/22 17:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Laplink
[2011/05/31 07:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2008/07/19 21:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime
[2012/03/28 07:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/01/31 04:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2011/02/21 13:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2011/09/27 21:39:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Martau
[2010/07/11 15:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2008/07/08 22:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGI
[2009/08/18 21:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microangelo On Display
[2009/07/19 10:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2012/02/01 19:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2011/06/01 09:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2008/07/08 22:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Prevx
[2008/07/08 22:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Principia Products
[2008/07/08 22:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\r2 Studios
[2008/07/08 22:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2012/03/04 11:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/01/16 09:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011/01/16 10:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Smart Soft
[2008/07/08 08:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spearit
[2011/02/18 18:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2008/07/08 22:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2008/07/08 22:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2010/05/06 14:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\System
[2011/05/12 09:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2011/05/30 08:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2008/07/08 22:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/03/29 18:09:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WebDrive
[2011/12/15 15:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WordPerfect Office X5
[2008/07/08 08:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ASPNET\Application Data\Spearit
[2008/07/09 15:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ASPNET\Application Data\VERITAS
[2008/07/08 08:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Spearit
[2008/07/09 15:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\VERITAS
[2008/07/09 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\.BitTornado
[2008/07/09 15:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\.tswebeditor
[2011/03/29 08:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Acronis
[2008/07/09 15:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\AcWizard
[2009/02/26 12:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\AI Internet Solutions
[2008/07/09 15:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Basta Computing
[2012/02/29 20:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Bitdefender
[2009/04/02 14:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\BozTeck
[2008/07/09 15:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\BPFTP
[2009/01/26 19:04:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Brooks Internet Software
[2008/07/09 15:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Caphyon
[2008/07/09 15:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Colasoft Capsa
[2008/07/09 15:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Convivea
[2011/05/31 14:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\ElevatedDiagnostics
[2010/02/09 10:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Endicia
[2008/07/09 15:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\FileMaker
[2009/08/29 11:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Foxit
[2011/05/12 23:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Foxit Software
[2012/03/28 15:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Free Download Manager
[2009/11/27 21:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Fujitsu
[2010/05/05 18:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\G7PS
[2011/05/13 11:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\GARMIN
[2011/01/11 10:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\GetRightToGo
[2010/07/18 15:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\gsmartcontrol
[2010/12/10 22:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\gtk-2.0
[2008/07/09 15:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Hyperionics
[2008/07/09 15:44:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\ImgBurn
[2008/07/09 15:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Individual Software
[2008/07/09 15:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Interactive Studios
[2008/07/09 15:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\InterVideo
[2010/09/22 20:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\IsolatedStorage
[2010/02/08 13:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\KC Softwares
[2008/12/30 00:31:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Key Metric Software
[2010/11/09 18:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\ldw_data
[2008/07/09 15:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Leadertech
[2008/07/09 15:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\LEAPS
[2011/05/31 08:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Lenovo
[2008/07/19 21:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Locktime
[2011/03/14 13:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Mikogo
[2011/12/17 20:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\mjusbsp
[2009/07/19 10:08:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\NCH Swift Sound
[2010/04/11 22:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\NetView
[2008/07/09 15:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Newsbin
[2011/03/14 08:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\OfficeRecovery
[2008/07/09 15:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\OfficeUpdate12
[2012/01/02 10:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\OpenOffice.org
[2011/06/01 09:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\PCDr
[2008/07/09 15:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Pegasys Inc
[2011/12/02 10:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Qualys
[2012/01/27 09:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\QuickScan
[2008/07/09 15:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\r2 Studios
[2008/12/14 16:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Remind-Me
[2008/07/09 15:46:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\ScanSoft
[2011/01/11 12:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Scratch09
[2011/01/16 10:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Smart PDF Converter
[2008/10/06 08:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\SmartDraw
[2012/02/26 13:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Software Informer
[2008/07/08 08:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Spearit
[2008/07/09 15:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Spell Catcher Plus
[2010/10/29 08:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\SyncSquare
[2012/01/03 18:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\SystemRequirementsLab
[2011/03/30 14:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\TeamViewer
[2011/10/26 10:19:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Thinstall
[2008/07/09 15:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Topaz Moment
[2010/09/21 18:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Trillian
[2008/07/09 15:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\URSoft
[2008/07/09 15:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\VERITAS
[2010/06/08 21:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\VSO
[2008/07/09 15:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\WildPackets
[2010/12/10 22:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Wireshark
[2010/05/03 17:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Z-Firm LLC
[2010/04/15 16:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gary\Application Data\Zeon
[2011/05/12 15:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Foxit Software
[2008/07/09 15:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Interactive Studios
[2008/07/09 07:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Spearit
[2008/07/08 08:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QBPOSDBSrvUser\Application Data\Spearit
[2008/07/09 15:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\QBPOSDBSrvUser\Application Data\VERITAS
[2011/12/17 10:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\scans\Application Data\Foxit Software
[2011/12/17 09:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\scans\Application Data\Lenovo
[2008/07/08 08:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\scans\Application Data\Spearit
[2008/07/09 15:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\scans\Application Data\VERITAS
[2011/01/21 12:03:07 | 000,000,584 | ---- | M] () -- C:\WINDOWS\Tasks\BMMTask.job
[2012/03/12 11:45:53 | 000,000,268 | ---- | M] () -- C:\WINDOWS\Tasks\talkShakeIcon.job

