Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

windows 7 wont boot following malware removal (inc hitman pro)


  • Please log in to reply

#1
nightporter

nightporter

    Member

  • Member
  • PipPip
  • 17 posts
My sony laptop (vgn nw26m) wont boot (Windows 7 Home Premium) following malware removal. The last thing I ran was Hitman pro. When I've had a malware problem in the past I have restored to an earlier point, but there were no restore points this time. I can't boot into safe mode that stops at classpnp.sys, I have a Windows 7 boot disk but startup repair cannot get it working. Startup repair helpfully gives the root cause as "unspecified changes to system configuration might have caused the problem". I've run FRST64, the result of which are attached. I suspect Hitman pro deleted a file required by Windows but I dont know for sure. I'd appreciate some hand-holding to get this fixed if possible. Thanks in advance for your time and help.

Scan result of Farbar Recovery Scan Tool Version: 05-05-2012 02
Ran by SYSTEM at 07-05-2012 00:05:59
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [365592 2009-08-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-24] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Apoint] %ProgramFiles%\Apoint\Apoint.exe [208384 2009-08-03] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [BbPrintMonitor] C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe [211616 2008-01-15] (Bluebeam Software, Inc.)
HKLM\...\Run: [BbInstallUser] C:\Program Files\Bluebeam Software\Pushbutton PDF\Bluebeam Admin User.exe [49824 2008-11-25] (Bluebeam Software, Inc.)
HKLM\...\Run: [PrintDisp] C:\Windows\system32\PrintDisp.exe [878080 2009-08-21] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [387608 2009-08-05] (Intel Corporation)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [165912 2009-08-05] (Intel Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [171520 2009-08-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [317288 2009-05-26] (Sony Corporation)
HKLM-x32\...\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [26624 2009-12-03] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WindowsLivePhone] C:\Program Files (x86)\Windows Live\Device Manager\msgrdvmn.exe /AutoRun [787816 2008-12-22] (Microsoft Corporation)
HKLM-x32\...\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99624 2009-07-28] (Sony Corporation)
HKLM-x32\...\Run: [Simpo PDF Creator Lite Server] "C:\Program Files (x86)\Simpo PDF Creator Lite\SpcLiteSrv.exe" [101376 2010-08-18] (Simpo Technologies)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [36760 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [821144 2011-01-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s [928656 2011-11-02] (Samsung)
HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3508624 2011-11-02] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-11-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-12-08] (Apple Inc.)
HKLM-x32\...\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [206504 2011-12-21] (Visicom Media Inc. (Powered by Panda Security))
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKU\Binki\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\Mcx1-PCWT5-VAIO\...\Run: [] [x]
HKU\Mcx1-PCWT5-VAIO\...\Run: [WindowsLivePhone] "C:\Program Files (x86)\Windows Live\Device Manager\msgrdvmn.exe" /AutoRun [787816 2008-12-22] (Microsoft Corporation)
HKU\Mcx1-PCWT5-VAIO\...\Run: [instanteyedropper] "C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe" [352256 2007-10-17] ()
HKU\Mcx1-PCWT5-VAIO\...\Run: [OP9APrsC9TJ] control.exe "C:\Users\pcwt5\AppData\Local\kPqSZ2Y\OP9APrsC9TJ.cpl",0,0 [x]
HKU\Mcx1-PCWT5-VAIO\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\Mcx1-PCWT5-VAIO\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-14] (Microsoft Corporation)
HKU\pcwt5\...\Run: [instanteyedropper] "C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe" [352256 2007-10-17] ()
HKU\pcwt5\...\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup [53160 2012-02-07] (Raptr, Inc)
HKU\pcwt5\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2011-11-02] ()
HKU\pcwt5\...\Run: [Spotify] "C:\Users\pcwt5\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart [x]
HKU\pcwt5\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-13] (Microsoft Corporation)
HKU\pcwt5\...\Run: [WindowsLivePhone] "C:\Program Files (x86)\Windows Live\Device Manager\msgrdvmn.exe" /AutoRun [787816 2008-12-22] (Microsoft Corporation)
HKU\pcwt5\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17148552 2012-02-29] (Skype Technologies S.A.)
HKLM-x32\...\Runonce: [GrpConv] grpconv -o [x]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit [1706544 2011-07-07] (Soluto)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F6C6BA11-BA8F-404F-A447-49C76C73EE3E}: [NameServer]23.21.182.24,206.214.214.28
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)
3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
2 BBUpdate; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [249648 2011-10-13] (Microsoft Corporation)
2 bProtector; C:\ProgramData\bProtector\bProtect.exe [773624 2012-03-22] (bProtector)
2 CronService; "C:\Prey\platform\windows\cronsvc.exe" [19968 2011-02-15] (Fork Ltd.)
2 ExpatShieldService; C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [331608 2012-01-06] ()
2 ExpatSrv; C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [363336 2012-01-04] (AnchorFree Inc.)
3 ExpatTrayService; C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE [77520 2012-01-06] ()
2 ExpatWd; C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [329544 2012-01-04] ()
3 GSService; "C:\Windows\SysWOW64\GSService.exe" [385024 2010-12-04] ()
2 HitmanPro36CrusaderBoot; "C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe" /crusader:boot [8252840 2012-05-02] (SurfRight B.V.)
2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [107848 2012-05-02] (SurfRight B.V.)
2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [1378040 2012-01-31] (Lavasoft)
3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [64856 2009-02-26] (Microsoft Corporation)
2 Printer Control; C:\Windows\system32\PrintCtrl.exe [77824 2009-06-16] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
2 RapportMgmtService; "C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe" [931640 2012-03-11] (Trusteer Ltd.)
3 Roxio UPnP Renderer 10; "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" [313840 2009-06-26] (Sonic Solutions)
2 Roxio Upnp Server 10; "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe" [362992 2009-06-26] (Sonic Solutions)
2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-24] (Realtek Semiconductor)
3 SMServer; "C:\Windows\SysWOW64\snmvtsvc.exe" [245760 2010-12-04] (SMServer)
3 SOHCImp; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe" [120104 2009-07-28] (Sony Corporation)
3 SOHDBSvr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe" [70952 2009-07-28] (Sony Corporation)
3 SOHDms; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe" [427304 2009-07-28] (Sony Corporation)
3 SOHDs; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe" [75048 2009-07-28] (Sony Corporation)
3 SOHPlMgr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe" [91432 2009-07-28] (Sony Corporation)
2 SolutoService; "C:\Program Files\Soluto\SolutoService.exe" [376352 2011-07-07] (Soluto)
2 TVersityMediaServer; "C:\ProgramData\TVersity\Media Server\MediaServer.exe" [921600 2010-11-24] ()
2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
3 VAIO Entertainment TV Device Arbitration Service; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe" [69632 2009-07-23] (Sony Corporation)
2 VAIO Event Service; "C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe" [204648 2009-07-01] (Sony Corporation)
3 VAIO Power Management; "C:\Program Files\Sony\VAIO Power Management\SPMService.exe" [411496 2009-07-16] (Sony Corporation)
3 VCFw; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe" [642920 2009-07-22] (Sony Corporation)
2 VcmIAlzMgr; "C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [468264 2009-06-26] (Sony Corporation)
3 VcmINSMgr; "C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe" [357672 2009-06-26] (Sony Corporation)
3 VcmXmlIfHelper; "C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe" [110888 2009-06-18] (Sony Corporation)
3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -RunBySCM [313264 2009-07-23] (Sony Corporation)
2 VSNService; "C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" [522240 2009-08-13] (Sony Corporation)
3 VzCdbSvc; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe" [206336 2009-07-23] (Sony Corporation)
2 qmfrsrou; C:\Windows\system32\mggqslwy.dll [x]
2 smsltd-samctrll; c:\Smsltd\Sam\platform\bin\srvany.exe [x]
2 smsltdsam; c:\Smsltd\Sam\platform\tomcat\bin\tomcat5.exe //RS//smsltdsam [x]

========================== Drivers (Whitelisted) =============

3 1394ohci; C:\Windows\System32\Drivers\1394ohci.sys [227840 2009-07-14] (Microsoft Corporation)
2 adfs; C:\Windows\System32\Drivers\adfs.sys [88632 2008-06-27] (Adobe Systems, Inc.)
2 adfs; C:\Windows\SysWow64\Drivers\adfs.sys [74720 2008-08-14] (Adobe Systems, Inc.)
3 ArcSoftKsUFilter; C:\Windows\System32\Drivers\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-14] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation)
3 DrmRAudio; C:\Windows\System32\Drivers\DrmRAudio.sys [34040 2010-12-05] (Windows ® Codename Longhorn DDK provider)
3 ebdrv; C:\Windows\System32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
3 hitmanpro35; \??\C:\Windows\system32\drivers\hitmanpro36.sys [27936 2012-05-02] ()
3 HssDrv; C:\Windows\System32\Drivers\HssDrv.sys [56832 2010-09-22] (AnchorFree Inc.)
3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7345632 2009-08-05] (Intel Corporation)
3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [139264 2009-08-05] (Intel® Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-14] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [224832 2009-07-14] (Microsoft Corporation)
3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17440 2012-01-31] ()
0 Lbd; C:\Windows\System32\Drivers\Lbd.sys [69152 2010-09-23] (Lavasoft AB)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-14] (Microsoft Corporation)
3 pbfilter; \??\C:\Users\pcwt5\Downloads\PeerBlock_r162__x64_Release_(Vista)\pbfilter.sys [19544 2009-09-18] ()
3 PSSDK42; C:\Windows\System32\Drivers\PSSDK42.sys [53312 2012-04-08] (microOLAP Technologies LTD)
3 PSSDKLBF; C:\Windows\System32\Drivers\PSSDKLBF.sys [65600 2012-04-08] (microOLAP Technologies LTD)
1 RapportCerberus_34302; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys [397520 2011-12-15] ()
1 RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [55056 2012-03-11] (Trusteer Ltd.)
0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [63760 2012-03-11] (Trusteer Ltd.)
1 RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [61712 2012-03-11] (Trusteer Ltd.)
2 rimsptsk; C:\Windows\System32\DRIVERS\rimssn64.sys [86528 2009-07-31] (REDC)
2 risdptsk; C:\Windows\System32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 sembbus; C:\Windows\System32\Drivers\sembbus.sys [302080 2008-04-08] (MCCI Corporation)
3 sembcard; C:\Windows\System32\Drivers\sembcard.sys [362496 2008-04-08] (MCCI Corporation)
3 sembmdfl2; C:\Windows\System32\Drivers\sembmdfl2.sys [19456 2008-04-08] (MCCI Corporation)
3 sembmdm2; C:\Windows\System32\Drivers\sembmdm2.sys [445952 2008-04-08] (MCCI Corporation)
3 sembmgmt; C:\Windows\System32\Drivers\sembmgmt.sys [370176 2008-04-08] (MCCI Corporation)
3 sembnd5; C:\Windows\System32\Drivers\sembnd5.sys [33792 2008-04-08] (MCCI Corporation)
3 sembunic; C:\Windows\System32\Drivers\sembunic.sys [396800 2008-04-08] (MCCI Corporation)
3 sembwwan; C:\Windows\System32\Drivers\sembwwan.sys [362496 2008-04-08] (MCCI Corporation)
3 SEMCReserved; C:\Windows\System32\DRIVERS\semcreserved64.sys [22528 2008-04-08] ()
0 Soluto; C:\Windows\System32\Drivers\Soluto.sys [54728 2011-07-07] (Soluto LTD.)
3 Sony_EricssonWWSC; C:\Windows\System32\DRIVERS\seu4scard64.sys [23040 2008-04-08] (Sony Ericsson)
3 tbhsd; C:\Windows\System32\Drivers\tbhsd.sys [46112 2010-11-16] (RapidSolution Software AG)
3 catchme; \??\C:\ComboFix\catchme.sys [x]

========================== NetSvcs (Whitelisted) ===========
NETSVC: Ndisipo
NETSVCx32: qmfrsrou

============ One Month Created Files and Folders ==============

2012-05-06 14:33 - 2011-04-15 19:14 - 0000000 ____D C:\FRST
2012-05-02 04:43 - 2009-07-14 01:38 - 0012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2012-05-02 04:43 - - 0003956 ____A C:\Windows\System32\.crusader
2012-05-02 03:52 - 2009-07-14 00:06 - 0027936 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-05-02 03:52 - - 0001893 ____A C:\Users\Public\Desktop\HitmanPro.lnk
2012-05-02 03:51 - 2012-04-24 13:39 - 0000000 ____D C:\Users\All Users\HitmanPro
2012-05-02 03:51 - 2012-04-24 13:39 - 0000000 ____D C:\ProgramData\HitmanPro
2012-05-02 03:51 - 2011-10-28 23:56 - 0000000 ____D C:\Program Files\HitmanPro
2012-05-02 02:26 - 2011-03-10 14:04 - 8252840 ____A (SurfRight B.V.) C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe
2012-05-02 01:28 - 2009-08-17 22:47 - 0000469 ____A C:\rkill.log
2012-05-02 01:24 - 2012-02-11 01:14 - 1008141 ____A C:\Users\pcwt5\Downloads\iExplore.exe
2012-05-02 01:21 - 2012-05-02 01:21 - 0784039 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_21_25.dmp
2012-05-02 01:21 - 2012-05-02 01:21 - 0781691 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_21_18.dmp
2012-05-02 01:21 - 2012-05-02 01:07 - 0782766 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_21_08.dmp
2012-05-02 01:12 - 2011-09-14 20:05 - 0000000 ____D C:\Users\pcwt5\AppData\Local\{F5353179-622E-47AA-9532-7FD204C7B70C}
2012-05-02 01:11 - 2011-09-09 04:48 - 0000000 ____D C:\Users\pcwt5\AppData\Local\{933A7BA7-EA40-4E13-9414-F3E2E90F3588}
2012-05-02 01:07 - 2012-05-02 01:07 - 0803839 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_07_47.dmp
2012-05-02 01:07 - 2012-05-02 01:07 - 0800420 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_07_39.dmp
2012-05-02 01:07 - 2012-05-01 22:18 - 0792075 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_07_24.dmp
2012-05-01 22:42 - 2012-05-02 01:11 - 0000184 ____A C:\Users\All Users\-XWE3mXJBRcdem8r
2012-05-01 22:42 - 2012-05-02 01:11 - 0000184 ____A C:\ProgramData\-XWE3mXJBRcdem8r
2012-05-01 22:42 - 2012-04-24 06:18 - 0000000 ____A C:\Users\All Users\-XWE3mXJBRcdem8
2012-05-01 22:42 - 2012-04-24 06:18 - 0000000 ____A C:\ProgramData\-XWE3mXJBRcdem8
2012-05-01 22:22 - 2011-03-08 07:31 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E85104C4-2416-430E-BAE8-FF63DD741C55}
2012-05-01 22:18 - 2012-05-01 22:18 - 0799081 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_23_18_28.dmp
2012-05-01 22:18 - 2012-05-01 22:18 - 0791957 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_23_18_36.dmp
2012-05-01 22:18 - 2012-05-01 21:39 - 0782060 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_23_18_09.dmp
2012-05-01 22:03 - 2012-05-01 22:22 - 0222208 ___AH C:\Users\All Users\XWE3mXJBRcdem8.exe_1336347353.arl
2012-05-01 22:03 - 2012-05-01 22:22 - 0222208 ___AH C:\ProgramData\XWE3mXJBRcdem8.exe_1336347353.arl
2012-05-01 22:03 - 2012-04-24 06:18 - 0000256 ___AH C:\Users\All Users\XWE3mXJBRcdem8
2012-05-01 22:03 - 2012-04-24 06:18 - 0000256 ___AH C:\ProgramData\XWE3mXJBRcdem8
2012-05-01 22:02 - 2012-03-27 18:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{05F87219-D93B-418A-BEEC-9D2CACF2503E}
2012-05-01 21:39 - 2012-05-01 21:39 - 0789979 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_22_39_58.dmp
2012-05-01 21:39 - 2012-05-01 21:39 - 0787085 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_22_39_51.dmp
2012-05-01 21:39 - 2012-05-01 20:52 - 0789956 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_22_39_30.dmp
2012-05-01 21:25 - 2012-05-01 13:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AB0E2318-2FD3-4888-92CE-51BE7B0E5478}
2012-05-01 20:52 - 2012-05-01 20:52 - 0790536 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_52_55.dmp
2012-05-01 20:52 - 2012-05-01 20:52 - 0785009 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_52_48.dmp
2012-05-01 20:52 - 2012-05-01 20:41 - 0781895 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_52_27.dmp
2012-05-01 20:41 - 2012-05-01 20:41 - 0791043 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_41_46.dmp
2012-05-01 20:41 - 2012-05-01 20:41 - 0783783 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_41_53.dmp
2012-05-01 20:41 - 2012-05-01 20:39 - 0778775 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_41_34.dmp
2012-05-01 20:39 - 2012-05-01 20:38 - 0789095 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_39_01.dmp
2012-05-01 20:38 - 2012-05-01 20:38 - 0787807 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_38_52.dmp
2012-05-01 20:38 - 2012-05-01 20:35 - 0789024 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_38_27.dmp
2012-05-01 20:35 - 2012-05-01 20:35 - 0787098 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_35_32.dmp
2012-05-01 20:35 - 2012-05-01 20:32 - 0787958 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_35_19.dmp
2012-05-01 20:35 - 2012-02-26 19:01 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1E9708A6-62C2-47A0-A8BF-D4111CAE3C12}
2012-05-01 20:32 - 2012-05-01 20:27 - 0791267 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_32_53.dmp
2012-05-01 20:30 - 2011-10-05 20:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A2975F85-EFFA-4B75-B6EB-38911A3DE0A5}
2012-05-01 20:27 - 2012-05-01 20:27 - 0789876 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_27_35.dmp
2012-05-01 20:27 - 2012-05-01 20:27 - 0781249 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_27_28.dmp
2012-05-01 20:27 - 2012-05-01 19:51 - 0776042 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_27_12.dmp
2012-05-01 19:51 - 2012-05-01 19:51 - 0783890 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_51_07.dmp
2012-05-01 19:51 - 2012-05-01 19:50 - 0777714 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_51_00.dmp
2012-05-01 19:50 - 2012-05-01 19:43 - 0795799 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_50_46.dmp
2012-05-01 19:49 - 2012-05-01 19:57 - 0222208 ___AH C:\Users\All Users\oVQukyH52o8jiV.exe_1336347353.arl
2012-05-01 19:49 - 2012-05-01 19:57 - 0222208 ___AH C:\ProgramData\oVQukyH52o8jiV.exe_1336347353.arl
2012-05-01 19:49 - 2012-05-01 19:57 - 0000184 ___AH C:\Users\All Users\-oVQukyH52o8jiVr
2012-05-01 19:49 - 2012-05-01 19:57 - 0000184 ___AH C:\ProgramData\-oVQukyH52o8jiVr
2012-05-01 19:49 - 2012-04-24 06:27 - 0000000 ___AH C:\Users\All Users\-oVQukyH52o8jiV
2012-05-01 19:49 - 2012-04-24 06:27 - 0000000 ___AH C:\ProgramData\-oVQukyH52o8jiV
2012-05-01 19:49 - 2012-03-23 21:55 - 0000655 ___AH C:\Users\pcwt5\Desktop\Data_Recovery.lnk
2012-05-01 19:49 - 2012-01-29 17:46 - 0000256 ___AH C:\Users\All Users\oVQukyH52o8jiV
2012-05-01 19:49 - 2012-01-29 17:46 - 0000256 ___AH C:\ProgramData\oVQukyH52o8jiV
2012-05-01 19:49 - 2011-09-19 12:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{021B4ECB-56E3-4844-B9EA-43E59C6576F6}
2012-05-01 19:49 - 2011-08-07 09:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D18AF664-8FB8-4D02-BF01-B78A88226172}
2012-05-01 19:43 - 2012-05-01 19:43 - 0782571 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_43_06.dmp
2012-05-01 19:42 - 2012-05-01 19:42 - 0791981 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_42_58.dmp
2012-05-01 19:42 - 2012-05-01 19:18 - 0786686 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_42_39.dmp
2012-05-01 19:18 - 2012-05-01 19:18 - 0786934 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_18_40.dmp
2012-05-01 19:18 - 2012-05-01 19:18 - 0783683 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_18_33.dmp
2012-05-01 19:18 - 2012-05-01 19:08 - 0786841 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_18_19.dmp
2012-05-01 19:08 - 2012-05-01 19:08 - 0785043 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_08_42.dmp
2012-05-01 19:08 - 2012-05-01 19:08 - 0782170 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_08_50.dmp
2012-05-01 19:08 - 2012-05-01 15:50 - 0792937 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_08_26.dmp
2012-05-01 19:07 - 2012-05-06 22:58 - 0006512 ____H C:\bootsqm.dat
2012-05-01 15:53 - 2011-08-27 00:59 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E78D314A-0FF3-45F2-AD60-640F565F4906}
2012-05-01 15:52 - 2011-09-10 16:13 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1ADA076C-41D3-42E4-B40A-4D9EFF4CA05A}
2012-05-01 15:50 - 2012-05-01 15:49 - 0791512 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_50_06.dmp
2012-05-01 15:49 - 2012-05-01 15:49 - 0785722 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_49_59.dmp
2012-05-01 15:49 - 2012-05-01 15:12 - 0801095 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_49_37.dmp
2012-05-01 15:15 - 2011-03-30 04:45 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3B207406-5269-40F8-BFCB-F0B8BB77D266}
2012-05-01 15:14 - 2011-12-26 17:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{075CAA42-8CEA-4FBB-BDFB-1ED928DE1D1F}
2012-05-01 15:12 - 2012-05-01 15:12 - 0796427 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_12_45.dmp
2012-05-01 15:12 - 2012-05-01 15:12 - 0791552 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_12_52.dmp
2012-05-01 15:12 - 2012-05-01 13:07 - 0790742 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_12_28.dmp
2012-05-01 13:29 - 2012-05-01 13:29 - 0156547 ___AH C:\Users\pcwt5\Downloads\quarterly Fuel Bill till 10-4-2012 (2).pdf
2012-05-01 13:29 - 2011-05-12 07:50 - 0156547 ___AH C:\Users\pcwt5\Downloads\quarterly Fuel Bill till 10-4-2012 (1).pdf
2012-05-01 13:27 - 2012-05-01 13:29 - 0156547 ___AH C:\Users\pcwt5\Downloads\quarterly Fuel Bill till 10-4-2012.pdf
2012-05-01 13:10 - 2012-04-24 13:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{32B36069-735D-4CCA-A776-29B3565FE3DA}
2012-05-01 13:10 - 2012-03-24 16:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AB03D844-CA98-4B74-BB32-D3D70394EE8B}
2012-05-01 13:07 - 2012-05-01 13:07 - 0798888 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_14_07_50.dmp
2012-05-01 13:07 - 2012-05-01 13:07 - 0790157 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_14_07_57.dmp
2012-05-01 13:07 - 2012-05-01 02:50 - 0800497 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_14_07_33.dmp
2012-05-01 02:53 - 2011-08-29 20:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{64FD770E-160E-4BBA-A849-9CB159B9659F}
2012-05-01 02:52 - 2011-11-07 05:51 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{52FF098F-2F01-4B83-834C-A9FDCDDDC138}
2012-05-01 02:50 - 2012-05-01 02:50 - 0792921 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_03_50_19.dmp
2012-05-01 02:50 - 2012-05-01 02:50 - 0789216 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_03_50_28.dmp
2012-05-01 02:50 - 2012-04-30 17:51 - 0783036 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_03_50_03.dmp
2012-04-30 17:55 - 2012-02-09 19:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{03FA506E-9631-44BD-85BD-A1A27E16823E}
2012-04-30 17:55 - 2012-01-29 18:45 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2EDE731F-374B-403F-8E55-0241F8E58F86}
2012-04-30 17:51 - 2012-04-30 17:51 - 0793299 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_18_51_15.dmp
2012-04-30 17:51 - 2012-04-30 17:51 - 0789666 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_18_51_22.dmp
2012-04-30 17:51 - 2012-04-30 15:25 - 0781664 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_18_51_00.dmp
2012-04-30 15:32 - 2012-04-30 04:03 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2FEEE62A-78AF-4546-B0C0-16D9AE495017}
2012-04-30 15:32 - 2011-05-29 03:59 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{33600838-AA50-4D26-969E-1E4F5C46B515}
2012-04-30 15:25 - 2012-04-30 15:25 - 0789150 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_16_25_37.dmp
2012-04-30 15:25 - 2012-04-30 15:25 - 0783489 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_16_25_44.dmp
2012-04-30 15:25 - 2012-04-30 13:09 - 0786950 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_16_25_19.dmp
2012-04-30 14:29 - 2011-09-05 21:43 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C2CF7053-C654-42C5-B309-866771921306}
2012-04-30 14:29 - 2011-08-18 08:34 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{79B31A9F-FCD1-472C-A50D-7A3904E78E2B}
2012-04-30 13:11 - 2012-01-04 01:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D3F65FE2-0574-47C8-8C19-FB662CF90ED6}
2012-04-30 13:11 - 2011-03-07 16:33 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9EDF099C-70C3-4236-B234-870275134302}
2012-04-30 13:09 - 2012-04-30 13:09 - 0801382 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_14_09_20.dmp
2012-04-30 13:09 - 2012-04-30 13:08 - 0789164 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_14_09_12.dmp
2012-04-30 13:08 - 2012-04-30 03:59 - 0782357 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_14_08_56.dmp
2012-04-30 04:13 - 2011-02-21 04:03 - 0070449 ___AH C:\Users\pcwt5\Downloads\PR (1).jpg
2012-04-30 04:12 - 2012-04-30 04:13 - 0070449 ___AH C:\Users\pcwt5\Downloads\PR.jpg
2012-04-30 04:02 - 2012-04-28 15:36 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2FBE040E-C82D-4463-ACD4-D9124F0D8E1E}
2012-04-30 04:02 - 2012-03-15 14:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4CD64D5C-8771-458B-BCCF-D175B872D2EE}
2012-04-30 03:59 - 2012-04-30 03:59 - 0786827 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_04_59_42.dmp
2012-04-30 03:59 - 2012-04-30 03:59 - 0779775 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_04_59_34.dmp
2012-04-30 03:59 - 2012-04-30 01:40 - 0785659 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_04_59_03.dmp
2012-04-30 01:43 - 2011-12-25 23:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CC418A48-DD5A-486B-A7F4-CE0D2B83E4E8}
2012-04-30 01:43 - 2011-10-04 13:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D6AEC580-1A07-4B3A-BCE8-DD7E41DE6790}
2012-04-30 01:40 - 2012-04-30 01:40 - 0785753 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_40_32.dmp
2012-04-30 01:40 - 2012-04-30 01:40 - 0778123 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_40_24.dmp
2012-04-30 01:40 - 2012-04-30 01:24 - 0781843 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_40_04.dmp
2012-04-30 01:28 - 2012-02-14 02:06 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{576A53C0-CCD3-4BD2-A9C9-5B858017D6F8}
2012-04-30 01:28 - 2011-08-24 23:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5FC3AE8E-E727-4BB0-921A-DEEF8FFE49AB}
2012-04-30 01:24 - 2012-04-30 01:24 - 0791463 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_24_11.dmp
2012-04-30 01:24 - 2012-04-30 01:23 - 0786782 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_24_02.dmp
2012-04-30 01:23 - 2012-04-29 19:23 - 0785503 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_23_38.dmp
2012-04-29 19:26 - 2011-08-23 13:00 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{553F0817-2044-4627-9F0D-B308963417A9}
2012-04-29 19:25 - 2011-09-12 06:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CF5C11B9-00A8-4DF1-9A2B-9C6093128BAD}
2012-04-29 19:23 - 2012-04-29 19:22 - 0786359 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_20_23_06.dmp
2012-04-29 19:22 - 2012-04-29 19:22 - 0789031 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_20_22_57.dmp
2012-04-29 19:22 - 2012-04-29 15:32 - 0779132 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_20_22_35.dmp
2012-04-29 16:42 - 2012-04-28 17:21 - 2880026 ___AH C:\Users\pcwt5\Downloads\20120428_121349 (3).jpg
2012-04-29 16:19 - 2011-08-11 08:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{558FE5DB-7EB1-4562-A264-12AB3C6BE863}
2012-04-29 16:18 - 2011-08-07 09:38 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{57F5021F-AB92-49D3-BD9C-2B24A4315BCF}
2012-04-29 15:32 - 2012-04-29 15:32 - 0790950 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_16_32_41.dmp
2012-04-29 15:32 - 2012-04-29 15:32 - 0787774 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_16_32_32.dmp
2012-04-29 15:32 - 2012-04-28 16:25 - 0781462 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_16_32_06.dmp
2012-04-28 17:27 - - 0081159 ___AH C:\Users\pcwt5\Downloads\20120111_152838 (1).jpg
2012-04-28 17:24 - 2010-04-15 19:40 - 0168556 ___AH C:\Users\pcwt5\Downloads\Original Sony Battery.jpg
2012-04-28 17:20 - 2012-04-28 17:20 - 2880026 ___AH C:\Users\pcwt5\Downloads\20120428_121349 (2).jpg
2012-04-28 17:19 - 2012-04-29 16:42 - 2880026 ___AH C:\Users\pcwt5\Downloads\20120428_121349.jpg
2012-04-28 17:19 - 2012-04-12 07:39 - 2880026 ___AH C:\Users\pcwt5\Downloads\20120428_121349 (1).jpg
2012-04-28 17:16 - 2012-04-28 17:30 - 1989298 ___AH C:\Users\pcwt5\Downloads\20120111_152838.jpg
2012-04-28 16:27 - 2011-10-21 12:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B282FABB-52D9-4910-B8E2-9DFB3B0A3107}
2012-04-28 16:27 - 2011-07-30 10:08 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A47945CB-A781-4E5D-8B7D-C4BA3C9A749A}
2012-04-28 16:25 - 2012-04-28 16:25 - 0785246 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_25_23.dmp
2012-04-28 16:25 - 2012-04-28 16:24 - 0789785 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_25_14.dmp
2012-04-28 16:24 - 2012-04-28 16:04 - 0785477 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_24_54.dmp
2012-04-28 16:06 - 2011-11-15 05:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1B382B8F-87EA-4636-BC81-CBD65E17A27D}
2012-04-28 16:06 - 2011-09-22 13:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{531B8A56-6C79-4811-AC81-94A7B9D88AFE}
2012-04-28 16:04 - 2012-04-28 16:04 - 0784190 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_04_18.dmp
2012-04-28 16:04 - 2012-04-28 16:03 - 0779038 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_04_09.dmp
2012-04-28 16:03 - 2012-04-28 15:32 - 0789905 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_03_49.dmp
2012-04-28 15:35 - 2012-01-26 17:41 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9F9FEF7D-0527-45C4-AC87-6AEEE7184FC5}
2012-04-28 15:35 - 2011-11-27 05:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2F80ECB8-52B9-4301-A1E4-6C4D9B6D586D}
2012-04-28 15:32 - 2012-04-28 15:32 - 0793127 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_32_48.dmp
2012-04-28 15:32 - 2012-04-28 15:32 - 0781605 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_32_58.dmp
2012-04-28 15:32 - 2012-04-28 15:30 - 0782515 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_32_31.dmp
2012-04-28 15:30 - 2012-04-28 15:30 - 0789534 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_30_26.dmp
2012-04-28 15:30 - 2012-04-28 15:28 - 0797299 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_30_18.dmp
2012-04-28 15:28 - 2012-04-28 03:33 - 0785402 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_28_30.dmp
2012-04-28 03:37 - 2011-12-17 02:33 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{108705A9-1A2B-48C7-8C74-AAABD8AC6BD9}
2012-04-28 03:37 - 2011-07-01 05:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E6872542-D5F7-47CE-BD23-36F9DCF97098}
2012-04-28 03:33 - 2012-04-28 03:33 - 0795425 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_04_33_50.dmp
2012-04-28 03:33 - 2012-04-28 03:33 - 0792123 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_04_33_41.dmp
2012-04-28 03:33 - 2012-04-27 15:30 - 0784934 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_04_33_27.dmp
2012-04-27 17:59 - 2011-11-28 14:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{FB38EC1A-6AB6-4353-B878-388C7ADE7B96}
2012-04-27 17:59 - 2011-08-23 00:47 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1F3721B6-A781-472F-83C7-9D27CBB578F9}
2012-04-27 17:57 - 2011-10-10 03:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C5188DF6-F7BA-4E8B-8821-A60698DA82CB}
2012-04-27 17:57 - 2011-09-08 01:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B426DF39-4D50-4388-BE99-03CF16ED7379}
2012-04-27 17:39 - 2011-12-29 23:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2D581EFE-4700-4CAA-9158-676BD12A40AB}
2012-04-27 17:39 - 2011-11-17 17:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3E7DAE22-3ED5-4B4E-AF3E-EB59A4DFF1BC}
2012-04-27 15:33 - 2012-02-20 17:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{41F2DFE5-C6A2-421C-9EB2-3BDF470232C5}
2012-04-27 15:33 - 2011-09-23 00:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D4BAF2C8-0F63-4CF9-97D4-1876CC0AED1E}
2012-04-27 15:30 - 2012-04-27 15:30 - 0785538 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_30_53.dmp
2012-04-27 15:30 - 2012-04-27 15:30 - 0779102 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_30_45.dmp
2012-04-27 15:30 - 2012-04-27 15:21 - 0787218 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_30_27.dmp
2012-04-27 15:21 - 2012-04-27 15:21 - 0790918 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_21_45.dmp
2012-04-27 15:21 - 2012-04-27 15:21 - 0777732 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_21_53.dmp
2012-04-27 15:21 - 2012-04-27 13:02 - 0785328 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_21_24.dmp
2012-04-27 13:54 - 2012-03-28 18:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A8FEA25A-B4C5-4029-BA6D-14B2BA8B80F9}
2012-04-27 13:53 - 2011-09-22 20:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5B1EEF44-10B1-4D58-AE44-908835AA8397}
2012-04-27 13:04 - 2012-02-22 14:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CD6A5E9D-A60B-4FF1-ACD4-A961812B18B6}
2012-04-27 13:04 - 2011-09-19 23:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8ED8CBAA-63EE-423E-B9A1-5526E88DE3A4}
2012-04-27 13:02 - 2012-04-27 13:02 - 0787169 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_14_02_33.dmp
2012-04-27 13:02 - 2012-04-27 13:02 - 0783207 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_14_02_22.dmp
2012-04-27 13:02 - 2012-04-27 05:46 - 0779859 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_14_02_03.dmp
2012-04-27 05:51 - 2011-09-07 23:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{95DFD585-DA13-428F-B394-2688CBAA8F88}
2012-04-27 05:51 - 2011-08-25 20:43 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{51E57184-713E-4E71-A8A2-1BA267E61EBD}
2012-04-27 05:46 - 2012-04-27 05:46 - 0792164 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_06_46_43.dmp
2012-04-27 05:46 - 2012-04-27 05:46 - 0789770 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_06_46_51.dmp
2012-04-27 05:46 - 2012-04-27 03:13 - 0790641 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_06_46_29.dmp
2012-04-27 03:16 - 2011-09-19 04:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5DFEB043-46D2-4D8D-9863-77F088DA354A}
2012-04-27 03:15 - 2012-01-24 14:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D4FAEB01-F5EC-48DC-B88B-D0B90E307E26}
2012-04-27 03:13 - 2012-04-27 03:13 - 0795327 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_04_13_37.dmp
2012-04-27 03:13 - 2012-04-27 03:13 - 0789476 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_04_13_47.dmp
2012-04-27 03:13 - 2012-04-26 21:52 - 0792593 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_04_13_23.dmp
2012-04-26 23:52 - 2011-12-29 00:30 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{55DA07C6-E1F0-4E99-8DCC-132FB5D09D4A}
2012-04-26 23:52 - 2011-09-04 22:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DFE1E5DF-D3A5-4447-8C60-F843DF81158C}
2012-04-26 21:57 - 2011-09-09 04:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{424DACEE-60F0-4829-B2C9-840C98C7738C}
2012-04-26 21:57 - 2011-09-05 20:00 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C1C7A6EC-701E-41CC-88A1-162ACB714D1E}
2012-04-26 21:54 - 2012-03-16 02:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{04D8B1B1-16C2-4C26-BB7D-E457CA34D198}
2012-04-26 21:54 - 2011-11-24 05:29 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{7505BF48-DE75-4B24-A3D1-8C66AE470666}
2012-04-26 21:52 - 2012-04-26 21:52 - 0787727 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_22_52_25.dmp
2012-04-26 21:52 - 2012-04-26 21:51 - 0787204 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_22_52_16.dmp
2012-04-26 21:51 - 2012-04-26 12:58 - 0785994 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_22_51_59.dmp
2012-04-26 15:25 - 2011-12-13 05:51 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{46A188E6-A9CD-4819-A40B-588063915CE9}
2012-04-26 15:25 - 2011-06-27 14:47 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CA922E3E-9C56-4BFD-B052-034CAB5CA1CE}
2012-04-26 13:00 - 2011-10-31 17:36 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DCFAB97E-8821-465F-BB25-0E5C25000104}
2012-04-26 13:00 - 2011-08-26 20:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0A9DAF1E-4D2B-4AFE-BB38-015559D64F2E}
2012-04-26 12:58 - 2012-04-26 12:58 - 0791752 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_13_58_14.dmp
2012-04-26 12:58 - 2012-04-26 12:57 - 0789490 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_13_58_05.dmp
2012-04-26 12:57 - 2012-04-26 00:04 - 0781966 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_13_57_48.dmp
2012-04-26 01:29 - 2011-10-15 18:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B207130E-BE6F-4F84-99EC-D00D0D36EAD2}
2012-04-26 01:29 - 2011-08-23 20:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8A7C4930-DF62-4A1E-BE63-18DA113D706E}
2012-04-26 00:48 - 2011-11-16 17:12 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{20612B03-EF2B-4E63-A563-1E1CFFCBDE4A}
2012-04-26 00:48 - 2011-08-27 04:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A4EA1576-8793-4475-A05B-C42EB59C6489}
2012-04-26 00:07 - 2011-02-19 15:56 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{859EAD84-BF9A-443F-8086-6AD1B44038D4}
2012-04-26 00:06 - 2011-08-11 08:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{811A91E9-233A-4944-B2E8-103A75AF0BB7}
2012-04-26 00:04 - 2012-04-26 00:03 - 0782730 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_01_04_01.dmp
2012-04-26 00:03 - 2012-04-26 00:03 - 0789468 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_01_03_53.dmp
2012-04-26 00:03 - 2012-04-25 13:12 - 0811648 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_01_03_33.dmp
2012-04-25 15:38 - 2011-08-18 15:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D1CA7815-275C-4288-8C42-5DAD0D8A3F3D}
2012-04-25 15:16 - 2010-06-25 23:31 - 0004996 ___AH C:\Users\pcwt5\Downloads\Wind Tool - Vessel Version_2.xls.crdownload
2012-04-25 15:15 - 2008-01-28 07:21 - 0007922 ___AH C:\Users\pcwt5\Downloads\convert.zip.crdownload
2012-04-25 13:22 - 2012-03-27 06:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{33D6AC9C-7D95-4B5B-95C5-5BBE9475A908}
2012-04-25 13:22 - 2011-12-09 03:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B4B205DC-3D03-4B8F-BBDA-66795296BF89}
2012-04-25 13:12 - 2012-04-25 13:12 - 0785146 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_14_12_21.dmp
2012-04-25 13:12 - 2012-04-25 13:11 - 0795818 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_14_12_14.dmp
2012-04-25 13:11 - 2012-04-24 23:54 - 0794921 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_14_11_58.dmp
2012-04-24 23:58 - 2012-01-01 05:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D097A033-CFCB-4251-8AEE-22FAF638C6F2}
2012-04-24 23:56 - 2011-02-21 05:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E83F3566-3329-492C-9ED5-A2516B66BE04}
2012-04-24 23:54 - 2012-04-24 23:54 - 0782380 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_00_54_20.dmp
2012-04-24 23:54 - 2012-04-24 23:53 - 0794217 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_00_54_13.dmp
2012-04-24 23:53 - 2012-04-24 13:43 - 0781083 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_00_53_54.dmp
2012-04-24 13:48 - 2011-11-12 04:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{32B105ED-CE6C-4BF2-AD4D-09A76BFEC0B6}
2012-04-24 13:48 - 2011-05-31 02:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4D5E7009-355F-4DC5-9B62-34906DC4B5E2}
2012-04-24 13:43 - 2012-04-24 13:43 - 0800330 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_24_14_43_53.dmp
2012-04-24 13:43 - 2012-04-24 13:42 - 0789013 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_24_14_43_44.dmp
2012-04-24 13:42 - 2012-04-19 21:57 - 0792872 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_24_14_42_51.dmp
2012-04-24 06:46 - 2011-10-28 23:56 - 0000000 ____D C:\Program Files (x86)\GridinSoft Trojan Killer
2012-04-24 06:27 - 2012-04-24 06:27 - 0000176 ___AH C:\Users\All Users\-iK09Ukc2QUuHdcr
2012-04-24 06:27 - 2012-04-24 06:27 - 0000176 ___AH C:\ProgramData\-iK09Ukc2QUuHdcr
2012-04-24 06:27 - 2011-02-18 00:48 - 0000256 ___AH C:\Users\All Users\iK09Ukc2QUuHdc
2012-04-24 06:27 - 2011-02-18 00:48 - 0000256 ___AH C:\ProgramData\iK09Ukc2QUuHdc
2012-04-24 06:27 - - 0000000 ___AH C:\Users\All Users\-iK09Ukc2QUuHdc
2012-04-24 06:27 - - 0000000 ___AH C:\ProgramData\-iK09Ukc2QUuHdc
2012-04-24 06:18 - 2012-05-01 19:49 - 0000000 ___AH C:\Users\All Users\-xNrcacGalCqvsv
2012-04-24 06:18 - 2012-05-01 19:49 - 0000000 ___AH C:\ProgramData\-xNrcacGalCqvsv
2012-04-24 06:18 - 2012-04-24 06:18 - 0000176 ___AH C:\Users\All Users\-xNrcacGalCqvsvr
2012-04-24 06:18 - 2012-04-24 06:18 - 0000176 ___AH C:\ProgramData\-xNrcacGalCqvsvr
2012-04-24 06:18 - 2011-01-14 17:48 - 0000256 ___AH C:\Users\All Users\xNrcacGalCqvsv
2012-04-24 06:18 - 2011-01-14 17:48 - 0000256 ___AH C:\ProgramData\xNrcacGalCqvsv
2012-04-24 03:24 - 2011-08-13 16:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{43AE9C61-05DE-4C91-853E-302F29661CCA}
2012-04-24 03:24 - 2011-04-01 16:43 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{97F48C24-A033-46DC-9CD8-ADCC8147FF21}
2012-04-24 03:23 - 2012-03-07 05:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{52996862-9F5F-4364-8E7A-2B9AF6018770}
2012-04-24 03:23 - 2011-09-09 13:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C219EA38-300B-49BB-8F6F-9EC74DAB2307}
2012-04-23 15:23 - 2011-10-19 13:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{69164B96-39E7-4A76-80E2-026A0B147615}
2012-04-23 15:22 - 2012-02-22 14:01 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D6077CBC-A654-41DA-994E-592FD328ED83}
2012-04-23 03:22 - 2012-02-08 18:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{288B7964-2EFA-43AF-93CA-28D15B4C3392}
2012-04-23 03:22 - 2012-01-03 00:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{89D02B0C-C3DD-486B-A895-D2945C76DED4}
2012-04-23 03:22 - 2011-09-21 21:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{735FDAC4-2A2C-43EE-BA84-7A7399097F23}
2012-04-23 03:21 - 2012-02-11 07:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{29FF4DF6-8736-4AE0-AD15-062A7F1A748E}
2012-04-22 15:21 - 2011-12-22 14:47 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{722040FF-6460-45D1-8E32-7894DF0D9CCD}
2012-04-22 15:21 - 2011-05-07 16:00 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C56441E2-8276-4920-85FB-0D31FD66FBD7}
2012-04-21 16:28 - 2012-01-02 06:50 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5442258D-A63F-4949-8E15-DA761F238855}
2012-04-21 16:28 - 2011-10-25 02:29 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{199DE0D8-5874-43F0-8F47-76CBE3BACD1E}
2012-04-21 01:18 - 2011-09-20 16:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A1F149BD-6A28-4455-8460-7D1187E091F4}
2012-04-21 01:18 - 2011-09-12 18:40 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A4934BAF-31E7-4B74-B910-8AD120F4EC23}
2012-04-20 13:17 - 2011-07-15 04:58 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4EA12E26-5A23-4697-A9EB-879467545178}
2012-04-20 13:16 - 2011-09-12 04:03 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{560730B6-ED93-48C1-ACE3-3594F6D781BD}
2012-04-19 22:29 - 2011-04-13 00:52 - 0021901 ___AH C:\Users\pcwt5\Downloads\apm495.zip
2012-04-19 22:25 - 2012-04-19 22:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BF1DE36E-7F1C-45D1-839B-63F88C58528A}
2012-04-19 22:24 - 2011-10-20 01:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{91295554-F56C-4BE5-91FA-6C404F8567E2}
2012-04-19 22:02 - 2012-02-08 06:04 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{44C99892-68F9-4F98-83B7-D0B80B3F3FE1}
2012-04-19 22:02 - 2011-09-09 16:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BF156C13-8B85-4654-A790-6F4D5A5C13C7}
2012-04-19 21:57 - 2012-04-19 21:57 - 0784965 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_22_57_32.dmp
2012-04-19 21:57 - 2012-04-19 21:57 - 0778389 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_22_57_24.dmp
2012-04-19 21:57 - 2012-04-19 13:22 - 0780438 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_22_57_00.dmp
2012-04-19 21:38 - 2012-04-08 16:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0CB1BC80-E6B3-46D1-9779-C0996C454200}
2012-04-19 21:38 - 2011-12-14 18:06 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D43A8419-CABA-4A29-A1BC-CA0E948AD6ED}
2012-04-19 21:36 - 2011-11-03 06:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{18FF0A2E-8C82-42A7-BE9E-70AE7A2E5A04}
2012-04-19 21:36 - 2011-09-13 12:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{08F5D69C-7901-4EA1-98F6-430B2A2A0090}
2012-04-19 16:29 - 2011-09-28 20:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{22374D4D-7C80-4349-A0B0-810A102FBAA4}
2012-04-19 16:28 - 2011-10-17 13:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8DC38F73-3245-4E8C-8520-8EA3D8E01718}
2012-04-19 16:05 - 2011-10-14 14:03 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{57DE47CF-F98C-410A-ADE5-621D3CCF8804}
2012-04-19 16:05 - 2011-09-29 05:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CE54D447-7509-4B67-B89D-02B40C894469}
2012-04-19 13:52 - 2011-08-31 01:29 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1F8F429B-0543-4311-944D-FC66DFFC77CA}
2012-04-19 13:52 - 2011-02-16 19:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{70D9BC37-A4C0-4621-81EA-BE7152FC10BA}
2012-04-19 13:28 - 2011-09-21 13:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{61C5B988-DA83-4CFF-9CF7-E85D312B28C1}
2012-04-19 13:27 - 2012-02-07 18:03 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BDAE4FCC-714F-4B4C-A51F-E76F39F072C2}
2012-04-19 13:23 - 2011-09-29 20:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{03C8D5CD-2DCF-4CD6-9B0E-337EC43B7D4B}
2012-04-19 13:23 - 2011-08-23 23:43 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D9C5E915-63DA-4DFF-BCD0-B801B13F1323}
2012-04-19 13:22 - 2012-04-19 13:22 - 0790945 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_14_22_49.dmp
2012-04-19 13:22 - 2012-04-19 13:20 - 0796352 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_14_22_35.dmp
2012-04-19 13:20 - 2012-04-19 02:44 - 0784984 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_14_20_26.dmp
2012-04-19 02:45 - 2011-09-06 12:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E2678831-FABB-4C75-A42E-7102B09F3A98}
2012-04-19 02:44 - 2012-04-19 02:43 - 0790586 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_03_44_02.dmp
2012-04-19 02:44 - 2012-04-13 13:34 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{82BBDDD2-A80A-4DD3-9255-AA985EEB91B6}
2012-04-19 02:43 - 2012-04-19 02:42 - 0784060 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_03_43_47.dmp
2012-04-19 02:42 - 2012-04-18 22:23 - 0786154 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_03_42_09.dmp
2012-04-19 00:55 - 2011-09-07 20:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A53C9D78-AF14-4259-9481-FE19169F680A}
2012-04-19 00:55 - 2011-07-20 22:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DA57205D-14AF-4E5A-8696-15769F382670}
2012-04-18 23:19 - 2011-10-14 02:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{FA0BE2EC-3860-4287-9113-6F7A1E2785A5}
2012-04-18 23:19 - 2011-10-12 01:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1580ED82-76E1-4691-9FF8-0BDDDA1B5E38}
2012-04-18 22:26 - 2011-09-08 20:33 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1B0B7B5F-8DDB-485F-8E1C-5FFE30CDCE10}
2012-04-18 22:25 - 2011-04-04 13:06 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{434C05BB-2966-4200-9BE4-7A2EB7C036FA}
2012-04-18 22:23 - 2012-04-18 22:23 - 0790901 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_23_23_33.dmp
2012-04-18 22:23 - 2012-04-18 22:23 - 0781542 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_23_23_42.dmp
2012-04-18 22:23 - 2012-04-18 13:11 - 0785757 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_23_23_09.dmp
2012-04-18 19:11 - 2010-11-12 19:19 - 11142912 ___AH C:\Users\pcwt5\Downloads\Adele_-_Someone_Like_You.pdf
2012-04-18 13:45 - 2011-08-23 23:43 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{87391CD7-E608-4341-BD74-FC3F999C0638}
2012-04-18 13:20 - 2011-09-08 13:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B1C53AB1-B108-4FFB-8701-E86449390611}
2012-04-18 13:19 - 2011-09-28 23:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A67D1F11-FE4B-4F67-9F70-666689508F63}
2012-04-18 13:14 - 2012-04-18 03:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{58C575D5-4FC9-4DDA-BD09-3555E8BBE601}
2012-04-18 13:14 - 2012-02-12 07:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{210A9212-1CB2-404E-95EB-A560BAA7E532}
2012-04-18 13:11 - 2012-04-18 13:11 - 0795388 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_14_11_43.dmp
2012-04-18 13:11 - 2012-04-18 13:11 - 0786984 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_14_11_35.dmp
2012-04-18 13:11 - 2012-04-18 04:10 - 0783674 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_14_11_13.dmp
2012-04-18 05:31 - 2011-10-17 22:59 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8C07C826-F6A0-485D-AFF7-1DF31D64F785}
2012-04-18 05:31 - 2011-08-24 14:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AD848781-E807-4088-9396-E91826AAD135}
2012-04-18 04:15 - 2011-08-26 13:00 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B2EFE5D9-FBB7-4843-8964-0FAB9F2822EE}
2012-04-18 04:14 - 2012-01-14 18:59 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C4398CE3-91B5-42FA-8050-FAB92BE703C5}
2012-04-18 04:10 - 2012-04-18 04:10 - 0791872 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_05_10_28.dmp
2012-04-18 04:10 - 2012-04-18 04:10 - 0788883 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_05_10_20.dmp
2012-04-18 04:10 - 2012-04-17 23:50 - 0783495 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_05_10_06.dmp
2012-04-18 03:26 - 2011-12-11 17:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C45CA3AA-5444-4611-AA4E-21287E16D560}
2012-04-18 03:26 - 2011-11-17 05:13 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{58B8A91A-DC0F-4FCF-9DAD-EB2B7AC1D5F5}
2012-04-17 23:54 - 2012-01-15 19:01 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F4A00506-46BF-43AC-8B61-71EDEDEBDAD2}
2012-04-17 23:54 - 2011-08-07 14:51 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F02C6E1F-1F2A-465D-B7E7-03190852C68F}
2012-04-17 23:50 - 2012-04-17 23:50 - 0785677 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_00_50_51.dmp
2012-04-17 23:50 - 2012-04-17 23:50 - 0784649 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_00_50_43.dmp
2012-04-17 23:50 - 2012-04-17 13:10 - 0781193 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_00_50_26.dmp
2012-04-17 14:49 - 2011-08-11 09:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3F96A602-47B6-4B85-BFBF-54550569C44C}
2012-04-17 14:48 - 2011-11-09 16:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{7EEA07A1-22C7-4BAE-926B-21AAFA611CFE}
2012-04-17 13:18 - 2011-09-13 12:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2DACD392-0E0F-4446-9FE2-96CDABD918EF}
2012-04-17 13:18 - 2011-08-20 18:36 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E18B719F-10C4-472B-9EFB-032FA7A63EFC}
2012-04-17 13:15 - 2011-09-27 13:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A32B6CDD-863D-40EE-95CB-33F06DEA0D44}
2012-04-17 13:14 - 2012-02-04 15:43 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F176C6E3-46CE-46A0-B510-7010FDD1DE4D}
2012-04-17 13:11 - 2012-04-13 17:36 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F3A19CE7-9943-44CF-832A-1FFCCC18FC72}
2012-04-17 13:10 - 2012-04-17 13:10 - 0786175 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_17_14_10_31.dmp
2012-04-17 13:10 - 2012-04-17 13:10 - 0785602 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_17_14_10_20.dmp
2012-04-17 13:10 - 2012-04-16 13:14 - 0787995 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_17_14_10_00.dmp
2012-04-17 05:49 - 2011-12-02 15:41 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{ABE57913-591E-46DF-AE23-7918AE6E8E39}
2012-04-17 05:49 - 2011-11-18 17:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E8001B5E-8B40-4597-9340-307654384186}
2012-04-16 14:03 - 2011-10-30 17:34 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1489A46E-E4A1-427A-92D0-021AAA7D907A}
2012-04-16 14:02 - 2011-06-27 13:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{45365696-A885-4A1D-8B86-829555F8F299}
2012-04-16 13:17 - 2011-08-24 23:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{94DFC8FC-ED4D-4BC1-BCC8-1EF65E016879}
2012-04-16 13:16 - 2011-08-17 17:38 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F0F60063-0DBF-4E48-B92E-348A294104CB}
2012-04-16 13:14 - 2012-04-16 13:14 - 0789595 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_16_14_14_30.dmp
2012-04-16 13:14 - 2012-04-16 13:14 - 0783185 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_16_14_14_40.dmp
2012-04-16 13:14 - 2012-04-15 15:15 - 0787549 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_16_14_14_11.dmp
2012-04-16 03:23 - 2011-09-17 13:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D4B70738-FE3E-4827-A789-AE711623858B}
2012-04-16 02:10 - 2011-10-12 23:47 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2CB0EE03-B12D-4BCB-9196-805CF535872F}
2012-04-16 02:10 - 2011-08-25 23:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{491945EF-E879-40B7-8EE8-AA17301D70F5}
2012-04-15 15:23 - 2011-09-15 13:00 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2748E8F8-0D87-4266-88FF-5921A7D0990A}
2012-04-15 15:22 - 2011-06-23 13:33 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{68CEE430-B38E-405B-8AC4-55A1C7B0C317}
2012-04-15 15:17 - 2011-06-12 04:58 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5FF3E234-1531-4C6B-87EB-983894087982}
2012-04-15 15:17 - 2011-04-30 04:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AF10622C-DBA9-48A2-B281-0572241D7946}
2012-04-15 15:14 - 2012-04-15 15:14 - 0785973 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_16_14_47.dmp
2012-04-15 15:14 - 2012-04-15 15:14 - 0779291 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_16_14_58.dmp
2012-04-15 15:14 - 2012-04-15 03:46 - 0782209 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_16_14_30.dmp
2012-04-15 06:50 - 2011-12-01 15:38 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E0D0AA84-6462-4F1B-A8D0-5574DFCF3007}
2012-04-15 06:49 - 2012-01-09 02:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1E0D43D8-1EC0-4E4F-9F63-3CEB28890198}
2012-04-15 03:49 - 2011-12-01 03:37 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{67E0F8EA-7860-4AA6-8937-FE1DB5FCC905}
2012-04-15 03:49 - 2011-10-08 01:08 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9A484E71-F550-451B-A73B-E86739E27EBD}
2012-04-15 03:46 - 2012-04-15 03:46 - 0783479 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_04_46_17.dmp
2012-04-15 03:46 - 2012-04-15 03:45 - 0790764 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_04_46_08.dmp
2012-04-15 03:45 - 2012-04-14 17:40 - 0778715 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_04_45_47.dmp
2012-04-14 17:41 - 2012-04-17 05:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{ABEBD130-82C7-4C49-A985-F3E48C1C6183}
2012-04-14 17:41 - 2012-01-18 14:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CB7FE5B6-6AD3-4E38-B371-6894CE3B287D}
2012-04-14 17:40 - 2012-04-14 17:40 - 0780846 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_18_40_35.dmp
2012-04-14 17:40 - 2012-04-14 17:38 - 0785641 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_18_40_24.dmp
2012-04-14 17:38 - 2012-04-14 14:19 - 0790272 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_18_38_41.dmp
2012-04-14 16:09 - 2011-11-02 02:13 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0FC923E6-D953-44D5-B39F-9FFDADC407A5}
2012-04-14 16:09 - 2011-04-07 13:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0B556D15-FD19-438D-8B94-6E6D61B41BCA}
2012-04-14 14:52 - 2011-11-03 18:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{72A92459-7926-4922-BF6B-4463F8F80DC0}
2012-04-14 14:52 - 2011-09-06 21:06 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5D47B65F-2F72-4B05-8D4D-48E8FD528978}
2012-04-14 14:23 - 2012-04-14 14:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{313F7EDF-4DF2-42A2-B895-0DA5AEDD31CC}
2012-04-14 14:23 - 2012-02-01 06:50 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{313D4C30-E78E-407A-920D-BBD688050117}
2012-04-14 14:19 - 2012-04-14 14:19 - 0787562 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_15_19_53.dmp
2012-04-14 14:19 - 2012-04-14 14:19 - 0787277 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_15_19_44.dmp
2012-04-14 14:19 - 2012-04-13 17:31 - 0784531 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_15_19_20.dmp
2012-04-14 05:22 - 2011-09-02 12:50 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BF521969-D467-4031-A912-F52C09F8BDB3}
2012-04-14 05:21 - 2011-08-21 02:08 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9840A383-5F1E-438D-9077-305671440D13}
2012-04-13 23:06 - 2011-12-23 14:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{81C5D2F1-0148-44C4-A76E-7C06AC1E192A}
2012-04-13 23:05 - 2012-04-04 01:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9606C1EB-455B-4263-8ACE-2469480A4E09}
2012-04-13 17:41 - 2012-05-01 02:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{653DD3B9-D5AD-4AE9-9636-7C8FF0016088}
2012-04-13 17:41 - 2012-04-24 13:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0067F58B-BB7D-4921-8415-A956CA5B91C2}
2012-04-13 17:36 - 2012-03-05 17:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A847926F-8746-4F4D-8509-DF3D811FD8C0}
2012-04-13 17:36 - 2011-09-28 13:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F3965CFE-5CCE-438F-B5DF-B1439CF3E79B}
2012-04-13 17:31 - 2012-04-13 17:31 - 0790237 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_18_31_08.dmp
2012-04-13 17:31 - 2012-04-13 17:30 - 0791681 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_18_31_00.dmp
2012-04-13 17:30 - 2012-04-13 13:31 - 0778717 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_18_30_39.dmp
2012-04-13 13:35 - 2011-08-29 17:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E4DF7679-72FF-4292-8A85-FEF50CE70334}
2012-04-13 13:34 - 2012-02-11 19:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{828CCF63-AD4B-49B0-B936-BA2B43234980}
2012-04-13 13:31 - 2012-04-13 13:31 - 0784531 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_14_31_21.dmp
2012-04-13 13:31 - 2012-04-13 13:30 - 0792463 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_14_31_13.dmp
2012-04-13 13:30 - 2012-04-13 02:30 - 0790106 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_14_30_54.dmp
2012-04-13 02:55 - 2012-01-29 18:45 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A4AB0C19-B51B-426E-83BB-08D24A444C79}
2012-04-13 02:30 - 2012-04-13 02:29 - 0785607 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_03_30_05.dmp
2012-04-13 02:29 - 2012-04-13 02:29 - 0791112 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_03_29_57.dmp
2012-04-13 02:29 - 2012-04-12 20:20 - 0783487 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_03_29_39.dmp
2012-04-12 20:20 - 2012-04-12 20:19 - 0779458 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_21_20_07.dmp
2012-04-12 20:19 - 2012-04-12 20:19 - 0782612 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_21_19_57.dmp
2012-04-12 20:19 - 2012-04-12 19:36 - 0781808 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_21_19_42.dmp
2012-04-12 19:51 - 2012-02-28 07:34 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-04-12 19:51 - 2012-02-28 06:56 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-04-12 19:51 - 2012-02-28 06:48 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-04-12 19:51 - 2012-02-28 06:45 - 2311168 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-04-12 19:51 - 2012-02-28 06:42 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-04-12 19:51 - 2012-02-28 01:52 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-04-12 19:51 - 2012-02-28 01:18 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-04-12 19:51 - 2012-02-28 01:09 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-04-12 19:51 - 2012-02-28 01:06 - 1799168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-04-12 19:51 - 2012-02-28 01:03 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-04-12 19:51 - 2012-02-11 00:00 - 9705984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-04-12 19:51 - 2012-02-11 00:00 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-04-12 19:51 - 2012-02-11 00:00 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-04-12 19:51 - 2012-02-11 00:00 - 17790976 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-04-12 19:51 - 2012-02-11 00:00 - 12281856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-04-12 19:51 - 2012-02-11 00:00 - 10888704 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-04-12 19:51 - 2012-02-11 00:00 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-04-12 19:51 - 2012-02-11 00:00 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-04-12 19:51 - 2011-05-03 05:21 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-04-12 19:51 - 2011-05-03 04:50 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-04-12 19:51 - 2010-12-21 06:16 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-04-12 19:51 - 2010-12-21 05:38 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-04-12 19:51 - 2009-07-14 01:41 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-04-12 19:51 - 2009-07-14 01:38 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-04-12 19:51 - 2009-07-14 01:16 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-04-12 19:51 - 2009-07-14 01:14 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-04-12 19:36 - 2012-04-12 19:36 - 0785453 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_20_36_36.dmp
2012-04-12 19:36 - 2012-04-12 19:35 - 0786966 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_20_36_26.dmp
2012-04-12 19:35 - 2012-04-12 14:08 - 0780589 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_20_35_14.dmp
2012-04-12 19:25 - 2011-01-12 01:12 - 0000000 ____D C:\53d69b7d3999c7df3d785d5d
2012-04-12 19:23 - 2009-07-14 01:41 - 5504880 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-04-12 19:23 - 2009-07-14 01:16 - 3958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-04-12 19:23 - 2009-07-14 01:16 - 3902320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-04-12 19:16 - 2010-09-23 00:36 - 0022896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-04-12 19:16 - 2009-07-14 01:41 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-04-12 19:16 - 2009-07-14 01:38 - 0080896 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-04-12 19:16 - 2009-07-14 01:33 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-04-12 19:16 - 2009-07-14 01:16 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-04-12 19:16 - 2009-07-14 01:14 - 0158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-04-12 19:16 - 2009-07-14 01:11 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-04-12 14:54 - 2011-08-05 09:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9BED58FD-B02C-4C85-8924-70F1E62D2FCD}
2012-04-12 14:08 - 2012-04-12 14:08 - 0792474 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_15_08_21.dmp
2012-04-12 14:08 - 2012-04-12 14:07 - 0784566 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_15_08_13.dmp
2012-04-12 14:07 - 2012-04-12 03:45 - 0788513 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_15_07_57.dmp
2012-04-12 07:39 - 2012-04-28 17:16 - 3422506 ___AH C:\Users\pcwt5\Downloads\20120406_123023.jpg
2012-04-12 03:45 - 2012-04-12 03:45 - 0779361 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_45_16.dmp
2012-04-12 03:45 - 2012-04-12 03:44 - 0796109 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_45_01.dmp
2012-04-12 03:44 - 2012-04-12 03:34 - 0785387 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_44_10.dmp
2012-04-12 03:34 - 2012-04-12 03:34 - 0784170 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_34_50.dmp
2012-04-12 03:34 - 2012-04-12 03:34 - 0778844 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_34_41.dmp
2012-04-12 03:34 - 2012-04-12 02:48 - 0781696 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_34_22.dmp
2012-04-12 02:53 - 2011-08-26 20:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0A0DBCC2-1F4A-4CC9-B8A7-91036D32088E}
2012-04-12 02:48 - 2012-04-12 02:48 - 0791094 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_03_48_19.dmp
2012-04-12 02:48 - 2012-04-12 02:47 - 0786174 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_03_48_10.dmp
2012-04-12 02:47 - 2012-04-11 23:40 - 0786894 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_03_47_53.dmp
2012-04-11 23:40 - 2012-04-11 23:40 - 0791475 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_00_40_15.dmp
2012-04-11 23:40 - 2012-04-11 23:38 - 0783811 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_00_40_01.dmp
2012-04-11 23:38 - 2012-04-11 13:43 - 0788472 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_00_38_37.dmp
2012-04-11 21:54 - 2009-12-22 10:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Ihyl
2012-04-11 14:26 - 2012-02-23 22:12 - 0055040 ____A C:\Windows\SysWOW64\aylzcsni.dat
2012-04-11 14:26 - 2011-08-30 23:05 - 0365824 ____A C:\Windows\SysWOW64\jnjvffgk.dat
2012-04-11 14:26 - 2009-07-14 01:16 - 0041216 ____A C:\Windows\SysWOW64\ussqpxhp.dat
2012-04-11 14:26 - 2009-07-14 01:16 - 0036608 ____A C:\Windows\SysWOW64\yffknixm.dat
2012-04-11 14:26 - 2009-07-14 01:15 - 0154368 ____A C:\Windows\SysWOW64\hcvhdhoj.dat
2012-04-11 14:26 - 2009-07-14 01:15 - 0136960 ____A C:\Windows\SysWOW64\itrevakl.dat
2012-04-11 14:26 - 2009-07-14 01:15 - 0034048 ____A C:\Windows\SysWOW64\ifoaxtlp.dat
2012-04-11 14:26 - 2009-07-14 01:09 - 0058112 ____A C:\Windows\SysWOW64\nlwpporx.dat
2012-04-11 14:00 - 2011-08-31 02:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{90E20183-D7B9-4275-967C-40903175EBC7}
2012-04-11 13:54 - 2012-04-24 13:39 - 0000000 ___HD C:\Users\All Users\windows-updater
2012-04-11 13:54 - 2012-04-24 13:39 - 0000000 ___HD C:\ProgramData\windows-updater
2012-04-11 13:54 - - 0000436 ____A C:\Windows\Tasks\At1.job
2012-04-11 13:43 - 2012-04-11 13:43 - 0790464 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_14_43_24.dmp
2012-04-11 13:43 - 2012-04-11 13:42 - 0786434 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_14_43_13.dmp
2012-04-11 13:42 - 2012-04-11 01:57 - 0789746 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_14_42_55.dmp
2012-04-11 01:59 - 2011-10-05 20:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CEA53D8F-D31B-4B37-A5BE-6E93364126A7}
2012-04-11 01:57 - 2012-04-11 01:57 - 0790605 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_02_57_44.dmp
2012-04-11 01:57 - 2012-04-11 01:57 - 0785523 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_02_57_56.dmp
2012-04-11 01:57 - 2012-04-10 13:12 - 0787417 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_02_57_27.dmp
2012-04-10 13:14 - 2012-03-07 05:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E7BD7768-28D8-4205-ADB3-1FBC269072A2}
2012-04-10 13:12 - 2012-04-10 13:12 - 0787851 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_10_14_12_44.dmp
2012-04-10 13:12 - 2012-04-10 13:12 - 0780642 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_10_14_12_52.dmp
2012-04-10 13:12 - 2012-04-09 22:10 - 0793712 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_10_14_12_27.dmp
2012-04-09 22:37 - 2009-07-14 01:40 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-04-09 22:36 - 2012-05-02 04:44 - 0000000 ____D C:\Windows\system64
2012-04-09 22:10 - 2012-04-09 22:10 - 0786582 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_23_10_31.dmp
2012-04-09 22:10 - 2012-04-09 22:09 - 0800009 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_23_10_22.dmp
2012-04-09 22:09 - 2012-04-09 21:53 - 0799121 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_23_09_55.dmp
2012-04-09 21:56 - 2012-03-07 17:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{01DD07FF-A88C-4A6C-81D8-1FE1CC4A21A3}
2012-04-09 21:53 - 2012-04-09 21:53 - 0792488 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_22_53_45.dmp
2012-04-09 21:53 - 2012-04-09 21:53 - 0785514 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_22_53_52.dmp
2012-04-09 21:53 - 2012-04-09 02:37 - 0787627 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_22_53_23.dmp
2012-04-09 04:35 - 2011-12-11 05:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CCC4CAEB-E454-49EB-A9D8-FC7F99F080EE}
2012-04-09 02:37 - 2012-04-09 02:37 - 0789330 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_03_37_29.dmp
2012-04-09 02:37 - 2012-04-09 02:37 - 0788739 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_03_37_20.dmp
2012-04-09 02:37 - 2012-04-08 16:06 - 0782053 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_03_37_03.dmp
2012-04-08 17:42 - 2009-10-18 17:32 - 0057344 ___AH C:\Users\pcwt5\Downloads\Amended Checklist-PreTransferofBunkers Final version.doc
2012-04-08 16:35 - 2011-08-10 07:47 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0CA70EB3-809F-41A8-8B31-75A13DC848CD}
2012-04-08 16:06 - 2012-04-08 16:06 - 0780079 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_17_06_34.dmp
2012-04-08 16:06 - 2012-04-08 16:05 - 0776152 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_17_06_26.dmp
2012-04-08 16:05 - 2012-04-08 01:32 - 0782915 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_17_05_59.dmp
2012-04-08 04:34 - 2012-04-23 03:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{28AD863C-A57E-4225-BD13-8A98E22F16D5}
2012-04-08 01:32 - 2012-04-08 01:32 - 0791776 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_02_32_46.dmp
2012-04-08 01:32 - 2012-04-08 01:32 - 0791288 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_02_32_37.dmp
2012-04-08 01:32 - 2012-04-07 16:31 - 0790229 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_02_32_05.dmp
2012-04-07 16:34 - 2011-08-27 16:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C0E83092-E37B-4227-A187-DAD3BE5D9EF6}
2012-04-07 16:31 - 2012-04-07 16:31 - 0789654 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_07_17_31_36.dmp
2012-04-07 16:31 - 2012-04-07 16:30 - 0787146 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_07_17_31_29.dmp
2012-04-07 16:30 - 2012-04-06 16:53 - 0785691 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_07_17_30_57.dmp