========== Purity Check ==========



< End of report >


~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-28 15:18:30
-----------------------------
15:18:30.718 OS Version: Windows 5.1.2600 Service Pack 3
15:18:30.718 Number of processors: 4 586 0x2502
15:18:30.718 ComputerName: DOCFXITLT UserName: Gary
15:18:38.187 Initialize success
15:19:06.765 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:19:06.781 Disk 0 Vendor: ST9500420AS 0002SDM1 Size: 476940MB BusType: 3
15:19:06.828 Disk 0 MBR read successfully
15:19:06.843 Disk 0 MBR scan
15:19:06.859 Disk 0 Windows XP default MBR code
15:19:06.890 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 62960 MB offset 63
15:19:06.937 Disk 0 scanning sectors +128943360
15:19:07.062 Disk 0 scanning C:\WINDOWS\system32\drivers
15:19:18.875 Service scanning
15:19:35.062 Modules scanning
15:19:58.453 Disk 0 trace - called modules:
15:19:58.453 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
15:19:58.453 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aab8ab8]
15:19:58.453 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\000000ba[0x8aaf09e8]
15:19:58.453 5 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8aaf1d98]
15:19:58.453 Scan finished successfully
15:21:11.296 Disk 0 MBR has been saved successfully to "C:\Scratch\Scratch04\MBR.dat"
15:21:11.328 The log file has been saved successfully to "C:\Scratch\Scratch04\aswMBR.txt"


Update to current status:

I am getting the blue screening very infrequently. Sometimes once every two-four days. Sometimes a couple times a day.
The internet is definitely running slow. I an start to select a web page on this laptop and while I am waiting I can go to another PC I have, type in the URL and see the web page, do other things and then this first web page may come up.

Thanks for helping.

Docfxit
  • 0

#4
BlackOxide
Posted 28 March 2012 - 05:11 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Thanks for the logs and update. Nothing much showing in the logs, so we'll do some further digging :)


Could you follow the steps below and then get back to me with the relevant logs please.


1)
I see you have MBAM installed on the PC. Could you do a Quick Scan for me please to see if this shows any unwanted items.

Run a Quick Scan with Malwarebytes Anti-Malware (MBAM) after updating...
  • Open MBAM
  • Click the Update tab, then click Check for Updates and let it install any updates if they are available
  • Click the Scanner tab, then make sure Quick Scan is selected and click Scan
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • Post the log that it produces in your next reply



2)
Please download the Event Viewer Tool by Vino Rosso VEW and save it to your Desktop:

Double-click VEW.exe (in Vista/Windows 7, Right Click and choose Run as Administrator)

Under 'Select log to query', select:
Application
System

Under 'Select type to list', select:
Error
Warning

Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply



In your next reply
Please post the contents of...
MBAM log
VEW log
  • 0

#5
docfxit
Posted 28 March 2012 - 07:00 PM

docfxit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Thank you for suggesting more ways to find out what is going on with this laptop.

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.28.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gary :: DOCFXITLT [administrator]

3/28/2012 4:34:57 PM
mbam-log-2012-03-28 (16-34-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 302488
Time elapsed: 6 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


~*~*~*~*~*~*~*~*~*~*~**~*~*~*~*~*~*~*~*~*~*~**~*~*~*~**~*~*~*~*~*~

Vino's Event Viewer v01c run on Windows XP in English
Report run at 28/03/2012 5:54:08 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 26/03/2012 3:26:31 PM
Type: error Category: 0
Event: 10005 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 9:38:09 AM
Type: error Category: 0
Event: 10005 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 9:32:51 AM
Type: error Category: 0
Event: 10005 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 9:05:36 AM
Type: error Category: 0
Event: 10005 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 9:00:14 AM
Type: error Category: 0
Event: 10005 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 8:53:36 AM
Type: error Category: 0
Event: 10005 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 15/03/2012 11:57:37 PM
Type: error Category: 0
Event: 10005 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 15/03/2012 11:51:41 PM
Type: error Category: 0
Event: 10005 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 15/03/2012 11:03:50 PM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Log: 'Application' Date/Time: 15/03/2012 11:03:01 PM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 15/03/2012 11:03:01 PM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Log: 'Application' Date/Time: 15/03/2012 10:58:36 PM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 15/03/2012 10:58:36 PM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Log: 'Application' Date/Time: 15/03/2012 10:58:36 PM
Type: error Category: 0
Event: 8 Source: crypt32
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Log: 'Application' Date/Time: 15/03/2012 7:51:54 AM
Type: error Category: 2
Event: 4 Source: QuickBooks
An unexpected error has occured in "QuickBooks Pro 2012":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'

Log: 'Application' Date/Time: 15/03/2012 7:51:54 AM
Type: error Category: 2
Event: 4 Source: QuickBooks
An unexpected error has occured in "QuickBooks Pro 2012":
Connection String:CON=QBConnectionPool-Probe-QB_data_engine_22; ;DBF=C:\Program Files\QuickBooks 2008\Data\Docfxit, Inc2.QBW;ENG=QB_data_engine_22;DBN=172c2a9ad77a4dcb9fa3168405156976

Log: 'Application' Date/Time: 15/03/2012 7:51:54 AM
Type: error Category: 2
Event: 4 Source: QuickBooks
An unexpected error has occured in "QuickBooks Pro 2012":
Connection Error:Invalid user ID or password

Log: 'Application' Date/Time: 15/03/2012 7:51:33 AM
Type: error Category: 2
Event: 4 Source: QuickBooks
An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Log: 'Application' Date/Time: 15/03/2012 7:51:33 AM
Type: error Category: 2
Event: 4 Source: QuickBooks
An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Log: 'Application' Date/Time: 15/03/2012 7:51:33 AM
Type: error Category: 2
Event: 4 Source: QuickBooks
An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 26/03/2012 3:04:25 PM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 2:36:45 PM
Type: warning Category: 0
Event: 1032 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 2:31:23 PM
Type: warning Category: 0
Event: 1032 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 9:32:57 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 9:24:31 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 9:00:22 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 8:53:43 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 23/03/2012 8:25:03 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 15/03/2012 11:51:48 PM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 15/03/2012 11:24:20 PM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 15/03/2012 10:46:58 PM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 15/03/2012 7:45:45 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 15/03/2012 7:34:33 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 12/03/2012 12:52:45 PM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 12/03/2012 12:10:55 PM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 12/03/2012 12:05:25 PM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 12/03/2012 11:56:13 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 12/03/2012 10:41:05 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 12/03/2012 9:47:08 AM
Type: warning Category: 0
Event: 1001 Source: MsiInstaller
The event description cannot be found.

Log: 'Application' Date/Time: 12/03/2012 9:36:52 AM
Type: warning Category: 0
Event: 1524 Source: Userenv
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/03/2012 3:04:09 PM
Type: error Category: 0
Event: 23 Source: Print
Printer VersaCheck Printer failed to initialize because a suitable Apple Color LaserWriter 12/600 driver could not be found.