============ 3 Months Modified Files and Folders =============

2012-05-07 00:06 - 2012-05-06 14:33 - 0000000 ____D C:\FRST
2012-05-06 22:58 - 2011-01-11 14:03 - 0282246 ____A C:\aaw7boot.log
2012-05-06 22:58 - 2009-12-22 18:51 - 3094622208 __ASH C:\hiberfil.sys
2012-05-06 22:58 - 2009-07-14 04:45 - 0493072 ____A C:\Windows\System32\FNTCACHE.DAT
2012-05-06 22:38 - 2010-05-16 21:09 - 4577706 ____A C:\Windows\ntbtlog.txt
2012-05-06 14:28 - 2012-02-05 11:20 - 0000000 ___HD C:\Users\All Users\Recovery
2012-05-06 14:28 - 2012-02-05 11:20 - 0000000 ___HD C:\ProgramData\Recovery
2012-05-02 04:43 - 2012-05-02 04:43 - 0012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2012-05-02 04:43 - 2012-05-02 04:43 - 0003956 ____A C:\Windows\System32\.crusader
2012-05-02 04:43 - 2012-05-02 03:52 - 0027936 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-05-02 04:43 - 2012-05-02 03:51 - 0000000 ____D C:\Users\All Users\HitmanPro
2012-05-02 04:43 - 2012-05-02 03:51 - 0000000 ____D C:\ProgramData\HitmanPro
2012-05-02 03:52 - 2012-05-02 03:52 - 0001893 ____A C:\Users\Public\Desktop\HitmanPro.lnk
2012-05-02 03:52 - 2012-05-02 03:51 - 0000000 ____D C:\Program Files\HitmanPro
2012-05-02 02:27 - 2012-05-02 02:26 - 8252840 ____A (SurfRight B.V.) C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe
2012-05-02 01:29 - 2012-05-02 01:28 - 0000469 ____A C:\rkill.log
2012-05-02 01:24 - 2012-05-02 01:24 - 1008141 ____A C:\Users\pcwt5\Downloads\iExplore.exe
2012-05-02 01:21 - 2012-05-02 01:21 - 0784039 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_21_25.dmp
2012-05-02 01:21 - 2012-05-02 01:21 - 0782766 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_21_08.dmp
2012-05-02 01:21 - 2012-05-02 01:21 - 0781691 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_21_18.dmp
2012-05-02 01:20 - 2009-07-14 04:45 - 0010096 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-05-02 01:20 - 2009-07-14 04:45 - 0010096 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-05-02 01:19 - 2009-12-03 01:34 - 1990266 ____A C:\Windows\WindowsUpdate.log
2012-05-02 01:17 - 2011-09-04 04:31 - 0000029 ____A C:\Windows\SysWOW64\TempWmicBatchFile.bat
2012-05-02 01:12 - 2012-05-02 01:12 - 0000000 ____D C:\Users\pcwt5\AppData\Local\{F5353179-622E-47AA-9532-7FD204C7B70C}
2012-05-02 01:12 - 2012-05-02 01:11 - 0000000 ____D C:\Users\pcwt5\AppData\Local\{933A7BA7-EA40-4E13-9414-F3E2E90F3588}
2012-05-02 01:11 - 2012-05-01 22:42 - 0000184 ____A C:\Users\All Users\-XWE3mXJBRcdem8r
2012-05-02 01:11 - 2012-05-01 22:42 - 0000184 ____A C:\ProgramData\-XWE3mXJBRcdem8r
2012-05-02 01:11 - 2012-05-01 22:42 - 0000000 ____A C:\Users\All Users\-XWE3mXJBRcdem8
2012-05-02 01:11 - 2012-05-01 22:42 - 0000000 ____A C:\ProgramData\-XWE3mXJBRcdem8
2012-05-02 01:11 - 2011-09-25 02:08 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Raptr
2012-05-02 01:11 - 2010-03-27 08:20 - 0000000 ___HD C:\Users\pcwt5\Tracing
2012-05-02 01:10 - 2012-01-27 20:22 - 0000000 ___HD C:\Users\All Users\Anti-phishing Domain Advisor
2012-05-02 01:10 - 2012-01-27 20:22 - 0000000 ___HD C:\ProgramData\Anti-phishing Domain Advisor
2012-05-02 01:09 - 2009-12-03 01:36 - 0000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-05-02 01:08 - 2011-03-07 02:30 - 0000000 ____A C:\Windows\SysWOW64\com.smslimited.sam.admin-init.log.lck
2012-05-02 01:07 - 2012-05-02 01:07 - 0803839 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_07_47.dmp
2012-05-02 01:07 - 2012-05-02 01:07 - 0800420 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_07_39.dmp
2012-05-02 01:07 - 2012-05-02 01:07 - 0792075 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_02_02_07_24.dmp
2012-05-02 01:07 - 2011-03-07 02:30 - 0019877 ____A C:\Windows\SysWOW64\com.smslimited.iforms-init.log
2012-05-02 01:07 - 2011-03-07 02:30 - 0000000 ____A C:\Windows\SysWOW64\smk.startup.temp.log.lck
2012-05-02 01:07 - 2011-03-07 02:30 - 0000000 ____A C:\Windows\SysWOW64\smk.startup.temp.log
2012-05-02 01:07 - 2011-03-07 02:30 - 0000000 ____A C:\Windows\SysWOW64\com.smslimited.iforms-init.log.lck
2012-05-02 01:07 - 2010-12-30 23:26 - 0001051 ____A C:\Windows\SysWOW64\tversity.cookies
2012-05-02 01:07 - 2010-12-30 23:23 - 0003492 ____A C:\Windows\SysWOW64\TVersityMediaServer.log
2012-05-02 01:07 - 2009-07-14 05:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-05-02 01:07 - 2009-07-14 04:51 - 0188919 ____A C:\Windows\setupact.log
2012-05-02 01:06 - 2009-12-03 02:11 - 0457992 ____A C:\Windows\PFRO.log
2012-05-02 00:35 - 2009-12-03 01:36 - 0000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-05-02 00:35 - 2009-07-14 03:20 - 0000000 ___HD C:\Windows\tracing
2012-05-01 22:41 - 2010-03-29 16:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Skype
2012-05-01 22:22 - 2012-05-01 22:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E85104C4-2416-430E-BAE8-FF63DD741C55}
2012-05-01 22:22 - 2012-05-01 22:03 - 0000256 ___AH C:\Users\All Users\XWE3mXJBRcdem8
2012-05-01 22:22 - 2012-05-01 22:03 - 0000256 ___AH C:\ProgramData\XWE3mXJBRcdem8
2012-05-01 22:18 - 2012-05-01 22:18 - 0799081 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_23_18_28.dmp
2012-05-01 22:18 - 2012-05-01 22:18 - 0791957 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_23_18_36.dmp
2012-05-01 22:18 - 2012-05-01 22:18 - 0782060 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_23_18_09.dmp
2012-05-01 22:03 - 2012-05-01 22:03 - 0222208 ___AH C:\Users\All Users\XWE3mXJBRcdem8.exe_1336347353.arl
2012-05-01 22:03 - 2012-05-01 22:03 - 0222208 ___AH C:\ProgramData\XWE3mXJBRcdem8.exe_1336347353.arl
2012-05-01 22:02 - 2012-05-01 22:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{05F87219-D93B-418A-BEEC-9D2CACF2503E}
2012-05-01 21:39 - 2012-05-01 21:39 - 0789979 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_22_39_58.dmp
2012-05-01 21:39 - 2012-05-01 21:39 - 0789956 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_22_39_30.dmp
2012-05-01 21:39 - 2012-05-01 21:39 - 0787085 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_22_39_51.dmp
2012-05-01 21:25 - 2012-05-01 21:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AB0E2318-2FD3-4888-92CE-51BE7B0E5478}
2012-05-01 20:52 - 2012-05-01 20:52 - 0790536 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_52_55.dmp
2012-05-01 20:52 - 2012-05-01 20:52 - 0785009 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_52_48.dmp
2012-05-01 20:52 - 2012-05-01 20:52 - 0781895 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_52_27.dmp
2012-05-01 20:41 - 2012-05-01 20:41 - 0791043 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_41_46.dmp
2012-05-01 20:41 - 2012-05-01 20:41 - 0783783 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_41_53.dmp
2012-05-01 20:41 - 2012-05-01 20:41 - 0778775 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_41_34.dmp
2012-05-01 20:39 - 2012-05-01 20:39 - 0789095 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_39_01.dmp
2012-05-01 20:38 - 2012-05-01 20:38 - 0789024 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_38_27.dmp
2012-05-01 20:38 - 2012-05-01 20:38 - 0787807 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_38_52.dmp
2012-05-01 20:35 - 2012-05-01 20:35 - 0787958 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_35_19.dmp
2012-05-01 20:35 - 2012-05-01 20:35 - 0787098 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_35_32.dmp
2012-05-01 20:35 - 2012-05-01 20:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1E9708A6-62C2-47A0-A8BF-D4111CAE3C12}
2012-05-01 20:32 - 2012-05-01 20:32 - 0791267 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_32_53.dmp
2012-05-01 20:30 - 2012-05-01 20:30 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A2975F85-EFFA-4B75-B6EB-38911A3DE0A5}
2012-05-01 20:27 - 2012-05-01 20:27 - 0789876 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_27_35.dmp
2012-05-01 20:27 - 2012-05-01 20:27 - 0781249 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_27_28.dmp
2012-05-01 20:27 - 2012-05-01 20:27 - 0776042 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_21_27_12.dmp
2012-05-01 19:57 - 2012-05-01 19:49 - 0000256 ___AH C:\Users\All Users\oVQukyH52o8jiV
2012-05-01 19:57 - 2012-05-01 19:49 - 0000256 ___AH C:\ProgramData\oVQukyH52o8jiV
2012-05-01 19:57 - 2012-05-01 19:49 - 0000000 ___AH C:\Users\All Users\-oVQukyH52o8jiV
2012-05-01 19:57 - 2012-05-01 19:49 - 0000000 ___AH C:\ProgramData\-oVQukyH52o8jiV
2012-05-01 19:51 - 2012-05-01 19:51 - 0783890 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_51_07.dmp
2012-05-01 19:51 - 2012-05-01 19:51 - 0777714 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_51_00.dmp
2012-05-01 19:50 - 2012-05-01 19:50 - 0795799 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_50_46.dmp
2012-05-01 19:49 - 2012-05-01 19:49 - 0222208 ___AH C:\Users\All Users\oVQukyH52o8jiV.exe_1336347353.arl
2012-05-01 19:49 - 2012-05-01 19:49 - 0222208 ___AH C:\ProgramData\oVQukyH52o8jiV.exe_1336347353.arl
2012-05-01 19:49 - 2012-05-01 19:49 - 0000655 ___AH C:\Users\pcwt5\Desktop\Data_Recovery.lnk
2012-05-01 19:49 - 2012-05-01 19:49 - 0000184 ___AH C:\Users\All Users\-oVQukyH52o8jiVr
2012-05-01 19:49 - 2012-05-01 19:49 - 0000184 ___AH C:\ProgramData\-oVQukyH52o8jiVr
2012-05-01 19:49 - 2012-05-01 19:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D18AF664-8FB8-4D02-BF01-B78A88226172}
2012-05-01 19:49 - 2012-05-01 19:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{021B4ECB-56E3-4844-B9EA-43E59C6576F6}
2012-05-01 19:43 - 2012-05-01 19:43 - 0782571 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_43_06.dmp
2012-05-01 19:43 - 2012-05-01 19:42 - 0791981 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_42_58.dmp
2012-05-01 19:42 - 2012-05-01 19:42 - 0786686 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_42_39.dmp
2012-05-01 19:18 - 2012-05-01 19:18 - 0786934 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_18_40.dmp
2012-05-01 19:18 - 2012-05-01 19:18 - 0786841 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_18_19.dmp
2012-05-01 19:18 - 2012-05-01 19:18 - 0783683 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_18_33.dmp
2012-05-01 19:08 - 2012-05-01 19:08 - 0792937 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_08_26.dmp
2012-05-01 19:08 - 2012-05-01 19:08 - 0785043 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_08_42.dmp
2012-05-01 19:08 - 2012-05-01 19:08 - 0782170 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_20_08_50.dmp
2012-05-01 19:07 - 2012-05-01 19:07 - 0006512 ____H C:\bootsqm.dat
2012-05-01 18:42 - 2010-03-27 17:31 - 0000000 ____D C:\Users\Public\Desktop\MyDSC2
2012-05-01 15:54 - 2012-05-01 15:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E78D314A-0FF3-45F2-AD60-640F565F4906}
2012-05-01 15:53 - 2012-05-01 15:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1ADA076C-41D3-42E4-B40A-4D9EFF4CA05A}
2012-05-01 15:50 - 2012-05-01 15:50 - 0791512 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_50_06.dmp
2012-05-01 15:49 - 2012-05-01 15:49 - 0801095 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_49_37.dmp
2012-05-01 15:49 - 2012-05-01 15:49 - 0785722 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_49_59.dmp
2012-05-01 15:15 - 2012-05-01 15:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3B207406-5269-40F8-BFCB-F0B8BB77D266}
2012-05-01 15:15 - 2012-05-01 15:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{075CAA42-8CEA-4FBB-BDFB-1ED928DE1D1F}
2012-05-01 15:12 - 2012-05-01 15:12 - 0796427 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_12_45.dmp
2012-05-01 15:12 - 2012-05-01 15:12 - 0791552 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_12_52.dmp
2012-05-01 15:12 - 2012-05-01 15:12 - 0790742 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_16_12_28.dmp
2012-05-01 15:12 - 2012-04-11 13:54 - 0000436 ____A C:\Windows\Tasks\At1.job
2012-05-01 13:29 - 2012-05-01 13:29 - 0156547 ___AH C:\Users\pcwt5\Downloads\quarterly Fuel Bill till 10-4-2012 (2).pdf
2012-05-01 13:29 - 2012-05-01 13:29 - 0156547 ___AH C:\Users\pcwt5\Downloads\quarterly Fuel Bill till 10-4-2012 (1).pdf
2012-05-01 13:28 - 2010-04-02 21:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Adobe
2012-05-01 13:27 - 2012-05-01 13:27 - 0156547 ___AH C:\Users\pcwt5\Downloads\quarterly Fuel Bill till 10-4-2012.pdf
2012-05-01 13:10 - 2012-05-01 13:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AB03D844-CA98-4B74-BB32-D3D70394EE8B}
2012-05-01 13:10 - 2012-05-01 13:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{32B36069-735D-4CCA-A776-29B3565FE3DA}
2012-05-01 13:07 - 2012-05-01 13:07 - 0800497 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_14_07_33.dmp
2012-05-01 13:07 - 2012-05-01 13:07 - 0798888 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_14_07_50.dmp
2012-05-01 13:07 - 2012-05-01 13:07 - 0790157 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_14_07_57.dmp
2012-05-01 06:31 - 2012-01-03 14:12 - 0000000 ___HD C:\smslimited
2012-05-01 06:31 - 2010-06-15 22:48 - 0000000 ___HD C:\__smslimited
2012-05-01 06:31 - 2010-03-27 20:39 - 0002074 ___AH C:\Users\pcwt5\Documents\Default.rdp
2012-05-01 02:53 - 2012-05-01 02:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{64FD770E-160E-4BBA-A849-9CB159B9659F}
2012-05-01 02:53 - 2012-05-01 02:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{52FF098F-2F01-4B83-834C-A9FDCDDDC138}
2012-05-01 02:50 - 2012-05-01 02:50 - 0792921 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_03_50_19.dmp
2012-05-01 02:50 - 2012-05-01 02:50 - 0789216 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_03_50_28.dmp
2012-05-01 02:50 - 2012-05-01 02:50 - 0783036 ____A C:\Windows\SysWOW64\(null)AAWService__2012_05_01_03_50_03.dmp
2012-04-30 17:55 - 2012-04-30 17:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2EDE731F-374B-403F-8E55-0241F8E58F86}
2012-04-30 17:55 - 2012-04-30 17:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{03FA506E-9631-44BD-85BD-A1A27E16823E}
2012-04-30 17:51 - 2012-04-30 17:51 - 0793299 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_18_51_15.dmp
2012-04-30 17:51 - 2012-04-30 17:51 - 0789666 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_18_51_22.dmp
2012-04-30 17:51 - 2012-04-30 17:51 - 0781664 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_18_51_00.dmp
2012-04-30 15:32 - 2012-04-30 15:32 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{33600838-AA50-4D26-969E-1E4F5C46B515}
2012-04-30 15:32 - 2012-04-30 15:32 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2FEEE62A-78AF-4546-B0C0-16D9AE495017}
2012-04-30 15:25 - 2012-04-30 15:25 - 0789150 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_16_25_37.dmp
2012-04-30 15:25 - 2012-04-30 15:25 - 0786950 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_16_25_19.dmp
2012-04-30 15:25 - 2012-04-30 15:25 - 0783489 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_16_25_44.dmp
2012-04-30 14:29 - 2012-04-30 14:29 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C2CF7053-C654-42C5-B309-866771921306}
2012-04-30 14:29 - 2012-04-30 14:29 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{79B31A9F-FCD1-472C-A50D-7A3904E78E2B}
2012-04-30 13:12 - 2012-04-30 13:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D3F65FE2-0574-47C8-8C19-FB662CF90ED6}
2012-04-30 13:11 - 2012-04-30 13:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9EDF099C-70C3-4236-B234-870275134302}
2012-04-30 13:09 - 2012-04-30 13:09 - 0801382 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_14_09_20.dmp
2012-04-30 13:09 - 2012-04-30 13:09 - 0789164 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_14_09_12.dmp
2012-04-30 13:08 - 2012-04-30 13:08 - 0782357 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_14_08_56.dmp
2012-04-30 04:13 - 2012-04-30 04:13 - 0070449 ___AH C:\Users\pcwt5\Downloads\PR (1).jpg
2012-04-30 04:12 - 2012-04-30 04:12 - 0070449 ___AH C:\Users\pcwt5\Downloads\PR.jpg
2012-04-30 04:03 - 2012-04-30 04:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2FBE040E-C82D-4463-ACD4-D9124F0D8E1E}
2012-04-30 04:02 - 2012-04-30 04:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4CD64D5C-8771-458B-BCCF-D175B872D2EE}
2012-04-30 03:59 - 2012-04-30 03:59 - 0786827 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_04_59_42.dmp
2012-04-30 03:59 - 2012-04-30 03:59 - 0785659 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_04_59_03.dmp
2012-04-30 03:59 - 2012-04-30 03:59 - 0779775 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_04_59_34.dmp
2012-04-30 01:44 - 2012-04-30 01:43 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CC418A48-DD5A-486B-A7F4-CE0D2B83E4E8}
2012-04-30 01:43 - 2012-04-30 01:43 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D6AEC580-1A07-4B3A-BCE8-DD7E41DE6790}
2012-04-30 01:40 - 2012-04-30 01:40 - 0785753 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_40_32.dmp
2012-04-30 01:40 - 2012-04-30 01:40 - 0781843 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_40_04.dmp
2012-04-30 01:40 - 2012-04-30 01:40 - 0778123 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_40_24.dmp
2012-04-30 01:28 - 2012-04-30 01:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5FC3AE8E-E727-4BB0-921A-DEEF8FFE49AB}
2012-04-30 01:28 - 2012-04-30 01:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{576A53C0-CCD3-4BD2-A9C9-5B858017D6F8}
2012-04-30 01:24 - 2012-04-30 01:24 - 0791463 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_24_11.dmp
2012-04-30 01:24 - 2012-04-30 01:24 - 0786782 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_24_02.dmp
2012-04-30 01:23 - 2012-04-30 01:23 - 0785503 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_30_02_23_38.dmp
2012-04-29 19:26 - 2012-04-29 19:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{553F0817-2044-4627-9F0D-B308963417A9}
2012-04-29 19:25 - 2012-04-29 19:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CF5C11B9-00A8-4DF1-9A2B-9C6093128BAD}
2012-04-29 19:23 - 2012-04-29 19:23 - 0786359 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_20_23_06.dmp
2012-04-29 19:22 - 2012-04-29 19:22 - 0789031 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_20_22_57.dmp
2012-04-29 19:22 - 2012-04-29 19:22 - 0779132 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_20_22_35.dmp
2012-04-29 19:22 - 2009-07-14 05:08 - 0032620 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-04-29 16:42 - 2012-04-29 16:42 - 2880026 ___AH C:\Users\pcwt5\Downloads\20120428_121349 (3).jpg
2012-04-29 16:19 - 2012-04-29 16:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{558FE5DB-7EB1-4562-A264-12AB3C6BE863}
2012-04-29 16:19 - 2012-04-29 16:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{57F5021F-AB92-49D3-BD9C-2B24A4315BCF}
2012-04-29 15:32 - 2012-04-29 15:32 - 0790950 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_16_32_41.dmp
2012-04-29 15:32 - 2012-04-29 15:32 - 0787774 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_16_32_32.dmp
2012-04-29 15:32 - 2012-04-29 15:32 - 0781462 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_29_16_32_06.dmp
2012-04-28 17:30 - 2012-04-28 17:27 - 0081159 ___AH C:\Users\pcwt5\Downloads\20120111_152838 (1).jpg
2012-04-28 17:24 - 2012-04-28 17:24 - 0168556 ___AH C:\Users\pcwt5\Downloads\Original Sony Battery.jpg
2012-04-28 17:21 - 2012-04-28 17:20 - 2880026 ___AH C:\Users\pcwt5\Downloads\20120428_121349 (2).jpg
2012-04-28 17:20 - 2012-04-28 17:19 - 2880026 ___AH C:\Users\pcwt5\Downloads\20120428_121349 (1).jpg
2012-04-28 17:19 - 2012-04-28 17:19 - 2880026 ___AH C:\Users\pcwt5\Downloads\20120428_121349.jpg
2012-04-28 17:16 - 2012-04-28 17:16 - 1989298 ___AH C:\Users\pcwt5\Downloads\20120111_152838.jpg
2012-04-28 16:27 - 2012-04-28 16:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B282FABB-52D9-4910-B8E2-9DFB3B0A3107}
2012-04-28 16:27 - 2012-04-28 16:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A47945CB-A781-4E5D-8B7D-C4BA3C9A749A}
2012-04-28 16:25 - 2012-04-28 16:25 - 0789785 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_25_14.dmp
2012-04-28 16:25 - 2012-04-28 16:25 - 0785246 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_25_23.dmp
2012-04-28 16:24 - 2012-04-28 16:24 - 0785477 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_24_54.dmp
2012-04-28 16:06 - 2012-04-28 16:06 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{531B8A56-6C79-4811-AC81-94A7B9D88AFE}
2012-04-28 16:06 - 2012-04-28 16:06 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1B382B8F-87EA-4636-BC81-CBD65E17A27D}
2012-04-28 16:04 - 2012-04-28 16:04 - 0784190 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_04_18.dmp
2012-04-28 16:04 - 2012-04-28 16:04 - 0779038 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_04_09.dmp
2012-04-28 16:03 - 2012-04-28 16:03 - 0789905 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_17_03_49.dmp
2012-04-28 15:36 - 2012-04-28 15:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2F80ECB8-52B9-4301-A1E4-6C4D9B6D586D}
2012-04-28 15:35 - 2012-04-28 15:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9F9FEF7D-0527-45C4-AC87-6AEEE7184FC5}
2012-04-28 15:32 - 2012-04-28 15:32 - 0793127 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_32_48.dmp
2012-04-28 15:32 - 2012-04-28 15:32 - 0782515 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_32_31.dmp
2012-04-28 15:32 - 2012-04-28 15:32 - 0781605 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_32_58.dmp
2012-04-28 15:30 - 2012-04-28 15:30 - 0797299 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_30_18.dmp
2012-04-28 15:30 - 2012-04-28 15:30 - 0789534 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_30_26.dmp
2012-04-28 15:29 - 2011-12-28 04:35 - 0000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2012-04-28 15:28 - 2012-04-28 15:28 - 0785402 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_16_28_30.dmp
2012-04-28 15:28 - 2011-12-28 04:35 - 0000000 ____D C:\Users\Guest\AppData\Local\Adobe
2012-04-28 07:22 - 2010-05-28 18:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Azureus
2012-04-28 07:14 - 2011-05-22 23:43 - 0000000 ___HD C:\Users\All Users\regid.1986-12.com.adobe
2012-04-28 07:14 - 2011-05-22 23:43 - 0000000 ___HD C:\ProgramData\regid.1986-12.com.adobe
2012-04-28 07:12 - 2010-04-11 03:18 - 0000000 ____D C:\Program Files (x86)\Adobe
2012-04-28 07:12 - 2009-12-22 11:01 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Adobe
2012-04-28 07:10 - 2009-12-03 01:32 - 0000000 ___HD C:\Users\All Users\Adobe
2012-04-28 07:10 - 2009-12-03 01:32 - 0000000 ___HD C:\ProgramData\Adobe
2012-04-28 07:02 - 2010-05-28 18:10 - 0000000 ___HD C:\Users\pcwt5\Documents\Vuze Downloads
2012-04-28 04:56 - 2010-05-28 18:08 - 0000000 ____D C:\Program Files (x86)\Vuze
2012-04-28 03:38 - 2012-04-28 03:37 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E6872542-D5F7-47CE-BD23-36F9DCF97098}
2012-04-28 03:37 - 2012-04-28 03:37 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{108705A9-1A2B-48C7-8C74-AAABD8AC6BD9}
2012-04-28 03:33 - 2012-04-28 03:33 - 0795425 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_04_33_50.dmp
2012-04-28 03:33 - 2012-04-28 03:33 - 0792123 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_04_33_41.dmp
2012-04-28 03:33 - 2012-04-28 03:33 - 0784934 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_28_04_33_27.dmp
2012-04-27 17:59 - 2012-04-27 17:59 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{FB38EC1A-6AB6-4353-B878-388C7ADE7B96}
2012-04-27 17:59 - 2012-04-27 17:59 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1F3721B6-A781-472F-83C7-9D27CBB578F9}
2012-04-27 17:57 - 2012-04-27 17:57 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C5188DF6-F7BA-4E8B-8821-A60698DA82CB}
2012-04-27 17:57 - 2012-04-27 17:57 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B426DF39-4D50-4388-BE99-03CF16ED7379}
2012-04-27 17:39 - 2012-04-27 17:39 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3E7DAE22-3ED5-4B4E-AF3E-EB59A4DFF1BC}
2012-04-27 17:39 - 2012-04-27 17:39 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2D581EFE-4700-4CAA-9158-676BD12A40AB}
2012-04-27 15:33 - 2012-04-27 15:33 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D4BAF2C8-0F63-4CF9-97D4-1876CC0AED1E}
2012-04-27 15:33 - 2012-04-27 15:33 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{41F2DFE5-C6A2-421C-9EB2-3BDF470232C5}
2012-04-27 15:30 - 2012-04-27 15:30 - 0787218 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_30_27.dmp
2012-04-27 15:30 - 2012-04-27 15:30 - 0785538 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_30_53.dmp
2012-04-27 15:30 - 2012-04-27 15:30 - 0779102 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_30_45.dmp
2012-04-27 15:21 - 2012-04-27 15:21 - 0790918 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_21_45.dmp
2012-04-27 15:21 - 2012-04-27 15:21 - 0785328 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_21_24.dmp
2012-04-27 15:21 - 2012-04-27 15:21 - 0777732 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_16_21_53.dmp
2012-04-27 13:54 - 2012-04-27 13:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A8FEA25A-B4C5-4029-BA6D-14B2BA8B80F9}
2012-04-27 13:54 - 2012-04-27 13:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5B1EEF44-10B1-4D58-AE44-908835AA8397}
2012-04-27 13:05 - 2012-04-27 13:04 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CD6A5E9D-A60B-4FF1-ACD4-A961812B18B6}
2012-04-27 13:04 - 2012-04-27 13:04 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8ED8CBAA-63EE-423E-B9A1-5526E88DE3A4}
2012-04-27 13:02 - 2012-04-27 13:02 - 0787169 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_14_02_33.dmp
2012-04-27 13:02 - 2012-04-27 13:02 - 0783207 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_14_02_22.dmp
2012-04-27 13:02 - 2012-04-27 13:02 - 0779859 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_14_02_03.dmp
2012-04-27 05:51 - 2012-04-27 05:51 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{95DFD585-DA13-428F-B394-2688CBAA8F88}
2012-04-27 05:51 - 2012-04-27 05:51 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{51E57184-713E-4E71-A8A2-1BA267E61EBD}
2012-04-27 05:46 - 2012-04-27 05:46 - 0792164 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_06_46_43.dmp
2012-04-27 05:46 - 2012-04-27 05:46 - 0790641 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_06_46_29.dmp
2012-04-27 05:46 - 2012-04-27 05:46 - 0789770 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_06_46_51.dmp
2012-04-27 03:16 - 2012-04-27 03:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5DFEB043-46D2-4D8D-9863-77F088DA354A}
2012-04-27 03:16 - 2012-04-27 03:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D4FAEB01-F5EC-48DC-B88B-D0B90E307E26}
2012-04-27 03:13 - 2012-04-27 03:13 - 0795327 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_04_13_37.dmp
2012-04-27 03:13 - 2012-04-27 03:13 - 0792593 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_04_13_23.dmp
2012-04-27 03:13 - 2012-04-27 03:13 - 0789476 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_27_04_13_47.dmp
2012-04-27 03:13 - 2009-12-22 10:54 - 0000000 ___HD C:\users\pcwt5
2012-04-27 00:08 - 2009-12-22 10:54 - 0000000 ___HD C:\Users\pcwt5\AppData\LocalLow
2012-04-26 23:52 - 2012-04-26 23:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DFE1E5DF-D3A5-4447-8C60-F843DF81158C}
2012-04-26 23:52 - 2012-04-26 23:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{55DA07C6-E1F0-4E99-8DCC-132FB5D09D4A}
2012-04-26 21:58 - 2012-04-26 21:57 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{424DACEE-60F0-4829-B2C9-840C98C7738C}
2012-04-26 21:57 - 2012-04-26 21:57 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C1C7A6EC-701E-41CC-88A1-162ACB714D1E}
2012-04-26 21:54 - 2012-04-26 21:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{7505BF48-DE75-4B24-A3D1-8C66AE470666}
2012-04-26 21:54 - 2012-04-26 21:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{04D8B1B1-16C2-4C26-BB7D-E457CA34D198}
2012-04-26 21:52 - 2012-04-26 21:52 - 0787727 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_22_52_25.dmp
2012-04-26 21:52 - 2012-04-26 21:52 - 0787204 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_22_52_16.dmp
2012-04-26 21:51 - 2012-04-26 21:51 - 0785994 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_22_51_59.dmp
2012-04-26 15:25 - 2012-04-26 15:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CA922E3E-9C56-4BFD-B052-034CAB5CA1CE}
2012-04-26 15:25 - 2012-04-26 15:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{46A188E6-A9CD-4819-A40B-588063915CE9}
2012-04-26 13:01 - 2012-04-26 13:00 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0A9DAF1E-4D2B-4AFE-BB38-015559D64F2E}
2012-04-26 13:00 - 2012-04-26 13:00 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DCFAB97E-8821-465F-BB25-0E5C25000104}
2012-04-26 12:58 - 2012-04-26 12:58 - 0791752 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_13_58_14.dmp
2012-04-26 12:58 - 2012-04-26 12:58 - 0789490 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_13_58_05.dmp
2012-04-26 12:57 - 2012-04-26 12:57 - 0781966 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_13_57_48.dmp
2012-04-26 01:30 - 2012-04-26 01:29 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8A7C4930-DF62-4A1E-BE63-18DA113D706E}
2012-04-26 01:29 - 2012-04-26 01:29 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B207130E-BE6F-4F84-99EC-D00D0D36EAD2}
2012-04-26 00:48 - 2012-04-26 00:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A4EA1576-8793-4475-A05B-C42EB59C6489}
2012-04-26 00:48 - 2012-04-26 00:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{20612B03-EF2B-4E63-A563-1E1CFFCBDE4A}
2012-04-26 00:08 - 2009-12-22 10:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\VirtualStore
2012-04-26 00:07 - 2012-04-26 00:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{859EAD84-BF9A-443F-8086-6AD1B44038D4}
2012-04-26 00:06 - 2012-04-26 00:06 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{811A91E9-233A-4944-B2E8-103A75AF0BB7}
2012-04-26 00:04 - 2012-04-26 00:04 - 0782730 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_01_04_01.dmp
2012-04-26 00:03 - 2012-04-26 00:03 - 0811648 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_01_03_33.dmp
2012-04-26 00:03 - 2012-04-26 00:03 - 0789468 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_26_01_03_53.dmp
2012-04-25 15:38 - 2012-04-25 15:38 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D1CA7815-275C-4288-8C42-5DAD0D8A3F3D}
2012-04-25 15:16 - 2012-04-25 15:16 - 0004996 ___AH C:\Users\pcwt5\Downloads\Wind Tool - Vessel Version_2.xls.crdownload
2012-04-25 15:15 - 2012-04-25 15:15 - 0007922 ___AH C:\Users\pcwt5\Downloads\convert.zip.crdownload
2012-04-25 13:22 - 2012-04-25 13:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B4B205DC-3D03-4B8F-BBDA-66795296BF89}
2012-04-25 13:22 - 2012-04-25 13:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{33D6AC9C-7D95-4B5B-95C5-5BBE9475A908}
2012-04-25 13:12 - 2012-04-25 13:12 - 0795818 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_14_12_14.dmp
2012-04-25 13:12 - 2012-04-25 13:12 - 0785146 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_14_12_21.dmp
2012-04-25 13:11 - 2012-04-25 13:11 - 0794921 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_14_11_58.dmp
2012-04-24 23:59 - 2012-04-24 23:58 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D097A033-CFCB-4251-8AEE-22FAF638C6F2}
2012-04-24 23:58 - 2012-04-24 23:56 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E83F3566-3329-492C-9ED5-A2516B66BE04}
2012-04-24 23:54 - 2012-04-24 23:54 - 0794217 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_00_54_13.dmp
2012-04-24 23:54 - 2012-04-24 23:54 - 0782380 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_00_54_20.dmp
2012-04-24 23:53 - 2012-04-24 23:53 - 0781083 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_25_00_53_54.dmp
2012-04-24 13:48 - 2012-04-24 13:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4D5E7009-355F-4DC5-9B62-34906DC4B5E2}
2012-04-24 13:48 - 2012-04-24 13:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{32B105ED-CE6C-4BF2-AD4D-09A76BFEC0B6}
2012-04-24 13:48 - 2011-01-02 18:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Windows Live
2012-04-24 13:43 - 2012-04-24 13:43 - 0800330 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_24_14_43_53.dmp
2012-04-24 13:43 - 2012-04-24 13:43 - 0789013 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_24_14_43_44.dmp
2012-04-24 13:43 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\config\TxR
2012-04-24 13:42 - 2012-04-24 13:42 - 0792872 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_24_14_42_51.dmp
2012-04-24 13:40 - 2012-02-23 22:09 - 0000000 ___HD C:\Users\pcwt5\Documents\Audible
2012-04-24 13:40 - 2012-02-09 16:02 - 0000000 ___HD C:\Users\pcwt5\Downloads\Autoruns
2012-04-24 13:40 - 2012-02-09 00:09 - 0000000 ___HD C:\Users\pcwt5\template fresh from zip
2012-04-24 13:40 - 2012-01-26 20:42 - 0000000 ___HD C:\Users\pcwt5\Downloads\js
2012-04-24 13:40 - 2012-01-24 00:32 - 0000000 ___HD C:\Users\pcwt5\Flash Template
2012-04-24 13:40 - 2011-12-28 04:34 - 0000000 ____D C:\users\Guest
2012-04-24 13:40 - 2011-11-22 15:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Samsung
2012-04-24 13:40 - 2011-11-01 22:16 - 0000000 ___HD C:\Users\Public\Documents\backups
2012-04-24 13:40 - 2011-10-17 23:59 - 0000000 ____D C:\Windows\en
2012-04-24 13:40 - 2011-10-11 13:36 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Vivox
2012-04-24 13:40 - 2011-09-20 16:46 - 0000000 ___HD C:\Users\pcwt5\New San Agustin Website
2012-04-24 13:40 - 2011-09-14 02:21 - 0000000 ___HD C:\Users\Public\Downloads\Norton
2012-04-24 13:40 - 2011-07-02 00:04 - 0000000 ___HD C:\Users\pcwt5\Downloads\html-contact-form-captcha
2012-04-24 13:40 - 2011-07-01 04:05 - 0000000 ___HD C:\Users\pcwt5\Downloads\PHPContactForm
2012-04-24 13:40 - 2011-06-17 02:30 - 0000000 ___HD C:\Users\pcwt5\Downloads\DiskScrubber
2012-04-24 13:40 - 2011-05-22 19:23 - 0000000 ___HD C:\Users\pcwt5\Downloads\[ www.TorrentDay.com ] - Doctor_Who_2005.6x04.The_Doctors_Wife.HDTV_XviD-FoV
2012-04-24 13:40 - 2011-05-08 19:19 - 0000000 ___HD C:\Users\Public\Downloads\Doctor who s06e03
2012-04-24 13:40 - 2011-04-12 04:35 - 0000000 ___HD C:\Users\pcwt5\Downloads\winzip80
2012-04-24 13:40 - 2011-04-08 03:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\dvdcss
2012-04-24 13:40 - 2011-03-25 17:30 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\AVG10
2012-04-24 13:40 - 2011-03-07 02:24 - 0000000 ___HD C:\Users\pcwt5\GSMS-content
2012-04-24 13:40 - 2011-02-18 00:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Iceni
2012-04-24 13:40 - 2011-02-05 22:53 - 0000000 ___HD C:\VueScan
2012-04-24 13:40 - 2011-02-05 22:24 - 0000000 ___HD C:\Users\pcwt5\Downloads\S3317enx
2012-04-24 13:40 - 2011-01-19 04:41 - 0000000 ___HD C:\Users\pcwt5\Documents\Unnamed Site 2
2012-04-24 13:40 - 2011-01-09 04:52 - 0000000 ___HD C:\Users\Public\Downloads\wall street subs
2012-04-24 13:40 - 2010-12-31 20:55 - 0000000 ___HD C:\Users\pcwt5\Documents\FFOutput
2012-04-24 13:40 - 2010-12-31 19:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\vlc
2012-04-24 13:40 - 2010-12-31 02:42 - 0000000 ___HD C:\Users\Public\Downloads\VirtualDub-1.9.11
2012-04-24 13:40 - 2010-12-31 02:39 - 0000000 ___HD C:\Users\pcwt5\VobSub
2012-04-24 13:40 - 2010-12-31 02:32 - 0000000 ___HD C:\Users\Public\Downloads\VobSub_2-23
2012-04-24 13:40 - 2010-12-31 00:06 - 0000000 ___HD C:\Users\Public\Downloads\ffdshow-rev3562_20100907
2012-04-24 13:40 - 2010-12-30 17:48 - 0000000 ___HD C:\Users\Public\Downloads\Inception.DVDRiP.XviD-ARROW
2012-04-24 13:40 - 2010-12-29 06:21 - 0000000 ___HD C:\Users\Public\Downloads\SE30Setup
2012-04-24 13:40 - 2010-12-26 04:35 - 0000000 ___HD C:\Users\Public\Downloads\3ivx_MPEG-4_502_trial_win
2012-04-24 13:40 - 2010-12-25 22:53 - 0000000 ___HD C:\users\Mcx1-PCWT5-VAIO
2012-04-24 13:40 - 2010-11-25 03:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Unity
2012-04-24 13:40 - 2010-09-09 04:11 - 0000000 ___SD C:\Users\pcwt5\Documents\My Data Sources
2012-04-24 13:40 - 2010-08-31 16:31 - 0000000 ___HD C:\Users\pcwt5\Documents\My Received Files
2012-04-24 13:40 - 2010-08-19 02:49 - 0000000 ___HD C:\Users\pcwt5\Downloads\PeerBlock_r162__x64_Release_(Vista)
2012-04-24 13:40 - 2010-06-11 16:58 - 0000000 ___HD C:\Users\pcwt5\Downloads\Photoshop CS4
2012-04-24 13:40 - 2010-04-17 05:33 - 0000000 ___HD C:\Users\pcwt5\Downloads\Pazera_Free_MP4_to_AVI_Converter
2012-04-24 13:40 - 2010-01-10 15:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\ArcSoft
2012-04-24 13:40 - 2009-12-22 10:56 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Sony_Corporation
2012-04-24 13:40 - 2009-12-22 10:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Sony Corporation
2012-04-24 13:39 - 2012-02-23 22:09 - 0000000 ___HD C:\Program Files (x86)\Audible
2012-04-24 13:39 - 2012-02-05 08:29 - 0000000 ___HD C:\MGtools
2012-04-24 13:39 - 2012-02-05 06:08 - 0000000 ___HD C:\ComboFix
2012-04-24 13:39 - 2012-02-05 04:59 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-24 13:39 - 2011-09-25 02:02 - 0000000 ___HD C:\Users\pcwt5\.swt
2012-04-24 13:39 - 2011-08-28 02:12 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Conduit
2012-04-24 13:39 - 2011-07-13 20:30 - 0000000 ____D C:\Program Files\Soluto
2012-04-24 13:39 - 2011-04-12 18:17 - 0000000 ___HD C:\Users\pcwt5\Apartments in Queretaro
2012-04-24 13:39 - 2011-03-07 02:28 - 0000000 ___HD C:\Smsltd
2012-04-24 13:39 - 2011-03-07 00:01 - 0000000 ___HD C:\Users\All Users\EPSON
2012-04-24 13:39 - 2011-03-07 00:01 - 0000000 ___HD C:\ProgramData\EPSON
2012-04-24 13:39 - 2011-02-16 06:12 - 0000000 ____D C:\Program Files\Windows Live
2012-04-24 13:39 - 2011-02-07 08:04 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Downloaded Installations
2012-04-24 13:39 - 2011-02-06 20:45 - 0000000 ___HD C:\Users\All Users\Norton
2012-04-24 13:39 - 2011-02-06 20:45 - 0000000 ___HD C:\ProgramData\Norton
2012-04-24 13:39 - 2011-01-01 23:40 - 0000000 ___HD C:\Program Files (x86)\PixiePack Codec Pack
2012-04-24 13:39 - 2011-01-01 23:38 - 0000000 ___HD C:\Users\All Users\RapidSolution
2012-04-24 13:39 - 2011-01-01 23:38 - 0000000 ___HD C:\ProgramData\RapidSolution
2012-04-24 13:39 - 2010-12-26 04:18 - 0000000 ___HD C:\New folder
2012-04-24 13:39 - 2010-12-25 22:54 - 0000000 ___HD C:\Users\Mcx1-PCWT5-VAIO\AppData\Roaming\Sony Corporation
2012-04-24 13:39 - 2010-12-25 21:02 - 0000000 ___HD C:\Expat Shield
2012-04-24 13:39 - 2010-09-08 17:08 - 0000000 ___HD C:\Program Files (x86)\Simpo PDF Creator Lite
2012-04-24 13:39 - 2010-06-12 00:41 - 0000000 ___HD C:\Users\All Users\FLEXnet
2012-04-24 13:39 - 2010-06-12 00:41 - 0000000 ___HD C:\ProgramData\FLEXnet
2012-04-24 13:39 - 2010-04-26 15:45 - 0000000 ___HD C:\Users\All Users\WebEx
2012-04-24 13:39 - 2010-04-26 15:45 - 0000000 ___HD C:\ProgramData\WebEx
2012-04-24 13:39 - 2010-04-16 15:44 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Microsoft Help
2012-04-24 13:39 - 2010-04-06 04:36 - 0000000 ___HD C:\Users\All Users\Real
2012-04-24 13:39 - 2010-04-06 04:36 - 0000000 ___HD C:\ProgramData\Real
2012-04-24 13:39 - 2009-12-03 02:08 - 0000000 ____D C:\Program Files (x86)\Windows Live
2012-04-24 13:39 - 2009-12-03 01:36 - 0000000 ___HD C:\Users\All Users\Google
2012-04-24 13:39 - 2009-12-03 01:36 - 0000000 ___HD C:\ProgramData\Google
2012-04-24 13:39 - 2009-12-03 01:35 - 0000000 ___HD C:\SPLASH.SYS
2012-04-24 13:39 - 2009-08-17 23:14 - 0000000 ___HD C:\Users\All Users\Sony Corporation
2012-04-24 13:39 - 2009-08-17 23:14 - 0000000 ___HD C:\ProgramData\Sony Corporation
2012-04-24 13:38 - 2012-04-24 06:46 - 0000000 ____D C:\Program Files (x86)\GridinSoft Trojan Killer
2012-04-24 13:38 - 2012-02-05 00:56 - 0000000 ___HD C:\__antimalware
2012-04-24 13:38 - 2011-01-12 00:50 - 0000000 ___HD C:\111
2012-04-24 13:34 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\registration
2012-04-24 13:33 - 2012-01-26 18:11 - 0000000 ___HD C:\Users\pcwt5\template7
2012-04-24 13:33 - 2012-01-24 00:33 - 0000000 ___HD C:\Users\pcwt5\template7 that works
2012-04-24 13:33 - 2011-01-01 23:34 - 0000000 ___HD C:\Users\Public\Downloads\Tunebite
2012-04-24 13:33 - 2009-07-14 03:20 - 0000000 __RHD C:\users\Public
2012-04-24 13:32 - 2011-07-28 21:37 - 0000000 ___HD C:\Users\pcwt5\Mark Stockwell Osteopathy - Copy
2012-04-24 13:32 - 2011-07-27 22:00 - 0000000 ___HD C:\Users\pcwt5\Mark Stockwell Osteopathy
2012-04-24 13:32 - 2011-02-05 22:24 - 0000000 ___HD C:\Users\pcwt5\Downloads\S14l_en
2012-04-24 13:32 - 2010-05-15 00:34 - 0000000 ___HD C:\Users\pcwt5\Downloads\Removable Disk
2012-04-24 13:31 - 2011-02-05 22:39 - 0000000 ___HD C:\Users\pcwt5\Downloads\lide20lide30n670un676un1240uvst7031a_xpen
2012-04-24 13:27 - 2010-06-26 06:21 - 0000000 ___HD C:\Users\pcwt5\Documents\Downloaded Installations
2012-04-24 13:26 - 2012-02-05 05:00 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Malwarebytes
2012-04-24 13:26 - 2012-02-05 01:30 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\SUPERAntiSpyware.com
2012-04-24 13:26 - 2011-11-22 15:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Samsung
2012-04-24 13:26 - 2011-09-20 22:41 - 0000000 ___HD C:\Users\pcwt5\Desktop\Adobe CS3
2012-04-24 13:26 - 2011-04-14 18:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Trusteer
2012-04-24 13:26 - 2011-01-01 23:34 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\RapidSolution
2012-04-24 13:26 - 2010-12-26 05:13 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2012-04-24 13:26 - 2010-06-25 23:34 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Xenocode
2012-04-24 13:26 - 2010-05-12 13:30 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Trusteer
2012-04-24 13:26 - 2010-04-06 04:36 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Real
2012-04-24 13:26 - 2010-03-27 08:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Macromedia
2012-04-24 13:22 - 2012-03-22 00:32 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Babylon
2012-04-24 13:22 - 2012-01-26 19:59 - 0000000 ___HD C:\Users\pcwt5\__Flash Template
2012-04-24 13:22 - 2011-02-18 00:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Iceni
2012-04-24 13:22 - 2011-02-07 08:32 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Bluebeam Software
2012-04-24 13:22 - 2010-04-16 16:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Apps\2.0
2012-04-24 13:22 - 2010-03-27 04:44 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Microsoft Games
2012-04-24 13:22 - 2009-12-22 17:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\Google
2012-04-24 13:21 - 2012-02-05 06:06 - 0000000 ___HD C:\Qoobox
2012-04-24 13:21 - 2012-01-26 17:50 - 0000000 ___HD C:\template7
2012-04-24 13:21 - 2012-01-26 14:53 - 0000000 ___HD C:\template
2012-04-24 13:21 - 2011-06-14 21:00 - 0000000 ___HD C:\Users\Kev\AppData\LocalLow
2012-04-24 13:21 - 2011-06-14 21:00 - 0000000 ___HD C:\users\Kev
2012-04-24 13:21 - 2010-12-30 23:17 - 0000000 ___HD C:\Users\All Users\TVersity
2012-04-24 13:21 - 2010-12-30 23:17 - 0000000 ___HD C:\ProgramData\TVersity
2012-04-24 13:21 - 2010-12-25 22:53 - 0000000 ___HD C:\Users\Mcx1-PCWT5-VAIO\AppData\Roaming\Trusteer
2012-04-24 13:21 - 2010-12-25 22:53 - 0000000 ___HD C:\Users\Mcx1-PCWT5-VAIO\AppData\Roaming\Macromedia
2012-04-24 13:21 - 2009-12-03 01:58 - 0000000 ___HD C:\Users\All Users\Uninstall
2012-04-24 13:21 - 2009-12-03 01:58 - 0000000 ___HD C:\ProgramData\Uninstall
2012-04-24 13:20 - 2012-02-05 04:59 - 0000000 ___HD C:\Users\All Users\Malwarebytes
2012-04-24 13:20 - 2012-02-05 04:59 - 0000000 ___HD C:\ProgramData\Malwarebytes
2012-04-24 13:20 - 2011-12-28 02:35 - 0000000 ___HD C:\Users\All Users\Apple Computer
2012-04-24 13:20 - 2011-12-28 02:35 - 0000000 ___HD C:\ProgramData\Apple Computer
2012-04-24 13:20 - 2011-12-28 02:31 - 0000000 ___HD C:\Users\All Users\Apple
2012-04-24 13:20 - 2011-12-28 02:31 - 0000000 ___HD C:\ProgramData\Apple
2012-04-24 13:20 - 2011-05-17 18:40 - 0000000 ___HD C:\Users\All Users\Skype Extras
2012-04-24 13:20 - 2011-05-17 18:40 - 0000000 ___HD C:\ProgramData\Skype Extras
2012-04-24 13:20 - 2011-03-08 13:59 - 0000000 ___HD C:\Users\All Users\Soluto
2012-04-24 13:20 - 2011-03-08 13:59 - 0000000 ___HD C:\ProgramData\Soluto
2012-04-24 13:20 - 2011-02-18 00:48 - 0000000 ___HD C:\Users\All Users\Aspell
2012-04-24 13:20 - 2011-02-18 00:48 - 0000000 ___HD C:\ProgramData\Aspell
2012-04-24 13:20 - 2011-02-07 08:05 - 0000000 ___HD C:\Users\All Users\Bluebeam Software
2012-04-24 13:20 - 2011-02-07 08:05 - 0000000 ___HD C:\ProgramData\Bluebeam Software
2012-04-24 13:20 - 2010-11-12 23:20 - 0000000 ___HD C:\Users\All Users\Lavasoft
2012-04-24 13:20 - 2010-11-12 23:20 - 0000000 ___HD C:\ProgramData\Lavasoft
2012-04-24 13:20 - 2010-10-29 13:01 - 0000000 ___HD C:\Users\All Users\MFAData
2012-04-24 13:20 - 2010-10-29 13:01 - 0000000 ___HD C:\ProgramData\MFAData
2012-04-24 13:20 - 2010-05-12 13:26 - 0000000 ___HD C:\Users\All Users\Trusteer
2012-04-24 13:20 - 2010-05-12 13:26 - 0000000 ___HD C:\ProgramData\Trusteer
2012-04-24 13:20 - 2010-01-10 15:28 - 0000000 ___HD C:\Users\All Users\ArcSoft
2012-04-24 13:20 - 2010-01-10 15:28 - 0000000 ___HD C:\ProgramData\ArcSoft
2012-04-24 13:20 - 2009-12-03 01:58 - 0000000 ___HD C:\Users\All Users\Skype
2012-04-24 13:20 - 2009-12-03 01:58 - 0000000 ___HD C:\ProgramData\Skype
2012-04-24 13:20 - 2009-12-03 01:57 - 0000000 ___HD C:\Users\All Users\Symantec
2012-04-24 13:20 - 2009-12-03 01:57 - 0000000 ___HD C:\ProgramData\Symantec
2012-04-24 13:20 - 2009-12-03 01:38 - 0000000 ___HD C:\Users\All Users\McAfee
2012-04-24 13:20 - 2009-12-03 01:38 - 0000000 ___HD C:\ProgramData\McAfee
2012-04-24 13:19 - 2011-09-04 04:30 - 0000000 ___HD C:\Prey
2012-04-24 13:19 - 2010-09-21 17:43 - 0000000 ___HD C:\Output
2012-04-24 13:18 - 2012-02-05 07:53 - 0000000 ___HD C:\$RECYCLE.BIN
2012-04-24 13:18 - 2011-03-07 02:30 - 0000000 ___HD C:\Common
2012-04-24 13:18 - 2010-05-28 16:09 - 0000000 ___HD C:\_Java
2012-04-24 13:18 - 2010-05-28 14:10 - 0000000 ___HD C:\JBilling
2012-04-24 06:27 - 2012-04-24 06:27 - 0000256 ___AH C:\Users\All Users\iK09Ukc2QUuHdc
2012-04-24 06:27 - 2012-04-24 06:27 - 0000256 ___AH C:\ProgramData\iK09Ukc2QUuHdc
2012-04-24 06:27 - 2012-04-24 06:27 - 0000176 ___AH C:\Users\All Users\-iK09Ukc2QUuHdcr
2012-04-24 06:27 - 2012-04-24 06:27 - 0000176 ___AH C:\ProgramData\-iK09Ukc2QUuHdcr
2012-04-24 06:27 - 2012-04-24 06:27 - 0000000 ___AH C:\Users\All Users\-iK09Ukc2QUuHdc
2012-04-24 06:27 - 2012-04-24 06:27 - 0000000 ___AH C:\ProgramData\-iK09Ukc2QUuHdc
2012-04-24 06:18 - 2012-04-24 06:18 - 0000256 ___AH C:\Users\All Users\xNrcacGalCqvsv
2012-04-24 06:18 - 2012-04-24 06:18 - 0000256 ___AH C:\ProgramData\xNrcacGalCqvsv
2012-04-24 06:18 - 2012-04-24 06:18 - 0000176 ___AH C:\Users\All Users\-xNrcacGalCqvsvr
2012-04-24 06:18 - 2012-04-24 06:18 - 0000176 ___AH C:\ProgramData\-xNrcacGalCqvsvr
2012-04-24 06:18 - 2012-04-24 06:18 - 0000000 ___AH C:\Users\All Users\-xNrcacGalCqvsv
2012-04-24 06:18 - 2012-04-24 06:18 - 0000000 ___AH C:\ProgramData\-xNrcacGalCqvsv
2012-04-24 03:24 - 2012-04-24 03:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{97F48C24-A033-46DC-9CD8-ADCC8147FF21}
2012-04-24 03:24 - 2012-04-24 03:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{43AE9C61-05DE-4C91-853E-302F29661CCA}
2012-04-24 03:24 - 2012-04-24 03:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C219EA38-300B-49BB-8F6F-9EC74DAB2307}
2012-04-24 03:23 - 2012-04-24 03:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{52996862-9F5F-4364-8E7A-2B9AF6018770}
2012-04-23 15:23 - 2012-04-23 15:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{69164B96-39E7-4A76-80E2-026A0B147615}
2012-04-23 15:23 - 2012-04-23 15:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D6077CBC-A654-41DA-994E-592FD328ED83}
2012-04-23 03:22 - 2012-04-23 03:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{89D02B0C-C3DD-486B-A895-D2945C76DED4}
2012-04-23 03:22 - 2012-04-23 03:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{735FDAC4-2A2C-43EE-BA84-7A7399097F23}
2012-04-23 03:22 - 2012-04-23 03:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{288B7964-2EFA-43AF-93CA-28D15B4C3392}
2012-04-23 03:22 - 2012-04-23 03:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{29FF4DF6-8736-4AE0-AD15-062A7F1A748E}
2012-04-22 15:21 - 2012-04-22 15:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C56441E2-8276-4920-85FB-0D31FD66FBD7}
2012-04-22 15:21 - 2012-04-22 15:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{722040FF-6460-45D1-8E32-7894DF0D9CCD}
2012-04-21 16:29 - 2012-04-21 16:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{199DE0D8-5874-43F0-8F47-76CBE3BACD1E}
2012-04-21 16:28 - 2012-04-21 16:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5442258D-A63F-4949-8E15-DA761F238855}
2012-04-21 01:18 - 2012-04-21 01:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A4934BAF-31E7-4B74-B910-8AD120F4EC23}
2012-04-21 01:18 - 2012-04-21 01:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A1F149BD-6A28-4455-8460-7D1187E091F4}
2012-04-20 13:17 - 2012-04-20 13:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4EA12E26-5A23-4697-A9EB-879467545178}
2012-04-20 13:17 - 2012-04-20 13:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{560730B6-ED93-48C1-ACE3-3594F6D781BD}
2012-04-20 07:57 - 2011-05-10 07:07 - 0002641 ___AH C:\Users\pcwt5\.xmlcopyeditor
2012-04-19 22:29 - 2012-04-19 22:29 - 0021901 ___AH C:\Users\pcwt5\Downloads\apm495.zip
2012-04-19 22:25 - 2012-04-19 22:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BF1DE36E-7F1C-45D1-839B-63F88C58528A}
2012-04-19 22:25 - 2012-04-19 22:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{91295554-F56C-4BE5-91FA-6C404F8567E2}
2012-04-19 22:12 - 2009-12-03 01:33 - 0041949 ____A C:\Windows\DirectX.log
2012-04-19 22:02 - 2012-04-19 22:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BF156C13-8B85-4654-A790-6F4D5A5C13C7}
2012-04-19 22:02 - 2012-04-19 22:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{44C99892-68F9-4F98-83B7-D0B80B3F3FE1}
2012-04-19 21:57 - 2012-04-19 21:57 - 0784965 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_22_57_32.dmp
2012-04-19 21:57 - 2012-04-19 21:57 - 0780438 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_22_57_00.dmp
2012-04-19 21:57 - 2012-04-19 21:57 - 0778389 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_22_57_24.dmp
2012-04-19 21:38 - 2012-04-19 21:38 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D43A8419-CABA-4A29-A1BC-CA0E948AD6ED}
2012-04-19 21:38 - 2012-04-19 21:38 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0CB1BC80-E6B3-46D1-9779-C0996C454200}
2012-04-19 21:36 - 2012-04-19 21:36 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{18FF0A2E-8C82-42A7-BE9E-70AE7A2E5A04}
2012-04-19 21:36 - 2012-04-19 21:36 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{08F5D69C-7901-4EA1-98F6-430B2A2A0090}
2012-04-19 16:29 - 2012-04-19 16:29 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{22374D4D-7C80-4349-A0B0-810A102FBAA4}
2012-04-19 16:29 - 2012-04-19 16:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8DC38F73-3245-4E8C-8520-8EA3D8E01718}
2012-04-19 16:05 - 2012-04-19 16:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CE54D447-7509-4B67-B89D-02B40C894469}
2012-04-19 16:05 - 2012-04-19 16:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{57DE47CF-F98C-410A-ADE5-621D3CCF8804}
2012-04-19 13:52 - 2012-04-19 13:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{70D9BC37-A4C0-4621-81EA-BE7152FC10BA}
2012-04-19 13:52 - 2012-04-19 13:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1F8F429B-0543-4311-944D-FC66DFFC77CA}
2012-04-19 13:28 - 2012-04-19 13:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{61C5B988-DA83-4CFF-9CF7-E85D312B28C1}
2012-04-19 13:27 - 2012-04-19 13:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BDAE4FCC-714F-4B4C-A51F-E76F39F072C2}
2012-04-19 13:24 - 2012-04-19 13:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{03C8D5CD-2DCF-4CD6-9B0E-337EC43B7D4B}
2012-04-19 13:23 - 2012-04-19 13:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D9C5E915-63DA-4DFF-BCD0-B801B13F1323}
2012-04-19 13:22 - 2012-04-19 13:22 - 0796352 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_14_22_35.dmp
2012-04-19 13:22 - 2012-04-19 13:22 - 0790945 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_14_22_49.dmp
2012-04-19 13:20 - 2012-04-19 13:20 - 0784984 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_14_20_26.dmp
2012-04-19 02:45 - 2012-04-19 02:45 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E2678831-FABB-4C75-A42E-7102B09F3A98}
2012-04-19 02:45 - 2012-04-19 02:44 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{82BBDDD2-A80A-4DD3-9255-AA985EEB91B6}
2012-04-19 02:44 - 2012-04-19 02:44 - 0790586 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_03_44_02.dmp
2012-04-19 02:43 - 2012-04-19 02:43 - 0784060 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_03_43_47.dmp
2012-04-19 02:42 - 2012-04-19 02:42 - 0786154 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_19_03_42_09.dmp
2012-04-19 00:55 - 2012-04-19 00:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DA57205D-14AF-4E5A-8696-15769F382670}
2012-04-19 00:55 - 2012-04-19 00:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A53C9D78-AF14-4259-9481-FE19169F680A}
2012-04-18 23:19 - 2012-04-18 23:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{FA0BE2EC-3860-4287-9113-6F7A1E2785A5}
2012-04-18 23:19 - 2012-04-18 23:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1580ED82-76E1-4691-9FF8-0BDDDA1B5E38}
2012-04-18 22:40 - 2010-05-15 00:37 - 0000000 ___HD C:\Users\All Users\Roxio
2012-04-18 22:40 - 2010-05-15 00:37 - 0000000 ___HD C:\ProgramData\Roxio
2012-04-18 22:26 - 2012-04-18 22:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1B0B7B5F-8DDB-485F-8E1C-5FFE30CDCE10}
2012-04-18 22:26 - 2012-04-18 22:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{434C05BB-2966-4200-9BE4-7A2EB7C036FA}
2012-04-18 22:23 - 2012-04-18 22:23 - 0790901 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_23_23_33.dmp
2012-04-18 22:23 - 2012-04-18 22:23 - 0785757 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_23_23_09.dmp
2012-04-18 22:23 - 2012-04-18 22:23 - 0781542 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_23_23_42.dmp
2012-04-18 19:15 - 2012-04-18 19:11 - 11142912 ___AH C:\Users\pcwt5\Downloads\Adele_-_Someone_Like_You.pdf
2012-04-18 13:45 - 2012-04-18 13:45 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{87391CD7-E608-4341-BD74-FC3F999C0638}
2012-04-18 13:20 - 2012-04-18 13:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B1C53AB1-B108-4FFB-8701-E86449390611}
2012-04-18 13:20 - 2012-04-18 13:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A67D1F11-FE4B-4F67-9F70-666689508F63}
2012-04-18 13:16 - 2012-04-18 13:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{210A9212-1CB2-404E-95EB-A560BAA7E532}
2012-04-18 13:14 - 2012-04-18 13:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{58C575D5-4FC9-4DDA-BD09-3555E8BBE601}
2012-04-18 13:11 - 2012-04-18 13:11 - 0795388 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_14_11_43.dmp
2012-04-18 13:11 - 2012-04-18 13:11 - 0786984 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_14_11_35.dmp
2012-04-18 13:11 - 2012-04-18 13:11 - 0783674 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_14_11_13.dmp
2012-04-18 05:31 - 2012-04-18 05:31 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AD848781-E807-4088-9396-E91826AAD135}
2012-04-18 05:31 - 2012-04-18 05:31 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8C07C826-F6A0-485D-AFF7-1DF31D64F785}
2012-04-18 04:15 - 2012-04-18 04:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B2EFE5D9-FBB7-4843-8964-0FAB9F2822EE}
2012-04-18 04:14 - 2012-04-18 04:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C4398CE3-91B5-42FA-8050-FAB92BE703C5}
2012-04-18 04:10 - 2012-04-18 04:10 - 0791872 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_05_10_28.dmp
2012-04-18 04:10 - 2012-04-18 04:10 - 0788883 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_05_10_20.dmp
2012-04-18 04:10 - 2012-04-18 04:10 - 0783495 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_05_10_06.dmp
2012-04-18 03:26 - 2012-04-18 03:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C45CA3AA-5444-4611-AA4E-21287E16D560}
2012-04-18 03:26 - 2012-04-18 03:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{58B8A91A-DC0F-4FCF-9DAD-EB2B7AC1D5F5}