Log: 'System' Date/Time: 26/03/2012 3:04:09 PM
Type: error Category: 0
Event: 23 Source: Print
The event description cannot be found.

Log: 'System' Date/Time: 26/03/2012 3:04:09 PM
Type: error Category: 0
Event: 23 Source: Print
Printer Auto HP LaserJet 8150 Series on ATUUSER4 failed to initialize because a suitable HP LaserJet 8150 Series PS driver could not be found.

Log: 'System' Date/Time: 26/03/2012 3:04:09 PM
Type: error Category: 0
Event: 23 Source: Print
Printer Auto HP LaserJet 4050 Series on ATUUSER4 failed to initialize because a suitable HP LaserJet 4050 Series PCL driver could not be found.

Log: 'System' Date/Time: 26/03/2012 3:04:09 PM
Type: error Category: 0
Event: 23 Source: Print
Printer AnyTime PDF Creator failed to initialize because a suitable Amyuni Document Converter 2.50 driver could not be found.

Log: 'System' Date/Time: 26/03/2012 3:04:09 PM
Type: error Category: 0
Event: 23 Source: Print
Printer \\ATU1277\OFFICEPRT failed to initialize because a suitable HP LaserJet 4050 Series PCL6 driver could not be found.

Log: 'System' Date/Time: 26/03/2012 3:03:30 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 26/03/2012 3:03:30 PM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Infrared Monitor service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 25/03/2012 7:17:07 PM
Type: error Category: 0
Event: 7011 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for a transaction response from the SENS service.

Log: 'System' Date/Time: 23/03/2012 9:23:52 AM
Type: error Category: 0
Event: 23 Source: Print
Printer VersaCheck Printer failed to initialize because a suitable Apple Color LaserWriter 12/600 driver could not be found.

Log: 'System' Date/Time: 23/03/2012 9:23:52 AM
Type: error Category: 0
Event: 23 Source: Print
The event description cannot be found.

Log: 'System' Date/Time: 23/03/2012 9:23:52 AM
Type: error Category: 0
Event: 23 Source: Print
Printer Auto HP LaserJet 8150 Series on ATUUSER4 failed to initialize because a suitable HP LaserJet 8150 Series PS driver could not be found.

Log: 'System' Date/Time: 23/03/2012 9:23:52 AM
Type: error Category: 0
Event: 23 Source: Print
Printer Auto HP LaserJet 4050 Series on ATUUSER4 failed to initialize because a suitable HP LaserJet 4050 Series PCL driver could not be found.

Log: 'System' Date/Time: 23/03/2012 9:23:52 AM
Type: error Category: 0
Event: 23 Source: Print
Printer AnyTime PDF Creator failed to initialize because a suitable Amyuni Document Converter 2.50 driver could not be found.

Log: 'System' Date/Time: 23/03/2012 9:23:52 AM
Type: error Category: 0
Event: 23 Source: Print
Printer \\ATU1277\OFFICEPRT failed to initialize because a suitable HP LaserJet 4050 Series PCL6 driver could not be found.

Log: 'System' Date/Time: 23/03/2012 9:23:22 AM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 23/03/2012 9:23:22 AM
Type: error Category: 0
Event: 7001 Source: Service Control Manager
The Infrared Monitor service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 23/03/2012 8:24:22 AM
Type: error Category: 0
Event: 23 Source: Print
Printer VersaCheck Printer failed to initialize because a suitable Apple Color LaserWriter 12/600 driver could not be found.

Log: 'System' Date/Time: 23/03/2012 8:24:22 AM
Type: error Category: 0
Event: 23 Source: Print
The event description cannot be found.

Log: 'System' Date/Time: 23/03/2012 8:24:22 AM
Type: error Category: 0
Event: 23 Source: Print
Printer Auto HP LaserJet 8150 Series on ATUUSER4 failed to initialize because a suitable HP LaserJet 8150 Series PS driver could not be found.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 23/03/2012 8:25:41 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 002314ABFBB8. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 21/03/2012 2:59:42 PM
Type: warning Category: 0
Event: 50 Source: Fastfat
{Delayed Write Failed} Windows was unable to save all the data for the file . The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to save this file elsewhere.

Log: 'System' Date/Time: 18/03/2012 8:11:44 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 002314ABFBB8. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 17/03/2012 8:29:08 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 002314ABFBB8. The following error occurred: The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 16/03/2012 8:24:36 AM
Type: warning Category: 0
Event: 2504 Source: Server
The server could not bind to the transport \Device\NetBT_Tcpip_{30ECAD80-1BF9-4942-B34F-08F80B882B76}.

Log: 'System' Date/Time: 15/03/2012 11:02:02 PM
Type: warning Category: 0
Event: 11050 Source: dnscache
The DNS Client service could not contact any DNS servers for a repeated number of attempts. For the next 30 seconds the DNS Client service will not use the network to avoid further network performance problems. It will resume its normal behavior after that. If this problem persists, verify your TCP/IP configuration, specifically check that you have a preferred (and possibly an alternate) DNS server configured. If the problem continues, verify network conditions to these DNS servers or contact your network administrator.

Log: 'System' Date/Time: 15/03/2012 9:26:21 PM
Type: warning Category: 0
Event: 36 Source: W32Time
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

Log: 'System' Date/Time: 14/03/2012 5:24:15 AM
Type: warning Category: 0
Event: 36 Source: W32Time
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

Log: 'System' Date/Time: 12/03/2012 12:53:45 PM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 002314ABFBB8. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 12/03/2012 11:57:19 AM
Type: warning Category: 0
Event: 1003 Source: Dhcp
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 002314ABFBB8. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 12/03/2012 8:02:26 AM
Type: warning Category: 0
Event: 20 Source: Print
Printer Driver HotFax MessageCenter for Windows NT x86 Version-2 was added or updated. Files:- Rasdd.dll, Rasddui.dll, SMNTPr.dll.

I noticed it was trying to use DHCP. This laptop is supposed to use a static IP. I went into the network connection and found the static IP wasn't listed. I put in the correct static IP.

Thanks,

Docfxit

Edited by docfxit, 28 March 2012 - 07:03 PM.

  • 0

#6
BlackOxide
Posted 29 March 2012 - 12:24 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
MBAM is not showing any malware as well. Event logs not showing anything too significant. I believe those DHCP warnings should stop now that it's set to static. Lets start looking into the Blue Screens, slowness on the web and the Quickbooks issue.


Could you run through the following steps, then get back to me with the relevant info please.



1)
Autoruns - Startup Items
  • Click here to download Autoruns and Save it to your Desktop
  • Extract the contents of Autoruns.zip by Right clicking it and choose Extract All (or Extract here if using WinRar)
  • Once the contents have been extracted you will see a folder called Autoruns
  • Open the folder and Double click on autoruns to launch the program
  • Let the program finish scanning your PC. You will know it has finished scanning when it says Ready in the bottom left
  • Click File then Save, then in the Save as type box select Text (.txt) then in the File Name box above, call it StartupItems.txt and save it to your Desktop
  • Please attach the StartupItems.txt to your next reply

To attach a file...
  • Click Add Reply as you would do normally
  • Then within the 'Attachments' area, click Browse and select the file that you want to attach
  • Click the Attach This File button
  • Now click Add to Post on the right hand side, to insert the attachment into your post.



2)
Blue Screen Errors
Click here to download BlueScreenView
Right click bluescreenview.zip and choose "Extract All" or "Extract Here" to extract the contents of the zip file
Once extracted, double click on BlueScreenView.exe to run the program
Click Edit, then Select All
Click File, then Save Selected Items
In the File name, type bluescreenlog.txt and then Save it to your Desktop
Attach the bluescreenlog.txt to your next reply



3)
Could you let me know if you use QuickBooks on this PC? If so, does QuickBooks actually load normally if you double click on it's icon on the Desktop or Start Menu, or is it just coming up with the Installer box for QuickBooks at boot.