2012-04-17 23:54 - 2012-04-17 23:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F4A00506-46BF-43AC-8B61-71EDEDEBDAD2}
2012-04-17 23:54 - 2012-04-17 23:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F02C6E1F-1F2A-465D-B7E7-03190852C68F}
2012-04-17 23:50 - 2012-04-17 23:50 - 0785677 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_00_50_51.dmp
2012-04-17 23:50 - 2012-04-17 23:50 - 0784649 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_00_50_43.dmp
2012-04-17 23:50 - 2012-04-17 23:50 - 0781193 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_18_00_50_26.dmp
2012-04-17 14:49 - 2012-04-17 14:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3F96A602-47B6-4B85-BFBF-54550569C44C}
2012-04-17 14:49 - 2012-04-17 14:48 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{7EEA07A1-22C7-4BAE-926B-21AAFA611CFE}
2012-04-17 13:18 - 2012-04-17 13:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E18B719F-10C4-472B-9EFB-032FA7A63EFC}
2012-04-17 13:18 - 2012-04-17 13:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2DACD392-0E0F-4446-9FE2-96CDABD918EF}
2012-04-17 13:15 - 2012-04-17 13:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A32B6CDD-863D-40EE-95CB-33F06DEA0D44}
2012-04-17 13:15 - 2012-04-17 13:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F176C6E3-46CE-46A0-B510-7010FDD1DE4D}
2012-04-17 13:11 - 2012-04-17 13:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F3A19CE7-9943-44CF-832A-1FFCCC18FC72}
2012-04-17 13:10 - 2012-04-17 13:10 - 0787995 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_17_14_10_00.dmp
2012-04-17 13:10 - 2012-04-17 13:10 - 0786175 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_17_14_10_31.dmp
2012-04-17 13:10 - 2012-04-17 13:10 - 0785602 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_17_14_10_20.dmp
2012-04-17 05:50 - 2012-04-17 05:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E8001B5E-8B40-4597-9340-307654384186}
2012-04-17 05:49 - 2012-04-17 05:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{ABE57913-591E-46DF-AE23-7918AE6E8E39}
2012-04-16 14:03 - 2012-04-16 14:03 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1489A46E-E4A1-427A-92D0-021AAA7D907A}
2012-04-16 14:02 - 2012-04-16 14:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{45365696-A885-4A1D-8B86-829555F8F299}
2012-04-16 13:17 - 2012-04-16 13:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{94DFC8FC-ED4D-4BC1-BCC8-1EF65E016879}
2012-04-16 13:16 - 2012-04-16 13:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F0F60063-0DBF-4E48-B92E-348A294104CB}
2012-04-16 13:14 - 2012-04-16 13:14 - 0789595 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_16_14_14_30.dmp
2012-04-16 13:14 - 2012-04-16 13:14 - 0787549 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_16_14_14_11.dmp
2012-04-16 13:14 - 2012-04-16 13:14 - 0783185 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_16_14_14_40.dmp
2012-04-16 03:23 - 2012-04-16 03:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D4B70738-FE3E-4827-A789-AE711623858B}
2012-04-16 02:11 - 2012-04-16 02:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2CB0EE03-B12D-4BCB-9196-805CF535872F}
2012-04-16 02:10 - 2012-04-16 02:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{491945EF-E879-40B7-8EE8-AA17301D70F5}
2012-04-15 15:23 - 2012-04-15 15:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2748E8F8-0D87-4266-88FF-5921A7D0990A}
2012-04-15 15:22 - 2012-04-15 15:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{68CEE430-B38E-405B-8AC4-55A1C7B0C317}
2012-04-15 15:18 - 2012-04-15 15:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AF10622C-DBA9-48A2-B281-0572241D7946}
2012-04-15 15:17 - 2012-04-15 15:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5FF3E234-1531-4C6B-87EB-983894087982}
2012-04-15 15:15 - 2012-04-15 15:14 - 0779291 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_16_14_58.dmp
2012-04-15 15:14 - 2012-04-15 15:14 - 0785973 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_16_14_47.dmp
2012-04-15 15:14 - 2012-04-15 15:14 - 0782209 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_16_14_30.dmp
2012-04-15 06:50 - 2012-04-15 06:50 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E0D0AA84-6462-4F1B-A8D0-5574DFCF3007}
2012-04-15 06:50 - 2012-04-15 06:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1E0D43D8-1EC0-4E4F-9F63-3CEB28890198}
2012-04-15 03:49 - 2012-04-15 03:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9A484E71-F550-451B-A73B-E86739E27EBD}
2012-04-15 03:49 - 2012-04-15 03:49 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{67E0F8EA-7860-4AA6-8937-FE1DB5FCC905}
2012-04-15 03:46 - 2012-04-15 03:46 - 0790764 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_04_46_08.dmp
2012-04-15 03:46 - 2012-04-15 03:46 - 0783479 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_04_46_17.dmp
2012-04-15 03:45 - 2012-04-15 03:45 - 0778715 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_15_04_45_47.dmp
2012-04-14 17:42 - 2012-04-14 17:41 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CB7FE5B6-6AD3-4E38-B371-6894CE3B287D}
2012-04-14 17:41 - 2012-04-14 17:41 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{ABEBD130-82C7-4C49-A985-F3E48C1C6183}
2012-04-14 17:40 - 2012-04-14 17:40 - 0785641 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_18_40_24.dmp
2012-04-14 17:40 - 2012-04-14 17:40 - 0780846 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_18_40_35.dmp
2012-04-14 17:38 - 2012-04-14 17:38 - 0790272 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_18_38_41.dmp
2012-04-14 16:09 - 2012-04-14 16:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0FC923E6-D953-44D5-B39F-9FFDADC407A5}
2012-04-14 16:09 - 2012-04-14 16:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0B556D15-FD19-438D-8B94-6E6D61B41BCA}
2012-04-14 14:52 - 2012-04-14 14:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{72A92459-7926-4922-BF6B-4463F8F80DC0}
2012-04-14 14:52 - 2012-04-14 14:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5D47B65F-2F72-4B05-8D4D-48E8FD528978}
2012-04-14 14:25 - 2012-04-14 14:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{313F7EDF-4DF2-42A2-B895-0DA5AEDD31CC}
2012-04-14 14:23 - 2012-04-14 14:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{313D4C30-E78E-407A-920D-BBD688050117}
2012-04-14 14:19 - 2012-04-14 14:19 - 0787562 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_15_19_53.dmp
2012-04-14 14:19 - 2012-04-14 14:19 - 0787277 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_15_19_44.dmp
2012-04-14 14:19 - 2012-04-14 14:19 - 0784531 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_14_15_19_20.dmp
2012-04-14 05:22 - 2012-04-14 05:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BF521969-D467-4031-A912-F52C09F8BDB3}
2012-04-14 05:22 - 2012-04-14 05:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9840A383-5F1E-438D-9077-305671440D13}
2012-04-13 23:06 - 2012-04-13 23:06 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{81C5D2F1-0148-44C4-A76E-7C06AC1E192A}
2012-04-13 23:06 - 2012-04-13 23:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9606C1EB-455B-4263-8ACE-2469480A4E09}
2012-04-13 17:41 - 2012-04-13 17:41 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{653DD3B9-D5AD-4AE9-9636-7C8FF0016088}
2012-04-13 17:41 - 2012-04-13 17:41 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0067F58B-BB7D-4921-8415-A956CA5B91C2}
2012-04-13 17:36 - 2012-04-13 17:36 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F3965CFE-5CCE-438F-B5DF-B1439CF3E79B}
2012-04-13 17:36 - 2012-04-13 17:36 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A847926F-8746-4F4D-8509-DF3D811FD8C0}
2012-04-13 17:31 - 2012-04-13 17:31 - 0791681 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_18_31_00.dmp
2012-04-13 17:31 - 2012-04-13 17:31 - 0790237 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_18_31_08.dmp
2012-04-13 17:30 - 2012-04-13 17:30 - 0778717 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_18_30_39.dmp
2012-04-13 13:36 - 2012-04-13 13:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E4DF7679-72FF-4292-8A85-FEF50CE70334}
2012-04-13 13:34 - 2012-04-13 13:34 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{828CCF63-AD4B-49B0-B936-BA2B43234980}
2012-04-13 13:31 - 2012-04-13 13:31 - 0792463 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_14_31_13.dmp
2012-04-13 13:31 - 2012-04-13 13:31 - 0784531 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_14_31_21.dmp
2012-04-13 13:30 - 2012-04-13 13:30 - 0790106 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_14_30_54.dmp
2012-04-13 02:55 - 2012-04-13 02:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A4AB0C19-B51B-426E-83BB-08D24A444C79}
2012-04-13 02:30 - 2012-04-13 02:30 - 0785607 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_03_30_05.dmp
2012-04-13 02:29 - 2012-04-13 02:29 - 0791112 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_03_29_57.dmp
2012-04-13 02:29 - 2012-04-13 02:29 - 0783487 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_13_03_29_39.dmp
2012-04-12 22:51 - 2011-04-08 16:07 - 0000000 ___HD C:\Users\pcwt5\Documents\_BUY FLAT
2012-04-12 20:20 - 2012-04-12 20:20 - 0779458 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_21_20_07.dmp
2012-04-12 20:19 - 2012-04-12 20:19 - 0782612 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_21_19_57.dmp
2012-04-12 20:19 - 2012-04-12 20:19 - 0781808 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_21_19_42.dmp
2012-04-12 19:36 - 2012-04-12 19:36 - 0786966 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_20_36_26.dmp
2012-04-12 19:36 - 2012-04-12 19:36 - 0785453 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_20_36_36.dmp
2012-04-12 19:35 - 2012-04-12 19:35 - 0780589 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_20_35_14.dmp
2012-04-12 19:27 - 2009-07-14 05:13 - 0732510 ____A C:\Windows\System32\PerfStringBackup.INI
2012-04-12 19:25 - 2012-04-12 19:25 - 0000000 ____D C:\53d69b7d3999c7df3d785d5d
2012-04-12 19:25 - 2009-12-03 01:50 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-04-12 19:25 - 2009-12-03 01:50 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-04-12 19:17 - 2010-05-25 14:42 - 57249312 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-04-12 18:23 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\System32\NDF
2012-04-12 14:54 - 2012-04-12 14:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9BED58FD-B02C-4C85-8924-70F1E62D2FCD}
2012-04-12 14:08 - 2012-04-12 14:08 - 0792474 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_15_08_21.dmp
2012-04-12 14:08 - 2012-04-12 14:08 - 0784566 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_15_08_13.dmp
2012-04-12 14:08 - 2012-04-09 22:37 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-04-12 14:07 - 2012-04-12 14:07 - 0788513 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_15_07_57.dmp
2012-04-12 07:39 - 2012-04-12 07:39 - 3422506 ___AH C:\Users\pcwt5\Downloads\20120406_123023.jpg
2012-04-12 03:45 - 2012-04-12 03:45 - 0796109 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_45_01.dmp
2012-04-12 03:45 - 2012-04-12 03:45 - 0779361 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_45_16.dmp
2012-04-12 03:44 - 2012-04-12 03:44 - 0785387 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_44_10.dmp
2012-04-12 03:34 - 2012-04-12 03:34 - 0784170 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_34_50.dmp
2012-04-12 03:34 - 2012-04-12 03:34 - 0781696 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_34_22.dmp
2012-04-12 03:34 - 2012-04-12 03:34 - 0778844 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_04_34_41.dmp
2012-04-12 02:54 - 2012-04-12 02:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0A0DBCC2-1F4A-4CC9-B8A7-91036D32088E}
2012-04-12 02:48 - 2012-04-12 02:48 - 0791094 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_03_48_19.dmp
2012-04-12 02:48 - 2012-04-12 02:48 - 0786174 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_03_48_10.dmp
2012-04-12 02:47 - 2012-04-12 02:47 - 0786894 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_03_47_53.dmp
2012-04-11 23:40 - 2012-04-11 23:40 - 0791475 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_00_40_15.dmp
2012-04-11 23:40 - 2012-04-11 23:40 - 0783811 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_00_40_01.dmp
2012-04-11 23:38 - 2012-04-11 23:38 - 0788472 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_12_00_38_37.dmp
2012-04-11 21:54 - 2012-04-11 21:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Ihyl
2012-04-11 14:26 - 2012-04-11 14:26 - 0365824 ____A C:\Windows\SysWOW64\jnjvffgk.dat
2012-04-11 14:26 - 2012-04-11 14:26 - 0154368 ____A C:\Windows\SysWOW64\hcvhdhoj.dat
2012-04-11 14:26 - 2012-04-11 14:26 - 0136960 ____A C:\Windows\SysWOW64\itrevakl.dat
2012-04-11 14:26 - 2012-04-11 14:26 - 0058112 ____A C:\Windows\SysWOW64\nlwpporx.dat
2012-04-11 14:26 - 2012-04-11 14:26 - 0055040 ____A C:\Windows\SysWOW64\aylzcsni.dat
2012-04-11 14:26 - 2012-04-11 14:26 - 0041216 ____A C:\Windows\SysWOW64\ussqpxhp.dat
2012-04-11 14:26 - 2012-04-11 14:26 - 0036608 ____A C:\Windows\SysWOW64\yffknixm.dat
2012-04-11 14:26 - 2012-04-11 14:26 - 0034048 ____A C:\Windows\SysWOW64\ifoaxtlp.dat
2012-04-11 14:00 - 2012-04-11 14:00 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{90E20183-D7B9-4275-967C-40903175EBC7}
2012-04-11 13:54 - 2012-04-11 13:54 - 0000000 ___HD C:\Users\All Users\windows-updater
2012-04-11 13:54 - 2012-04-11 13:54 - 0000000 ___HD C:\ProgramData\windows-updater
2012-04-11 13:43 - 2012-04-11 13:43 - 0790464 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_14_43_24.dmp
2012-04-11 13:43 - 2012-04-11 13:43 - 0786434 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_14_43_13.dmp
2012-04-11 13:42 - 2012-04-11 13:42 - 0789746 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_14_42_55.dmp
2012-04-11 01:59 - 2012-04-11 01:59 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CEA53D8F-D31B-4B37-A5BE-6E93364126A7}
2012-04-11 01:57 - 2012-04-11 01:57 - 0790605 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_02_57_44.dmp
2012-04-11 01:57 - 2012-04-11 01:57 - 0787417 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_02_57_27.dmp
2012-04-11 01:57 - 2012-04-11 01:57 - 0785523 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_11_02_57_56.dmp
2012-04-10 13:15 - 2012-04-10 13:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E7BD7768-28D8-4205-ADB3-1FBC269072A2}
2012-04-10 13:12 - 2012-04-10 13:12 - 0793712 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_10_14_12_27.dmp
2012-04-10 13:12 - 2012-04-10 13:12 - 0787851 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_10_14_12_44.dmp
2012-04-10 13:12 - 2012-04-10 13:12 - 0780642 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_10_14_12_52.dmp
2012-04-10 07:53 - 2010-04-04 17:03 - 0196608 ____A C:\Windows\System32\Ikeext.etl
2012-04-09 22:36 - 2012-04-09 22:36 - 0000000 ____D C:\Windows\system64
2012-04-09 22:10 - 2012-04-09 22:10 - 0800009 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_23_10_22.dmp
2012-04-09 22:10 - 2012-04-09 22:10 - 0786582 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_23_10_31.dmp
2012-04-09 22:10 - 2012-02-05 17:55 - 0000437 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2012-04-09 22:09 - 2012-04-09 22:09 - 0799121 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_23_09_55.dmp
2012-04-09 21:56 - 2012-04-09 21:56 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{01DD07FF-A88C-4A6C-81D8-1FE1CC4A21A3}
2012-04-09 21:53 - 2012-04-09 21:53 - 0792488 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_22_53_45.dmp
2012-04-09 21:53 - 2012-04-09 21:53 - 0787627 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_22_53_23.dmp
2012-04-09 21:53 - 2012-04-09 21:53 - 0785514 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_22_53_52.dmp
2012-04-09 04:36 - 2012-04-09 04:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CCC4CAEB-E454-49EB-A9D8-FC7F99F080EE}
2012-04-09 02:37 - 2012-04-09 02:37 - 0789330 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_03_37_29.dmp
2012-04-09 02:37 - 2012-04-09 02:37 - 0788739 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_03_37_20.dmp
2012-04-09 02:37 - 2012-04-09 02:37 - 0782053 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_09_03_37_03.dmp
2012-04-08 17:42 - 2012-04-08 17:42 - 0057344 ___AH C:\Users\pcwt5\Downloads\Amended Checklist-PreTransferofBunkers Final version.doc
2012-04-08 16:35 - 2012-04-08 16:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0CA70EB3-809F-41A8-8B31-75A13DC848CD}
2012-04-08 16:06 - 2012-04-08 16:06 - 0780079 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_17_06_34.dmp
2012-04-08 16:06 - 2012-04-08 16:06 - 0776152 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_17_06_26.dmp
2012-04-08 16:05 - 2012-04-08 16:05 - 0782915 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_17_05_59.dmp
2012-04-08 04:35 - 2012-04-08 04:34 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{28AD863C-A57E-4225-BD13-8A98E22F16D5}
2012-04-08 01:33 - 2012-02-15 05:54 - 0065600 ____A (microOLAP Technologies LTD) C:\Windows\System32\Drivers\pssdklbf.sys
2012-04-08 01:33 - 2012-02-15 05:54 - 0053312 ____A (microOLAP Technologies LTD) C:\Windows\System32\Drivers\pssdk42.sys
2012-04-08 01:32 - 2012-04-08 01:32 - 0791776 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_02_32_46.dmp
2012-04-08 01:32 - 2012-04-08 01:32 - 0791288 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_02_32_37.dmp
2012-04-08 01:32 - 2012-04-08 01:32 - 0790229 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_08_02_32_05.dmp
2012-04-07 16:34 - 2012-04-07 16:34 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C0E83092-E37B-4227-A187-DAD3BE5D9EF6}
2012-04-07 16:31 - 2012-04-07 16:31 - 0789654 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_07_17_31_36.dmp
2012-04-07 16:31 - 2012-04-07 16:31 - 0787146 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_07_17_31_29.dmp
2012-04-07 16:30 - 2012-04-07 16:30 - 0785691 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_07_17_30_57.dmp
2012-04-06 16:53 - 2012-04-06 16:53 - 0793267 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_06_17_53_18.dmp
2012-04-06 16:53 - 2012-04-06 16:53 - 0783181 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_06_17_53_05.dmp
2012-04-06 16:50 - 2012-04-06 16:50 - 0783872 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_06_17_50_14.dmp
2012-04-06 16:43 - 2012-04-06 16:42 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{19AEB20F-4347-473A-B425-B2E5B4D98F9E}
2012-04-06 16:38 - 2011-12-28 04:35 - 0118520 ____A C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2012-04-06 16:37 - 2012-04-06 16:37 - 0789635 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_06_17_37_41.dmp
2012-04-06 16:37 - 2012-04-06 16:37 - 0783909 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_06_17_37_15.dmp
2012-04-06 16:37 - 2012-04-06 16:37 - 0783846 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_06_17_37_52.dmp
2012-04-06 01:27 - 2012-04-06 01:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{093BDA9C-C8FB-47C5-806D-7BEB71014A51}
2012-04-05 21:38 - 2012-04-05 21:38 - 0792218 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_22_38_21.dmp
2012-04-05 21:38 - 2012-04-05 21:38 - 0789098 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_22_38_31.dmp
2012-04-05 21:37 - 2012-04-05 21:37 - 0783618 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_22_37_47.dmp
2012-04-05 20:18 - 2012-04-05 20:18 - 0786108 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_21_18_54.dmp
2012-04-05 20:18 - 2012-04-05 20:18 - 0784381 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_21_18_45.dmp
2012-04-05 20:18 - 2012-04-05 20:18 - 0780420 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_21_18_08.dmp
2012-04-05 15:17 - 2012-04-05 15:17 - 0798131 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_16_17_26.dmp
2012-04-05 15:17 - 2012-04-05 15:17 - 0791312 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_16_17_37.dmp
2012-04-05 15:16 - 2012-04-05 15:16 - 0785818 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_16_16_53.dmp
2012-04-05 13:26 - 2012-04-05 13:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{73B000D6-5370-4ACA-871C-E32BB1DF2703}
2012-04-05 13:24 - 2012-04-05 13:23 - 0784445 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_14_23_59.dmp
2012-04-05 13:23 - 2012-04-05 13:23 - 0784493 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_14_23_21.dmp
2012-04-05 13:23 - 2012-04-05 13:23 - 0780690 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_05_14_23_50.dmp
2012-04-05 01:18 - 2012-04-05 01:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5E7A9E4E-AF46-4EB8-AA06-FCB7ED24D494}
2012-04-04 22:44 - 2012-04-04 22:44 - 0787053 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_04_23_44_30.dmp
2012-04-04 22:44 - 2012-04-04 22:44 - 0781551 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_04_23_44_22.dmp
2012-04-04 22:41 - 2012-04-04 22:41 - 0781643 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_04_23_41_25.dmp
2012-04-04 14:17 - 2012-04-04 14:17 - 0001698 ___AH C:\Users\pcwt5\Desktop\all_SUPPORT_APRIL_2012.xls - Shortcut.lnk
2012-04-04 13:17 - 2012-04-04 13:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B11E0CBB-AEBC-4FF7-8086-0CA251AC1D5D}
2012-04-04 13:10 - 2012-04-04 13:10 - 0797646 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_04_14_10_36.dmp
2012-04-04 13:10 - 2012-04-04 13:10 - 0791504 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_04_14_10_45.dmp
2012-04-04 13:10 - 2012-04-04 13:10 - 0783941 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_04_14_10_04.dmp
2012-04-04 01:17 - 2012-04-04 01:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9603F108-A9B3-4FCA-8569-7785F4D9C15E}
2012-04-03 13:17 - 2012-04-03 13:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9655596E-E0C3-4EFA-8B70-BF26A1D69DF0}
2012-04-03 13:10 - 2012-04-03 13:10 - 0786613 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_03_14_10_19.dmp
2012-04-03 13:10 - 2012-04-03 13:10 - 0785906 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_03_14_10_29.dmp
2012-04-03 13:09 - 2012-04-03 13:09 - 0782875 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_03_14_09_49.dmp
2012-04-03 02:54 - 2012-04-03 02:54 - 0793440 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_03_03_54_23.dmp
2012-04-03 02:54 - 2012-04-03 02:54 - 0785633 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_03_03_54_31.dmp
2012-04-03 02:53 - 2012-04-03 02:53 - 0789532 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_03_03_53_54.dmp
2012-04-03 01:16 - 2012-04-03 01:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A9B8E981-B797-4F6B-8A93-55856244098A}
2012-04-02 21:30 - 2012-04-02 21:30 - 0779682 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_22_30_04.dmp
2012-04-02 21:29 - 2012-04-02 21:29 - 0789552 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_22_29_11.dmp
2012-04-02 21:29 - 2012-04-02 21:29 - 0783333 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_22_29_56.dmp
2012-04-02 21:29 - 2012-04-02 21:29 - 0275904 ____A C:\Windows\Minidump\040212-26956-01.dmp
2012-04-02 21:29 - 2010-04-07 02:31 - 0000000 ____D C:\Windows\Minidump
2012-04-02 21:28 - 2010-04-07 02:31 - 592086757 ____A C:\Windows\MEMORY.DMP
2012-04-02 13:16 - 2012-04-02 13:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F64760A1-DABE-4FBA-8442-C186772D9EDD}
2012-04-02 13:12 - 2012-04-02 13:12 - 0790591 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_14_12_16.dmp
2012-04-02 13:12 - 2012-04-02 13:12 - 0789829 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_14_12_26.dmp
2012-04-02 13:11 - 2012-04-02 13:11 - 0786231 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_14_11_45.dmp
2012-04-02 04:40 - 2012-04-02 04:40 - 0788060 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_05_40_04.dmp
2012-04-02 04:39 - 2012-04-02 04:39 - 0787769 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_05_39_54.dmp
2012-04-02 04:39 - 2012-04-02 04:39 - 0778429 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_05_39_27.dmp
2012-04-02 01:14 - 2012-04-02 01:14 - 0791610 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_02_14_22.dmp
2012-04-02 01:14 - 2012-04-02 01:14 - 0788218 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_02_14_35.dmp
2012-04-02 01:13 - 2012-04-02 01:13 - 0800328 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_02_02_13_54.dmp
2012-04-01 22:38 - 2012-04-01 22:38 - 0779874 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_23_38_04.dmp
2012-04-01 22:37 - 2012-04-01 22:37 - 0782720 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_23_37_54.dmp
2012-04-01 22:35 - 2012-04-01 22:35 - 0783298 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_23_35_34.dmp
2012-04-01 20:31 - 2012-04-01 20:31 - 0784641 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_21_31_09.dmp
2012-04-01 20:30 - 2012-04-01 20:30 - 0791482 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_21_30_58.dmp
2012-04-01 20:30 - 2012-04-01 20:30 - 0780556 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_21_30_33.dmp
2012-04-01 19:14 - 2012-04-01 19:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{ED4B3C7F-FEE9-451F-8C2D-0E93DFEC2673}
2012-04-01 19:12 - 2012-04-01 19:12 - 0789135 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_20_12_09.dmp
2012-04-01 19:12 - 2012-04-01 19:12 - 0786586 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_20_12_21.dmp
2012-04-01 19:11 - 2012-04-01 19:11 - 0787250 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_20_11_42.dmp
2012-04-01 05:08 - 2012-04-01 05:08 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{126DA58F-8CF0-4639-9C1C-4CBFF54CF949}
2012-04-01 05:06 - 2012-04-01 05:06 - 0786648 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_06_06_27.dmp
2012-04-01 05:06 - 2012-04-01 05:06 - 0782545 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_06_06_39.dmp
2012-04-01 05:05 - 2012-04-01 05:05 - 0777737 ____A C:\Windows\SysWOW64\(null)AAWService__2012_04_01_06_05_55.dmp
2012-03-30 22:15 - 2012-03-30 22:15 - 0790249 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_30_23_15_44.dmp
2012-03-30 22:15 - 2012-03-30 22:15 - 0789207 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_30_23_15_04.dmp
2012-03-30 22:15 - 2012-03-30 22:15 - 0785845 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_30_23_15_35.dmp
2012-03-30 18:28 - 2012-03-30 18:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{48FF573C-2F3B-44C5-AAEE-BB3DC5B12C94}
2012-03-30 14:11 - 2012-03-30 14:11 - 0787531 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_30_15_11_05.dmp
2012-03-30 14:10 - 2012-03-30 14:10 - 0793455 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_30_15_10_57.dmp
2012-03-30 14:10 - 2012-03-30 14:10 - 0784175 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_30_15_10_21.dmp
2012-03-30 06:28 - 2012-03-29 18:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2A094898-4B5B-4728-BAB8-E00E0E074CBC}
2012-03-29 14:08 - 2012-03-29 14:08 - 0788155 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_29_15_08_08.dmp
2012-03-29 14:08 - 2012-03-29 14:07 - 0788504 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_29_15_07_58.dmp
2012-03-29 14:07 - 2012-03-29 14:07 - 0780857 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_29_15_07_35.dmp
2012-03-29 06:27 - 2012-03-29 06:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{89FA422D-D61C-4FAD-8ABB-D74940C3E928}
2012-03-29 06:27 - 2012-03-29 06:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{7229035C-C44D-437D-83AF-381BE62D6E6C}
2012-03-29 02:10 - 2009-07-14 02:34 - 0000813 ____A C:\Windows\win.ini
2012-03-28 18:26 - 2012-03-28 18:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E2DA806B-FAD0-4AEC-B0D5-8BE7B50EA5A8}
2012-03-28 18:26 - 2012-03-28 18:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A8F003A8-F7B9-4E23-A74D-F0B8583F2D89}
2012-03-28 18:26 - 2012-03-28 18:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4B7F35BA-05F8-4D28-9EB8-D490D9D9D54E}
2012-03-28 18:26 - 2012-03-28 18:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{298079E3-D3CB-4EBA-BE4E-9E93A6E4532E}
2012-03-28 14:04 - 2012-03-28 14:04 - 0793276 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_28_15_04_38.dmp
2012-03-28 14:04 - 2012-03-28 14:04 - 0788369 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_28_15_04_03.dmp
2012-03-28 14:04 - 2012-03-28 14:04 - 0781982 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_28_15_04_50.dmp
2012-03-28 06:25 - 2012-03-28 06:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F33422C1-DD1F-4A51-AAA5-88D827975AA2}
2012-03-28 06:25 - 2012-03-28 06:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0B9934DA-70EB-4BEE-9942-355974B6CE74}
2012-03-28 01:53 - 2012-03-28 01:53 - 0788527 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_28_02_53_03.dmp
2012-03-28 01:53 - 2012-03-28 01:53 - 0780978 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_28_02_53_14.dmp
2012-03-28 01:52 - 2012-03-28 01:52 - 0783347 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_28_02_52_27.dmp
2012-03-27 22:17 - 2012-03-27 22:17 - 0793658 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_23_17_16.dmp
2012-03-27 22:17 - 2012-03-27 22:17 - 0792612 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_23_17_05.dmp
2012-03-27 22:16 - 2012-03-27 22:16 - 0804228 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_23_16_30.dmp
2012-03-27 21:58 - 2012-03-27 21:58 - 0783740 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_22_58_00.dmp
2012-03-27 21:57 - 2012-03-27 21:57 - 0782764 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_22_57_52.dmp
2012-03-27 21:57 - 2012-03-27 21:57 - 0779613 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_22_57_21.dmp
2012-03-27 19:38 - 2012-03-27 19:38 - 0801663 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_20_38_39.dmp
2012-03-27 19:38 - 2012-03-27 19:38 - 0787764 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_20_38_30.dmp
2012-03-27 19:38 - 2012-03-27 19:38 - 0782358 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_20_38_06.dmp
2012-03-27 18:25 - 2012-03-27 18:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DD6EBFA2-0094-46DA-8FC5-D2B33DEF8F72}
2012-03-27 18:24 - 2012-03-27 18:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{689873F9-1CA7-4904-8DB0-C90D4CC50B73}
2012-03-27 18:24 - 2012-03-27 18:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3AF82852-E121-4D6A-847E-BD6FE07FE561}
2012-03-27 18:24 - 2012-03-27 18:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{05A45294-D09A-4E50-A83A-76CEC1529B10}
2012-03-27 14:34 - 2012-03-27 14:34 - 0793553 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_15_34_03.dmp
2012-03-27 14:33 - 2012-03-27 14:33 - 0795823 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_15_33_27.dmp
2012-03-27 14:33 - 2012-03-27 14:33 - 0790969 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_15_33_52.dmp
2012-03-27 06:23 - 2012-03-27 06:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E645CBEB-D2E8-4290-8883-1913DD476098}
2012-03-27 06:23 - 2012-03-27 06:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{6C41E80F-153F-47D9-969D-1512FFCCA778}
2012-03-27 06:23 - 2012-03-27 06:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3394245B-5523-4A83-AAD8-BAD5B7228179}
2012-03-27 06:23 - 2012-03-27 06:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8D95B68D-2CD3-4CED-84B2-7F42ED0E819C}
2012-03-27 02:19 - 2012-03-27 02:19 - 0791242 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_03_19_21.dmp
2012-03-27 02:19 - 2012-03-27 02:19 - 0787793 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_03_19_12.dmp
2012-03-27 02:18 - 2012-03-27 02:18 - 0791111 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_03_18_48.dmp
2012-03-26 23:10 - 2012-03-26 23:10 - 0788098 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_00_10_47.dmp
2012-03-26 23:10 - 2012-03-26 23:10 - 0787362 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_00_10_12.dmp
2012-03-26 23:10 - 2012-03-26 23:10 - 0778783 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_27_00_10_57.dmp
2012-03-26 18:22 - 2012-03-26 18:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A6E63F62-40A7-4853-A9DF-4DD7DF1F1B97}
2012-03-26 18:22 - 2012-03-26 18:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{884D1D4E-57AB-4E75-BBE8-C38B8DD105D9}
2012-03-26 18:22 - 2012-03-26 18:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{6BAC9B0B-DF45-4301-9695-C2BD25FD6F47}
2012-03-26 18:21 - 2012-03-26 18:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{83FC1642-E09F-4354-AFAF-F88EACAE538A}
2012-03-26 15:14 - 2012-03-26 15:14 - 0793311 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_26_16_14_35.dmp
2012-03-26 15:14 - 2012-03-26 15:14 - 0788564 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_26_16_14_43.dmp
2012-03-26 15:14 - 2012-03-26 15:14 - 0787711 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_26_16_14_10.dmp
2012-03-26 06:20 - 2012-03-26 06:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D4572E9D-826B-4C66-A290-B80A2AF079EE}
2012-03-26 06:20 - 2012-03-26 06:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{EABE04C2-35FE-43A6-8497-D734D72A0BCA}
2012-03-26 06:17 - 2012-03-26 06:17 - 0785284 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_26_07_17_07.dmp
2012-03-26 06:17 - 2012-03-26 06:17 - 0785003 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_26_07_17_53.dmp
2012-03-26 06:17 - 2012-03-26 06:17 - 0781544 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_26_07_17_42.dmp
2012-03-25 17:29 - 2012-03-25 17:29 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{71CAFFE8-3CCC-406C-A90E-ABEDFE22D83A}
2012-03-25 17:29 - 2012-03-25 17:29 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{058771D1-4FED-45C3-898C-856C5D1FDBE0}
2012-03-25 17:26 - 2012-03-25 17:26 - 0789263 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_25_18_26_23.dmp
2012-03-25 17:26 - 2012-03-25 17:26 - 0786472 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_25_18_26_30.dmp
2012-03-25 17:25 - 2012-03-25 17:25 - 0782543 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_25_18_25_59.dmp
2012-03-25 05:44 - 2012-03-25 05:44 - 0026093 ___AH C:\Users\pcwt5\Desktop\Index.php
2012-03-25 04:27 - 2012-03-25 04:27 - 0782703 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_25_05_27_24.dmp
2012-03-25 04:27 - 2012-03-25 04:27 - 0780186 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_25_05_27_32.dmp
2012-03-25 04:26 - 2012-03-25 04:26 - 0778163 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_25_05_26_09.dmp
2012-03-25 04:26 - 2012-03-25 04:25 - 0275904 ____A C:\Windows\Minidump\032512-27003-01.dmp
2012-03-25 04:17 - 2012-03-25 04:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{781EA2A0-FFDD-44FD-91E1-F83E6B22B899}
2012-03-25 04:16 - 2012-03-25 04:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4D64C9C6-1970-4AD7-BCB1-1F6FAC18C7F2}
2012-03-25 04:03 - 2012-03-22 00:26 - 0001307 ___AH C:\Users\pcwt5\Desktop\Google Chrome.lnk
2012-03-25 00:35 - 2012-03-25 00:35 - 0783881 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_25_00_35_25.dmp
2012-03-25 00:35 - 2012-03-25 00:35 - 0780196 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_25_00_35_35.dmp
2012-03-25 00:33 - 2012-03-25 00:33 - 0786102 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_25_00_33_07.dmp
2012-03-24 16:15 - 2012-03-24 16:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AAF44EEB-16D1-48CE-8DB4-E99C667C5AEC}
2012-03-24 16:15 - 2012-03-24 16:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2C875102-3CDD-4A4A-B726-E546FB9DF123}
2012-03-24 16:12 - 2012-03-24 16:12 - 0784629 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_24_16_12_27.dmp
2012-03-24 16:12 - 2012-03-24 16:12 - 0781118 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_24_16_12_43.dmp
2012-03-24 16:11 - 2012-03-24 16:11 - 0782919 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_24_16_11_31.dmp
2012-03-23 21:55 - 2012-03-23 16:08 - 0000254 ___AH C:\Users\pcwt5\Desktop\datadroid review txt.txt
2012-03-23 15:25 - 2012-03-23 15:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CFE72C73-1A73-4C14-BD61-E736E59F20BD}
2012-03-23 15:24 - 2012-03-23 15:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0A7DD057-21FE-4D9F-879C-95AEC7C3FC13}
2012-03-23 14:08 - 2012-03-23 14:08 - 0783239 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_23_14_08_20.dmp
2012-03-23 14:08 - 2012-03-23 14:08 - 0777122 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_23_14_08_12.dmp
2012-03-23 14:05 - 2012-03-23 14:05 - 0782426 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_23_14_05_07.dmp
2012-03-23 04:41 - 2012-03-23 04:41 - 0000000 ____D C:\Program Files\Common Files\WebM Project
2012-03-23 03:24 - 2012-03-23 03:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B784044B-C165-45BE-8603-2A1B62D545B4}
2012-03-23 03:24 - 2012-03-23 03:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{944812B6-3A16-47DD-AD20-7D1194F7CCB1}
2012-03-23 03:24 - 2012-03-23 03:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B95E37BB-3008-46A5-9950-99EF63FE873B}
2012-03-23 03:23 - 2012-03-23 03:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3C4141C4-87EC-45C0-B693-5C1964EAEF55}
2012-03-22 22:14 - 2012-03-22 22:14 - 0804059 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_22_14_05.dmp
2012-03-22 22:13 - 2012-03-22 22:13 - 0781620 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_22_13_54.dmp
2012-03-22 22:10 - 2012-03-22 22:10 - 0793421 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_22_10_23.dmp
2012-03-22 15:23 - 2012-03-22 15:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DBBCB992-76D7-43A8-B4EC-4B0037154BD6}
2012-03-22 15:23 - 2012-03-22 15:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D5A9DFF3-0733-47C1-904C-15449F5EF1FD}
2012-03-22 14:11 - 2012-03-22 14:11 - 0785280 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_14_11_17.dmp
2012-03-22 14:11 - 2012-03-22 14:11 - 0781464 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_14_11_39.dmp
2012-03-22 14:08 - 2012-03-22 14:08 - 0787023 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_14_08_38.dmp
2012-03-22 14:07 - 2012-03-22 00:25 - 0000000 ____D C:\Program Files (x86)\v9Soft
2012-03-22 04:59 - 2012-03-22 00:32 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\PerformerSoft
2012-03-22 04:58 - 2012-03-22 00:25 - 0001070 ____A C:\Users\pcwt5\Desktop\Internet Explorer.lnk
2012-03-22 03:22 - 2012-03-22 03:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E2A784E7-CC9D-4C15-B5B0-F95D8B2CA91D}
2012-03-22 03:22 - 2012-03-22 03:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{544C6713-1339-47C2-90E5-188E8B4EA67A}
2012-03-22 03:21 - 2012-03-22 03:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{FB4913B8-A3E2-4810-8BFF-AC84A1D010EE}
2012-03-22 03:21 - 2012-03-22 03:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BD99B9C2-38C6-4EF1-B757-ECA5A4887B79}
2012-03-22 02:23 - 2012-03-22 02:23 - 0788168 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_02_23_27.dmp
2012-03-22 02:23 - 2012-03-22 02:23 - 0783841 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_02_23_37.dmp
2012-03-22 02:22 - 2012-03-22 02:22 - 0788686 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_02_22_49.dmp
2012-03-22 01:12 - 2012-03-22 01:12 - 0790221 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_01_12_36.dmp
2012-03-22 01:12 - 2012-03-22 01:12 - 0785547 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_01_12_25.dmp
2012-03-22 01:11 - 2012-03-22 01:11 - 0793216 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_01_11_51.dmp
2012-03-22 00:56 - 2012-03-22 00:56 - 0796477 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_00_56_26.dmp
2012-03-22 00:56 - 2012-03-22 00:56 - 0794013 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_00_56_36.dmp
2012-03-22 00:55 - 2012-03-22 00:55 - 0789277 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_22_00_55_50.dmp
2012-03-22 00:36 - 2009-12-22 10:54 - 0118520 ___AH C:\Users\pcwt5\AppData\Local\GDIPFONTCACHEV1.DAT
2012-03-22 00:35 - 2012-03-22 00:35 - 0000240 ___AH C:\Users\pcwt5\Desktop\Age of Empires II Age of Kings.lnk
2012-03-22 00:34 - 2012-03-22 00:25 - 0002232 ___AH C:\Users\pcwt5\Desktop\Microsoft Age of Empires II Trial.lnk
2012-03-22 00:34 - 2012-03-22 00:25 - 0002232 ___AH C:\Users\Mcx1-PCWT5-VAIO\Desktop\Microsoft Age of Empires II Trial.lnk
2012-03-22 00:34 - 2012-03-22 00:25 - 0002232 ____A C:\Users\Guest\Desktop\Microsoft Age of Empires II Trial.lnk
2012-03-22 00:32 - 2012-03-22 00:32 - 0790520 ____A C:\Windows\SysWOW64\protector.dll
2012-03-22 00:32 - 2012-03-22 00:32 - 0001491 ____A C:\user.js
2012-03-22 00:32 - 2012-03-22 00:32 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Babylon
2012-03-22 00:32 - 2012-03-22 00:32 - 0000000 ___HD C:\Users\All Users\bProtector
2012-03-22 00:32 - 2012-03-22 00:32 - 0000000 ___HD C:\Users\All Users\Babylon
2012-03-22 00:32 - 2012-03-22 00:32 - 0000000 ___HD C:\ProgramData\bProtector
2012-03-22 00:32 - 2012-03-22 00:32 - 0000000 ___HD C:\ProgramData\Babylon
2012-03-22 00:32 - 2012-03-22 00:32 - 0000000 ____D C:\Windows\SysWOW64\Extensions
2012-03-22 00:32 - 2012-03-22 00:26 - 49083656 ___AH (Microsoft Corp.) C:\Users\pcwt5\Desktop\AoE2demo[1].exe
2012-03-22 00:32 - 2012-03-22 00:26 - 1519032 ___AH (ELEX) C:\Users\pcwt5\Desktop\v9sof[1].exe
2012-03-22 00:25 - 2012-03-22 00:25 - 0000000 ____D C:\Program Files (x86)\Microsoft Games
2012-03-22 00:25 - 2012-03-22 00:19 - 49083656 ___AH (Microsoft Corp.) C:\Users\pcwt5\Desktop\AoE2demo.exe
2012-03-22 00:25 - 2012-03-22 00:19 - 1519032 ___AH (ELEX) C:\Users\pcwt5\Desktop\v9sof.exe
2012-03-21 23:01 - 2012-03-21 23:01 - 0787047 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_21_23_01_01.dmp
2012-03-21 23:01 - 2012-03-21 23:01 - 0782422 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_21_23_01_45.dmp
2012-03-21 23:01 - 2012-03-21 23:01 - 0780600 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_21_23_01_56.dmp
2012-03-21 15:21 - 2012-03-21 15:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{31EAD668-4076-4D30-A90B-8FC8C4297C0F}
2012-03-21 15:20 - 2012-03-21 15:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{EED78B3B-D496-4C97-87D3-F9584BCCE551}
2012-03-21 15:20 - 2012-03-21 15:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4F22416D-52E3-4DA2-B7C3-DFCC000A444F}
2012-03-21 15:20 - 2012-03-21 15:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0D2E4E3D-81DD-4131-8E46-5BFD4C94BE58}
2012-03-21 13:17 - 2012-03-21 13:17 - 0788868 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_21_13_17_06.dmp
2012-03-21 13:16 - 2012-03-21 13:16 - 0794375 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_21_13_16_54.dmp
2012-03-21 13:16 - 2012-03-21 13:16 - 0791854 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_21_13_16_20.dmp
2012-03-21 06:30 - 2012-03-21 06:30 - 0795702 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_21_06_30_43.dmp
2012-03-21 06:30 - 2012-03-21 06:30 - 0785822 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_21_06_30_12.dmp
2012-03-21 06:30 - 2012-03-21 06:30 - 0778028 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_21_06_30_53.dmp
2012-03-21 03:19 - 2012-03-21 03:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{76890C1F-68C5-4265-9769-132AF67519B6}
2012-03-21 03:19 - 2012-03-21 03:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{687026A9-57AB-4C3D-8212-386F4655D4AB}
2012-03-20 22:53 - 2012-03-20 22:53 - 0812160 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_20_22_53_28.dmp
2012-03-20 22:53 - 2012-03-20 22:53 - 0796160 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_20_22_53_38.dmp
2012-03-20 22:52 - 2012-03-20 22:52 - 0785401 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_20_22_52_59.dmp
2012-03-20 15:19 - 2012-03-20 15:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B88583A9-BF91-4736-A19F-47A2E4E268D8}
2012-03-20 15:18 - 2012-03-20 15:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F7FF89A6-522D-4EE1-A76A-E4D76EA5FA57}
2012-03-20 14:05 - 2012-03-20 14:05 - 0784488 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_20_14_05_15.dmp
2012-03-20 14:05 - 2012-03-20 14:05 - 0784300 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_20_14_05_25.dmp
2012-03-20 14:02 - 2012-03-20 14:02 - 0785349 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_20_14_02_52.dmp
2012-03-20 03:17 - 2012-03-20 03:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A6A42C28-F43E-4611-8ABD-1F2DE5699BC0}
2012-03-20 03:17 - 2012-03-20 03:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5F2E708D-545E-4CDB-A1CC-035A032D6840}
2012-03-20 03:13 - 2012-03-20 03:13 - 0792823 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_20_03_13_03.dmp
2012-03-20 03:13 - 2012-03-20 03:13 - 0791406 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_20_03_13_13.dmp
2012-03-20 03:12 - 2012-03-20 03:12 - 0791806 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_20_03_12_39.dmp
2012-03-19 18:39 - 2011-03-07 02:26 - 0000000 ___HD C:\Users\pcwt5\readme_files
2012-03-19 14:26 - 2012-03-19 14:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C343F332-C0BE-4434-BA55-5AA58FE1CEED}
2012-03-19 14:26 - 2012-03-19 14:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{20C2842B-723E-4F42-84BE-838D42B11B5F}
2012-03-19 14:22 - 2012-03-19 14:22 - 0793572 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_19_14_22_06.dmp
2012-03-19 14:21 - 2012-03-19 14:21 - 0793422 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_19_14_21_28.dmp
2012-03-19 14:21 - 2012-03-19 14:21 - 0787569 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_19_14_21_56.dmp
2012-03-19 04:56 - 2012-03-19 04:56 - 0794719 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_19_04_56_20.dmp
2012-03-19 04:56 - 2012-03-19 04:56 - 0777968 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_19_04_56_46.dmp
2012-03-19 04:56 - 2012-03-19 04:56 - 0777380 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_19_04_56_55.dmp
2012-03-19 02:29 - 2012-03-19 02:29 - 0785337 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_19_02_29_19.dmp
2012-03-19 02:29 - 2012-03-19 02:29 - 0779298 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_19_02_29_08.dmp
2012-03-19 02:28 - 2012-03-19 02:28 - 0780321 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_19_02_28_39.dmp
2012-03-18 20:38 - 2012-03-18 20:38 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{40A54E10-3757-4BD7-92D3-8643F2461877}
2012-03-18 20:38 - 2012-03-18 20:37 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4BACEB77-2727-4952-A15B-5F7B4A954E29}
2012-03-18 20:34 - 2012-03-18 20:34 - 0787255 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_18_20_34_18.dmp
2012-03-18 20:34 - 2012-03-18 20:34 - 0784298 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_18_20_34_27.dmp
2012-03-18 20:33 - 2012-03-18 20:33 - 0783364 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_18_20_33_56.dmp
2012-03-18 05:23 - 2012-03-18 05:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9A27AFDD-4F15-4DBD-97BE-3A254B45E029}
2012-03-18 05:23 - 2012-03-18 05:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0B1B3244-D833-49B7-B952-DEF60234DC9F}
2012-03-18 03:20 - 2012-03-18 03:20 - 0794668 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_18_03_20_01.dmp
2012-03-18 03:20 - 2012-03-18 03:20 - 0782966 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_18_03_20_13.dmp
2012-03-18 03:19 - 2012-03-18 03:19 - 0790217 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_18_03_19_35.dmp
2012-03-17 18:50 - 2012-03-17 18:50 - 0789353 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_17_18_50_43.dmp
2012-03-17 18:50 - 2012-03-17 18:50 - 0776168 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_17_18_50_36.dmp
2012-03-17 18:48 - 2012-03-17 18:48 - 0787772 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_17_18_48_14.dmp
2012-03-17 17:22 - 2012-03-17 17:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BA566514-5B01-41FE-A5A6-D421A27F944D}
2012-03-17 17:22 - 2012-03-17 17:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{036AC698-3235-4971-84E1-9CA22266F3C5}
2012-03-17 17:14 - 2012-03-17 17:14 - 0804919 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_17_17_14_41.dmp
2012-03-17 17:14 - 2012-03-17 17:14 - 0791597 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_17_17_14_52.dmp
2012-03-17 17:14 - 2012-03-17 17:14 - 0787901 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_17_17_14_19.dmp
2012-03-17 03:53 - 2012-03-17 03:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1978094E-DD56-4408-9EB4-B6A07FB7F994}
2012-03-17 03:52 - 2012-03-17 03:52 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B8DCD544-F0B8-4449-8276-BE8CC4AAA72A}
2012-03-17 03:50 - 2012-03-17 03:50 - 0785578 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_17_03_50_04.dmp
2012-03-17 03:49 - 2012-03-17 03:49 - 0801690 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_17_03_49_52.dmp
2012-03-17 03:49 - 2012-03-17 03:49 - 0788950 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_17_03_49_28.dmp
2012-03-16 14:28 - 2012-03-16 14:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{50D4EBC4-245F-483C-9527-6440214A6775}
2012-03-16 14:28 - 2012-03-16 14:28 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{306C1AC0-EACE-44BA-A7A9-59780BBF47ED}
2012-03-16 13:51 - 2012-03-16 13:51 - 0791114 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_16_13_51_48.dmp
2012-03-16 13:51 - 2012-03-16 13:51 - 0788028 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_16_13_51_58.dmp
2012-03-16 13:51 - 2012-03-16 13:51 - 0787130 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_16_13_51_18.dmp
2012-03-16 02:27 - 2012-03-16 02:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8FA3859E-12A4-43FB-B4C7-BF3755B5F641}
2012-03-16 02:27 - 2012-03-16 02:27 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{04D44BE6-FCBA-4B43-BAAD-D1815B8C08A5}
2012-03-15 23:06 - 2012-03-15 23:06 - 0794956 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_23_06_19.dmp
2012-03-15 23:06 - 2012-03-15 23:06 - 0789651 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_23_06_09.dmp
2012-03-15 23:05 - 2012-03-15 23:05 - 0794159 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_23_05_40.dmp
2012-03-15 14:26 - 2012-03-15 14:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F16CB9F1-8117-4999-89EC-B73E7D94506C}
2012-03-15 14:26 - 2012-03-15 14:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AE21521C-C143-4E4C-B283-99CD71EA6451}
2012-03-15 14:26 - 2012-03-15 14:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4C6CF202-1A54-4EB0-97C7-7BDA96827886}
2012-03-15 14:26 - 2012-03-15 14:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2FF10FC6-4D47-4412-B684-08FF7E0F3055}
2012-03-15 14:17 - 2012-03-15 14:17 - 0778474 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_14_17_24.dmp
2012-03-15 14:17 - 2012-03-15 14:17 - 0774273 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_14_17_11.dmp
2012-03-15 14:16 - 2012-03-15 14:16 - 0780614 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_14_16_44.dmp
2012-03-15 02:45 - 2012-03-15 02:45 - 0800739 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_02_45_39.dmp
2012-03-15 02:45 - 2012-03-15 02:45 - 0796749 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_02_45_03.dmp
2012-03-15 02:45 - 2012-03-15 02:45 - 0790632 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_02_45_51.dmp
2012-03-15 02:25 - 2012-03-15 02:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{EF817BA4-1D3A-41B4-B593-947CC6B27E85}
2012-03-15 02:25 - 2012-03-15 02:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1E49382F-99C4-400D-9F67-6D21186A0685}
2012-03-15 01:20 - 2012-03-15 01:20 - 0790615 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_01_20_04.dmp
2012-03-15 01:19 - 2012-03-15 01:19 - 0790525 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_01_19_23.dmp
2012-03-15 01:19 - 2012-03-15 01:19 - 0781391 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_01_19_51.dmp
2012-03-15 01:01 - 2012-03-15 01:01 - 0785762 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_01_01_00.dmp
2012-03-15 01:00 - 2012-03-15 01:00 - 0791194 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_01_00_47.dmp
2012-03-15 01:00 - 2012-03-15 01:00 - 0783706 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_01_00_13.dmp
2012-03-15 00:26 - 2012-03-15 00:26 - 0790676 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_00_26_10.dmp
2012-03-15 00:26 - 2012-03-15 00:25 - 0793151 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_00_25_59.dmp
2012-03-15 00:25 - 2012-03-15 00:25 - 0781732 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_15_00_25_27.dmp
2012-03-14 22:46 - 2012-03-14 22:46 - 0795115 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_22_46_22.dmp
2012-03-14 22:46 - 2012-03-14 22:46 - 0787178 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_22_46_32.dmp
2012-03-14 22:45 - 2012-03-14 22:45 - 0788407 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_22_45_00.dmp
2012-03-14 16:27 - 2012-03-14 16:27 - 0799134 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_16_27_24.dmp
2012-03-14 16:27 - 2012-03-14 16:27 - 0785238 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_16_27_13.dmp
2012-03-14 16:26 - 2012-03-14 16:26 - 0780399 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_16_26_23.dmp
2012-03-14 14:22 - 2012-03-14 14:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5388F87E-7EB4-47A8-9674-016BE56B8740}
2012-03-14 14:22 - 2012-03-14 14:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5084EB41-E9A1-40B9-87CD-CBD2F2717903}
2012-03-14 14:18 - 2012-03-14 14:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B57ED705-9BF0-415E-B4E1-E01817AC0EAD}
2012-03-14 14:16 - 2012-03-14 14:16 - 0787201 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_14_16_15.dmp
2012-03-14 14:16 - 2012-03-14 14:16 - 0779970 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_14_16_07.dmp
2012-03-14 14:15 - 2012-03-14 14:15 - 0788116 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_14_15_35.dmp
2012-03-14 03:02 - 2012-03-14 03:02 - 0781537 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_03_02_36.dmp
2012-03-14 03:02 - 2012-03-14 03:02 - 0775482 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_03_02_44.dmp
2012-03-14 03:02 - 2012-03-14 03:01 - 0786137 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_14_03_01_59.dmp
2012-03-13 21:10 - 2012-03-13 21:10 - 0784796 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_21_10_12.dmp
2012-03-13 21:10 - 2012-03-13 21:09 - 0776845 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_21_09_57.dmp
2012-03-13 21:08 - 2012-03-13 21:08 - 0785740 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_21_08_11.dmp
2012-03-13 20:25 - 2012-03-13 20:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A51D0C18-C6B4-4FFD-86BD-16C771D91823}
2012-03-13 20:25 - 2012-03-13 20:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A0D01E74-0C41-4C99-86B9-965B1A6BDFCF}
2012-03-13 20:25 - 2012-03-13 20:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{61A0975B-B0AA-404D-B94E-69FD87C33F03}
2012-03-13 20:25 - 2012-03-13 20:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A2D99BA3-023D-42B5-ADB9-030632660CB1}
2012-03-13 19:02 - 2012-03-13 19:02 - 0774017 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_19_02_05.dmp
2012-03-13 19:01 - 2012-03-13 19:01 - 0784108 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_19_01_15.dmp
2012-03-13 19:01 - 2012-03-13 19:01 - 0781291 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_19_01_57.dmp
2012-03-13 18:01 - 2012-03-13 18:01 - 0797292 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_18_01_37.dmp
2012-03-13 18:01 - 2012-03-13 18:01 - 0779191 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_18_01_50.dmp
2012-03-13 17:59 - 2012-03-13 17:59 - 0785614 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_17_59_19.dmp
2012-03-13 14:59 - 2012-03-13 14:59 - 0796995 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_59_14.dmp
2012-03-13 14:59 - 2012-03-13 14:59 - 0792971 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_59_23.dmp
2012-03-13 14:58 - 2012-03-13 14:58 - 0782477 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_58_47.dmp
2012-03-13 14:25 - 2012-03-13 14:25 - 0799079 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_25_25.dmp
2012-03-13 14:25 - 2012-03-13 14:25 - 0787335 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_25_35.dmp
2012-03-13 14:24 - 2012-03-13 14:24 - 0780766 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_24_56.dmp
2012-03-13 14:17 - 2012-03-13 14:17 - 0782641 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_17_19.dmp
2012-03-13 14:17 - 2012-03-13 14:17 - 0782019 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_17_27.dmp
2012-03-13 14:16 - 2012-03-13 14:16 - 0793854 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_16_47.dmp
2012-03-13 14:08 - 2012-03-13 14:08 - 0783734 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_08_16.dmp
2012-03-13 14:08 - 2012-03-13 14:08 - 0780848 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_08_40.dmp
2012-03-13 14:08 - 2012-03-13 14:08 - 0775189 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_14_08_50.dmp
2012-03-13 08:23 - 2012-03-13 08:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E52B4DA9-BDC4-42C8-81B4-7F7C3BE64961}
2012-03-13 08:23 - 2012-03-13 08:22 - 0793201 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_08_22_58.dmp
2012-03-13 08:22 - 2012-03-13 08:22 - 0781395 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_08_22_49.dmp
2012-03-13 08:22 - 2012-03-13 08:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9093870E-B6D8-40A7-A423-8770B3235D19}
2012-03-13 08:19 - 2012-03-13 08:19 - 0790175 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_08_19_52.dmp
2012-03-13 01:43 - 2012-03-13 01:43 - 2972975 ___AH C:\Users\pcwt5\Downloads\Ross Lynch Austin Moon - A BILLION HITS - Full song with lyrics on screen.mp3
2012-03-13 01:40 - 2012-03-13 01:39 - 3412250 ___AH C:\Users\pcwt5\Downloads\Breaking benjamin - Blow Me Away - Only The Strongest Will Survive - HIGH QUALITY.mp3
2012-03-13 01:26 - 2012-03-13 01:26 - 0333008 ___AH C:\Users\pcwt5\Downloads\Austin Ally - A Love Like Song.mp3
2012-03-13 01:21 - 2012-03-13 01:21 - 1260178 ___AH C:\Users\pcwt5\Downloads\Austin Ally - Season 1 Episode 3 - Not A Love Song.mp3
2012-03-13 00:57 - 2012-03-13 00:57 - 0785329 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_00_57_36.dmp
2012-03-13 00:57 - 2012-03-13 00:57 - 0781618 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_00_57_23.dmp
2012-03-13 00:52 - 2012-03-13 00:52 - 0788798 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_00_52_22.dmp
2012-03-13 00:44 - 2012-03-13 00:44 - 0790459 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_13_00_44_11.dmp
2012-03-12 18:18 - 2012-03-12 18:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8D6B082E-6E78-49E3-8829-16337175F014}
2012-03-12 18:18 - 2012-03-12 18:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8C616E21-B51D-4395-B53B-1D181764BCF2}
2012-03-12 18:18 - 2012-03-12 18:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{456B16EA-22DE-4573-8675-1589D20BC3A8}
2012-03-12 18:18 - 2012-03-12 18:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A02362DC-792C-45AA-95B9-73BBE2EE1742}
2012-03-12 16:21 - 2012-03-12 16:21 - 0121233 ___AH C:\Users\pcwt5\Documents\bow to bow.pdf
2012-03-12 13:56 - 2012-03-12 13:56 - 0781513 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_12_13_56_00.dmp
2012-03-12 13:55 - 2012-03-12 13:55 - 0793481 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_12_13_55_32.dmp
2012-03-12 13:55 - 2012-03-12 13:55 - 0785869 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_12_13_55_51.dmp
2012-03-12 06:17 - 2012-03-12 06:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F1DB2DE6-83AC-44CD-BDAE-A0A42B5D3371}
2012-03-12 06:17 - 2012-03-12 06:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{EE4452B1-B15A-4484-87E5-54A20FABB50E}
2012-03-12 01:31 - 2012-03-12 01:31 - 0791152 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_12_01_31_33.dmp
2012-03-12 01:31 - 2012-03-12 01:31 - 0789497 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_12_01_31_21.dmp
2012-03-12 01:30 - 2012-03-12 01:30 - 0790520 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_12_01_30_59.dmp
2012-03-11 22:46 - 2012-03-11 22:46 - 0791758 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_11_22_46_31.dmp
2012-03-11 22:46 - 2012-03-11 22:46 - 0791611 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_11_22_46_42.dmp
2012-03-11 22:46 - 2012-03-11 22:46 - 0789448 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_11_22_46_08.dmp
2012-03-11 20:54 - 2012-03-10 22:44 - 0289153 ___AH C:\Users\pcwt5\Documents\RegalosParaNavidad.docx
2012-03-11 18:16 - 2012-03-11 18:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C6AFD4AD-BC5C-44FA-9BF6-265078AEEF2D}
2012-03-11 18:16 - 2012-03-11 18:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4DB46977-83AF-4CC2-A9E9-CE5FD3B5006E}
2012-03-11 17:16 - 2012-03-11 17:16 - 0793659 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_11_17_16_04.dmp
2012-03-11 17:16 - 2012-03-11 17:16 - 0787167 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_11_17_16_12.dmp
2012-03-11 17:15 - 2012-03-11 17:15 - 0795538 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_11_17_15_37.dmp
2012-03-11 16:52 - 2012-03-11 16:52 - 0782120 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_11_16_52_29.dmp
2012-03-11 16:52 - 2012-03-11 16:52 - 0779546 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_11_16_52_38.dmp
2012-03-11 16:51 - 2012-03-11 16:51 - 0793744 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_11_16_51_50.dmp
2012-03-11 13:48 - 2011-02-22 22:44 - 0063760 ____A (Trusteer Ltd.) C:\Windows\System32\Drivers\RapportKE64.sys
2012-03-11 06:16 - 2012-03-11 06:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A2416B07-8803-4AA8-99E0-2568E3AA2680}
2012-03-11 06:15 - 2012-03-11 06:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{23F482D6-C291-4863-B4B9-8959D6E74B86}
2012-03-10 20:22 - 2012-03-10 20:22 - 0012002 ___AH C:\Users\pcwt5\Documents\British Airways Executive Club.doc.docx
2012-03-10 19:12 - 2012-03-10 19:12 - 0783899 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_19_12_05.dmp
2012-03-10 19:11 - 2012-03-10 19:11 - 0789127 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_19_11_53.dmp
2012-03-10 19:08 - 2012-03-10 19:08 - 0787593 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_19_08_41.dmp
2012-03-10 19:06 - 2012-03-10 19:06 - 0788329 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_19_06_51.dmp
2012-03-10 18:14 - 2012-03-10 18:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BD2FE7D0-938C-4068-A4BC-77629DE97C46}
2012-03-10 18:14 - 2012-03-10 18:13 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B45C8564-52CF-44F0-9571-1C4A8FA5ECE8}
2012-03-10 18:13 - 2012-03-10 18:13 - 0796062 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_18_13_00.dmp
2012-03-10 18:13 - 2012-03-10 18:13 - 0785493 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_18_13_19.dmp
2012-03-10 18:11 - 2012-03-10 18:11 - 0788554 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_18_11_40.dmp
2012-03-10 03:30 - 2012-03-10 03:30 - 0794362 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_03_30_00.dmp
2012-03-10 03:30 - 2012-03-10 03:30 - 0791659 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_03_30_11.dmp
2012-03-10 03:29 - 2012-03-10 03:29 - 0802361 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_03_29_39.dmp
2012-03-10 01:25 - 2012-03-10 01:25 - 0793644 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_01_25_14.dmp
2012-03-10 01:25 - 2012-03-10 01:25 - 0790725 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_01_25_24.dmp
2012-03-10 01:24 - 2012-03-10 01:24 - 0789898 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_10_01_24_42.dmp
2012-03-09 17:22 - 2012-03-09 17:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A0B55382-302F-4B5E-90E2-AFB7ADCD6666}
2012-03-09 17:22 - 2012-03-09 17:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{89AF3CAB-0720-4BD2-8625-1442E2BAE6B1}
2012-03-09 14:05 - 2012-03-09 14:05 - 0790913 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_09_14_05_16.dmp
2012-03-09 14:05 - 2012-03-09 14:05 - 0787936 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_09_14_05_23.dmp
2012-03-09 14:04 - 2012-03-09 14:04 - 0787389 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_09_14_04_45.dmp
2012-03-09 05:21 - 2012-03-09 05:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8BB1FC9B-5C8D-4909-923D-4A40693477DE}
2012-03-09 05:21 - 2012-03-09 05:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{23F4A931-91F7-4071-B36E-9BDB3F4ED234}
2012-03-09 02:44 - 2012-03-09 02:44 - 0800660 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_09_02_44_18.dmp
2012-03-09 02:44 - 2012-03-09 02:44 - 0794191 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_09_02_44_09.dmp
2012-03-09 02:43 - 2012-03-09 02:43 - 0782473 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_09_02_43_39.dmp
2012-03-08 22:23 - 2012-03-08 22:23 - 0783605 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_08_22_23_05.dmp
2012-03-08 22:22 - 2012-03-08 22:22 - 0788353 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_08_22_22_18.dmp
2012-03-08 22:22 - 2012-03-08 22:22 - 0784766 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_08_22_22_55.dmp
2012-03-08 22:11 - 2012-03-08 22:11 - 0791572 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_08_22_11_42.dmp
2012-03-08 22:11 - 2012-03-08 22:11 - 0788720 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_08_22_11_51.dmp
2012-03-08 22:11 - 2012-03-08 22:11 - 0788195 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_08_22_11_13.dmp
2012-03-08 17:21 - 2012-03-08 17:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B65F4DB9-32E6-480C-B54C-63A0C1F55930}
2012-03-08 17:20 - 2012-03-08 17:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2B8E1AEA-C0F1-4A91-9B6B-1EDB53EAEFCA}
2012-03-08 14:01 - 2012-03-08 14:01 - 0783864 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_08_14_01_00.dmp
2012-03-08 14:00 - 2012-03-08 14:00 - 0786032 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_08_14_00_23.dmp
2012-03-08 14:00 - 2012-03-08 14:00 - 0780079 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_08_14_00_49.dmp
2012-03-08 05:20 - 2012-03-08 05:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{6897FDCF-EAC1-4C0D-8BA9-F207D340E799}
2012-03-08 05:20 - 2012-03-08 05:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F5B7DEE8-450B-4532-9504-5C8238F53E28}
2012-03-08 01:29 - 2012-03-08 01:29 - 0398139 ___AH C:\Users\pcwt5\Documents\Charter Checklist ver2.pdf
2012-03-08 01:14 - 2012-03-08 01:14 - 0077083 ___AH C:\Users\pcwt5\Documents\Charter Checklist ver2.docx
2012-03-07 23:20 - 2012-03-07 23:20 - 0123392 ___AH C:\Users\pcwt5\Documents\rachel anorexia homework.doc
2012-03-07 17:19 - 2012-03-07 17:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{76A3C13F-25DE-4442-9DBA-D11AA98CDAB4}
2012-03-07 17:19 - 2012-03-07 17:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{01BA3DF1-370A-4604-B596-E5CC58B44D7C}
2012-03-07 17:19 - 2012-03-07 17:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E06BC368-243C-4352-AE79-6B7A78CDB456}
2012-03-07 17:18 - 2012-03-07 17:18 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D1422150-C6A0-43E6-9C5A-881020C70E66}
2012-03-07 14:28 - 2009-12-03 01:59 - 0000000 ___RD C:\Program Files (x86)\Skype
2012-03-07 14:01 - 2012-03-07 14:01 - 0785514 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_07_14_01_51.dmp
2012-03-07 14:01 - 2012-03-07 14:01 - 0778452 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_07_14_01_29.dmp
2012-03-07 13:58 - 2012-03-07 13:58 - 0793168 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_07_13_58_32.dmp
2012-03-07 05:17 - 2012-03-07 05:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E79B9B16-5A28-4190-9D03-BD1DCBADFC47}
2012-03-07 05:17 - 2012-03-07 05:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1AB6FC86-5BC9-43A3-98AE-BDF05CC2A2B0}
2012-03-07 05:17 - 2012-03-06 17:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{527EFEE8-1926-42A3-8654-77BAA1152DAB}
2012-03-07 00:02 - 2012-03-07 00:02 - 0076923 ___AH C:\Users\pcwt5\Documents\competence_matrix_2012.pdf
2012-03-06 17:17 - 2012-03-06 17:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{04D90FCF-3F62-4D9B-A66E-BF27130E6AD2}
2012-03-06 17:17 - 2012-03-06 17:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DA6DAF8B-04C9-4647-8D54-29A3F3C9EB2F}
2012-03-06 17:16 - 2012-03-06 17:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3960A1B5-9866-4054-A867-15EC99A9CBC5}
2012-03-06 13:49 - 2012-03-06 13:49 - 0801718 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_06_13_49_36.dmp
2012-03-06 13:49 - 2012-03-06 13:49 - 0794124 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_06_13_49_46.dmp
2012-03-06 13:49 - 2012-03-06 13:49 - 0788311 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_06_13_49_04.dmp
2012-03-06 06:43 - 2012-04-12 19:23 - 5504880 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-03-06 05:59 - 2012-04-12 19:23 - 3958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-03-06 05:59 - 2012-04-12 19:23 - 3902320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-03-06 05:46 - 2012-03-06 05:46 - 0786259 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_06_05_46_00.dmp
2012-03-06 05:45 - 2012-03-06 05:45 - 0787778 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_06_05_45_52.dmp
2012-03-06 05:45 - 2012-03-06 05:45 - 0785413 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_06_05_45_32.dmp
2012-03-06 05:16 - 2012-03-06 05:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AF6D8C2B-707C-42D5-8C45-88A67FBBA77C}
2012-03-06 05:15 - 2012-03-06 05:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0CBB9410-288A-4C46-842A-20020BC332E2}
2012-03-06 02:29 - 2012-03-06 02:29 - 0000000 ___HD C:\__feb 2012 support
2012-03-05 20:33 - 2012-03-05 20:33 - 0795859 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_05_20_33_15.dmp
2012-03-05 20:33 - 2012-03-05 20:33 - 0774047 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_05_20_33_23.dmp
2012-03-05 20:32 - 2012-03-05 20:32 - 0783447 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_05_20_32_47.dmp
2012-03-05 17:15 - 2012-03-05 17:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{FD27BC25-30EF-43CB-8B88-921FF87003EF}
2012-03-05 17:15 - 2012-03-05 17:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{765B131E-386F-4DE1-9B2A-0C99BD2EC1B2}
2012-03-05 17:14 - 2012-03-05 17:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BBAD280A-8939-4986-85EC-1FB986805CE5}
2012-03-05 17:14 - 2012-03-05 17:14 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A8191424-0738-48CB-8A58-D3A2B1281C70}
2012-03-05 15:40 - 2012-03-05 15:40 - 0026028 ___AH C:\Users\pcwt5\Documents\SOP Copies of the ORB.docx
2012-03-05 13:57 - 2012-03-05 13:57 - 0787027 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_05_13_57_40.dmp
2012-03-05 13:57 - 2012-03-05 13:57 - 0780369 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_05_13_57_53.dmp
2012-03-05 13:57 - 2012-03-05 13:57 - 0779796 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_05_13_57_07.dmp
2012-03-05 05:13 - 2012-03-05 05:13 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8B260AD9-0DD2-49EC-A6C7-99E0AAD6E98F}
2012-03-05 05:13 - 2012-03-05 05:13 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{246F4C50-1948-49ED-85DD-FC16DA122097}
2012-03-05 04:12 - 2012-03-05 04:12 - 0779250 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_05_04_12_05.dmp
2012-03-05 04:11 - 2012-03-05 04:11 - 0792380 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_05_04_11_56.dmp
2012-03-05 04:11 - 2012-03-05 04:11 - 0785558 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_05_04_11_31.dmp
2012-03-04 17:13 - 2012-03-04 17:13 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E080FD0C-E9F6-4291-A27F-B0ED548D13C8}
2012-03-04 17:13 - 2012-03-04 17:12 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{FBB510B9-0F01-4A01-B25A-6CE4FEA6D6BB}
2012-03-04 15:57 - 2012-03-04 15:57 - 0788630 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_04_15_57_01.dmp
2012-03-04 15:56 - 2012-03-04 15:56 - 0780623 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_04_15_56_49.dmp
2012-03-04 15:54 - 2012-03-04 15:54 - 0788328 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_04_15_54_12.dmp
2012-03-04 05:12 - 2012-03-04 05:12 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A240FBE0-0C20-48F7-AAAE-9F9D985FF57A}
2012-03-04 05:12 - 2012-03-04 05:12 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3FE81EA6-F1B2-4FA0-B738-5D805BD2BFD2}
2012-03-04 04:54 - 2012-03-04 04:54 - 0788613 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_04_04_54_10.dmp
2012-03-04 04:54 - 2012-03-04 04:54 - 0788244 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_04_04_54_01.dmp
2012-03-04 04:53 - 2012-03-04 04:53 - 0787122 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_04_04_53_31.dmp
2012-03-03 16:54 - 2012-03-03 16:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BD29422D-1500-4425-8DD5-FC0A47E27C83}
2012-03-03 16:53 - 2012-03-03 16:53 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2B4FC17F-67A3-477B-809B-56A79888A1DC}
2012-03-03 16:52 - 2012-03-03 16:52 - 0792818 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_03_16_52_02.dmp
2012-03-03 16:51 - 2012-03-03 16:51 - 0795153 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_03_16_51_54.dmp
2012-03-03 16:51 - 2012-03-03 16:51 - 0786097 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_03_16_51_24.dmp
2012-03-02 13:59 - 2012-03-02 13:59 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AAC34CBF-12DA-4E00-AF13-943654FF18C2}
2012-03-02 13:58 - 2012-03-02 13:58 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CABB2DB3-4903-4C1D-8AAD-1F3D87097132}
2012-03-02 13:58 - 2011-09-25 02:08 - 0000000 ____D C:\Program Files (x86)\Raptr
2012-03-02 13:55 - 2012-03-02 13:55 - 0802219 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_02_13_55_21.dmp
2012-03-02 13:55 - 2012-03-02 13:55 - 0780448 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_02_13_55_32.dmp
2012-03-02 13:54 - 2012-03-02 13:54 - 0796093 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_02_13_54_55.dmp
2012-03-02 01:57 - 2012-03-02 01:57 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{994B4FAE-3599-44ED-B30D-B495FB0C90A6}
2012-03-02 01:57 - 2012-03-02 01:57 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{59B1FCC7-6321-4D7E-87E6-DACC61D5F2A6}
2012-03-02 01:57 - 2012-03-02 01:57 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{441D784E-02CD-423A-BD8E-4635354B6818}
2012-03-02 01:57 - 2012-03-02 01:56 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B77CAC68-CB22-446C-9309-CC1293A394AC}
2012-03-01 15:27 - 2012-03-01 15:27 - 0017837 ___AH C:\Users\pcwt5\Desktop\hs_err_pid6424.log
2012-03-01 13:56 - 2012-03-01 13:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F560E75C-5195-4583-A0B2-1339B6EC373A}
2012-03-01 13:55 - 2012-03-01 13:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BF5E9157-0BCE-434B-B9DF-F5564E790067}
2012-03-01 13:52 - 2012-03-01 13:52 - 0791433 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_01_13_52_23.dmp
2012-03-01 13:52 - 2012-03-01 13:52 - 0787749 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_01_13_52_31.dmp
2012-03-01 13:51 - 2012-03-01 13:51 - 0784376 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_01_13_51_54.dmp
2012-03-01 06:54 - 2012-04-12 19:16 - 0022896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-03-01 06:45 - 2012-04-12 19:16 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-03-01 06:40 - 2012-04-12 19:16 - 0080896 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-03-01 06:35 - 2012-04-12 19:16 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-03-01 05:49 - 2012-04-12 19:16 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-03-01 05:45 - 2012-04-12 19:16 - 0158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-03-01 05:40 - 2012-04-12 19:16 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-03-01 02:35 - 2012-03-01 02:35 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2B1477A6-3C8B-43A7-8D1A-A103EC239EB5}
2012-03-01 02:35 - 2012-03-01 02:34 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{038DE048-3962-4EA9-874E-EB8BDBC4E356}
2012-03-01 02:29 - 2012-03-01 02:29 - 0809011 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_01_02_29_23.dmp
2012-03-01 02:29 - 2012-03-01 02:29 - 0803261 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_01_02_29_31.dmp
2012-03-01 02:29 - 2012-03-01 02:29 - 0783923 ____A C:\Windows\SysWOW64\(null)AAWService__2012_03_01_02_29_02.dmp
2012-02-28 14:15 - 2012-02-28 14:15 - 0787795 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_28_14_15_16.dmp
2012-02-28 14:15 - 2012-02-28 14:15 - 0787352 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_28_14_15_25.dmp
2012-02-28 14:14 - 2012-02-28 14:14 - 0788130 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_28_14_14_49.dmp
2012-02-28 07:34 - 2012-04-12 19:51 - 17790976 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-28 07:02 - 2012-04-12 19:51 - 10888704 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-28 06:56 - 2012-04-12 19:51 - 2311168 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-02-28 06:50 - 2012-04-12 19:51 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-28 06:49 - 2012-04-12 19:51 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-28 06:48 - 2012-04-12 19:51 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-02-28 06:48 - 2012-04-12 19:51 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-28 06:47 - 2012-04-12 19:51 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-28 06:45 - 2012-04-12 19:51 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-02-28 06:43 - 2012-04-12 19:51 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-28 06:43 - 2012-04-12 19:51 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-28 06:42 - 2012-04-12 19:51 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-28 06:39 - 2012-04-12 19:51 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-28 02:05 - 2012-02-28 02:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{269AFCE2-982F-4026-B4F5-D8477F518263}
2012-02-28 02:05 - 2012-02-28 02:04 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CD8BE4CE-0C69-4EE6-AD38-1B7189FF6E25}
2012-02-28 01:52 - 2012-04-12 19:51 - 12281856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-02-28 01:27 - 2012-04-12 19:51 - 9705984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-02-28 01:18 - 2012-04-12 19:51 - 1799168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-02-28 01:12 - 2012-04-12 19:51 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-02-28 01:11 - 2012-04-12 19:51 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-02-28 01:11 - 2012-04-12 19:51 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-02-28 01:09 - 2012-04-12 19:51 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-02-28 01:08 - 2012-04-12 19:51 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-02-28 01:06 - 2012-04-12 19:51 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-02-28 01:04 - 2012-04-12 19:51 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-02-28 01:03 - 2012-04-12 19:51 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-02-28 01:03 - 2012-04-12 19:51 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-02-28 00:59 - 2012-04-12 19:51 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-02-27 21:31 - 2012-02-27 21:31 - 0790845 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_27_21_31_18.dmp
2012-02-27 21:31 - 2012-02-27 21:31 - 0786468 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_27_21_31_08.dmp
2012-02-27 21:30 - 2012-02-27 21:30 - 0796425 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_27_21_30_46.dmp
2012-02-27 14:03 - 2012-02-27 14:03 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0964E6F5-A18A-4291-AE46-7063B312DE7D}
2012-02-27 14:03 - 2012-02-27 14:02 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B995FFC4-58B8-40BA-B07F-2F41F9DE90B0}
2012-02-27 14:00 - 2012-02-27 14:00 - 0793814 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_27_14_00_15.dmp
2012-02-27 14:00 - 2012-02-27 14:00 - 0791213 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_27_14_00_25.dmp
2012-02-27 13:59 - 2012-02-27 13:59 - 0788028 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_27_13_59_48.dmp
2012-02-27 06:05 - 2012-02-27 06:05 - 0776833 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_27_06_05_06.dmp
2012-02-27 06:04 - 2012-02-27 06:04 - 0780872 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_27_06_04_58.dmp
2012-02-27 06:03 - 2012-02-27 06:03 - 0787174 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_27_06_03_44.dmp
2012-02-27 06:03 - 2012-02-27 06:03 - 0275904 ____A C:\Windows\Minidump\022712-25740-01.dmp
2012-02-26 20:35 - 2012-02-26 20:35 - 0807484 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_20_35_40.dmp
2012-02-26 20:35 - 2012-02-26 20:35 - 0794698 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_20_35_49.dmp
2012-02-26 20:35 - 2012-02-26 20:35 - 0789294 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_20_35_11.dmp
2012-02-26 19:01 - 2012-02-26 19:01 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{35605C25-5831-408E-A3B3-D025D90D7879}
2012-02-26 19:01 - 2012-02-26 19:01 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1E7F3BDD-8961-4635-B136-E26FEF4D2BD0}
2012-02-26 18:59 - 2012-02-26 18:59 - 0798761 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_18_59_02.dmp
2012-02-26 18:59 - 2012-02-26 18:59 - 0792910 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_18_59_13.dmp
2012-02-26 18:58 - 2012-02-26 18:58 - 0790805 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_18_58_38.dmp
2012-02-26 17:49 - 2012-02-26 17:49 - 0000000 ____D C:\Users\Guest\AppData\Local\Microsoft Games
2012-02-26 15:21 - 2011-12-28 04:34 - 0000000 ____D C:\Users\Guest\AppData\LocalLow
2012-02-26 15:04 - 2012-02-26 15:04 - 0790560 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_15_04_31.dmp
2012-02-26 15:04 - 2012-02-26 15:04 - 0781056 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_15_04_23.dmp
2012-02-26 15:01 - 2012-02-26 15:01 - 0782704 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_15_01_16.dmp
2012-02-26 06:57 - 2012-02-26 06:57 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E9EE5E09-77EE-4B96-808E-42E9E29AADB2}
2012-02-26 06:57 - 2012-02-26 06:57 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{BDA92E64-FD22-48BE-B796-A89F9C6EC0E4}
2012-02-26 06:57 - 2012-02-26 06:57 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{491B3DD9-DD36-4FEC-A162-294F54D5D5DE}
2012-02-26 06:57 - 2012-02-26 06:56 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3C7F0D59-FEFB-494B-9F46-7D4271EF870F}
2012-02-26 04:44 - 2012-02-26 04:44 - 0783520 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_04_44_09.dmp
2012-02-26 04:44 - 2012-02-26 04:44 - 0779822 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_04_44_00.dmp
2012-02-26 04:43 - 2012-02-26 04:43 - 0787887 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_26_04_43_22.dmp
2012-02-25 18:55 - 2012-02-25 18:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C486D903-30BF-45F4-9FE5-AD5AE35C8B32}
2012-02-25 18:55 - 2012-02-25 18:54 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{96E25493-B711-4D2F-BECB-30CB5E5312E3}
2012-02-25 18:52 - 2012-02-25 18:52 - 0794199 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_25_18_52_28.dmp
2012-02-25 18:52 - 2012-02-25 18:52 - 0785984 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_25_18_52_37.dmp
2012-02-25 18:51 - 2012-02-25 18:51 - 0786230 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_25_18_51_56.dmp
2012-02-25 08:36 - 2012-02-25 08:36 - 0793439 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_25_08_36_15.dmp
2012-02-25 08:36 - 2012-02-25 08:36 - 0789983 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_25_08_36_06.dmp
2012-02-25 08:34 - 2012-02-25 08:34 - 0795149 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_25_08_34_49.dmp
2012-02-25 04:05 - 2012-02-25 04:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B54B8D91-4283-49E6-965A-08854B4CBF54}
2012-02-25 04:04 - 2012-02-25 04:04 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D68A8212-93BC-4383-BFEC-2E407527AC08}
2012-02-25 04:02 - 2012-02-25 04:02 - 0792244 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_25_04_02_14.dmp
2012-02-25 04:02 - 2012-02-25 04:02 - 0791115 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_25_04_02_24.dmp
2012-02-25 04:01 - 2012-02-25 04:01 - 0787635 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_25_04_01_46.dmp
2012-02-24 14:18 - 2012-02-24 14:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D1D5F0E9-277C-490F-93B0-D33DD768FA49}
2012-02-24 14:17 - 2012-02-24 14:17 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A9ABE4D1-679F-4FFB-88C1-E717467032A5}
2012-02-24 13:56 - 2012-02-24 13:56 - 0798996 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_24_13_56_10.dmp
2012-02-24 13:56 - 2012-02-24 13:56 - 0798323 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_24_13_56_00.dmp
2012-02-24 13:55 - 2012-02-24 13:55 - 0782259 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_24_13_55_35.dmp
2012-02-24 02:16 - 2012-02-24 02:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DC326310-3C52-485E-A335-EB77FCBCAE19}
2012-02-24 02:16 - 2012-02-24 02:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F039B3C4-C58A-4D52-9E21-BB2303729D12}
2012-02-24 02:13 - 2012-02-24 02:13 - 0789914 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_24_02_13_38.dmp
2012-02-24 02:13 - 2012-02-24 02:13 - 0785825 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_24_02_13_13.dmp
2012-02-24 02:13 - 2012-02-24 02:13 - 0785594 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_24_02_13_48.dmp
2012-02-24 00:30 - 2012-02-24 00:30 - 0000000 ____D C:\Users\Guest\AppData\Local\blekkotb
2012-02-24 00:30 - 2011-12-28 04:35 - 0000174 ___SH C:\Users\Guest\Start Menu\Programs\Startup\desktop.ini
2012-02-24 00:30 - 2011-12-28 04:35 - 0000174 ___SH C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-24 00:29 - 2012-02-24 00:29 - 0775230 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_24_00_29_07.dmp
2012-02-24 00:28 - 2012-02-24 00:28 - 0786353 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_24_00_28_58.dmp
2012-02-24 00:28 - 2012-02-24 00:28 - 0782467 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_24_00_28_23.dmp
2012-02-23 22:14 - 2012-02-23 22:14 - 0001965 ___AH C:\Users\pcwt5\Desktop\Audible Manager.lnk
2012-02-23 22:14 - 2012-02-23 22:14 - 0001965 ___AH C:\Users\Mcx1-PCWT5-VAIO\Desktop\Audible Manager.lnk
2012-02-23 22:14 - 2012-02-23 22:14 - 0001965 ____A C:\Users\Guest\Desktop\Audible Manager.lnk
2012-02-23 22:12 - 2012-02-23 22:12 - 0255352 ____A (Audible, Inc.) C:\Windows\SysWOW64\awrdscdc.ax
2012-02-23 22:09 - 2012-02-23 22:09 - 0000000 ___HD C:\Users\Public\Documents\Audible
2012-02-23 21:19 - 2012-02-23 21:19 - 1525176 ___AH (Audible Inc.) C:\Users\pcwt5\Downloads\ActiveSetupN.exe
2012-02-23 19:18 - 2012-03-22 00:26 - 0551936 ____A (FOF_SILENT
2012-02-23 19:18 - 2012-03-22 00:26 - 0428032 ____A (Beijing Elex Technology Co., Ltd) C:\Windows\SysWOW64\v9loader.dll
2012-02-23 14:12 - 2012-02-23 14:12 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5C1D5259-5360-4CC3-B9DF-21AB37A2E144}
2012-02-23 14:12 - 2012-02-23 14:12 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4488D9CE-E75A-4C24-A173-AAAAC675E16A}
2012-02-23 14:09 - 2012-02-23 14:09 - 0786500 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_23_14_09_08.dmp
2012-02-23 14:09 - 2012-02-23 14:09 - 0780083 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_23_14_09_17.dmp
2012-02-23 14:08 - 2012-02-23 14:08 - 0783810 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_23_14_08_45.dmp
2012-02-22 22:17 - 2012-02-22 22:02 - 50921781 ___AH C:\Users\pcwt5\Documents\mss-is.rar
2012-02-22 14:02 - 2012-02-22 14:01 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CD5643A7-395D-418C-ADE5-1B1A2A3E6081}
2012-02-22 14:01 - 2012-02-22 14:01 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D5FA7AA9-CCE5-4EC2-8D86-54677A6BB377}
2012-02-22 13:18 - 2012-02-22 13:18 - 0804557 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_22_13_18_25.dmp
2012-02-22 13:18 - 2012-02-22 13:18 - 0791960 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_22_13_18_17.dmp
2012-02-22 13:17 - 2012-02-22 13:17 - 0784919 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_22_13_17_53.dmp
2012-02-22 02:28 - 2012-02-22 02:27 - 0000000 ___HD C:\mss-neptune
2012-02-22 02:01 - 2012-02-22 02:01 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DCA37F0E-EA17-4064-9744-9D56F06E10DE}
2012-02-22 02:01 - 2012-02-22 02:00 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{FEE55892-8016-453E-9C71-415BC90FFE58}
2012-02-21 23:00 - 2012-02-21 23:00 - 0803534 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_21_23_00_25.dmp
2012-02-21 23:00 - 2012-02-21 23:00 - 0783160 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_21_23_00_16.dmp
2012-02-21 22:59 - 2012-02-21 22:59 - 0789404 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_21_22_59_52.dmp
2012-02-21 18:06 - 2012-02-21 18:06 - 0001061 ___AH C:\Users\pcwt5\Start Menu\Programs\Startup\iope0.5701344455882161.exe.lnk
2012-02-21 18:06 - 2012-02-21 18:06 - 0001061 ___AH C:\Users\pcwt5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iope0.5701344455882161.exe.lnk
2012-02-21 13:59 - 2012-02-21 13:59 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{6C37E189-CF4E-4CFD-AC1C-17918F17F25E}
2012-02-21 13:58 - 2012-02-21 13:58 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{41399FEF-B68B-4F9F-A871-62C095E4DB8B}
2012-02-21 13:55 - 2012-02-21 13:55 - 0795530 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_21_13_55_32.dmp
2012-02-21 13:55 - 2012-02-21 13:55 - 0790087 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_21_13_55_21.dmp
2012-02-21 13:54 - 2012-02-21 13:54 - 0784767 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_21_13_54_37.dmp
2012-02-21 01:14 - 2012-02-21 01:14 - 0793545 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_21_01_14_30.dmp
2012-02-21 01:14 - 2012-02-21 01:14 - 0790214 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_21_01_14_40.dmp
2012-02-21 01:14 - 2012-02-21 01:14 - 0785358 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_21_01_14_06.dmp
2012-02-20 17:10 - 2012-02-20 17:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{49F15107-A2D9-48B8-8495-E1FCE56A10B9}
2012-02-20 17:10 - 2012-02-20 17:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{41D9F132-A6AE-4FDE-935D-C268991E8BAB}
2012-02-20 14:42 - 2012-02-20 14:42 - 0797239 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_20_14_42_02.dmp
2012-02-20 14:41 - 2012-02-20 14:41 - 0795478 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_20_14_41_55.dmp
2012-02-20 14:41 - 2012-02-20 14:41 - 0787094 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_20_14_41_36.dmp
2012-02-20 05:09 - 2012-02-20 05:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5BDB2CB2-A7D2-4621-976F-E588B3C7F61B}
2012-02-20 05:09 - 2012-02-20 05:08 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8DB52CA7-E3B0-4780-B408-582E21C04A19}
2012-02-20 01:43 - 2012-02-20 01:43 - 0780551 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_20_01_43_13.dmp
2012-02-20 01:43 - 2012-02-20 01:43 - 0778540 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_20_01_43_05.dmp
2012-02-20 01:42 - 2012-02-20 01:42 - 0781540 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_20_01_42_45.dmp
2012-02-19 22:28 - 2012-02-19 22:28 - 0787643 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_19_22_28_28.dmp
2012-02-19 22:28 - 2012-02-19 22:28 - 0786216 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_19_22_28_35.dmp
2012-02-19 22:27 - 2012-02-19 22:27 - 0785306 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_19_22_27_43.dmp
2012-02-19 17:08 - 2012-02-19 17:08 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D54B8697-22BB-408E-A0B6-9506D85682D5}
2012-02-19 17:08 - 2012-02-19 17:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{698B0939-EA7F-4CD4-869A-F8F178E17B69}
2012-02-19 15:28 - 2012-02-19 15:28 - 0785003 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_19_15_28_07.dmp
2012-02-19 15:28 - 2012-02-19 15:28 - 0781467 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_19_15_28_15.dmp
2012-02-19 15:27 - 2012-02-19 15:27 - 0786104 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_19_15_27_38.dmp
2012-02-19 05:49 - 2012-02-19 03:13 - 3332420 ___AH C:\Users\pcwt5\Downloads\Without You - Glee HD Full Studio (1).mp3
2012-02-19 05:07 - 2012-02-19 05:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{9C739CB5-5FC4-4BFB-AF2B-BFEF7C02A8B2}
2012-02-19 05:07 - 2012-02-19 05:07 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3629D7EE-4E03-46C5-BA71-9A1D4DEDE953}
2012-02-19 04:36 - 2012-02-19 04:36 - 0786585 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_19_04_36_02.dmp
2012-02-19 04:36 - 2012-02-19 04:36 - 0781420 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_19_04_36_11.dmp
2012-02-19 04:35 - 2012-02-19 04:35 - 0789079 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_19_04_35_05.dmp
2012-02-19 02:53 - 2012-02-19 02:53 - 2512384 ___AH C:\Users\pcwt5\Downloads\Glee - Hit Me With Your Best Shot - One Way Or Another New Directions and TroubleTones.mp3
2012-02-19 02:46 - 2012-02-19 02:45 - 3360005 ___AH C:\Users\pcwt5\Downloads\GLEE-Smooth criminal with lyrics (2).mp3
2012-02-19 02:39 - 2012-02-19 02:39 - 3360005 ___AH C:\Users\pcwt5\Downloads\GLEE-Smooth criminal with lyrics.mp3
2012-02-19 02:39 - 2012-02-19 02:39 - 3360005 ___AH C:\Users\pcwt5\Downloads\GLEE-Smooth criminal with lyrics (1).mp3
2012-02-18 17:06 - 2012-02-18 17:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{49DF7517-ADF4-4861-B160-9F46ED0DF86B}
2012-02-18 17:05 - 2012-02-18 17:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{7B406667-4349-41E5-8055-596210298370}
2012-02-18 17:03 - 2012-02-18 17:03 - 0790049 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_18_17_03_44.dmp
2012-02-18 17:03 - 2012-02-18 17:03 - 0784620 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_18_17_03_53.dmp
2012-02-18 17:01 - 2012-02-18 17:01 - 0798676 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_18_17_01_58.dmp
2012-02-17 18:13 - 2012-02-17 18:13 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{6CD4889D-97ED-40CD-9950-A30F90CB26DE}
2012-02-17 18:13 - 2012-02-17 18:13 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5BF6FE89-989E-40C0-804B-41E21B66DD9A}
2012-02-17 14:04 - 2012-02-17 14:04 - 0791761 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_17_14_04_24.dmp
2012-02-17 14:04 - 2012-02-17 14:04 - 0783786 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_17_14_04_06.dmp
2012-02-17 14:01 - 2012-02-17 14:01 - 0787356 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_17_14_01_53.dmp
2012-02-17 06:12 - 2012-02-17 06:12 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DDDF3481-813B-4FE0-B482-3E315D9D8546}
2012-02-17 06:12 - 2012-02-17 06:12 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D6485650-FFB5-4F78-97B7-73140DB2D90F}
2012-02-17 04:04 - 2009-12-22 10:55 - 0000174 ___SH C:\Users\pcwt5\Start Menu\Programs\Startup\desktop.ini
2012-02-17 04:04 - 2009-12-22 10:55 - 0000174 ___SH C:\Users\pcwt5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-17 03:40 - 2012-02-17 03:40 - 0805575 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_17_03_40_09.dmp
2012-02-17 03:39 - 2012-02-17 03:39 - 0797009 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_17_03_39_58.dmp
2012-02-17 03:39 - 2012-02-17 03:39 - 0780748 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_17_03_39_35.dmp
2012-02-17 03:38 - 2010-05-26 13:05 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-02-16 18:12 - 2012-02-16 18:12 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{386BC3A1-98DB-4BB7-B220-23309BAC248B}
2012-02-16 18:12 - 2012-02-16 18:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{DD1802D3-C114-4E70-9D3F-1DB54D0F55EF}
2012-02-16 18:11 - 2012-02-16 18:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{8C88C477-359D-4523-A67F-F9F95469C639}
2012-02-16 18:11 - 2012-02-16 18:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{0C040517-29C5-4B20-83F6-FF9FF76CBF3F}
2012-02-16 16:18 - 2010-12-25 21:02 - 0000000 ____D C:\Program Files (x86)\Expat Shield
2012-02-16 14:24 - 2012-02-16 14:24 - 0793709 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_16_14_24_13.dmp
2012-02-16 14:24 - 2012-02-16 14:24 - 0782752 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_16_14_24_24.dmp
2012-02-16 14:23 - 2012-02-16 14:23 - 0791982 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_16_14_23_01.dmp
2012-02-16 06:40 - 2012-02-16 06:40 - 0021462 ___AH C:\Users\pcwt5\Downloads\iForm 104 HSE Inspection, Iform.docx
2012-02-16 06:11 - 2012-02-16 06:11 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2A9C035A-DA24-43FC-8C78-16BA3E59FD37}
2012-02-16 06:11 - 2012-02-16 06:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D5A273A2-51BD-4152-9398-064805DB38DC}
2012-02-16 05:39 - 2012-02-16 05:39 - 0784865 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_16_05_39_00.dmp
2012-02-16 05:39 - 2012-02-16 05:39 - 0779206 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_16_05_39_08.dmp
2012-02-16 05:38 - 2012-02-16 05:38 - 0785112 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_16_05_38_30.dmp
2012-02-15 21:19 - 2012-02-15 21:19 - 0804140 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_15_21_19_18.dmp
2012-02-15 21:19 - 2012-02-15 21:19 - 0789075 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_15_21_19_09.dmp
2012-02-15 21:18 - 2012-02-15 21:18 - 0787804 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_15_21_18_29.dmp
2012-02-15 18:10 - 2012-02-15 18:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{97FE417A-7BAD-4DBD-BEB8-A7CE334E2800}
2012-02-15 18:10 - 2012-02-15 18:10 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3C1BF536-7960-472A-8888-6A964B991C49}
2012-02-15 13:57 - 2012-02-15 13:57 - 0790476 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_15_13_57_20.dmp
2012-02-15 13:57 - 2012-02-15 13:57 - 0788180 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_15_13_57_13.dmp
2012-02-15 13:56 - 2012-02-15 13:56 - 0785237 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_15_13_56_53.dmp
2012-02-15 06:27 - 2012-03-14 19:26 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-15 06:09 - 2012-02-15 06:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E2B859C4-9F7F-4BBE-B257-973F67954E9C}
2012-02-15 06:09 - 2012-02-15 06:09 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{94FDAE6C-374D-4311-837D-9B25BC2EFB0E}
2012-02-15 05:52 - 2012-02-15 05:52 - 0000000 ____D C:\Program Files (x86)\thinkbroadband.com
2012-02-15 05:51 - 2012-02-15 05:50 - 6198336 ___AH (thinkbroadband.com ) C:\Users\pcwt5\Downloads\tbbMeterSetup.exe
2012-02-15 05:44 - 2012-03-14 19:26 - 0826368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-02-15 04:47 - 2012-03-14 19:26 - 0204800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-15 04:46 - 2012-03-14 19:26 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-15 00:32 - 2012-02-15 00:32 - 0797290 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_15_00_32_27.dmp
2012-02-15 00:32 - 2012-02-15 00:32 - 0793459 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_15_00_32_36.dmp
2012-02-15 00:32 - 2012-02-15 00:32 - 0788484 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_15_00_32_11.dmp
2012-02-14 14:16 - 2012-02-14 14:16 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A0794622-13D5-46E0-8E78-6B1EF5F43E6C}
2012-02-14 14:16 - 2012-02-14 14:15 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{61A0DF0C-608B-4E8B-821E-021934C364BA}
2012-02-14 14:14 - 2012-02-14 14:14 - 0794472 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_14_14_14_25.dmp
2012-02-14 14:14 - 2012-02-14 14:14 - 0789455 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_14_14_14_42.dmp
2012-02-14 14:14 - 2012-02-14 14:14 - 0785250 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_14_14_14_51.dmp
2012-02-14 08:21 - 2010-09-25 05:55 - 0000000 ___HD C:\Users\pcwt5\GracesLocalWebsite
2012-02-14 02:08 - 2010-10-05 21:07 - 0000000 ____D C:\Program Files (x86)\MSECache
2012-02-14 02:07 - 2012-02-14 01:49 - 38808920 ___AH (Microsoft Corporation) C:\Users\pcwt5\Downloads\FileFormatConverters.exe
2012-02-14 02:06 - 2012-02-14 02:06 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5744CA49-ADF5-447C-9BA5-D0D544AF0D85}
2012-02-14 02:06 - 2012-02-14 02:06 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{471DEADB-CE14-4462-88E1-15C7EC737AB5}
2012-02-14 00:56 - 2012-02-14 00:56 - 0797062 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_14_00_56_47.dmp
2012-02-14 00:56 - 2012-02-14 00:56 - 0788248 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_14_00_56_13.dmp
2012-02-14 00:56 - 2012-02-14 00:56 - 0783621 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_14_00_56_36.dmp
2012-02-13 16:49 - 2009-07-14 05:32 - 0000000 ____D C:\Windows\Downloaded Program Files
2012-02-13 14:05 - 2012-02-13 14:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{96CD4B1E-D45C-4908-80BC-6BAD32A3A23B}
2012-02-13 14:05 - 2012-02-13 14:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{2CD415B0-A00B-4B65-B7AD-4CF408960A4D}
2012-02-13 13:56 - 2012-02-13 13:56 - 0800608 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_13_13_56_41.dmp
2012-02-13 13:56 - 2012-02-13 13:56 - 0793134 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_13_13_56_32.dmp
2012-02-13 13:56 - 2012-02-13 13:56 - 0784839 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_13_13_56_17.dmp
2012-02-13 00:05 - 2012-02-13 00:05 - 0789752 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_13_00_05_16.dmp
2012-02-13 00:05 - 2012-02-13 00:05 - 0774867 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_13_00_05_27.dmp
2012-02-13 00:04 - 2012-02-13 00:04 - 0780110 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_13_00_04_55.dmp
2012-02-12 19:26 - 2012-02-12 19:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AA08E20D-3E7F-486B-A765-197723952995}
2012-02-12 19:26 - 2012-02-12 19:26 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{139043F0-2483-41D4-8BD6-3F2624A188DB}
2012-02-12 18:08 - 2012-02-12 18:08 - 0793386 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_12_18_08_23.dmp
2012-02-12 18:08 - 2012-02-12 18:08 - 0783820 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_12_18_08_10.dmp
2012-02-12 18:05 - 2012-02-12 18:05 - 0788058 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_12_18_05_46.dmp
2012-02-12 07:26 - 2012-02-12 07:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{20EF393E-12E4-4572-B5CB-21BF51071171}
2012-02-12 07:25 - 2012-02-12 07:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{FC6FF583-9FC7-4E95-8441-394038979155}
2012-02-12 02:36 - 2012-02-12 02:36 - 0792249 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_12_02_36_43.dmp
2012-02-12 02:36 - 2012-02-12 02:36 - 0787531 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_12_02_36_50.dmp
2012-02-12 02:32 - 2012-02-12 02:32 - 0780477 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_12_02_32_02.dmp
2012-02-11 19:25 - 2012-02-11 19:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{B0B924F4-D457-48B3-AFA3-A2800D5EBBAC}
2012-02-11 19:25 - 2012-02-11 19:25 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{82484CCA-77E2-422D-8CD2-A74753B82A5C}
2012-02-11 18:55 - 2012-02-11 18:55 - 0798376 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_18_55_27.dmp
2012-02-11 18:55 - 2012-02-11 18:55 - 0793902 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_18_55_44.dmp
2012-02-11 18:55 - 2012-02-11 18:55 - 0781072 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_18_55_59.dmp
2012-02-11 16:23 - 2012-02-11 16:23 - 0793195 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_16_23_20.dmp
2012-02-11 16:23 - 2012-02-11 16:23 - 0785954 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_16_23_28.dmp
2012-02-11 16:23 - 2012-02-11 16:23 - 0784379 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_16_23_03.dmp
2012-02-11 07:24 - 2012-02-11 07:24 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{E175D840-28C7-4558-B0F7-62D6844EF53F}
2012-02-11 07:24 - 2012-02-11 07:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{29FE6740-623A-4552-9A03-047D508219DF}
2012-02-11 03:25 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\rescache
2012-02-11 01:54 - 2012-02-11 01:54 - 0789437 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_01_54_12.dmp
2012-02-11 01:54 - 2012-02-11 01:54 - 0784218 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_01_54_36.dmp
2012-02-11 01:54 - 2012-02-11 01:54 - 0780170 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_01_54_44.dmp
2012-02-11 01:14 - 2012-02-11 01:14 - 0014811 ___AH C:\Users\pcwt5\Downloads\ID 15521 (2).docx
2012-02-11 01:14 - 2012-02-11 01:14 - 0014811 ___AH C:\Users\pcwt5\Downloads\ID 15521 (1).docx
2012-02-11 01:14 - 2012-02-11 01:14 - 0000162 ___AH C:\Users\pcwt5\Downloads\~$ 15521.docx
2012-02-11 01:14 - 2012-02-11 01:13 - 0014811 ___AH C:\Users\pcwt5\Downloads\ID 15521.docx
2012-02-11 00:24 - 2012-02-11 00:24 - 0789748 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_00_24_04.dmp
2012-02-11 00:23 - 2012-02-11 00:23 - 0809879 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_00_23_56.dmp
2012-02-11 00:23 - 2012-02-11 00:23 - 0792198 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_11_00_23_37.dmp
2012-02-11 00:21 - 2009-07-14 03:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2012-02-11 00:02 - 2012-02-10 23:51 - 0008974 ____A C:\Windows\IE9_main.log
2012-02-11 00:01 - 2009-12-22 10:55 - 0000000 ___HD C:\Windows\msdownld.tmp
2012-02-11 00:00 - 2012-02-11 00:00 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-02-11 00:00 - 2012-02-11 00:00 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-02-11 00:00 - 2012-02-11 00:00 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-02-11 00:00 - 2012-02-11 00:00 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-02-11 00:00 - 2012-02-11 00:00 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-02-11 00:00 - 2012-02-11 00:00 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-02-11 00:00 - 2012-02-11 00:00 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-02-11 00:00 - 2012-02-11 00:00 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-02-11 00:00 - 2012-02-11 00:00 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-02-11 00:00 - 2012-02-11 00:00 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-02-11 00:00 - 2012-02-11 00:00 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-02-10 23:51 - 2012-02-10 23:48 - 36426056 ___AH (Microsoft Corporation) C:\Users\pcwt5\Downloads\BOIE9_ENGB_WIN764.exe
2012-02-10 19:23 - 2012-02-10 19:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{F66032D9-115A-4F38-A5E4-006E2699F412}
2012-02-10 19:23 - 2012-02-10 19:23 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{C7660362-E750-4EFD-8756-F0193368EF03}
2012-02-10 19:23 - 2012-02-10 19:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{AD2F8067-CFFB-4FDC-B9FE-0DD036749394}
2012-02-10 19:22 - 2012-02-10 19:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{CF67E779-5145-4BFB-8AB4-6A94DAA931CB}
2012-02-10 13:45 - 2012-02-10 13:45 - 0799989 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_10_13_45_50.dmp
2012-02-10 13:45 - 2012-02-10 13:45 - 0797272 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_10_13_45_34.dmp
2012-02-10 13:45 - 2012-02-10 13:45 - 0791979 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_10_13_45_59.dmp
2012-02-10 07:22 - 2012-02-10 07:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{D10E3B2B-7731-4CA7-AE0C-AF50A57591B2}
2012-02-10 07:22 - 2012-02-10 07:22 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5AE80FF2-651A-4155-AD28-73A5082C9CCF}
2012-02-10 06:18 - 2012-03-14 19:39 - 1541120 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-10 06:17 - 2012-03-14 19:39 - 1837568 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-02-10 06:17 - 2012-03-14 19:39 - 0902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-02-10 06:17 - 2012-03-14 19:39 - 0320512 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-02-10 06:17 - 2012-03-14 19:39 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-02-10 05:41 - 2012-03-14 19:39 - 1170944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2012-02-10 05:41 - 2012-03-14 19:39 - 1074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-02-10 05:41 - 2012-03-14 19:39 - 0739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2012-02-10 05:41 - 2012-03-14 19:39 - 0218624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2012-02-10 05:41 - 2012-03-14 19:39 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2012-02-09 19:21 - 2012-02-09 19:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{A9C0B300-B25D-4083-8983-D4CFDEF56BCD}
2012-02-09 19:21 - 2012-02-09 19:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{1AE7800D-6948-4B70-B9B7-C07BF46BE00F}
2012-02-09 19:21 - 2012-02-09 19:21 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{03F8B649-09F0-466A-AC12-1B706884DFB1}
2012-02-09 19:21 - 2012-02-09 19:20 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4E41C25C-8FC4-4FD0-8ECD-6485FBB55830}
2012-02-09 16:05 - 2012-02-09 16:05 - 0003224 ___AH C:\Users\Public\Documents\regcontexthandlers.reg
2012-02-09 16:01 - 2012-02-09 16:00 - 0534659 ___AH C:\Users\pcwt5\Downloads\Autoruns.zip
2012-02-09 15:36 - 2012-02-09 15:35 - 0180775 ___AH C:\Users\pcwt5\Downloads\Checklist.apk
2012-02-09 13:56 - 2012-02-09 13:56 - 0800503 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_09_13_56_08.dmp
2012-02-09 13:56 - 2012-02-09 13:56 - 0791212 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_09_13_56_16.dmp
2012-02-09 13:55 - 2012-02-09 13:55 - 0807905 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_09_13_55_49.dmp
2012-02-09 07:20 - 2012-02-09 07:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{560B8683-1A48-435D-B2CD-6A5FD88536FF}
2012-02-09 07:19 - 2012-02-09 07:19 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{905C0A5D-6D06-47FC-926B-8452FDAF532F}
2012-02-09 07:18 - 2012-02-09 07:18 - 0789044 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_09_07_18_08.dmp
2012-02-09 07:17 - 2012-02-09 07:17 - 0792804 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_09_07_17_17.dmp
2012-02-09 07:17 - 2012-02-09 07:17 - 0788895 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_09_07_17_58.dmp
2012-02-08 18:05 - 2012-02-08 18:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{EF942659-1141-4C7D-B655-A4A9688B7199}
2012-02-08 18:05 - 2012-02-08 18:05 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{28619E07-10DA-4FB8-BAC3-5B4BBD0E5337}
2012-02-08 13:59 - 2012-02-08 13:59 - 0801765 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_08_13_59_15.dmp
2012-02-08 13:59 - 2012-02-08 13:59 - 0793871 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_08_13_59_41.dmp
2012-02-08 13:59 - 2012-02-08 13:59 - 0792142 ____A C:\Windows\SysWOW64\(null)AAWService__2012_02_08_13_59_34.dmp
2012-02-08 06:04 - 2012-02-08 06:04 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{632FDF08-C925-4F01-BB77-8AAA7CA57F53}
2012-02-08 06:04 - 2012-02-08 06:04 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{5F2C3F06-1FE5-4DD6-BDEE-FE5B8F9B9A7A}
2012-02-08 06:04 - 2012-02-08 06:04 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{4498E02D-9249-4A81-B623-F9A642A6E5D8}
2012-02-08 06:04 - 2012-02-08 06:03 - 0000000 ___HD C:\Users\pcwt5\AppData\Local\{3F67C657-5DBE-4131-9B36-9B4E184F4E17}


========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe
[2009-07-13 23:50] - [2009-07-14 01:39] - 0030208 ____A (Microsoft Corporation) 6F8F1376A13114CC10C0E69274F5A4DE

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 16%
Total physical RAM: 3935.02 MB
Available physical RAM: 3292.52 MB
Total Pagefile: 3933.17 MB
Available Pagefile: 3288.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:288.66 GB) (Free:130.49 GB) NTFS
2 Drive e: (Recovery) (Fixed) (Total:9.33 GB) (Free:0.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.15 GB) (Free:0 GB) UDF
4 Drive g: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.56 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 3824 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 9 GB 1024 KB
Partition 2 Primary 100 MB 9 GB
Partition 3 Primary 288 GB 9 GB
Partition 4 Primary 1016 KB 298 GB

======================================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E Recovery NTFS Partition 9 GB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 288 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3823 MB 31 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G KINGSTON FAT32 Removable 3823 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-04-29 16:02

======================= End Of Log ==========================

Attached Files

  • Attached File  FRST.txt   249.76KB   313 downloads

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
We get a lot of hitman victims. It just does not remove the Zero Access rootkit correctly.

I expect the reason your Win 7 disk isn't working is that this is a sony and they have their recovery partition set as the active partition. Let's see what happens if we try to fix it with FRST.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
Right-click in the open notepad and select Paste).
Save it on the flashdrive as fixlist.txt

HKU\Mcx1-PCWT5-VAIO\...\Run: [OP9APrsC9TJ] control.exe "C:\Users\pcwt5\AppData\Local\kPqSZ2Y\OP9APrsC9TJ.cpl",0,0 [x]
C:\Users\pcwt5\AppData\Local\kPqSZ2Y\OP9APrsC9TJ.cpl
SubSystems: [Windows] ==> ZeroAccess
HKLM-x32\...\Runonce: [GrpConv] grpconv -o [x]
2 qmfrsrou; C:\Windows\system32\mggqslwy.dll
C:\Windows\system32\mggqslwy.dll
3 hitmanpro35; \??\C:\Windows\system32\drivers\hitmanpro36.sys [27936 2012-05-02] ()
NETSVCx32: qmfrsrou
2012-05-01 22:42 - 2012-05-02 01:11 - 0000184 ____A C:\Users\All Users\-XWE3mXJBRcdem8r
2012-05-01 22:42 - 2012-05-02 01:11 - 0000184 ____A C:\ProgramData\-XWE3mXJBRcdem8r
2012-05-01 22:42 - 2012-04-24 06:18 - 0000000 ____A C:\Users\All Users\-XWE3mXJBRcdem8
2012-05-01 22:42 - 2012-04-24 06:18 - 0000000 ____A C:\ProgramData\-XWE3mXJBRcdem8
2012-05-01 22:03 - 2012-05-01 22:22 - 0222208 ___AH C:\Users\All Users\XWE3mXJBRcdem8.exe_1336347353.arl
2012-05-01 22:03 - 2012-05-01 22:22 - 0222208 ___AH C:\ProgramData\XWE3mXJBRcdem8.exe_1336347353.arl
2012-05-01 22:03 - 2012-04-24 06:18 - 0000256 ___AH C:\Users\All Users\XWE3mXJBRcdem8
2012-05-01 22:03 - 2012-04-24 06:18 - 0000256 ___AH C:\ProgramData\XWE3mXJBRcdem8
2012-05-01 19:49 - 2012-05-01 19:57 - 0222208 ___AH C:\Users\All Users\oVQukyH52o8jiV.exe_1336347353.arl
2012-05-01 19:49 - 2012-05-01 19:57 - 0222208 ___AH C:\ProgramData\oVQukyH52o8jiV.exe_1336347353.arl
2012-05-01 19:49 - 2012-05-01 19:57 - 0000184 ___AH C:\Users\All Users\-oVQukyH52o8jiVr
2012-05-01 19:49 - 2012-05-01 19:57 - 0000184 ___AH C:\ProgramData\-oVQukyH52o8jiVr
2012-05-01 19:49 - 2012-04-24 06:27 - 0000000 ___AH C:\Users\All Users\-oVQukyH52o8jiV
2012-05-01 19:49 - 2012-04-24 06:27 - 0000000 ___AH C:\ProgramData\-oVQukyH52o8jiV
2012-05-01 19:49 - 2012-03-23 21:55 - 0000655 ___AH C:\Users\pcwt5\Desktop\Data_Recovery.lnk
2012-05-01 19:49 - 2012-01-29 17:46 - 0000256 ___AH C:\Users\All Users\oVQukyH52o8jiV
2012-05-01 19:49 - 2012-01-29 17:46 - 0000256 ___AH C:\ProgramData\oVQukyH52o8jiV
2012-04-24 06:27 - 2012-04-24 06:27 - 0000176 ___AH C:\Users\All Users\-iK09Ukc2QUuHdcr
2012-04-24 06:27 - 2012-04-24 06:27 - 0000176 ___AH C:\ProgramData\-iK09Ukc2QUuHdcr
2012-04-24 06:27 - 2011-02-18 00:48 - 0000256 ___AH C:\Users\All Users\iK09Ukc2QUuHdc
2012-04-24 06:27 - 2011-02-18 00:48 - 0000256 ___AH C:\ProgramData\iK09Ukc2QUuHdc
2012-04-24 06:27 - - 0000000 ___AH C:\Users\All Users\-iK09Ukc2QUuHdc
2012-04-24 06:27 - - 0000000 ___AH C:\ProgramData\-iK09Ukc2QUuHdc
2012-04-24 06:18 - 2012-05-01 19:49 - 0000000 ___AH C:\Users\All Users\-xNrcacGalCqvsv
2012-04-24 06:18 - 2012-05-01 19:49 - 0000000 ___AH C:\ProgramData\-xNrcacGalCqvsv
2012-04-24 06:18 - 2012-04-24 06:18 - 0000176 ___AH C:\Users\All Users\-xNrcacGalCqvsvr
2012-04-24 06:18 - 2012-04-24 06:18 - 0000176 ___AH C:\ProgramData\-xNrcacGalCqvsvr
2012-04-24 06:18 - 2011-01-14 17:48 - 0000256 ___AH C:\Users\All Users\xNrcacGalCqvsv
2012-04-24 06:18 - 2011-01-14 17:48 - 0000256 ___AH C:\ProgramData\xNrcacGalCqvsv
2012-04-11 21:54 - 2009-12-22 10:55 - 0000000 ___HD C:\Users\pcwt5\AppData\Roaming\Ihyl
2012-04-11 14:26 - 2012-02-23 22:12 - 0055040 ____A C:\Windows\SysWOW64\aylzcsni.dat
2012-04-11 14:26 - 2011-08-30 23:05 - 0365824 ____A C:\Windows\SysWOW64\jnjvffgk.dat
2012-04-11 14:26 - 2009-07-14 01:16 - 0041216 ____A C:\Windows\SysWOW64\ussqpxhp.dat
2012-04-11 14:26 - 2009-07-14 01:16 - 0036608 ____A C:\Windows\SysWOW64\yffknixm.dat
2012-04-11 14:26 - 2009-07-14 01:15 - 0154368 ____A C:\Windows\SysWOW64\hcvhdhoj.dat
2012-04-11 14:26 - 2009-07-14 01:15 - 0136960 ____A C:\Windows\SysWOW64\itrevakl.dat
2012-04-11 14:26 - 2009-07-14 01:15 - 0034048 ____A C:\Windows\SysWOW64\ifoaxtlp.dat
2012-04-11 14:26 - 2009-07-14 01:09 - 0058112 ____A C:\Windows\SysWOW64\nlwpporx.dat
2012-04-11 13:54 - - 0000436 ____A C:\Windows\Tasks\At1.job
2012-05-02 04:43 - 2012-05-02 04:43 - 0003956 ____A C:\Windows\System32\.crusader
2012-05-02 04:43 - 2012-05-02 03:52 - 0027936 ____A C:\Windows\System32\Drivers\hitmanpro36.sys
2012-05-02 04:43 - 2012-05-02 03:51 - 0000000 ____D C:\Users\All Users\HitmanPro
2012-05-02 04:43 - 2012-05-02 03:51 - 0000000 ____D C:\ProgramData\HitmanPro
2012-05-02 03:52 - 2012-05-02 03:52 - 0001893 ____A C:\Users\Public\Desktop\HitmanPro.lnk
2012-05-02 03:52 - 2012-05-02 03:51 - 0000000 ____D C:\Program Files\HitmanPro
2012-05-02 01:17 - 2011-09-04 04:31 - 0000029 ____A C:\Windows\SysWOW64\TempWmicBatchFile.bat
2012-05-02 01:11 - 2012-05-01 22:42 - 0000184 ____A C:\Users\All Users\-XWE3mXJBRcdem8r
2012-05-02 01:11 - 2012-05-01 22:42 - 0000184 ____A C:\ProgramData\-XWE3mXJBRcdem8r
2012-05-02 01:11 - 2012-05-01 22:42 - 0000000 ____A C:\Users\All Users\-XWE3mXJBRcdem8
2012-05-02 01:11 - 2012-05-01 22:42 - 0000000 ____A C:\ProgramData\-XWE3mXJBRcdem8
2012-05-01 22:22 - 2012-05-01 22:03 - 0000256 ___AH C:\Users\All Users\XWE3mXJBRcdem8
2012-05-01 22:22 - 2012-05-01 22:03 - 0000256 ___AH C:\ProgramData\XWE3mXJBRcdem8
2012-05-01 22:03 - 2012-05-01 22:03 - 0222208 ___AH C:\Users\All Users\XWE3mXJBRcdem8.exe_1336347353.arl
2012-05-01 22:03 - 2012-05-01 22:03 - 0222208 ___AH C:\ProgramData\XWE3mXJBRcdem8.exe_1336347353.arl
2012-05-01 19:57 - 2012-05-01 19:49 - 0000256 ___AH C:\ProgramData\oVQukyH52o8jiV
2012-05-01 19:57 - 2012-05-01 19:49 - 0000000 ___AH C:\Users\All Users\-oVQukyH52o8jiV
2012-05-01 19:57 - 2012-05-01 19:49 - 0000000 ___AH C:\ProgramData\-oVQukyH52o8jiV
2012-05-01 19:49 - 2012-05-01 19:49 - 0222208 ___AH C:\Users\All Users\oVQukyH52o8jiV.exe_1336347353.arl
2012-05-01 19:49 - 2012-05-01 19:49 - 0222208 ___AH C:\ProgramData\oVQukyH52o8jiV.exe_1336347353.arl
2012-05-01 19:49 - 2012-05-01 19:49 - 0000655 ___AH C:\Users\pcwt5\Desktop\Data_Recovery.lnk
2012-05-01 19:49 - 2012-05-01 19:49 - 0000184 ___AH C:\Users\All Users\-oVQukyH52o8jiVr
2012-05-01 19:49 - 2012-05-01 19:49 - 0000184 ___AH C:\ProgramData\-oVQukyH52o8jiVr
2012-05-01 15:12 - 2012-04-11 13:54 - 0000436 ____A C:\Windows\Tasks\At1.job
2012-04-24 06:27 - 2012-04-24 06:27 - 0000256 ___AH C:\Users\All Users\iK09Ukc2QUuHdc
2012-04-24 06:27 - 2012-04-24 06:27 - 0000256 ___AH C:\ProgramData\iK09Ukc2QUuHdc
2012-04-24 06:27 - 2012-04-24 06:27 - 0000176 ___AH C:\Users\All Users\-iK09Ukc2QUuHdcr
2012-04-24 06:27 - 2012-04-24 06:27 - 0000176 ___AH C:\ProgramData\-iK09Ukc2QUuHdcr
2012-04-24 06:27 - 2012-04-24 06:27 - 0000000 ___AH C:\Users\All Users\-iK09Ukc2QUuHdc
2012-04-24 06:27 - 2012-04-24 06:27 - 0000000 ___AH C:\ProgramData\-iK09Ukc2QUuHdc
2012-04-24 06:18 - 2012-04-24 06:18 - 0000256 ___AH C:\Users\All Users\xNrcacGalCqvsv
2012-04-24 06:18 - 2012-04-24 06:18 - 0000256 ___AH C:\ProgramData\xNrcacGalCqvsv
2012-04-24 06:18 - 2012-04-24 06:18 - 0000176 ___AH C:\Users\All Users\-xNrcacGalCqvsvr
2012-04-24 06:18 - 2012-04-24 06:18 - 0000176 ___AH C:\ProgramData\-xNrcacGalCqvsvr
2012-04-24 06:18 - 2012-04-24 06:18 - 0000000 ___AH C:\Users\All Users\-xNrcacGalCqvsv
2012-04-24 06:18 - 2012-04-24 06:18 - 0000000 ___AH C:\ProgramData\-xNrcacGalCqvsv

Then put the USB drive back in the sick PC, Boot to System Recovery Options and run FRST. Hit the Fix button.

Copy and paste the log it creates (if it's not too big. Otherwise attach it.)

Ron
  • 0

#3
nightporter

nightporter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Thank you very much its booting up now. Will I be able to retrieve any files or programs? Here's that log:-

Fix result of Farbar Recovery Tool (FRST written by farbar) Version: 05-05-2012 02
Ran by SYSTEM at 2012-05-07 06:48:11 Run:1
Running from G:\

==============================================

HKEY_USERS\Mcx1-PCWT5-VAIO\Software\Microsoft\Windows\CurrentVersion\Run\\OP9APrsC9TJ Value deleted successfully.
C:\Users\pcwt5\AppData\Local\kPqSZ2Y\OP9APrsC9TJ.cpl not found.
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored.
HKLM-x32\\\.\.\.\\RunOnce\\GrpConv Value deleted successfully.
qmfrsrou service deleted successfully.
C:\Windows\system32\mggqslwy.dll not found.
hitmanpro35 service deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs qmfrsrou not found.
C:\Users\All Users\-XWE3mXJBRcdem8r moved successfully.
C:\ProgramData\-XWE3mXJBRcdem8r not found.
C:\Users\All Users\-XWE3mXJBRcdem8 moved successfully.
C:\ProgramData\-XWE3mXJBRcdem8 not found.
C:\Users\All Users\XWE3mXJBRcdem8.exe_1336347353.arl moved successfully.
C:\ProgramData\XWE3mXJBRcdem8.exe_1336347353.arl not found.
C:\Users\All Users\XWE3mXJBRcdem8 moved successfully.
C:\ProgramData\XWE3mXJBRcdem8 not found.
C:\Users\All Users\oVQukyH52o8jiV.exe_1336347353.arl moved successfully.
C:\ProgramData\oVQukyH52o8jiV.exe_1336347353.arl not found.
C:\Users\All Users\-oVQukyH52o8jiVr moved successfully.
C:\ProgramData\-oVQukyH52o8jiVr not found.
C:\Users\All Users\-oVQukyH52o8jiV moved successfully.
C:\ProgramData\-oVQukyH52o8jiV not found.
C:\Users\pcwt5\Desktop\Data_Recovery.lnk moved successfully.
C:\Users\All Users\oVQukyH52o8jiV moved successfully.
C:\ProgramData\oVQukyH52o8jiV not found.
C:\Users\All Users\-iK09Ukc2QUuHdcr moved successfully.
C:\ProgramData\-iK09Ukc2QUuHdcr not found.
C:\Users\All Users\iK09Ukc2QUuHdc moved successfully.
C:\ProgramData\iK09Ukc2QUuHdc not found.
C:\Users\All Users\-iK09Ukc2QUuHdc moved successfully.
C:\ProgramData\-iK09Ukc2QUuHdc not found.
C:\Users\All Users\-xNrcacGalCqvsv moved successfully.
C:\ProgramData\-xNrcacGalCqvsv not found.
C:\Users\All Users\-xNrcacGalCqvsvr moved successfully.
C:\ProgramData\-xNrcacGalCqvsvr not found.
C:\Users\All Users\xNrcacGalCqvsv moved successfully.
C:\ProgramData\xNrcacGalCqvsv not found.
C:\Users\pcwt5\AppData\Roaming\Ihyl moved successfully.
C:\Windows\SysWOW64\aylzcsni.dat moved successfully.
C:\Windows\SysWOW64\jnjvffgk.dat moved successfully.
C:\Windows\SysWOW64\ussqpxhp.dat moved successfully.
C:\Windows\SysWOW64\yffknixm.dat moved successfully.
C:\Windows\SysWOW64\hcvhdhoj.dat moved successfully.
C:\Windows\SysWOW64\itrevakl.dat moved successfully.
C:\Windows\SysWOW64\ifoaxtlp.dat moved successfully.
C:\Windows\SysWOW64\nlwpporx.dat moved successfully.
C:\Windows\Tasks\At1.job moved successfully.
C:\Windows\System32\.crusader moved successfully.
C:\Windows\System32\Drivers\hitmanpro36.sys moved successfully.
C:\Users\All Users\HitmanPro moved successfully.
C:\ProgramData\HitmanPro not found.
C:\Users\Public\Desktop\HitmanPro.lnk moved successfully.
C:\Program Files\HitmanPro moved successfully.
C:\Windows\SysWOW64\TempWmicBatchFile.bat moved successfully.
C:\Users\All Users\-XWE3mXJBRcdem8r not found.
C:\ProgramData\-XWE3mXJBRcdem8r not found.
C:\Users\All Users\-XWE3mXJBRcdem8 not found.
C:\ProgramData\-XWE3mXJBRcdem8 not found.
C:\Users\All Users\XWE3mXJBRcdem8 not found.
C:\ProgramData\XWE3mXJBRcdem8 not found.
C:\Users\All Users\XWE3mXJBRcdem8.exe_1336347353.arl not found.
C:\ProgramData\XWE3mXJBRcdem8.exe_1336347353.arl not found.
C:\ProgramData\oVQukyH52o8jiV not found.
C:\Users\All Users\-oVQukyH52o8jiV not found.
C:\ProgramData\-oVQukyH52o8jiV not found.
C:\Users\All Users\oVQukyH52o8jiV.exe_1336347353.arl not found.
C:\ProgramData\oVQukyH52o8jiV.exe_1336347353.arl not found.
C:\Users\pcwt5\Desktop\Data_Recovery.lnk not found.
C:\Users\All Users\-oVQukyH52o8jiVr not found.
C:\ProgramData\-oVQukyH52o8jiVr not found.
C:\Windows\Tasks\At1.job not found.
C:\Users\All Users\iK09Ukc2QUuHdc not found.
C:\ProgramData\iK09Ukc2QUuHdc not found.
C:\Users\All Users\-iK09Ukc2QUuHdcr not found.
C:\ProgramData\-iK09Ukc2QUuHdcr not found.
C:\Users\All Users\-iK09Ukc2QUuHdc not found.
C:\ProgramData\-iK09Ukc2QUuHdc not found.
C:\Users\All Users\xNrcacGalCqvsv not found.
C:\ProgramData\xNrcacGalCqvsv not found.
C:\Users\All Users\-xNrcacGalCqvsvr not found.
C:\ProgramData\-xNrcacGalCqvsvr not found.
C:\Users\All Users\-xNrcacGalCqvsv not found.
C:\ProgramData\-xNrcacGalCqvsv not found.

==== End of Fixlog ====
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
We should be able to save most of them. ZeroAccess is probably the most common malware right now and our tools have gotten pretty good at removing it.


Download aswMBR.exe ( 511KB ) to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.


Copy the text in the code box:


nnetsvcs
%SYSTEMDRIVE%\*.exe
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.


Ron
  • 0

#5
nightporter

nightporter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
several logs :-

1. awsmbr.
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-07 07:59:45
-----------------------------
07:59:45.486 OS Version: Windows x64 6.1.7600
07:59:45.486 Number of processors: 2 586 0x170A
07:59:45.487 ComputerName: PCWT5-VAIO UserName: pcwt5
07:59:47.071 Initialize success
08:06:07.427 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:06:07.432 Disk 0 Vendor: Hitachi_ FB4O Size: 305245MB BusType: 3
08:06:07.435 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000089
08:06:07.438 Disk 1 Vendor: RICOH 01 Size: 305245MB BusType: 0
08:06:07.444 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000008a
08:06:07.449 Disk 2 Vendor: RICOH 02 Size: 305245MB BusType: 0
08:06:07.497 Disk 0 MBR read successfully
08:06:07.502 Disk 0 MBR scan
08:06:07.507 Disk 0 Windows 7 default MBR code
08:06:07.531 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 9555 MB offset 2048
08:06:07.585 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 100 MB offset 19570688
08:06:07.616 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 295588 MB offset 19775488
08:06:07.656 Disk 0 Partition 4 00 17 Hidd HPFS/NTFS NTFS 0 MB offset 625140400
08:06:07.701 Disk 0 scanning C:\Windows\system32\drivers
08:06:17.356 Service scanning
08:06:50.128 Modules scanning
08:06:50.135 Scan finished successfully
08:07:33.948 Disk 0 MBR has been saved successfully to "C:\Users\pcwt5\Desktop\MBR.dat"
08:07:33.957 The log file has been saved successfully to "C:\Users\pcwt5\Desktop\aswMBR.txt"


2. Combofix log attached as it it quite long (log.txt)

3. TDSKiller log (too big to upload apparently)
16:38:17.0852 6292 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
16:38:18.0457 6292 ============================================================
16:38:18.0457 6292 Current date / time: 2012/05/07 16:38:18.0457
16:38:18.0458 6292 SystemInfo:
16:38:18.0458 6292
16:38:18.0458 6292 OS Version: 6.1.7600 ServicePack: 0.0
16:38:18.0458 6292 Product type: Workstation
16:38:18.0458 6292 ComputerName: PCWT5-VAIO
16:38:18.0458 6292 UserName: pcwt5
16:38:18.0458 6292 Windows directory: C:\Windows
16:38:18.0458 6292 System windows directory: C:\Windows
16:38:18.0458 6292 Running under WOW64
16:38:18.0458 6292 Processor architecture: Intel x64
16:38:18.0458 6292 Number of processors: 2
16:38:18.0458 6292 Page size: 0x1000
16:38:18.0458 6292 Boot type: Normal boot
16:38:18.0458 6292 ============================================================
16:38:19.0036 6292 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:38:19.0052 6292 ============================================================
16:38:19.0052 6292 \Device\Harddisk0\DR0:
16:38:19.0052 6292 MBR partitions:
16:38:19.0052 6292 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x12AA000, BlocksNum 0x32000
16:38:19.0052 6292 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12DC000, BlocksNum 0x241522B0
16:38:19.0052 6292 ============================================================
16:38:19.0109 6292 C: <-> \Device\Harddisk0\DR0\Partition1
16:38:19.0127 6292 D: <-> \Device\Harddisk0\DR0\Partition0
16:38:19.0128 6292 ============================================================
16:38:19.0128 6292 Initialize success
16:38:19.0128 6292 ============================================================
16:38:27.0758 1236 ============================================================
16:38:27.0758 1236 Scan started
16:38:27.0758 1236 Mode: Manual;
16:38:27.0758 1236 ============================================================
16:38:28.0721 1236 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:38:28.0724 1236 !SASCORE - ok
16:38:28.0969 1236 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:38:28.0975 1236 1394ohci - ok
16:38:29.0125 1236 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:38:29.0129 1236 ACDaemon - ok
16:38:29.0206 1236 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:38:29.0211 1236 ACPI - ok
16:38:29.0272 1236 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:38:29.0273 1236 AcpiPmi - ok
16:38:29.0358 1236 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
16:38:29.0360 1236 adfs - ok
16:38:29.0466 1236 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:38:29.0475 1236 adp94xx - ok
16:38:29.0558 1236 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:38:29.0586 1236 adpahci - ok
16:38:29.0619 1236 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:38:29.0623 1236 adpu320 - ok
16:38:29.0655 1236 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:38:29.0657 1236 AeLookupSvc - ok
16:38:29.0774 1236 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:38:29.0782 1236 AFD - ok
16:38:29.0827 1236 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:38:29.0842 1236 agp440 - ok
16:38:29.0881 1236 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:38:29.0883 1236 ALG - ok
16:38:29.0910 1236 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:38:29.0912 1236 aliide - ok
16:38:29.0933 1236 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:38:29.0935 1236 amdide - ok
16:38:29.0951 1236 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:38:29.0953 1236 AmdK8 - ok
16:38:29.0974 1236 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:38:29.0976 1236 AmdPPM - ok
16:38:30.0035 1236 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:38:30.0037 1236 amdsata - ok
16:38:30.0097 1236 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:38:30.0100 1236 amdsbs - ok
16:38:30.0150 1236 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:38:30.0152 1236 amdxata - ok
16:38:30.0203 1236 ApfiltrService (56bd886820c4aedf493cfcdf1ccfb004) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:38:30.0208 1236 ApfiltrService - ok
16:38:30.0234 1236 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:38:30.0236 1236 AppID - ok
16:38:30.0264 1236 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:38:30.0265 1236 AppIDSvc - ok
16:38:30.0302 1236 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
16:38:30.0304 1236 Appinfo - ok
16:38:30.0453 1236 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:38:30.0454 1236 Apple Mobile Device - ok
16:38:30.0514 1236 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:38:30.0517 1236 arc - ok
16:38:30.0564 1236 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:38:30.0566 1236 arcsas - ok
16:38:30.0665 1236 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:38:30.0666 1236 ArcSoftKsUFilter - ok
16:38:30.0690 1236 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:38:30.0692 1236 AsyncMac - ok
16:38:30.0720 1236 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:38:30.0721 1236 atapi - ok
16:38:30.0938 1236 athr (5d4529ac4156e16bedb01441ae0cf984) C:\Windows\system32\DRIVERS\athrx.sys
16:38:30.0961 1236 athr - ok
16:38:31.0648 1236 atikmdag (de0ede41bc530f1759c6fffcb8c7a0cf) C:\Windows\system32\DRIVERS\atikmdag.sys
16:38:31.0880 1236 atikmdag - ok
16:38:32.0087 1236 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:38:32.0098 1236 AudioEndpointBuilder - ok
16:38:32.0112 1236 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:38:32.0120 1236 AudioSrv - ok
16:38:32.0175 1236 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
16:38:32.0177 1236 AxInstSV - ok
16:38:32.0280 1236 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:38:32.0288 1236 b06bdrv - ok
16:38:32.0350 1236 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:38:32.0355 1236 b57nd60a - ok
16:38:32.0496 1236 BBSvc (6f8638ea0a55d65b03e24f6d1153d8f7) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:38:32.0500 1236 BBSvc - ok
16:38:32.0577 1236 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:38:32.0580 1236 BBUpdate - ok
16:38:32.0609 1236 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:38:32.0612 1236 BDESVC - ok
16:38:32.0668 1236 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:38:32.0669 1236 Beep - ok
16:38:32.0770 1236 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
16:38:32.0782 1236 BFE - ok
16:38:33.0032 1236 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
16:38:33.0048 1236 BITS - ok
16:38:33.0126 1236 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:38:33.0128 1236 blbdrive - ok
16:38:33.0270 1236 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:38:33.0278 1236 Bonjour Service - ok
16:38:33.0334 1236 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:38:33.0336 1236 bowser - ok
16:38:33.0531 1236 bProtector (86825c57cfd7babc8ab861aa0cff5212) C:\ProgramData\bProtector\bProtect.exe
16:38:33.0542 1236 bProtector - ok
16:38:33.0596 1236 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:38:33.0597 1236 BrFiltLo - ok
16:38:33.0617 1236 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:38:33.0618 1236 BrFiltUp - ok
16:38:33.0670 1236 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:38:33.0672 1236 BridgeMP - ok
16:38:33.0741 1236 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
16:38:33.0744 1236 Browser - ok
16:38:33.0801 1236 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:38:33.0807 1236 Brserid - ok
16:38:33.0853 1236 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:38:33.0855 1236 BrSerWdm - ok
16:38:33.0901 1236 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:38:33.0903 1236 BrUsbMdm - ok
16:38:33.0908 1236 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:38:33.0910 1236 BrUsbSer - ok
16:38:34.0006 1236 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:38:34.0019 1236 BthEnum - ok
16:38:34.0046 1236 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:38:34.0048 1236 BTHMODEM - ok
16:38:34.0114 1236 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:38:34.0117 1236 BthPan - ok
16:38:34.0247 1236 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
16:38:34.0256 1236 BTHPORT - ok
16:38:34.0301 1236 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:38:34.0304 1236 bthserv - ok
16:38:34.0359 1236 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
16:38:34.0361 1236 BTHUSB - ok
16:38:34.0408 1236 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
16:38:34.0411 1236 btwaudio - ok
16:38:34.0454 1236 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys
16:38:34.0457 1236 btwavdt - ok
16:38:34.0606 1236 btwdins (d65aa164acd0f6706dbcfbbcc9731584) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:38:34.0620 1236 btwdins - ok
16:38:34.0658 1236 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
16:38:34.0660 1236 btwl2cap - ok
16:38:34.0682 1236 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
16:38:34.0683 1236 btwrchid - ok
16:38:34.0719 1236 catchme - ok
16:38:34.0760 1236 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:38:34.0762 1236 cdfs - ok
16:38:34.0810 1236 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:38:34.0814 1236 cdrom - ok
16:38:34.0857 1236 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:38:34.0859 1236 CertPropSvc - ok
16:38:34.0918 1236 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:38:34.0920 1236 circlass - ok
16:38:35.0036 1236 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:38:35.0043 1236 CLFS - ok
16:38:35.0140 1236 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:38:35.0142 1236 clr_optimization_v2.0.50727_32 - ok
16:38:35.0188 1236 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:38:35.0191 1236 clr_optimization_v2.0.50727_64 - ok
16:38:35.0338 1236 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:38:35.0341 1236 clr_optimization_v4.0.30319_32 - ok
16:38:35.0406 1236 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:38:35.0410 1236 clr_optimization_v4.0.30319_64 - ok
16:38:35.0446 1236 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:38:35.0448 1236 CmBatt - ok
16:38:35.0465 1236 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:38:35.0466 1236 cmdide - ok
16:38:35.0551 1236 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:38:35.0559 1236 CNG - ok
16:38:35.0611 1236 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:38:35.0613 1236 Compbatt - ok
16:38:35.0655 1236 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:38:35.0657 1236 CompositeBus - ok
16:38:35.0672 1236 COMSysApp - ok
16:38:35.0681 1236 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:38:35.0683 1236 crcdisk - ok
16:38:35.0869 1236 CronService (63a7739ac9c1e38589b3edb1daeb9df5) C:\Prey\platform\windows\cronsvc.exe
16:38:35.0870 1236 CronService - ok
16:38:35.0920 1236 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
16:38:35.0924 1236 CryptSvc - ok
16:38:36.0007 1236 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:38:36.0012 1236 DcomLaunch - ok
16:38:36.0068 1236 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:38:36.0073 1236 defragsvc - ok
16:38:36.0145 1236 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:38:36.0148 1236 DfsC - ok
16:38:36.0210 1236 dg_ssudbus (bf4e72d6fa78fedc4b8577116eface7e) C:\Windows\system32\DRIVERS\ssudbus.sys
16:38:36.0213 1236 dg_ssudbus - ok
16:38:36.0288 1236 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
16:38:36.0294 1236 Dhcp - ok
16:38:36.0345 1236 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:38:36.0347 1236 discache - ok
16:38:36.0403 1236 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:38:36.0405 1236 Disk - ok
16:38:36.0478 1236 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
16:38:36.0483 1236 Dnscache - ok
16:38:36.0535 1236 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
16:38:36.0540 1236 dot3svc - ok
16:38:36.0581 1236 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
16:38:36.0584 1236 DPS - ok
16:38:36.0607 1236 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:38:36.0608 1236 drmkaud - ok
16:38:36.0661 1236 DrmRAudio (fbc16fed3d4d390c9ce78e07b7fca9f3) C:\Windows\system32\drivers\DrmRAudio.sys
16:38:36.0662 1236 DrmRAudio - ok
16:38:36.0818 1236 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:38:36.0834 1236 DXGKrnl - ok
16:38:36.0881 1236 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:38:36.0884 1236 EapHost - ok
16:38:37.0259 1236 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:38:37.0339 1236 ebdrv - ok
16:38:37.0485 1236 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
16:38:37.0487 1236 EFS - ok
16:38:37.0595 1236 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
16:38:37.0606 1236 ehRecvr - ok
16:38:37.0640 1236 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:38:37.0643 1236 ehSched - ok
16:38:37.0724 1236 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:38:37.0733 1236 elxstor - ok
16:38:37.0879 1236 EPSON_EB_RPCV4_01 (b5581646636759d0dafa8b008881c079) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
16:38:37.0883 1236 EPSON_EB_RPCV4_01 - ok
16:38:37.0912 1236 EPSON_PM_RPCV4_01 (1e345f2a2d95da3190596e691cde9342) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
16:38:37.0915 1236 EPSON_PM_RPCV4_01 - ok
16:38:37.0940 1236 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:38:37.0942 1236 ErrDev - ok
16:38:38.0004 1236 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:38:38.0008 1236 EventSystem - ok
16:38:38.0101 1236 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:38:38.0105 1236 exfat - ok
16:38:38.0303 1236 ExpatShieldService (507942b5bfdbb8efd0e03bde9f72bc86) C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
16:38:38.0310 1236 ExpatShieldService - ok
16:38:38.0393 1236 ExpatSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
16:38:38.0399 1236 ExpatSrv - ok
16:38:38.0443 1236 ExpatTrayService (1034f1285e474fcbb850afd2dc712837) C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
16:38:38.0445 1236 ExpatTrayService - ok
16:38:38.0509 1236 ExpatWd - ok
16:38:38.0571 1236 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:38:38.0575 1236 fastfat - ok
16:38:38.0680 1236 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
16:38:38.0691 1236 Fax - ok
16:38:38.0747 1236 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:38:38.0749 1236 fdc - ok
16:38:38.0780 1236 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:38:38.0782 1236 fdPHost - ok
16:38:38.0840 1236 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:38:38.0842 1236 FDResPub - ok
16:38:38.0888 1236 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:38:38.0890 1236 FileInfo - ok
16:38:38.0914 1236 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:38:38.0915 1236 Filetrace - ok
16:38:39.0046 1236 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:38:39.0057 1236 FLEXnet Licensing Service - ok
16:38:39.0073 1236 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:38:39.0075 1236 flpydisk - ok
16:38:39.0136 1236 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:38:39.0141 1236 FltMgr - ok
16:38:39.0351 1236 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
16:38:39.0369 1236 FontCache - ok
16:38:39.0453 1236 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:38:39.0455 1236 FontCache3.0.0.0 - ok
16:38:39.0489 1236 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:38:39.0491 1236 FsDepends - ok
16:38:39.0535 1236 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
16:38:39.0537 1236 fssfltr - ok
16:38:39.0797 1236 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:38:39.0824 1236 fsssvc - ok
16:38:39.0985 1236 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
16:38:39.0986 1236 Fs_Rec - ok
16:38:40.0057 1236 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:38:40.0061 1236 fvevol - ok
16:38:40.0091 1236 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:38:40.0093 1236 gagp30kx - ok
16:38:40.0199 1236 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:38:40.0201 1236 GEARAspiWDM - ok
16:38:40.0336 1236 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
16:38:40.0356 1236 gpsvc - ok
16:38:40.0511 1236 GSService (e067b6d728c75e0ac95b8d95baff94bf) C:\Windows\SysWOW64\GSService.exe
16:38:40.0521 1236 GSService - ok
16:38:40.0681 1236 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:38:40.0684 1236 gupdate - ok
16:38:40.0717 1236 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:38:40.0719 1236 gupdatem - ok
16:38:40.0821 1236 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:38:40.0823 1236 hcw85cir - ok
16:38:40.0872 1236 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:38:40.0878 1236 HdAudAddService - ok
16:38:40.0910 1236 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:38:40.0912 1236 HDAudBus - ok
16:38:40.0936 1236 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:38:40.0938 1236 HidBatt - ok
16:38:40.0956 1236 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:38:40.0959 1236 HidBth - ok
16:38:40.0973 1236 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:38:40.0975 1236 HidIr - ok
16:38:41.0011 1236 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:38:41.0013 1236 hidserv - ok
16:38:41.0055 1236 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:38:41.0057 1236 HidUsb - ok
16:38:41.0824 1236 HitmanPro36CrusaderBoot (50c3921b904cecc22b91e7cf10d27507) C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe
16:38:42.0115 1236 HitmanPro36CrusaderBoot - ok
16:38:42.0171 1236 HitmanProScheduler - ok
16:38:42.0399 1236 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
16:38:42.0402 1236 hkmsvc - ok
16:38:42.0466 1236 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
16:38:42.0470 1236 HomeGroupListener - ok
16:38:42.0538 1236 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
16:38:42.0543 1236 HomeGroupProvider - ok
16:38:42.0597 1236 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:38:42.0599 1236 HpSAMD - ok
16:38:42.0822 1236 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
16:38:42.0834 1236 HsfXAudioService - ok
16:38:43.0014 1236 HssDrv (80b0c0d39178e80905e30fa92c0f6d43) C:\Windows\system32\DRIVERS\HssDrv.sys
16:38:43.0016 1236 HssDrv - ok
16:38:43.0135 1236 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:38:43.0147 1236 HTTP - ok
16:38:43.0183 1236 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:38:43.0185 1236 hwpolicy - ok
16:38:43.0226 1236 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:38:43.0229 1236 i8042prt - ok
16:38:43.0395 1236 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:38:43.0401 1236 IAANTMON - ok
16:38:43.0448 1236 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
16:38:43.0452 1236 iaStor - ok
16:38:43.0574 1236 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:38:43.0582 1236 iaStorV - ok
16:38:43.0769 1236 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:38:43.0784 1236 idsvc - ok
16:38:44.0255 1236 igfx (dfeaf0a1d98d397035012c8e28d1520f) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:38:44.0433 1236 igfx - ok
16:38:44.0640 1236 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:38:44.0642 1236 iirsp - ok
16:38:44.0770 1236 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
16:38:44.0784 1236 IKEEXT - ok
16:38:44.0992 1236 IntcAzAudAddService (b16fc828ce7a76a8f1ce682e6ead2627) C:\Windows\system32\drivers\RTKVHD64.sys
16:38:45.0020 1236 IntcAzAudAddService - ok
16:38:45.0183 1236 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
16:38:45.0186 1236 IntcHdmiAddService - ok
16:38:45.0231 1236 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:38:45.0232 1236 intelide - ok
16:38:45.0252 1236 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:38:45.0253 1236 intelppm - ok
16:38:45.0293 1236 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:38:45.0296 1236 IPBusEnum - ok
16:38:45.0333 1236 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:38:45.0335 1236 IpFilterDriver - ok
16:38:45.0435 1236 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
16:38:45.0444 1236 iphlpsvc - ok
16:38:45.0483 1236 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:38:45.0485 1236 IPMIDRV - ok
16:38:45.0542 1236 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:38:45.0544 1236 IPNAT - ok
16:38:45.0832 1236 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
16:38:45.0886 1236 iPod Service - ok
16:38:45.0915 1236 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:38:45.0916 1236 IRENUM - ok
16:38:45.0957 1236 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:38:45.0958 1236 isapnp - ok
16:38:45.0992 1236 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:38:45.0997 1236 iScsiPrt - ok
16:38:46.0032 1236 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:38:46.0034 1236 kbdclass - ok
16:38:46.0057 1236 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:38:46.0059 1236 kbdhid - ok
16:38:46.0107 1236 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:38:46.0109 1236 KeyIso - ok
16:38:46.0155 1236 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:38:46.0157 1236 KSecDD - ok
16:38:46.0229 1236 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:38:46.0233 1236 KSecPkg - ok
16:38:46.0287 1236 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:38:46.0289 1236 ksthunk - ok
16:38:46.0355 1236 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:38:46.0362 1236 KtmRm - ok
16:38:46.0471 1236 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
16:38:46.0476 1236 LanmanServer - ok
16:38:46.0514 1236 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
16:38:46.0518 1236 LanmanWorkstation - ok
16:38:46.0916 1236 Lavasoft Ad-Aware Service (bd1e59ffeb8d84dc592a92497d823322) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
16:38:46.0972 1236 Lavasoft Ad-Aware Service - ok
16:38:47.0072 1236 Lavasoft Kernexplorer (ad134c8802355be1b24606fca8a4a50d) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
16:38:47.0074 1236 Lavasoft Kernexplorer - ok
16:38:47.0287 1236 Lbd (3c46290f7a5d45ba6ef32c248e22aa69) C:\Windows\system32\DRIVERS\Lbd.sys
16:38:47.0293 1236 Lbd - ok
16:38:47.0362 1236 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:38:47.0364 1236 lltdio - ok
16:38:47.0412 1236 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:38:47.0419 1236 lltdsvc - ok
16:38:47.0439 1236 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:38:47.0442 1236 lmhosts - ok
16:38:47.0470 1236 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:38:47.0473 1236 LSI_FC - ok
16:38:47.0497 1236 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:38:47.0500 1236 LSI_SAS - ok
16:38:47.0520 1236 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:38:47.0522 1236 LSI_SAS2 - ok
16:38:47.0547 1236 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:38:47.0550 1236 LSI_SCSI - ok
16:38:47.0598 1236 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:38:47.0601 1236 luafv - ok
16:38:47.0631 1236 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
16:38:47.0634 1236 Mcx2Svc - ok
16:38:47.0800 1236 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
16:38:47.0805 1236 MDM - ok
16:38:47.0884 1236 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
16:38:47.0885 1236 mdmxsdk - ok
16:38:47.0922 1236 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:38:47.0924 1236 megasas - ok
16:38:48.0016 1236 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:38:48.0021 1236 MegaSR - ok
16:38:48.0181 1236 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:38:48.0183 1236 Microsoft Office Groove Audit Service - ok
16:38:48.0223 1236 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:38:48.0225 1236 MMCSS - ok
16:38:48.0284 1236 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:38:48.0286 1236 Modem - ok
16:38:48.0319 1236 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:38:48.0320 1236 monitor - ok
16:38:48.0352 1236 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:38:48.0353 1236 mouclass - ok
16:38:48.0375 1236 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:38:48.0377 1236 mouhid - ok
16:38:48.0442 1236 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:38:48.0445 1236 mountmgr - ok
16:38:48.0496 1236 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:38:48.0500 1236 mpio - ok
16:38:48.0536 1236 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:38:48.0538 1236 mpsdrv - ok
16:38:48.0668 1236 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
16:38:48.0682 1236 MpsSvc - ok
16:38:48.0707 1236 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:38:48.0710 1236 MRxDAV - ok
16:38:48.0772 1236 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:38:48.0775 1236 mrxsmb - ok
16:38:48.0930 1236 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:38:48.0935 1236 mrxsmb10 - ok
16:38:49.0018 1236 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:38:49.0021 1236 mrxsmb20 - ok
16:38:49.0046 1236 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:38:49.0048 1236 msahci - ok
16:38:49.0117 1236 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:38:49.0121 1236 msdsm - ok
16:38:49.0190 1236 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:38:49.0194 1236 MSDTC - ok
16:38:49.0254 1236 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:38:49.0256 1236 Msfs - ok
16:38:49.0273 1236 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:38:49.0274 1236 mshidkmdf - ok
16:38:49.0290 1236 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:38:49.0291 1236 msisadrv - ok
16:38:49.0340 1236 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:38:49.0344 1236 MSiSCSI - ok
16:38:49.0348 1236 msiserver - ok
16:38:49.0400 1236 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:38:49.0402 1236 MSKSSRV - ok
16:38:49.0417 1236 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:38:49.0418 1236 MSPCLOCK - ok
16:38:49.0435 1236 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:38:49.0437 1236 MSPQM - ok
16:38:49.0492 1236 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:38:49.0498 1236 MsRPC - ok
16:38:49.0538 1236 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:38:49.0539 1236 mssmbios - ok
16:38:49.0556 1236 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:38:49.0558 1236 MSTEE - ok
16:38:49.0576 1236 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:38:49.0578 1236 MTConfig - ok
16:38:49.0637 1236 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:38:49.0639 1236 Mup - ok
16:38:49.0730 1236 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
16:38:49.0739 1236 napagent - ok
16:38:49.0825 1236 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:38:49.0831 1236 NativeWifiP - ok
16:38:50.0005 1236 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:38:50.0020 1236 NDIS - ok
16:38:50.0060 1236 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:38:50.0062 1236 NdisCap - ok
16:38:50.0130 1236 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:38:50.0131 1236 NdisTapi - ok
16:38:50.0149 1236 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:38:50.0152 1236 Ndisuio - ok
16:38:50.0223 1236 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:38:50.0227 1236 NdisWan - ok
16:38:50.0248 1236 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:38:50.0250 1236 NDProxy - ok
16:38:50.0308 1236 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:38:50.0309 1236 NetBIOS - ok
16:38:50.0367 1236 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:38:50.0371 1236 NetBT - ok
16:38:50.0429 1236 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:38:50.0431 1236 Netlogon - ok
16:38:50.0494 1236 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:38:50.0502 1236 Netman - ok
16:38:50.0563 1236 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:38:50.0572 1236 netprofm - ok
16:38:50.0666 1236 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:38:50.0669 1236 NetTcpPortSharing - ok
16:38:51.0229 1236 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
16:38:51.0428 1236 netw5v64 - ok
16:38:51.0573 1236 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:38:51.0575 1236 nfrd960 - ok
16:38:51.0628 1236 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
16:38:51.0634 1236 NlaSvc - ok
16:38:51.0649 1236 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:38:51.0651 1236 Npfs - ok
16:38:51.0668 1236 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:38:51.0670 1236 nsi - ok
16:38:51.0682 1236 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:38:51.0684 1236 nsiproxy - ok
16:38:51.0829 1236 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:38:51.0854 1236 Ntfs - ok
16:38:51.0977 1236 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:38:51.0979 1236 Null - ok
16:38:52.0039 1236 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:38:52.0042 1236 nvraid - ok
16:38:52.0065 1236 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:38:52.0069 1236 nvstor - ok
16:38:52.0110 1236 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:38:52.0113 1236 nv_agp - ok
16:38:52.0322 1236 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:38:52.0329 1236 odserv - ok
16:38:52.0390 1236 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:38:52.0393 1236 ohci1394 - ok
16:38:52.0472 1236 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:38:52.0475 1236 ose - ok
16:38:52.0556 1236 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:38:52.0562 1236 p2pimsvc - ok
16:38:52.0613 1236 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:38:52.0622 1236 p2psvc - ok
16:38:52.0656 1236 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:38:52.0659 1236 Parport - ok
16:38:52.0677 1236 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:38:52.0680 1236 partmgr - ok
16:38:52.0862 1236 pbfilter (1b0925ed638ef9b8915b152de9886a46) C:\Users\pcwt5\Downloads\PeerBlock_r162__x64_Release_(Vista)\pbfilter.sys
16:38:52.0863 1236 pbfilter - ok
16:38:52.0911 1236 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:38:52.0916 1236 PcaSvc - ok
16:38:52.0947 1236 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:38:52.0950 1236 pci - ok
16:38:52.0973 1236 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:38:52.0974 1236 pciide - ok
16:38:53.0007 1236 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:38:53.0011 1236 pcmcia - ok
16:38:53.0029 1236 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:38:53.0031 1236 pcw - ok
16:38:53.0093 1236 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:38:53.0103 1236 PEAUTH - ok
16:38:53.0260 1236 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:38:53.0265 1236 PerfHost - ok
16:38:53.0487 1236 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
16:38:53.0543 1236 pla - ok
16:38:53.0630 1236 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
16:38:53.0639 1236 PlugPlay - ok
16:38:53.0673 1236 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:38:53.0676 1236 PNRPAutoReg - ok
16:38:53.0710 1236 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:38:53.0713 1236 PNRPsvc - ok
16:38:53.0765 1236 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
16:38:53.0774 1236 PolicyAgent - ok
16:38:53.0818 1236 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:38:53.0823 1236 Power - ok
16:38:53.0892 1236 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:38:53.0895 1236 PptpMiniport - ok
16:38:53.0953 1236 Printer Control (0264b15f628c8c7dbf439fd7ab4108f5) C:\Windows\system32\PrintCtrl.exe
16:38:53.0957 1236 Printer Control - ok
16:38:53.0973 1236 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:38:53.0975 1236 Processor - ok
16:38:54.0002 1236 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
16:38:54.0008 1236 ProfSvc - ok
16:38:54.0062 1236 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:38:54.0064 1236 ProtectedStorage - ok
16:38:54.0109 1236 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:38:54.0111 1236 Psched - ok
16:38:54.0238 1236 PSSDK42 (cd33cb6fecf65520466f95ab89cc4af5) C:\Windows\system32\Drivers\pssdk42.sys
16:38:54.0239 1236 PSSDK42 - ok
16:38:54.0345 1236 PSSDKLBF (07a3500cf1c3325568d1b85683ce4517) C:\Windows\system32\Drivers\pssdklbf.sys
16:38:54.0346 1236 PSSDKLBF - ok
16:38:54.0389 1236 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
16:38:54.0391 1236 PxHlpa64 - ok
16:38:54.0561 1236 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:38:54.0585 1236 ql2300 - ok
16:38:54.0785 1236 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:38:54.0788 1236 ql40xx - ok
16:38:54.0862 1236 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:38:54.0868 1236 QWAVE - ok
16:38:54.0920 1236 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:38:54.0922 1236 QWAVEdrv - ok
16:38:55.0191 1236 RapportCerberus_34302 (5e0459ed0a8f540d2f7b6e52da12c9d4) C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys
16:38:55.0198 1236 RapportCerberus_34302 - ok
16:38:55.0384 1236 RapportEI64 (06917b0649e334c43bfd529afcdc6c1c) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
16:38:55.0386 1236 RapportEI64 - ok
16:38:55.0453 1236 RapportKE64 (49dec9bb40555db653c4e1ab9a087403) C:\Windows\system32\Drivers\RapportKE64.sys
16:38:55.0455 1236 RapportKE64 - ok
16:38:55.0661 1236 RapportMgmtService (d9ef54568fafcb4be4637068e768409a) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
16:38:55.0675 1236 RapportMgmtService - ok
16:38:55.0798 1236 RapportPG64 (6a36c7b3dfcf56bc164cb399bc4943a7) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
16:38:55.0800 1236 RapportPG64 - ok
16:38:55.0838 1236 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:38:55.0840 1236 RasAcd - ok
16:38:55.0868 1236 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:38:55.0870 1236 RasAgileVpn - ok
16:38:55.0905 1236 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:38:55.0909 1236 RasAuto - ok
16:38:55.0943 1236 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:38:55.0946 1236 Rasl2tp - ok
16:38:55.0994 1236 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
16:38:56.0001 1236 RasMan - ok
16:38:56.0031 1236 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:38:56.0033 1236 RasPppoe - ok
16:38:56.0074 1236 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:38:56.0076 1236 RasSstp - ok
16:38:56.0120 1236 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:38:56.0126 1236 rdbss - ok
16:38:56.0183 1236 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:38:56.0185 1236 rdpbus - ok
16:38:56.0261 1236 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:38:56.0263 1236 RDPCDD - ok
16:38:56.0295 1236 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:38:56.0297 1236 RDPENCDD - ok
16:38:56.0327 1236 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:38:56.0328 1236 RDPREFMP - ok
16:38:56.0403 1236 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
16:38:56.0407 1236 RDPWD - ok
16:38:56.0471 1236 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:38:56.0475 1236 rdyboost - ok
16:38:56.0515 1236 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:38:56.0518 1236 RemoteAccess - ok
16:38:56.0585 1236 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:38:56.0590 1236 RemoteRegistry - ok
16:38:56.0661 1236 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:38:56.0664 1236 RFCOMM - ok
16:38:56.0721 1236 rimsptsk (258aadb43e3f3468b5cf8cb0f84872c2) C:\Windows\system32\DRIVERS\rimssn64.sys
16:38:56.0723 1236 rimsptsk - ok
16:38:56.0771 1236 risdptsk (71e182a0de1cecb3f912960716345405) C:\Windows\system32\DRIVERS\risdsn64.sys
16:38:56.0773 1236 risdptsk - ok
16:38:56.0920 1236 Roxio UPnP Renderer 10 (d02e5a46f77c182ca1964080bcd586f7) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
16:38:56.0926 1236 Roxio UPnP Renderer 10 - ok
16:38:56.0968 1236 Roxio Upnp Server 10 (e5809597278802d09273ee07b5fc56e1) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
16:38:56.0974 1236 Roxio Upnp Server 10 - ok
16:38:57.0013 1236 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:38:57.0016 1236 RpcEptMapper - ok
16:38:57.0041 1236 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:38:57.0043 1236 RpcLocator - ok
16:38:57.0104 1236 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:38:57.0109 1236 RpcSs - ok
16:38:57.0234 1236 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:38:57.0245 1236 rspndr - ok
16:38:57.0295 1236 RTHDMIAzAudService (34f05c417f038ffa3bef69b798d7d7dd) C:\Windows\system32\drivers\RtHDMIVX.sys
16:38:57.0299 1236 RTHDMIAzAudService - ok
16:38:57.0425 1236 RtkAudioService (01e6a1e53e39a0b1e2b6ae62bf52e8ec) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
16:38:57.0429 1236 RtkAudioService - ok
16:38:57.0496 1236 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:38:57.0498 1236 SamSs - ok
16:38:57.0643 1236 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:38:57.0645 1236 SASDIFSV - ok
16:38:57.0664 1236 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:38:57.0666 1236 SASKUTIL - ok
16:38:57.0700 1236 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:38:57.0702 1236 sbp2port - ok
16:38:57.0745 1236 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:38:57.0749 1236 SCardSvr - ok
16:38:57.0803 1236 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:38:57.0804 1236 scfilter - ok
16:38:57.0968 1236 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
16:38:57.0987 1236 Schedule - ok
16:38:58.0033 1236 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:38:58.0035 1236 SCPolicySvc - ok
16:38:58.0067 1236 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
16:38:58.0069 1236 sdbus - ok
16:38:58.0115 1236 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
16:38:58.0120 1236 SDRSVC - ok
16:38:58.0154 1236 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:38:58.0155 1236 secdrv - ok
16:38:58.0171 1236 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
16:38:58.0174 1236 seclogon - ok
16:38:58.0329 1236 sembbus (c7113e779fec1795d3e64e87a92193ec) C:\Windows\system32\DRIVERS\sembbus.sys
16:38:58.0334 1236 sembbus - ok
16:38:58.0399 1236 sembcard (4207bc5cdaec91a40a1c25c5c9b4cdeb) C:\Windows\system32\DRIVERS\sembcard.sys
16:38:58.0405 1236 sembcard - ok
16:38:58.0444 1236 sembmdfl2 (17fcd79c5603d644b11e5cb4234fb3f2) C:\Windows\system32\DRIVERS\sembmdfl2.sys
16:38:58.0445 1236 sembmdfl2 - ok
16:38:58.0491 1236 sembmdm2 (dd5fb245e8c949f9f9617d3cc82fc7f3) C:\Windows\system32\DRIVERS\sembmdm2.sys
16:38:58.0498 1236 sembmdm2 - ok
16:38:58.0598 1236 sembmgmt (23bf1c6d472701b309233ad4cb2b575f) C:\Windows\system32\DRIVERS\sembmgmt.sys
16:38:58.0604 1236 sembmgmt - ok
16:38:58.0629 1236 sembnd5 (30326312f3772cad40246fb728b47527) C:\Windows\system32\DRIVERS\sembnd5.sys
16:38:58.0631 1236 sembnd5 - ok
16:38:58.0672 1236 sembunic (055b0b13b6acd126fe21a321c0056898) C:\Windows\system32\DRIVERS\sembunic.sys
16:38:58.0679 1236 sembunic - ok
16:38:58.0718 1236 sembwwan (9167c7b3c62b6ae431d51da5a63c5315) C:\Windows\system32\DRIVERS\sembwwan.sys
16:38:58.0725 1236 sembwwan - ok
16:38:58.0797 1236 SEMCReserved (0ea27099c21fda6a5d688ebfe7c32174) C:\Windows\system32\DRIVERS\semcreserved64.sys
16:38:58.0798 1236 SEMCReserved - ok
16:38:58.0831 1236 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:38:58.0833 1236 SENS - ok
16:38:58.0853 1236 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:38:58.0855 1236 SensrSvc - ok
16:38:58.0886 1236 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:38:58.0888 1236 Serenum - ok
16:38:58.0911 1236 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:38:58.0914 1236 Serial - ok
16:38:58.0942 1236 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:38:58.0944 1236 sermouse - ok
16:38:58.0984 1236 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
16:38:58.0988 1236 SessionEnv - ok
16:38:59.0026 1236 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys
16:38:59.0027 1236 SFEP - ok
16:38:59.0034 1236 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:38:59.0036 1236 sffdisk - ok
16:38:59.0049 1236 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:38:59.0051 1236 sffp_mmc - ok
16:38:59.0073 1236 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:38:59.0074 1236 sffp_sd - ok
16:38:59.0120 1236 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:38:59.0122 1236 sfloppy - ok
16:38:59.0192 1236 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:38:59.0199 1236 SharedAccess - ok
16:38:59.0245 1236 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
16:38:59.0253 1236 ShellHWDetection - ok
16:38:59.0274 1236 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:38:59.0276 1236 SiSRaid2 - ok
16:38:59.0298 1236 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:38:59.0300 1236 SiSRaid4 - ok
16:38:59.0469 1236 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:38:59.0472 1236 SkypeUpdate - ok
16:38:59.0515 1236 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:38:59.0517 1236 Smb - ok
16:38:59.0670 1236 SMServer (bfa5113ac5114c519daefabcae136af1) C:\Windows\SysWOW64\snmvtsvc.exe
16:38:59.0678 1236 SMServer - ok
16:38:59.0903 1236 smsltd-samctrll (4635935fc972c582632bf45c26bfcb0e) c:\Smsltd\Sam\platform\bin\srvany.exe
16:38:59.0904 1236 smsltd-samctrll - ok
16:38:59.0987 1236 smsltdsam - ok
16:39:00.0156 1236 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:39:00.0158 1236 SNMPTRAP - ok
16:39:00.0268 1236 SOHCImp (98886c88a1cb13d61672ae2c638b7e1c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
16:39:00.0271 1236 SOHCImp - ok
16:39:00.0339 1236 SOHDBSvr (442a13f395546f4564c377296d43b564) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
16:39:00.0341 1236 SOHDBSvr - ok
16:39:00.0409 1236 SOHDms (556681be668d71dc162391a45422b52c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
16:39:00.0417 1236 SOHDms - ok
16:39:00.0455 1236 SOHDs (72b46103e4111439109acf5882627c24) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
16:39:00.0457 1236 SOHDs - ok
16:39:00.0482 1236 SOHPlMgr (725b6e9cd1959271ac993dc035e1606d) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
16:39:00.0484 1236 SOHPlMgr - ok
16:39:00.0598 1236 Soluto (f9369327409492097b0bb7ce86bd29de) C:\Windows\system32\DRIVERS\Soluto.sys
16:39:00.0600 1236 Soluto - ok
16:39:00.0758 1236 SolutoService (eea57decf1185f0fbaf276b22a125770) C:\Program Files\Soluto\SolutoService.exe
16:39:00.0765 1236 SolutoService - ok
16:39:00.0830 1236 Sony_EricssonWWSC (b2a31fbe3978b67d2554a9294748835f) C:\Windows\system32\DRIVERS\seu4scard64.sys
16:39:00.0831 1236 Sony_EricssonWWSC - ok
16:39:00.0875 1236 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:39:00.0876 1236 spldr - ok
16:39:00.0983 1236 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
16:39:01.0038 1236 Spooler - ok
16:39:01.0365 1236 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
16:39:01.0459 1236 sppsvc - ok
16:39:01.0588 1236 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:39:01.0591 1236 sppuinotify - ok
16:39:01.0681 1236 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:39:01.0689 1236 srv - ok
16:39:01.0724 1236 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:39:01.0731 1236 srv2 - ok
16:39:01.0781 1236 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:39:01.0786 1236 SrvHsfHDA - ok
16:39:01.0894 1236 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:39:01.0916 1236 SrvHsfV92 - ok
16:39:02.0258 1236 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:39:02.0270 1236 SrvHsfWinac - ok
16:39:02.0345 1236 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:39:02.0350 1236 srvnet - ok
16:39:02.0403 1236 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:39:02.0408 1236 SSDPSRV - ok
16:39:02.0437 1236 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:39:02.0441 1236 SstpSvc - ok
16:39:02.0506 1236 ssudmdm (daa02a6e84a4f99b5b9cd3ef8d59d652) C:\Windows\system32\DRIVERS\ssudmdm.sys
16:39:02.0510 1236 ssudmdm - ok
16:39:02.0556 1236 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:39:02.0558 1236 stexstor - ok
16:39:02.0620 1236 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
16:39:02.0631 1236 stisvc - ok
16:39:02.0655 1236 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:39:02.0656 1236 swenum - ok
16:39:02.0726 1236 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:39:02.0735 1236 swprv - ok
16:39:02.0896 1236 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
16:39:02.0924 1236 SysMain - ok
16:39:03.0043 1236 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
16:39:03.0046 1236 TabletInputService - ok
16:39:03.0133 1236 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
16:39:03.0135 1236 taphss - ok
16:39:03.0177 1236 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
16:39:03.0184 1236 TapiSrv - ok
16:39:03.0258 1236 tbhsd (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys
16:39:03.0259 1236 tbhsd - ok
16:39:03.0282 1236 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:39:03.0285 1236 TBS - ok
16:39:03.0448 1236 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:39:03.0478 1236 Tcpip - ok
16:39:03.0848 1236 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:39:03.0861 1236 TCPIP6 - ok
16:39:04.0047 1236 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:39:04.0049 1236 tcpipreg - ok
16:39:04.0070 1236 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:39:04.0071 1236 TDPIPE - ok
16:39:04.0126 1236 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
16:39:04.0128 1236 TDTCP - ok
16:39:04.0154 1236 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:39:04.0157 1236 tdx - ok
16:39:04.0183 1236 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:39:04.0185 1236 TermDD - ok
16:39:04.0259 1236 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
16:39:04.0271 1236 TermService - ok
16:39:04.0294 1236 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:39:04.0297 1236 Themes - ok
16:39:04.0336 1236 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:39:04.0338 1236 THREADORDER - ok
16:39:04.0356 1236 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:39:04.0360 1236 TrkWks - ok
16:39:04.0431 1236 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
16:39:04.0435 1236 TrustedInstaller - ok
16:39:04.0459 1236 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:39:04.0461 1236 tssecsrv - ok
16:39:04.0511 1236 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:39:04.0513 1236 tunnel - ok
16:39:04.0725 1236 TVersityMediaServer (e0a9b5b92097211a57fd16d27f2b3750) C:\ProgramData\TVersity\Media Server\MediaServer.exe
16:39:04.0740 1236 TVersityMediaServer - ok
16:39:04.0775 1236 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:39:04.0777 1236 uagp35 - ok
16:39:04.0859 1236 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
16:39:04.0861 1236 uCamMonitor - ok
16:39:04.0898 1236 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:39:04.0904 1236 udfs - ok
16:39:04.0947 1236 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:39:04.0953 1236 UI0Detect - ok
16:39:04.0998 1236 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:39:05.0000 1236 uliagpkx - ok
16:39:05.0044 1236 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:39:05.0046 1236 umbus - ok
16:39:05.0107 1236 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:39:05.0108 1236 UmPass - ok
16:39:05.0210 1236 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:39:05.0217 1236 upnphost - ok
16:39:05.0326 1236 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:39:05.0328 1236 USBAAPL64 - ok
16:39:05.0412 1236 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:39:05.0414 1236 usbaudio - ok
16:39:05.0464 1236 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:39:05.0466 1236 usbccgp - ok
16:39:05.0523 1236 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:39:05.0525 1236 usbcir - ok
16:39:05.0591 1236 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
16:39:05.0593 1236 usbehci - ok
16:39:05.0674 1236 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:39:05.0681 1236 usbhub - ok
16:39:05.0734 1236 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:39:05.0736 1236 usbohci - ok
16:39:05.0769 1236 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:39:05.0771 1236 usbprint - ok
16:39:05.0838 1236 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:39:05.0840 1236 usbscan - ok
16:39:05.0893 1236 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:39:05.0895 1236 USBSTOR - ok
16:39:05.0936 1236 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:39:05.0938 1236 usbuhci - ok
16:39:06.0020 1236 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
16:39:06.0024 1236 usbvideo - ok
16:39:06.0055 1236 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:39:06.0058 1236 UxSms - ok
16:39:06.0150 1236 VAIO Entertainment TV Device Arbitration Service (4e7135d6d0127067e4cfee12259f895d) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
16:39:06.0152 1236 VAIO Entertainment TV Device Arbitration Service - ok
16:39:06.0303 1236 VAIO Event Service (d4197cf0c8567046fd4af28ff47af528) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
16:39:06.0307 1236 VAIO Event Service - ok
16:39:06.0519 1236 VAIO Power Management (2d6605c1f0bbd0f71a4cb3a5b1e07240) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
16:39:06.0527 1236 VAIO Power Management - ok
16:39:06.0587 1236 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:39:06.0588 1236 VaultSvc - ok
16:39:06.0717 1236 VCFw (06fe5beddadb158d84e6de33cbe19f3e) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
16:39:06.0728 1236 VCFw - ok
16:39:06.0814 1236 VcmIAlzMgr (34063c0b842e73662067f9b03947c55c) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
16:39:06.0821 1236 VcmIAlzMgr - ok
16:39:06.0885 1236 VcmINSMgr (a8f5d1651a324abc6c308891a1252ee3) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
16:39:06.0891 1236 VcmINSMgr - ok
16:39:07.0004 1236 VcmXmlIfHelper (db544b487f360128dc1c383e0a6fcc2f) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
16:39:07.0007 1236 VcmXmlIfHelper - ok
16:39:07.0062 1236 Vcsw - ok
16:39:07.0196 1236 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:39:07.0198 1236 vdrvroot - ok
16:39:07.0264 1236 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
16:39:07.0275 1236 vds - ok
16:39:07.0324 1236 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:39:07.0326 1236 vga - ok
16:39:07.0396 1236 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:39:07.0398 1236 VgaSave - ok
16:39:07.0430 1236 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:39:07.0436 1236 vhdmp - ok
16:39:07.0478 1236 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:39:07.0480 1236 viaide - ok
16:39:07.0548 1236 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:39:07.0550 1236 volmgr - ok
16:39:07.0603 1236 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:39:07.0610 1236 volmgrx - ok
16:39:07.0684 1236 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:39:07.0689 1236 volsnap - ok
16:39:07.0745 1236 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:39:07.0748 1236 vsmraid - ok
16:39:07.0987 1236 VSNService (e9638e51373d527e22438b80126b64f9) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
16:39:07.0996 1236 VSNService - ok
16:39:08.0139 1236 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
16:39:08.0165 1236 VSS - ok
16:39:08.0287 1236 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:39:08.0289 1236 vwifibus - ok
16:39:08.0326 1236 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:39:08.0328 1236 vwififlt - ok
16:39:08.0512 1236 VzCdbSvc (d8bef4ac1eac809dbdbd441d6cff6c4c) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
16:39:08.0515 1236 VzCdbSvc - ok
16:39:08.0643 1236 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:39:08.0652 1236 W32Time - ok
16:39:08.0718 1236 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:39:08.0720 1236 WacomPen - ok
16:39:08.0762 1236 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:39:08.0765 1236 WANARP - ok
16:39:08.0772 1236 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:39:08.0773 1236 Wanarpv6 - ok
16:39:08.0977 1236 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:39:08.0997 1236 WatAdminSvc - ok
16:39:09.0119 1236 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
16:39:09.0144 1236 wbengine - ok
16:39:09.0272 1236 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:39:09.0278 1236 WbioSrvc - ok
16:39:09.0352 1236 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
16:39:09.0360 1236 wcncsvc - ok
16:39:09.0386 1236 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:39:09.0402 1236 WcsPlugInService - ok
16:39:09.0453 1236 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:39:09.0454 1236 Wd - ok
16:39:09.0568 1236 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:39:09.0579 1236 Wdf01000 - ok
16:39:09.0626 1236 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:39:09.0630 1236 WdiServiceHost - ok
16:39:09.0637 1236 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:39:09.0640 1236 WdiSystemHost - ok
16:39:09.0708 1236 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
16:39:09.0714 1236 WebClient - ok
16:39:09.0774 1236 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:39:09.0779 1236 Wecsvc - ok
16:39:09.0812 1236 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:39:09.0815 1236 wercplsupport - ok
16:39:09.0848 1236 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:39:09.0851 1236 WerSvc - ok
16:39:09.0937 1236 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:39:09.0938 1236 WfpLwf - ok
16:39:09.0961 1236 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:39:09.0963 1236 WIMMount - ok
16:39:10.0016 1236 WinDefend - ok
16:39:10.0026 1236 WinHttpAutoProxySvc - ok
16:39:10.0111 1236 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:39:10.0116 1236 Winmgmt - ok
16:39:10.0336 1236 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
16:39:10.0369 1236 WinRM - ok
16:39:10.0544 1236 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:39:10.0545 1236 WinUsb - ok
16:39:10.0632 1236 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:39:10.0647 1236 Wlansvc - ok
16:39:10.0779 1236 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:39:10.0781 1236 wlcrasvc - ok
16:39:11.0229 1236 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:39:11.0300 1236 wlidsvc - ok
16:39:11.0433 1236 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:39:11.0434 1236 WmiAcpi - ok
16:39:11.0496 1236 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:39:11.0500 1236 wmiApSrv - ok
16:39:11.0559 1236 WMPNetworkSvc - ok
16:39:11.0610 1236 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:39:11.0613 1236 WPCSvc - ok
16:39:11.0630 1236 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
16:39:11.0634 1236 WPDBusEnum - ok
16:39:11.0671 1236 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:39:11.0673 1236 ws2ifsl - ok
16:39:11.0759 1236 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
16:39:11.0763 1236 wscsvc - ok
16:39:11.0771 1236 WSearch - ok
16:39:12.0029 1236 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
16:39:12.0096 1236 wuauserv - ok
16:39:12.0227 1236 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:39:12.0229 1236 WudfPf - ok
16:39:12.0250 1236 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:39:12.0253 1236 WUDFRd - ok
16:39:12.0283 1236 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
16:39:12.0286 1236 wudfsvc - ok
16:39:12.0315 1236 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:39:12.0320 1236 WwanSvc - ok
16:39:12.0342 1236 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
16:39:12.0343 1236 XAudio - ok
16:39:12.0413 1236 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
16:39:12.0419 1236 yukonw7 - ok
16:39:12.0514 1236 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:39:12.0579 1236 \Device\Harddisk0\DR0 - ok
16:39:12.0627 1236 Boot (0x1200) (65b0e407992eca79d817a763f73ca321) \Device\Harddisk0\DR0\Partition0
16:39:12.0639 1236 \Device\Harddisk0\DR0\Partition0 - ok
16:39:12.0669 1236 Boot (0x1200) (39bcad6c3e84df1a0d80cf590e7f105c) \Device\Harddisk0\DR0\Partition1
16:39:12.0673 1236 \Device\Harddisk0\DR0\Partition1 - ok
16:39:12.0675 1236 ============================================================
16:39:12.0675 1236 Scan finished
16:39:12.0675 1236 ============================================================
16:39:12.0690 6432 Detected object count: 0
16:39:12.0690 6432 Actual detected object count: 0
16:40:13.0251 6016 ============================================================
16:40:13.0251 6016 Scan started
16:40:13.0251 6016 Mode: Manual; SigCheck; TDLFS;
16:40:13.0251 6016 ============================================================
16:40:13.0709 6016 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:40:13.0779 6016 !SASCORE - ok
16:40:13.0853 6016 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:40:13.0948 6016 1394ohci - ok
16:40:14.0069 6016 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:40:14.0104 6016 ACDaemon - ok
16:40:14.0139 6016 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:40:14.0161 6016 ACPI - ok
16:40:14.0204 6016 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:40:14.0306 6016 AcpiPmi - ok
16:40:14.0434 6016 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
16:40:14.0451 6016 adfs - ok
16:40:14.0563 6016 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:40:14.0586 6016 adp94xx - ok
16:40:14.0611 6016 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:40:14.0632 6016 adpahci - ok
16:40:14.0672 6016 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:40:14.0691 6016 adpu320 - ok
16:40:14.0720 6016 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:40:14.0886 6016 AeLookupSvc - ok
16:40:14.0959 6016 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
16:40:15.0042 6016 AFD - ok
16:40:15.0070 6016 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:40:15.0087 6016 agp440 - ok
16:40:15.0124 6016 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:40:15.0204 6016 ALG - ok
16:40:15.0220 6016 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:40:15.0237 6016 aliide - ok
16:40:15.0256 6016 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:40:15.0275 6016 amdide - ok
16:40:15.0305 6016 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:40:15.0351 6016 AmdK8 - ok
16:40:15.0383 6016 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:40:15.0432 6016 AmdPPM - ok
16:40:15.0535 6016 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
16:40:15.0556 6016 amdsata - ok
16:40:15.0618 6016 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:40:15.0636 6016 amdsbs - ok
16:40:15.0693 6016 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
16:40:15.0709 6016 amdxata - ok
16:40:15.0747 6016 ApfiltrService (56bd886820c4aedf493cfcdf1ccfb004) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:40:15.0764 6016 ApfiltrService - ok
16:40:15.0789 6016 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:40:15.0904 6016 AppID - ok
16:40:15.0962 6016 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:40:16.0028 6016 AppIDSvc - ok
16:40:16.0057 6016 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
16:40:16.0087 6016 Appinfo - ok
16:40:16.0207 6016 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:40:16.0221 6016 Apple Mobile Device - ok
16:40:16.0245 6016 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:40:16.0262 6016 arc - ok
16:40:16.0283 6016 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:40:16.0302 6016 arcsas - ok
16:40:16.0350 6016 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:40:16.0365 6016 ArcSoftKsUFilter - ok
16:40:16.0400 6016 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:40:16.0476 6016 AsyncMac - ok
16:40:16.0510 6016 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:40:16.0528 6016 atapi - ok
16:40:16.0751 6016 athr (5d4529ac4156e16bedb01441ae0cf984) C:\Windows\system32\DRIVERS\athrx.sys
16:40:16.0847 6016 athr - ok
16:40:17.0509 6016 atikmdag (de0ede41bc530f1759c6fffcb8c7a0cf) C:\Windows\system32\DRIVERS\atikmdag.sys
16:40:17.0653 6016 atikmdag - ok
16:40:17.0809 6016 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:40:17.0891 6016 AudioEndpointBuilder - ok
16:40:17.0901 6016 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
16:40:17.0953 6016 AudioSrv - ok
16:40:17.0973 6016 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
16:40:18.0074 6016 AxInstSV - ok
16:40:18.0157 6016 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:40:18.0221 6016 b06bdrv - ok
16:40:18.0248 6016 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:40:18.0295 6016 b57nd60a - ok
16:40:18.0418 6016 BBSvc (6f8638ea0a55d65b03e24f6d1153d8f7) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:40:18.0437 6016 BBSvc - ok
16:40:18.0498 6016 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:40:18.0518 6016 BBUpdate - ok
16:40:18.0550 6016 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:40:18.0584 6016 BDESVC - ok
16:40:18.0612 6016 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:40:18.0691 6016 Beep - ok
16:40:18.0763 6016 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
16:40:18.0855 6016 BFE - ok
16:40:19.0026 6016 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
16:40:19.0118 6016 BITS - ok
16:40:19.0315 6016 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:40:19.0384 6016 blbdrive - ok
16:40:19.0653 6016 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:40:19.0673 6016 Bonjour Service - ok
16:40:19.0777 6016 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:40:19.0856 6016 bowser - ok
16:40:20.0013 6016 bProtector (86825c57cfd7babc8ab861aa0cff5212) C:\ProgramData\bProtector\bProtect.exe
16:40:20.0037 6016 bProtector - ok
16:40:20.0062 6016 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:40:20.0104 6016 BrFiltLo - ok
16:40:20.0127 6016 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:40:20.0191 6016 BrFiltUp - ok
16:40:20.0224 6016 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:40:20.0286 6016 BridgeMP - ok
16:40:20.0330 6016 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
16:40:20.0378 6016 Browser - ok
16:40:20.0419 6016 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:40:20.0458 6016 Brserid - ok
16:40:20.0483 6016 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:40:20.0505 6016 BrSerWdm - ok
16:40:20.0522 6016 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:40:20.0573 6016 BrUsbMdm - ok
16:40:20.0579 6016 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:40:20.0604 6016 BrUsbSer - ok
16:40:20.0647 6016 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:40:20.0710 6016 BthEnum - ok
16:40:20.0790 6016 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:40:20.0855 6016 BTHMODEM - ok
16:40:20.0909 6016 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:40:20.0971 6016 BthPan - ok
16:40:21.0094 6016 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
16:40:21.0135 6016 BTHPORT - ok
16:40:21.0178 6016 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:40:21.0243 6016 bthserv - ok
16:40:21.0280 6016 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
16:40:21.0324 6016 BTHUSB - ok
16:40:21.0364 6016 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
16:40:21.0380 6016 btwaudio - ok
16:40:21.0398 6016 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys
16:40:21.0413 6016 btwavdt - ok
16:40:21.0599 6016 btwdins (d65aa164acd0f6706dbcfbbcc9731584) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:40:21.0640 6016 btwdins - ok
16:40:21.0670 6016 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
16:40:21.0682 6016 btwl2cap - ok
16:40:21.0691 6016 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
16:40:21.0705 6016 btwrchid - ok
16:40:21.0710 6016 catchme - ok
16:40:21.0736 6016 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:40:21.0805 6016 cdfs - ok
16:40:21.0845 6016 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:40:21.0886 6016 cdrom - ok
16:40:21.0933 6016 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:40:22.0004 6016 CertPropSvc - ok
16:40:22.0035 6016 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:40:22.0079 6016 circlass - ok
16:40:22.0125 6016 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:40:22.0147 6016 CLFS - ok
16:40:22.0218 6016 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:40:22.0234 6016 clr_optimization_v2.0.50727_32 - ok
16:40:22.0276 6016 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:40:22.0290 6016 clr_optimization_v2.0.50727_64 - ok
16:40:22.0394 6016 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:40:22.0411 6016 clr_optimization_v4.0.30319_32 - ok
16:40:22.0509 6016 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:40:22.0525 6016 clr_optimization_v4.0.30319_64 - ok
16:40:22.0571 6016 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:40:22.0640 6016 CmBatt - ok
16:40:22.0675 6016 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:40:22.0691 6016 cmdide - ok
16:40:22.0836 6016 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
16:40:22.0917 6016 CNG - ok
16:40:22.0990 6016 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:40:23.0009 6016 Compbatt - ok
16:40:23.0042 6016 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:40:23.0107 6016 CompositeBus - ok
16:40:23.0111 6016 COMSysApp - ok
16:40:23.0176 6016 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:40:23.0193 6016 crcdisk - ok
16:40:23.0345 6016 CronService (63a7739ac9c1e38589b3edb1daeb9df5) C:\Prey\platform\windows\cronsvc.exe
16:40:23.0392 6016 CronService ( UnsignedFile.Multi.Generic ) - warning
16:40:23.0392 6016 CronService - detected UnsignedFile.Multi.Generic (1)
16:40:23.0449 6016 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
16:40:23.0535 6016 CryptSvc - ok
16:40:23.0615 6016 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:40:23.0667 6016 DcomLaunch - ok
16:40:23.0697 6016 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:40:23.0768 6016 defragsvc - ok
16:40:23.0814 6016 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:40:23.0884 6016 DfsC - ok
16:40:23.0932 6016 dg_ssudbus (bf4e72d6fa78fedc4b8577116eface7e) C:\Windows\system32\DRIVERS\ssudbus.sys
16:40:23.0947 6016 dg_ssudbus - ok
16:40:23.0998 6016 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
16:40:24.0096 6016 Dhcp - ok
16:40:24.0122 6016 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:40:24.0184 6016 discache - ok
16:40:24.0212 6016 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:40:24.0229 6016 Disk - ok
16:40:24.0277 6016 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
16:40:24.0339 6016 Dnscache - ok
16:40:24.0377 6016 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
16:40:24.0444 6016 dot3svc - ok
16:40:24.0480 6016 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
16:40:24.0553 6016 DPS - ok
16:40:24.0584 6016 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:40:24.0606 6016 drmkaud - ok
16:40:24.0648 6016 DrmRAudio (fbc16fed3d4d390c9ce78e07b7fca9f3) C:\Windows\system32\drivers\DrmRAudio.sys
16:40:24.0663 6016 DrmRAudio - ok
16:40:24.0774 6016 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:40:24.0805 6016 DXGKrnl - ok
16:40:24.0835 6016 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:40:24.0931 6016 EapHost - ok
16:40:25.0485 6016 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:40:25.0562 6016 ebdrv - ok
16:40:25.0739 6016 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
16:40:25.0759 6016 EFS - ok
16:40:25.0850 6016 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
16:40:25.0891 6016 ehRecvr - ok
16:40:25.0926 6016 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:40:25.0996 6016 ehSched - ok
16:40:26.0083 6016 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:40:26.0109 6016 elxstor - ok
16:40:26.0238 6016 EPSON_EB_RPCV4_01 (b5581646636759d0dafa8b008881c079) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
16:40:26.0247 6016 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
16:40:26.0247 6016 EPSON_EB_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
16:40:26.0277 6016 EPSON_PM_RPCV4_01 (1e345f2a2d95da3190596e691cde9342) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
16:40:26.0296 6016 EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
16:40:26.0296 6016 EPSON_PM_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
16:40:26.0318 6016 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:40:26.0375 6016 ErrDev - ok
16:40:26.0447 6016 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:40:26.0495 6016 EventSystem - ok
16:40:26.0539 6016 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:40:26.0588 6016 exfat - ok
16:40:26.0690 6016 ExpatShieldService (507942b5bfdbb8efd0e03bde9f72bc86) C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
16:40:26.0708 6016 ExpatShieldService - ok
16:40:26.0778 6016 ExpatSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
16:40:26.0796 6016 ExpatSrv - ok
16:40:26.0810 6016 ExpatTrayService (1034f1285e474fcbb850afd2dc712837) C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
16:40:26.0823 6016 ExpatTrayService - ok
16:40:26.0827 6016 ExpatWd - ok
16:40:26.0861 6016 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:40:26.0927 6016 fastfat - ok
16:40:26.0999 6016 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
16:40:27.0073 6016 Fax - ok
16:40:27.0103 6016 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:40:27.0167 6016 fdc - ok
16:40:27.0236 6016 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:40:27.0297 6016 fdPHost - ok
16:40:27.0325 6016 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:40:27.0403 6016 FDResPub - ok
16:40:27.0432 6016 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:40:27.0449 6016 FileInfo - ok
16:40:27.0493 6016 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:40:27.0574 6016 Filetrace - ok
16:40:27.0700 6016 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:40:27.0722 6016 FLEXnet Licensing Service - ok
16:40:27.0750 6016 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:40:27.0798 6016 flpydisk - ok
16:40:27.0897 6016 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:40:27.0920 6016 FltMgr - ok
16:40:28.0043 6016 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
16:40:28.0119 6016 FontCache - ok
16:40:28.0186 6016 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:40:28.0199 6016 FontCache3.0.0.0 - ok
16:40:28.0233 6016 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:40:28.0251 6016 FsDepends - ok
16:40:28.0290 6016 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
16:40:28.0305 6016 fssfltr - ok
16:40:28.0560 6016 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:40:28.0598 6016 fsssvc - ok
16:40:28.0829 6016 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
16:40:28.0845 6016 Fs_Rec - ok
16:40:28.0995 6016 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:40:29.0019 6016 fvevol - ok
16:40:29.0049 6016 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:40:29.0067 6016 gagp30kx - ok
16:40:29.0124 6016 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:40:29.0137 6016 GEARAspiWDM - ok
16:40:29.0417 6016 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
16:40:29.0471 6016 gpsvc - ok
16:40:29.0690 6016 GSService (e067b6d728c75e0ac95b8d95baff94bf) C:\Windows\SysWOW64\GSService.exe
16:40:29.0736 6016 GSService ( UnsignedFile.Multi.Generic ) - warning
16:40:29.0736 6016 GSService - detected UnsignedFile.Multi.Generic (1)
16:40:29.0890 6016 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:40:29.0905 6016 gupdate - ok
16:40:29.0910 6016 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:40:29.0925 6016 gupdatem - ok
16:40:30.0065 6016 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:40:30.0133 6016 hcw85cir - ok
16:40:30.0172 6016 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:40:30.0218 6016 HdAudAddService - ok
16:40:30.0253 6016 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:40:30.0295 6016 HDAudBus - ok
16:40:30.0325 6016 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:40:30.0370 6016 HidBatt - ok
16:40:30.0400 6016 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:40:30.0440 6016 HidBth - ok
16:40:30.0506 6016 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:40:30.0553 6016 HidIr - ok
16:40:30.0599 6016 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
16:40:30.0647 6016 hidserv - ok
16:40:30.0665 6016 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:40:30.0705 6016 HidUsb - ok
16:40:31.0648 6016 HitmanPro36CrusaderBoot (50c3921b904cecc22b91e7cf10d27507) C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe
16:40:31.0829 6016 HitmanPro36CrusaderBoot - ok
16:40:31.0854 6016 HitmanProScheduler - ok
16:40:31.0975 6016 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
16:40:32.0045 6016 hkmsvc - ok
16:40:32.0086 6016 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
16:40:32.0162 6016 HomeGroupListener - ok
16:40:32.0203 6016 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
16:40:32.0244 6016 HomeGroupProvider - ok
16:40:32.0306 6016 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:40:32.0324 6016 HpSAMD - ok
16:40:32.0454 6016 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll
16:40:32.0490 6016 HsfXAudioService - ok
16:40:32.0600 6016 HssDrv (80b0c0d39178e80905e30fa92c0f6d43) C:\Windows\system32\DRIVERS\HssDrv.sys
16:40:32.0614 6016 HssDrv - ok
16:40:32.0678 6016 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:40:32.0752 6016 HTTP - ok
16:40:32.0782 6016 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:40:32.0798 6016 hwpolicy - ok
16:40:32.0835 6016 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:40:32.0876 6016 i8042prt - ok
16:40:32.0968 6016 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:40:32.0988 6016 IAANTMON - ok
16:40:33.0036 6016 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
16:40:33.0056 6016 iaStor - ok
16:40:33.0141 6016 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
16:40:33.0163 6016 iaStorV - ok
16:40:33.0450 6016 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:40:33.0477 6016 idsvc - ok
16:40:34.0048 6016 igfx (dfeaf0a1d98d397035012c8e28d1520f) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:40:34.0215 6016 igfx - ok
16:40:34.0406 6016 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:40:34.0424 6016 iirsp - ok
16:40:34.0521 6016 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
16:40:34.0603 6016 IKEEXT - ok
16:40:34.0830 6016 IntcAzAudAddService (b16fc828ce7a76a8f1ce682e6ead2627) C:\Windows\system32\drivers\RTKVHD64.sys
16:40:34.0873 6016 IntcAzAudAddService - ok
16:40:35.0016 6016 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
16:40:35.0079 6016 IntcHdmiAddService - ok
16:40:35.0107 6016 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:40:35.0124 6016 intelide - ok
16:40:35.0151 6016 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:40:35.0197 6016 intelppm - ok
16:40:35.0235 6016 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:40:35.0287 6016 IPBusEnum - ok
16:40:35.0309 6016 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:40:35.0381 6016 IpFilterDriver - ok
16:40:35.0434 6016 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
16:40:35.0505 6016 iphlpsvc - ok
16:40:35.0587 6016 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:40:35.0636 6016 IPMIDRV - ok
16:40:35.0674 6016 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:40:35.0746 6016 IPNAT - ok
16:40:35.0875 6016 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
16:40:35.0903 6016 iPod Service - ok
16:40:35.0924 6016 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:40:35.0979 6016 IRENUM - ok
16:40:35.0999 6016 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:40:36.0016 6016 isapnp - ok
16:40:36.0046 6016 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:40:36.0066 6016 iScsiPrt - ok
16:40:36.0086 6016 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:40:36.0103 6016 kbdclass - ok
16:40:36.0123 6016 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:40:36.0165 6016 kbdhid - ok
16:40:36.0206 6016 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:40:36.0227 6016 KeyIso - ok
16:40:36.0275 6016 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
16:40:36.0293 6016 KSecDD - ok
16:40:36.0349 6016 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
16:40:36.0367 6016 KSecPkg - ok
16:40:36.0397 6016 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:40:36.0459 6016 ksthunk - ok
16:40:36.0529 6016 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:40:36.0579 6016 KtmRm - ok
16:40:36.0700 6016 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
16:40:36.0774 6016 LanmanServer - ok
16:40:36.0875 6016 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
16:40:37.0001 6016 LanmanWorkstation - ok
16:40:37.0387 6016 Lavasoft Ad-Aware Service (bd1e59ffeb8d84dc592a92497d823322) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
16:40:37.0427 6016 Lavasoft Ad-Aware Service - ok
16:40:37.0504 6016 Lavasoft Kernexplorer (ad134c8802355be1b24606fca8a4a50d) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
16:40:37.0583 6016 Lavasoft Kernexplorer - ok
16:40:37.0766 6016 Lbd (3c46290f7a5d45ba6ef32c248e22aa69) C:\Windows\system32\DRIVERS\Lbd.sys
16:40:37.0793 6016 Lbd - ok
16:40:37.0827 6016 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:40:37.0899 6016 lltdio - ok
16:40:38.0011 6016 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:40:38.0209 6016 lltdsvc - ok
16:40:38.0274 6016 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:40:38.0364 6016 lmhosts - ok
16:40:38.0451 6016 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:40:38.0471 6016 LSI_FC - ok
16:40:38.0640 6016 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:40:38.0659 6016 LSI_SAS - ok
16:40:38.0793 6016 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:40:38.0814 6016 LSI_SAS2 - ok
16:40:39.0002 6016 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:40:39.0019 6016 LSI_SCSI - ok
16:40:39.0115 6016 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:40:39.0163 6016 luafv - ok
16:40:39.0345 6016 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
16:40:39.0368 6016 Mcx2Svc - ok
16:40:39.0634 6016 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
16:40:39.0653 6016 MDM - ok
16:40:39.0694 6016 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
16:40:39.0714 6016 mdmxsdk - ok
16:40:39.0743 6016 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:40:39.0760 6016 megasas - ok
16:40:39.0807 6016 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:40:39.0828 6016 MegaSR - ok
16:40:39.0996 6016 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:40:40.0011 6016 Microsoft Office Groove Audit Service - ok
16:40:40.0183 6016 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:40:40.0292 6016 MMCSS - ok
16:40:40.0339 6016 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:40:40.0415 6016 Modem - ok
16:40:40.0456 6016 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:40:40.0491 6016 monitor - ok
16:40:40.0562 6016 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:40:40.0588 6016 mouclass - ok
16:40:40.0608 6016 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:40:40.0682 6016 mouhid - ok
16:40:40.0719 6016 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:40:40.0738 6016 mountmgr - ok
16:40:40.0775 6016 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:40:40.0793 6016 mpio - ok
16:40:40.0869 6016 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:40:40.0956 6016 mpsdrv - ok
16:40:41.0039 6016 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
16:40:41.0120 6016 MpsSvc - ok
16:40:41.0149 6016 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:40:41.0196 6016 MRxDAV - ok
16:40:41.0243 6016 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:40:41.0308 6016 mrxsmb - ok
16:40:41.0380 6016 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:40:41.0405 6016 mrxsmb10 - ok
16:40:41.0457 6016 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:40:41.0505 6016 mrxsmb20 - ok
16:40:41.0534 6016 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:40:41.0550 6016 msahci - ok
16:40:41.0583 6016 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:40:41.0602 6016 msdsm - ok
16:40:41.0645 6016 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:40:41.0696 6016 MSDTC - ok
16:40:41.0731 6016 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:40:41.0801 6016 Msfs - ok
16:40:41.0871 6016 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:40:41.0939 6016 mshidkmdf - ok
16:40:41.0955 6016 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:40:41.0974 6016 msisadrv - ok
16:40:42.0017 6016 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:40:42.0090 6016 MSiSCSI - ok
16:40:42.0094 6016 msiserver - ok
16:40:42.0121 6016 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:40:42.0183 6016 MSKSSRV - ok
16:40:42.0215 6016 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:40:42.0281 6016 MSPCLOCK - ok
16:40:42.0312 6016 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:40:42.0378 6016 MSPQM - ok
16:40:42.0422 6016 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:40:42.0444 6016 MsRPC - ok
16:40:42.0459 6016 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:40:42.0478 6016 mssmbios - ok
16:40:42.0499 6016 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:40:42.0560 6016 MSTEE - ok
16:40:42.0585 6016 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:40:42.0626 6016 MTConfig - ok
16:40:42.0657 6016 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:40:42.0674 6016 Mup - ok
16:40:42.0737 6016 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
16:40:42.0811 6016 napagent - ok
16:40:42.0940 6016 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:40:43.0003 6016 NativeWifiP - ok
16:40:43.0123 6016 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:40:43.0155 6016 NDIS - ok
16:40:43.0183 6016 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:40:43.0266 6016 NdisCap - ok
16:40:43.0295 6016 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:40:43.0341 6016 NdisTapi - ok
16:40:43.0391 6016 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:40:43.0460 6016 Ndisuio - ok
16:40:43.0556 6016 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:40:43.0605 6016 NdisWan - ok
16:40:43.0645 6016 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:40:43.0727 6016 NDProxy - ok
16:40:43.0804 6016 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:40:43.0877 6016 NetBIOS - ok
16:40:43.0922 6016 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:40:44.0013 6016 NetBT - ok
16:40:44.0068 6016 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:40:44.0089 6016 Netlogon - ok
16:40:44.0161 6016 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:40:44.0238 6016 Netman - ok
16:40:44.0313 6016 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:40:44.0420 6016 netprofm - ok
16:40:44.0543 6016 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:40:44.0558 6016 NetTcpPortSharing - ok
16:40:44.0928 6016 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
16:40:45.0056 6016 netw5v64 - ok
16:40:45.0184 6016 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:40:45.0204 6016 nfrd960 - ok
16:40:45.0260 6016 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
16:40:45.0336 6016 NlaSvc - ok
16:40:45.0359 6016 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:40:45.0405 6016 Npfs - ok
16:40:45.0422 6016 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:40:45.0489 6016 nsi - ok
16:40:45.0514 6016 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:40:45.0588 6016 nsiproxy - ok
16:40:45.0797 6016 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
16:40:45.0839 6016 Ntfs - ok
16:40:45.0954 6016 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:40:46.0021 6016 Null - ok
16:40:46.0060 6016 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
16:40:46.0079 6016 nvraid - ok
16:40:46.0141 6016 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
16:40:46.0160 6016 nvstor - ok
16:40:46.0241 6016 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:40:46.0260 6016 nv_agp - ok
16:40:46.0431 6016 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:40:46.0451 6016 odserv - ok
16:40:46.0512 6016 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:40:46.0540 6016 ohci1394 - ok
16:40:46.0616 6016 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:40:46.0632 6016 ose - ok
16:40:46.0715 6016 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:40:46.0782 6016 p2pimsvc - ok
16:40:46.0836 6016 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:40:46.0883 6016 p2psvc - ok
16:40:46.0922 6016 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:40:46.0963 6016 Parport - ok
16:40:46.0999 6016 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:40:47.0019 6016 partmgr - ok
16:40:47.0179 6016 pbfilter (1b0925ed638ef9b8915b152de9886a46) C:\Users\pcwt5\Downloads\PeerBlock_r162__x64_Release_(Vista)\pbfilter.sys
16:40:47.0198 6016 pbfilter - ok
16:40:47.0267 6016 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:40:47.0314 6016 PcaSvc - ok
16:40:47.0356 6016 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:40:47.0376 6016 pci - ok
16:40:47.0425 6016 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:40:47.0443 6016 pciide - ok
16:40:47.0495 6016 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:40:47.0515 6016 pcmcia - ok
16:40:47.0552 6016 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:40:47.0569 6016 pcw - ok
16:40:47.0645 6016 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:40:47.0698 6016 PEAUTH - ok
16:40:47.0801 6016 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:40:47.0854 6016 PerfHost - ok
16:40:48.0048 6016 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
16:40:48.0110 6016 pla - ok
16:40:48.0189 6016 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
16:40:48.0259 6016 PlugPlay - ok
16:40:48.0280 6016 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:40:48.0327 6016 PNRPAutoReg - ok
16:40:48.0386 6016 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:40:48.0417 6016 PNRPsvc - ok
16:40:48.0613 6016 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
16:40:48.0669 6016 PolicyAgent - ok
16:40:48.0725 6016 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:40:48.0774 6016 Power - ok
16:40:48.0954 6016 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:40:49.0016 6016 PptpMiniport - ok
16:40:49.0076 6016 Printer Control (0264b15f628c8c7dbf439fd7ab4108f5) C:\Windows\system32\PrintCtrl.exe
16:40:49.0117 6016 Printer Control ( UnsignedFile.Multi.Generic ) - warning
16:40:49.0117 6016 Printer Control - detected UnsignedFile.Multi.Generic (1)
16:40:49.0150 6016 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:40:49.0171 6016 Processor - ok
16:40:49.0220 6016 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
16:40:49.0286 6016 ProfSvc - ok
16:40:49.0328 6016 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:40:49.0348 6016 ProtectedStorage - ok
16:40:49.0410 6016 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:40:49.0459 6016 Psched - ok
16:40:49.0500 6016 PSSDK42 (cd33cb6fecf65520466f95ab89cc4af5) C:\Windows\system32\Drivers\pssdk42.sys
16:40:49.0518 6016 PSSDK42 - ok
16:40:49.0571 6016 PSSDKLBF (07a3500cf1c3325568d1b85683ce4517) C:\Windows\system32\Drivers\pssdklbf.sys
16:40:49.0587 6016 PSSDKLBF - ok
16:40:49.0610 6016 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
16:40:49.0625 6016 PxHlpa64 - ok
16:40:49.0748 6016 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:40:49.0791 6016 ql2300 - ok
16:40:49.0928 6016 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:40:49.0949 6016 ql40xx - ok
16:40:49.0995 6016 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:40:50.0049 6016 QWAVE - ok
16:40:50.0086 6016 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:40:50.0137 6016 QWAVEdrv - ok
16:40:50.0424 6016 RapportCerberus_34302 (5e0459ed0a8f540d2f7b6e52da12c9d4) C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys
16:40:50.0445 6016 RapportCerberus_34302 - ok
16:40:50.0605 6016 RapportEI64 (06917b0649e334c43bfd529afcdc6c1c) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
16:40:50.0621 6016 RapportEI64 - ok
16:40:50.0674 6016 RapportKE64 (49dec9bb40555db653c4e1ab9a087403) C:\Windows\system32\Drivers\RapportKE64.sys
16:40:50.0690 6016 RapportKE64 - ok
16:40:50.0792 6016 RapportMgmtService (d9ef54568fafcb4be4637068e768409a) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
16:40:50.0820 6016 RapportMgmtService - ok
16:40:50.0875 6016 RapportPG64 (6a36c7b3dfcf56bc164cb399bc4943a7) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
16:40:50.0891 6016 RapportPG64 - ok
16:40:50.0915 6016 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:40:50.0960 6016 RasAcd - ok
16:40:50.0990 6016 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:40:51.0056 6016 RasAgileVpn - ok
16:40:51.0093 6016 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:40:51.0156 6016 RasAuto - ok
16:40:51.0186 6016 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:40:51.0235 6016 Rasl2tp - ok
16:40:51.0269 6016 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
16:40:51.0344 6016 RasMan - ok
16:40:51.0385 6016 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:40:51.0473 6016 RasPppoe - ok
16:40:51.0528 6016 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:40:51.0596 6016 RasSstp - ok
16:40:51.0643 6016 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:40:51.0715 6016 rdbss - ok
16:40:51.0742 6016 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:40:51.0790 6016 rdpbus - ok
16:40:51.0814 6016 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:40:51.0862 6016 RDPCDD - ok
16:40:51.0883 6016 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:40:51.0947 6016 RDPENCDD - ok
16:40:51.0982 6016 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:40:52.0027 6016 RDPREFMP - ok
16:40:52.0088 6016 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
16:40:52.0161 6016 RDPWD - ok
16:40:52.0193 6016 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:40:52.0213 6016 rdyboost - ok
16:40:52.0236 6016 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:40:52.0288 6016 RemoteAccess - ok
16:40:52.0318 6016 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:40:52.0391 6016 RemoteRegistry - ok
16:40:52.0497 6016 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:40:52.0554 6016 RFCOMM - ok
16:40:52.0627 6016 rimsptsk (258aadb43e3f3468b5cf8cb0f84872c2) C:\Windows\system32\DRIVERS\rimssn64.sys
16:40:52.0692 6016 rimsptsk - ok
16:40:52.0715 6016 risdptsk (71e182a0de1cecb3f912960716345405) C:\Windows\system32\DRIVERS\risdsn64.sys
16:40:52.0784 6016 risdptsk - ok
16:40:52.0898 6016 Roxio UPnP Renderer 10 (d02e5a46f77c182ca1964080bcd586f7) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
16:40:52.0917 6016 Roxio UPnP Renderer 10 - ok
16:40:52.0956 6016 Roxio Upnp Server 10 (e5809597278802d09273ee07b5fc56e1) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
16:40:52.0974 6016 Roxio Upnp Server 10 - ok
16:40:53.0001 6016 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:40:53.0071 6016 RpcEptMapper - ok
16:40:53.0096 6016 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:40:53.0121 6016 RpcLocator - ok
16:40:53.0170 6016 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
16:40:53.0221 6016 RpcSs - ok
16:40:53.0278 6016 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:40:53.0353 6016 rspndr - ok
16:40:53.0391 6016 RTHDMIAzAudService (34f05c417f038ffa3bef69b798d7d7dd) C:\Windows\system32\drivers\RtHDMIVX.sys
16:40:53.0462 6016 RTHDMIAzAudService - ok
16:40:53.0597 6016 RtkAudioService (01e6a1e53e39a0b1e2b6ae62bf52e8ec) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
16:40:53.0613 6016 RtkAudioService - ok
16:40:53.0684 6016 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:40:53.0704 6016 SamSs - ok
16:40:53.0798 6016 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:40:53.0813 6016 SASDIFSV - ok
16:40:53.0852 6016 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:40:53.0865 6016 SASKUTIL - ok
16:40:53.0910 6016 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:40:53.0927 6016 sbp2port - ok
16:40:53.0978 6016 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:40:54.0027 6016 SCardSvr - ok
16:40:54.0047 6016 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:40:54.0117 6016 scfilter - ok
16:40:54.0223 6016 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
16:40:54.0294 6016 Schedule - ok
16:40:54.0333 6016 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
16:40:54.0379 6016 SCPolicySvc - ok
16:40:54.0409 6016 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
16:40:54.0455 6016 sdbus - ok
16:40:54.0503 6016 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
16:40:54.0575 6016 SDRSVC - ok
16:40:54.0630 6016 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:40:54.0748 6016 secdrv - ok
16:40:54.0782 6016 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
16:40:54.0864 6016 seclogon - ok
16:40:54.0927 6016 sembbus (c7113e779fec1795d3e64e87a92193ec) C:\Windows\system32\DRIVERS\sembbus.sys
16:40:54.0945 6016 sembbus - ok
16:40:54.0986 6016 sembcard (4207bc5cdaec91a40a1c25c5c9b4cdeb) C:\Windows\system32\DRIVERS\sembcard.sys
16:40:55.0004 6016 sembcard - ok
16:40:55.0021 6016 sembmdfl2 (17fcd79c5603d644b11e5cb4234fb3f2) C:\Windows\system32\DRIVERS\sembmdfl2.sys
16:40:55.0034 6016 sembmdfl2 - ok
16:40:55.0080 6016 sembmdm2 (dd5fb245e8c949f9f9617d3cc82fc7f3) C:\Windows\system32\DRIVERS\sembmdm2.sys
16:40:55.0100 6016 sembmdm2 - ok
16:40:55.0172 6016 sembmgmt (23bf1c6d472701b309233ad4cb2b575f) C:\Windows\system32\DRIVERS\sembmgmt.sys
16:40:55.0191 6016 sembmgmt - ok
16:40:55.0206 6016 sembnd5 (30326312f3772cad40246fb728b47527) C:\Windows\system32\DRIVERS\sembnd5.sys
16:40:55.0220 6016 sembnd5 - ok
16:40:55.0261 6016 sembunic (055b0b13b6acd126fe21a321c0056898) C:\Windows\system32\DRIVERS\sembunic.sys
16:40:55.0280 6016 sembunic - ok
16:40:55.0317 6016 sembwwan (9167c7b3c62b6ae431d51da5a63c5315) C:\Windows\system32\DRIVERS\sembwwan.sys
16:40:55.0337 6016 sembwwan - ok
16:40:55.0352 6016 SEMCReserved (0ea27099c21fda6a5d688ebfe7c32174) C:\Windows\system32\DRIVERS\semcreserved64.sys
16:40:55.0412 6016 SEMCReserved - ok
16:40:55.0441 6016 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
16:40:55.0508 6016 SENS - ok
16:40:55.0540 6016 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:40:55.0642 6016 SensrSvc - ok
16:40:55.0727 6016 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:40:55.0748 6016 Serenum - ok
16:40:55.0759 6016 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:40:55.0781 6016 Serial - ok
16:40:55.0818 6016 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:40:55.0866 6016 sermouse - ok
16:40:55.0914 6016 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
16:40:55.0961 6016 SessionEnv - ok
16:40:55.0990 6016 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys
16:40:56.0059 6016 SFEP - ok
16:40:56.0077 6016 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:40:56.0101 6016 sffdisk - ok
16:40:56.0113 6016 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:40:56.0140 6016 sffp_mmc - ok
16:40:56.0149 6016 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:40:56.0200 6016 sffp_sd - ok
16:40:56.0230 6016 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:40:56.0250 6016 sfloppy - ok
16:40:56.0290 6016 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:40:56.0366 6016 SharedAccess - ok
16:40:56.0419 6016 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
16:40:56.0448 6016 ShellHWDetection - ok
16:40:56.0472 6016 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:40:56.0488 6016 SiSRaid2 - ok
16:40:56.0506 6016 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:40:56.0524 6016 SiSRaid4 - ok
16:40:56.0712 6016 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:40:56.0726 6016 SkypeUpdate - ok
16:40:56.0740 6016 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:40:56.0822 6016 Smb - ok
16:40:57.0035 6016 SMServer (bfa5113ac5114c519daefabcae136af1) C:\Windows\SysWOW64\snmvtsvc.exe
16:40:57.0081 6016 SMServer ( UnsignedFile.Multi.Generic ) - warning
16:40:57.0081 6016 SMServer - detected UnsignedFile.Multi.Generic (1)
16:40:57.0244 6016 smsltd-samctrll (4635935fc972c582632bf45c26bfcb0e) c:\Smsltd\Sam\platform\bin\srvany.exe
16:40:57.0253 6016 smsltd-samctrll ( UnsignedFile.Multi.Generic ) - warning
16:40:57.0253 6016 smsltd-samctrll - detected UnsignedFile.Multi.Generic (1)
16:40:57.0308 6016 smsltdsam - ok
16:40:57.0399 6016 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:40:57.0421 6016 SNMPTRAP - ok
16:40:57.0555 6016 SOHCImp (98886c88a1cb13d61672ae2c638b7e1c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
16:40:57.0569 6016 SOHCImp - ok
16:40:57.0593 6016 SOHDBSvr (442a13f395546f4564c377296d43b564) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
16:40:57.0607 6016 SOHDBSvr - ok
16:40:57.0654 6016 SOHDms (556681be668d71dc162391a45422b52c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
16:40:57.0672 6016 SOHDms - ok
16:40:57.0697 6016 SOHDs (72b46103e4111439109acf5882627c24) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
16:40:57.0711 6016 SOHDs - ok
16:40:57.0734 6016 SOHPlMgr (725b6e9cd1959271ac993dc035e1606d) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
16:40:57.0747 6016 SOHPlMgr - ok
16:40:57.0827 6016 Soluto (f9369327409492097b0bb7ce86bd29de) C:\Windows\system32\DRIVERS\Soluto.sys
16:40:57.0846 6016 Soluto - ok
16:40:57.0976 6016 SolutoService (eea57decf1185f0fbaf276b22a125770) C:\Program Files\Soluto\SolutoService.exe
16:40:57.0994 6016 SolutoService - ok
16:40:58.0047 6016 Sony_EricssonWWSC (b2a31fbe3978b67d2554a9294748835f) C:\Windows\system32\DRIVERS\seu4scard64.sys
16:40:58.0112 6016 Sony_EricssonWWSC - ok
16:40:58.0139 6016 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:40:58.0156 6016 spldr - ok
16:40:58.0237 6016 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
16:40:58.0274 6016 Spooler - ok
16:40:58.0645 6016 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
16:40:58.0738 6016 sppsvc - ok
16:40:58.0876 6016 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:40:58.0928 6016 sppuinotify - ok
16:40:59.0014 6016 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:40:59.0082 6016 srv - ok
16:40:59.0123 6016 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:40:59.0168 6016 srv2 - ok
16:40:59.0224 6016 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:40:59.0272 6016 SrvHsfHDA - ok
16:40:59.0518 6016 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:40:59.0556 6016 SrvHsfV92 - ok
16:40:59.0778 6016 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:40:59.0806 6016 SrvHsfWinac - ok
16:40:59.0865 6016 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:40:59.0904 6016 srvnet - ok
16:40:59.0956 6016 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:41:00.0033 6016 SSDPSRV - ok
16:41:00.0068 6016 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:41:00.0140 6016 SstpSvc - ok
16:41:00.0216 6016 ssudmdm (daa02a6e84a4f99b5b9cd3ef8d59d652) C:\Windows\system32\DRIVERS\ssudmdm.sys
16:41:00.0233 6016 ssudmdm - ok
16:41:00.0265 6016 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:41:00.0282 6016 stexstor - ok
16:41:00.0349 6016 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
16:41:00.0407 6016 stisvc - ok
16:41:00.0430 6016 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:41:00.0446 6016 swenum - ok
16:41:00.0503 6016 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:41:00.0582 6016 swprv - ok
16:41:00.0721 6016 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
16:41:00.0793 6016 SysMain - ok
16:41:00.0930 6016 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
16:41:00.0986 6016 TabletInputService - ok
16:41:01.0055 6016 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
16:41:01.0072 6016 taphss - ok
16:41:01.0130 6016 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
16:41:01.0203 6016 TapiSrv - ok
16:41:01.0283 6016 tbhsd (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys
16:41:01.0298 6016 tbhsd - ok
16:41:01.0347 6016 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:41:01.0396 6016 TBS - ok
16:41:01.0600 6016 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:41:01.0647 6016 Tcpip - ok
16:41:01.0907 6016 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:41:01.0958 6016 TCPIP6 - ok
16:41:02.0102 6016 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:41:02.0175 6016 tcpipreg - ok
16:41:02.0231 6016 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:41:02.0316 6016 TDPIPE - ok
16:41:02.0369 6016 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
16:41:02.0408 6016 TDTCP - ok
16:41:02.0461 6016 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:41:02.0529 6016 tdx - ok
16:41:02.0559 6016 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:41:02.0575 6016 TermDD - ok
16:41:02.0637 6016 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
16:41:02.0699 6016 TermService - ok
16:41:02.0715 6016 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:41:02.0763 6016 Themes - ok
16:41:02.0799 6016 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:41:02.0847 6016 THREADORDER - ok
16:41:02.0866 6016 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:41:02.0934 6016 TrkWks - ok
16:41:03.0019 6016 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
16:41:03.0042 6016 TrustedInstaller - ok
16:41:03.0069 6016 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:41:03.0136 6016 tssecsrv - ok
16:41:03.0181 6016 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:41:03.0260 6016 tunnel - ok
16:41:03.0492 6016 TVersityMediaServer (e0a9b5b92097211a57fd16d27f2b3750) C:\ProgramData\TVersity\Media Server\MediaServer.exe
16:41:03.0549 6016 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - warning
16:41:03.0549 6016 TVersityMediaServer - detected UnsignedFile.Multi.Generic (1)
16:41:03.0586 6016 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:41:03.0604 6016 uagp35 - ok
16:41:03.0703 6016 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
16:41:03.0717 6016 uCamMonitor - ok
16:41:03.0754 6016 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:41:03.0828 6016 udfs - ok
16:41:03.0880 6016 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:41:03.0920 6016 UI0Detect - ok
16:41:03.0964 6016 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:41:03.0981 6016 uliagpkx - ok
16:41:03.0998 6016 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:41:04.0045 6016 umbus - ok
16:41:04.0052 6016 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:41:04.0074 6016 UmPass - ok
16:41:04.0118 6016 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:41:04.0230 6016 upnphost - ok
16:41:04.0302 6016 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:41:04.0393 6016 USBAAPL64 - ok
16:41:04.0446 6016 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
16:41:04.0471 6016 usbaudio - ok
16:41:04.0518 6016 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
16:41:04.0586 6016 usbccgp - ok
16:41:04.0622 6016 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:41:04.0671 6016 usbcir - ok
16:41:04.0712 6016 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
16:41:04.0732 6016 usbehci - ok
16:41:04.0795 6016 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
16:41:04.0844 6016 usbhub - ok
16:41:04.0888 6016 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
16:41:04.0934 6016 usbohci - ok
16:41:04.0979 6016 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:41:05.0004 6016 usbprint - ok
16:41:05.0048 6016 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:41:05.0073 6016 usbscan - ok
16:41:05.0125 6016 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:41:05.0188 6016 USBSTOR - ok
16:41:05.0243 6016 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:41:05.0305 6016 usbuhci - ok
16:41:05.0409 6016 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
16:41:05.0515 6016 usbvideo - ok
16:41:05.0553 6016 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:41:05.0630 6016 UxSms - ok
16:41:05.0738 6016 VAIO Entertainment TV Device Arbitration Service (4e7135d6d0127067e4cfee12259f895d) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
16:41:05.0773 6016 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
16:41:05.0773 6016 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
16:41:05.0879 6016 VAIO Event Service (d4197cf0c8567046fd4af28ff47af528) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
16:41:05.0894 6016 VAIO Event Service - ok
16:41:06.0064 6016 VAIO Power Management (2d6605c1f0bbd0f71a4cb3a5b1e07240) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
16:41:06.0084 6016 VAIO Power Management - ok
16:41:06.0139 6016 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
16:41:06.0160 6016 VaultSvc - ok
16:41:06.0271 6016 VCFw (06fe5beddadb158d84e6de33cbe19f3e) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
16:41:06.0295 6016 VCFw - ok
16:41:06.0380 6016 VcmIAlzMgr (34063c0b842e73662067f9b03947c55c) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
16:41:06.0399 6016 VcmIAlzMgr - ok
16:41:06.0461 6016 VcmINSMgr (a8f5d1651a324abc6c308891a1252ee3) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
16:41:06.0478 6016 VcmINSMgr - ok
16:41:06.0581 6016 VcmXmlIfHelper (db544b487f360128dc1c383e0a6fcc2f) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
16:41:06.0594 6016 VcmXmlIfHelper - ok
16:41:06.0645 6016 Vcsw - ok
16:41:06.0740 6016 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:41:06.0756 6016 vdrvroot - ok
16:41:06.0821 6016 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
16:41:06.0869 6016 vds - ok
16:41:06.0906 6016 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:41:06.0931 6016 vga - ok
16:41:06.0954 6016 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:41:07.0019 6016 VgaSave - ok
16:41:07.0101 6016 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:41:07.0120 6016 vhdmp - ok
16:41:07.0169 6016 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:41:07.0186 6016 viaide - ok
16:41:07.0213 6016 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:41:07.0231 6016 volmgr - ok
16:41:07.0274 6016 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:41:07.0296 6016 volmgrx - ok
16:41:07.0372 6016 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:41:07.0395 6016 volsnap - ok
16:41:07.0432 6016 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:41:07.0453 6016 vsmraid - ok
16:41:07.0640 6016 VSNService (e9638e51373d527e22438b80126b64f9) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
16:41:07.0655 6016 VSNService ( UnsignedFile.Multi.Generic ) - warning
16:41:07.0655 6016 VSNService - detected UnsignedFile.Multi.Generic (1)
16:41:07.0779 6016 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
16:41:07.0844 6016 VSS - ok
16:41:07.0974 6016 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:41:08.0004 6016 vwifibus - ok
16:41:08.0025 6016 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:41:08.0075 6016 vwififlt - ok
16:41:08.0286 6016 VzCdbSvc (d8bef4ac1eac809dbdbd441d6cff6c4c) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
16:41:08.0297 6016 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
16:41:08.0297 6016 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
16:41:08.0353 6016 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:41:08.0444 6016 W32Time - ok
16:41:08.0506 6016 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:41:08.0567 6016 WacomPen - ok
16:41:08.0606 6016 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:41:08.0681 6016 WANARP - ok
16:41:08.0686 6016 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:41:08.0736 6016 Wanarpv6 - ok
16:41:08.0850 6016 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:41:08.0892 6016 WatAdminSvc - ok
16:41:09.0006 6016 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
16:41:09.0079 6016 wbengine - ok
16:41:09.0216 6016 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:41:09.0243 6016 WbioSrvc - ok
16:41:09.0319 6016 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
16:41:09.0393 6016 wcncsvc - ok
16:41:09.0418 6016 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:41:09.0450 6016 WcsPlugInService - ok
16:41:09.0507 6016 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:41:09.0523 6016 Wd - ok
16:41:09.0578 6016 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:41:09.0605 6016 Wdf01000 - ok
16:41:09.0625 6016 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:41:09.0678 6016 WdiServiceHost - ok
16:41:09.0683 6016 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:41:09.0717 6016 WdiSystemHost - ok
16:41:09.0773 6016 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
16:41:09.0835 6016 WebClient - ok
16:41:09.0884 6016 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:41:09.0979 6016 Wecsvc - ok
16:41:10.0047 6016 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:41:10.0122 6016 wercplsupport - ok
16:41:10.0151 6016 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:41:10.0225 6016 WerSvc - ok
16:41:10.0281 6016 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:41:10.0325 6016 WfpLwf - ok
16:41:10.0338 6016 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:41:10.0356 6016 WIMMount - ok
16:41:10.0392 6016 WinDefend - ok
16:41:10.0405 6016 WinHttpAutoProxySvc - ok
16:41:10.0474 6016 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:41:10.0547 6016 Winmgmt - ok
16:41:10.0700 6016 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
16:41:10.0771 6016 WinRM - ok
16:41:10.0969 6016 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:41:11.0027 6016 WinUsb - ok
16:41:11.0174 6016 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:41:11.0212 6016 Wlansvc - ok
16:41:11.0333 6016 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:41:11.0347 6016 wlcrasvc - ok
16:41:11.0590 6016 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:41:11.0643 6016 wlidsvc - ok
16:41:11.0820 6016 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:41:11.0843 6016 WmiAcpi - ok
16:41:11.0900 6016 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:41:11.0944 6016 wmiApSrv - ok
16:41:11.0991 6016 WMPNetworkSvc - ok
16:41:12.0020 6016 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:41:12.0045 6016 WPCSvc - ok
16:41:12.0072 6016 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
16:41:12.0096 6016 WPDBusEnum - ok
16:41:12.0115 6016 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:41:12.0180 6016 ws2ifsl - ok
16:41:12.0224 6016 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
16:41:12.0257 6016 wscsvc - ok
16:41:12.0264 6016 WSearch - ok
16:41:12.0437 6016 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
16:41:12.0539 6016 wuauserv - ok
16:41:12.0748 6016 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:41:12.0793 6016 WudfPf - ok
16:41:12.0826 6016 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:41:12.0873 6016 WUDFRd - ok
16:41:12.0906 6016 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
16:41:12.0980 6016 wudfsvc - ok
16:41:13.0023 6016 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:41:13.0052 6016 WwanSvc - ok
16:41:13.0073 6016 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
16:41:13.0108 6016 XAudio - ok
16:41:13.0166 6016 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
16:41:13.0243 6016 yukonw7 - ok
16:41:13.0290 6016 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:41:13.0418 6016 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:41:13.0418 6016 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:41:13.0448 6016 Boot (0x1200) (65b0e407992eca79d817a763f73ca321) \Device\Harddisk0\DR0\Partition0
16:41:13.0450 6016 \Device\Harddisk0\DR0\Partition0 - ok
16:41:13.0457 6016 Boot (0x1200) (39bcad6c3e84df1a0d80cf590e7f105c) \Device\Harddisk0\DR0\Partition1
16:41:13.0459 6016 \Device\Harddisk0\DR0\Partition1 - ok
16:41:13.0459 6016 ============================================================
16:41:13.0459 6016 Scan finished
16:41:13.0459 6016 ============================================================
16:41:13.0478 5868 Detected object count: 12
16:41:13.0478 5868 Actual detected object count: 12
16:42:26.0839 5868 CronService ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0839 5868 CronService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0840 5868 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0840 5868 EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0845 5868 EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0845 5868 EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0848 5868 GSService ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0849 5868 GSService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0852 5868 Printer Control ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0852 5868 Printer Control ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0855 5868 SMServer ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0855 5868 SMServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0860 5868 smsltd-samctrll ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0861 5868 smsltd-samctrll ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0864 5868 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0864 5868 TVersityMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0868 5868 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0868 5868 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0871 5868 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0871 5868 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0874 5868 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:26.0874 5868 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:26.0879 5868 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:42:26.0879 5868 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
16:42:31.0597 1624 Deinitialize success


4. Malwarebytes log.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.07.03

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
pcwt5 :: PCWT5-VAIO [administrator]

07/05/2012 16:56:00
mbam-log-2012-05-07 (16-56-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 294714
Time elapsed: 6 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


5. OTL Logs:-

OTL logfile created on: 5/7/2012 5:14:08 PM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\pcwt5\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.84 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 47.70% Memory free
7.68 Gb Paging File | 5.44 Gb Available in Paging File | 70.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.66 Gb Total Space | 132.19 Gb Free Space | 45.79% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 61.87 Mb Free Space | 61.87% Space Free | Partition Type: NTFS

Computer Name: PCWT5-VAIO | User Name: pcwt5 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2012/05/07 17:11:16 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\pcwt5\Desktop\OTL.exe
PRC - [2012/03/22 01:32:18 | 000,773,624 | ---- | M] (bProtector) -- C:\ProgramData\bProtector\bProtect.exe
PRC - [2012/03/11 14:48:36 | 001,652,536 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/03/11 14:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/02/07 20:17:42 | 000,065,448 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr.exe
PRC - [2012/02/07 20:17:42 | 000,043,944 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr_im.exe
PRC - [2012/01/07 02:45:30 | 000,653,640 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
PRC - [2012/01/06 19:32:46 | 000,331,608 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
PRC - [2012/01/05 00:02:02 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
PRC - [2012/01/05 00:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
PRC - [2011/12/21 23:13:46 | 000,206,504 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/11/02 17:52:06 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/11/02 17:51:54 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/15 17:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) -- C:\Prey\platform\windows\cronsvc.exe
PRC - [2011/01/30 16:45:14 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010/11/24 21:33:26 | 000,921,600 | ---- | M] () -- C:\ProgramData\TVersity\Media Server\MediaServer.exe
PRC - [2010/10/25 14:59:46 | 000,569,414 | ---- | M] () -- c:\Smsltd\Sam\platform\bin\smsltd-samctrll.exe
PRC - [2010/10/25 14:59:46 | 000,008,192 | ---- | M] () -- c:\Smsltd\Sam\platform\bin\Srvany.exe
PRC - [2010/10/25 14:59:40 | 000,057,344 | ---- | M] (Apache Software Foundation) -- c:\Smsltd\Sam\platform\tomcat\bin\tomcat5.exe
PRC - [2010/08/18 18:04:14 | 000,101,376 | ---- | M] (Simpo Technologies) -- C:\Program Files (x86)\Simpo PDF Creator Lite\SpcLiteSrv.exe
PRC - [2009/12/03 02:57:52 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
PRC - [2009/07/28 01:58:36 | 000,099,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
PRC - [2009/07/23 19:39:38 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009/07/23 19:39:36 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/07/02 02:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/07/01 20:49:34 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/07/01 20:49:34 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/06/26 23:35:04 | 000,468,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2009/06/05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/26 18:23:14 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2008/09/18 19:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007/10/17 16:22:56 | 000,352,256 | ---- | M] () -- C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/07 15:37:50 | 000,115,137 | ---- | M] () -- C:\Users\pcwt5\AppData\Local\Temp\b3ac04aa-9413-4ecb-ac45-ed44495e62a6\CliSecureRT.dll
MOD - [2012/04/12 20:42:37 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8e47bcd69923f39c010b285d0681b795\System.ServiceProcess.ni.dll
MOD - [2012/04/12 20:40:50 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
MOD - [2012/04/12 20:40:32 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
MOD - [2012/04/12 20:29:11 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\caf9fdf2957d955ccb07d837d095eae1\PresentationFramework.ni.dll
MOD - [2012/04/12 20:28:53 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7a2fecd8284d0c427d16ff278a1e574f\PresentationCore.ni.dll
MOD - [2012/04/12 20:28:48 | 013,197,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\a36af74ac369a8c1f3171cd6fb18f3a6\System.Windows.Forms.ni.dll
MOD - [2012/04/12 20:28:39 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\32a65725ff7d128428e35d8100dad4be\WindowsBase.ni.dll
MOD - [2012/04/12 20:28:37 | 001,665,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\64ea1d0193e735b953c94d16d6fd2146\System.Drawing.ni.dll
MOD - [2012/03/29 23:44:16 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\eef171dee81858018c3956485fff7ba7\System.Management.ni.dll
MOD - [2012/03/29 23:40:40 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4017661cfa4a173b878d7e2a949c3a9e\System.Runtime.Remoting.ni.dll
MOD - [2012/03/29 23:40:22 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b9942cb07813f553f6d6374dd4541362\System.Xaml.ni.dll
MOD - [2012/03/29 03:07:46 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1c5b741f270fccb3b527b4fc3a8431f3\PresentationFramework.Aero.ni.dll
MOD - [2012/03/29 03:07:18 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b7409080f31b0a702281b68c37bac326\System.Core.ni.dll
MOD - [2012/03/29 03:07:18 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\68345d6b57fe33c9a94fe6a72ab5e85e\System.Xml.ni.dll
MOD - [2012/03/29 03:07:06 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\57e066d0b97757dbd26d59302c