In your next reply
Please post the contents of...
Attach the StartupItems.txt file and Bluescreenlog.txt file
Information regarding QuickBooks
  • 0

#7
docfxit
Posted 29 March 2012 - 01:36 PM

docfxit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Thank you for continuing to help me.
Attached File  StartupItems.txt   242.1KB   73 downloads
Attached File  bluescreenlog.txt   41.41KB   113 downloads

Yes. Quickbooks is installed on this PC. It does load normally when I click on it's icon and it runs normally. I noticed that a program I have on this PC (Startup Delayer) wasn't running during startup. I found they have a newer version. I downloaded and installed the newer version. Now when I reboot the Windows Installer relating to QuickBooks is no longer coming up during startup. That issue is solved. I have no idea what caused the installer to run or why Startup Delayer wasn't running.

Now if you could figure out why I'm getting these Blue Screens and the long delays for web pages that would be great.

Thanks,

Docfxit
  • 0

#8
BlackOxide
Posted 29 March 2012 - 02:58 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Excellent, well done on the Quickbooks solution :thumbsup:

Lets now focus on the Blue Screens and delays whilst browsing.


We'll disable a few startup items with Autoruns, to ease things at boot, then if you could Zip up and then Attach some of the Blue Screen dumps so I can have a detailed look at them, that would be great.


1)
Autoruns Startup Modify
Open Autoruns
Once it has finished scanning and you see Ready in the bottom left corner, click the Logon tab at the top
Untick the following items:
  • AGRSMMSG
  • Client Access Express Welcome
  • EZEJMNAP
  • Intuit SyncManager
  • ISUSPM
Once you have unticked those items, just close Autoruns using the top right X
Now reboot your PC



2)
Could navigate to the following folder - C:\WINDOWS\Minidump\

You will see many .dmp files. Could you highlight the latest 5 dmp files (listed below) and then once those 5 are highlighted, Right Click one of them and choose Send To > Compressed (Zipped) Folder. This will then zip them up into one file. If you could then Attach this Zip file to your next reply please.

The latest 5 dmp files are these:
C:\WINDOWS\Minidump\Mini031512-01.dmp
C:\WINDOWS\Minidump\Mini030612-01.dmp
C:\WINDOWS\Minidump\Mini022312-01.dmp
C:\WINDOWS\Minidump\Mini022012-01.dmp
C:\WINDOWS\Minidump\Mini020312-01.dmp




3)
With the slow browsing problem, could you tell me which web browser you usually use (Firefox, Internet Explorer etc) and whether the problem occurs on just one browser or whether it's the same no matter which browser you are using.




In your next reply
Please post the contents of...
Zip file containg the five dmp files
Information on the web browsers
  • 0

#9
docfxit
Posted 29 March 2012 - 09:00 PM

docfxit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Hi BlackOxide,

Attached File  MiniDumpDocfxit.zip   55.9KB   82 downloads

I'm using Firefox 10.2. I will update it right now to the latest version. I just tried IE8 and it had delays also.

I only have the two browsers.

Thanks for working on this.

Docfxit
  • 0

#10
BlackOxide
Posted 30 March 2012 - 12:57 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
No problem at all. I've had a look through the Blue Screen dump files and nothing stands out to be honest with you. Lets test the RAM and Hard Drive in your machine to check to see whether either of these are causes of the Blue Screens. Due to the random nature of the blue screens and that they seem to be different error codes each time, I don't believe it will be the Hard Drive, but it's best to rule it out anyway :)



1)
Using MemTest86+ to test your RAM for problems
Download the latest MemTest86+ disc image from here
Unzip the contents and there will be a file called mt420.iso within it

Burning the ISO image to CD
  • Click here to download ImgBurn, a program which we will use to burn the .iso file onto a Blank CD
  • Once downloaded, double click the ImgBurn installation file and follow the prompts to install it
  • Open ImgBurn and click Write image file to disc
  • Insert a blank CD into your drive
  • Now click Browse for a file
Posted Image

  • Navigate to the mt420.iso file and click Open
  • Now click on the following button to start burning the image to disc

    Posted Image
  • Once the CD has been burnt, insert it back into the CD drive and shutdown your PC
  • Restart the PC and MemTest should load up and automatically start testing your RAM
  • If it doesn't automatically load, you will need to change the Boot Order in your BIOS, so that the PC looks at the CD Drive before booting into Windows. If you are unsure of how to do this, just let me know your Make and Model of PC/Laptop
  • Leave MemTest running until it has done a minimum of 5 Passes.
  • Just next to the Pass count, there is the Errors count. If the error count goes above 0 at any time, let me know, as this indicates that you have a strong possibility of faulty RAM
  • Once it has completed 5 Passes, you may take the CD out of the drive and press Esc to reboot your PC.
Note - MemTest will carry on forever, so you will need to reboot the PC by yourself once you have completed the passes.

Please be patient when running MemTest as 5 passes can take anywhere from approx 30mins to several hours (depending on the amount of RAM installed)




2)
Hard Drive Test
We will use SeaTools to test your Hard Drive. You will need a blank CD for this process.

Click here to download the SeaTools disc image

Burning the ISO image to CD
  • Click here to download ImgBurn, a program which we will use to burn the .iso file onto a Blank CD
  • Once downloaded, double click the ImgBurn installation file and follow the prompts to install it
  • Open ImgBurn and click Write image file to disc
  • Insert a blank CD into your drive
  • Now click Browse for a file
Posted Image

  • Navigate to the SeaTools ISO file that you downloaded, select it, then click Open
  • Now click on the following button to start burning the image to disc

    Posted Image
  • Once the CD has been burnt, insert it back into the CD drive and shutdown your PC
  • Restart the PC and SeaTools should load up
  • If it doesn't automatically load, you will need to change the Boot Order in your BIOS, so that the PC looks at the CD Drive before booting into Windows. If you are unsure of how to do this, just let me know your Make and Model of PC/Laptop
  • When SeaTools has loaded, click I Agree on the License Agreement
  • Click Basic Tests at the top, then click on Long Test
  • It will then perform a full test on your Hard Drive
  • If no errors were found, at the end of the test it will display PASSED in the Test Results column
  • If a problem was detected on the Hard Drive it will alert you to it and you should see the number of errors detected in the Test Progress column. If there are any errors, please note down how many errors it found.
  • Once the scan has finished, just click Exit at the top and boot back into Windows
  • Report back on whether the drive passed or if any errors were detected





Let me know how the RAM and Hard Drive tests went, once they are complete. Also, did updating Firefox to the latest version make any difference with the browsing delays?
  • 0

#11
docfxit
Posted 31 March 2012 - 04:33 PM

docfxit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
Hi BlackOxide,

I ran the Memtest for 6 passes. It had no errors.
I ran SeaTools it said "Completed without error" "Passed"

On Firefox I think it might be a little better. It seems to navigate to web pages fine right after I re-boot and if I don't go to a secure URL (HTTPS)
Once I go to a secure URL it hangs. Sometimes for ever.
Also when I go to Google.com and type something into the search window the last letter I type in is removed when I click on the search button.

Thanks,

Docfxit
  • 0

#12
BlackOxide
Posted 01 April 2012 - 04:02 AM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
That should rule out the RAM and the Hard Drive as culprits then.

Have you ever upgraded the RAM in this machine? I have seen it in the past where even though the RAM is physically fine, sometimes incompatibility between RAM manufacturers can cause some glitchy problems.

The browser situation is quite strange isn't it. Can you try Internet Explorer with No Addons please. This will rule out any Toolbar/Extentions that may be causing the problem.


Open Internet Explorer in it's No Add-ons mode
  • Click Start > Accessories > System Tools > Internet Explorer (No Add-ons)
  • Internet Explorer will then load with no third party extensions/Add ons



Let me know if there is any difference in performance of the browser in the No Addons mode. Note, your homepage will not be displayed when you startup IE in this mode. Just click the address bar at the top and type in Google's address etc.
  • 0

#13
docfxit
Posted 02 April 2012 - 12:06 AM

docfxit

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts
I am going out of town for 1 week. I didn't want you to think I was ignoring you. I will continue trying to figure this out when I get back.

Thank you very much,

Docfxit
  • 0

#14
BlackOxide
Posted 02 April 2012 - 04:52 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
No problem at all, thanks for letting me know. Just post back here in this topic when you're back :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP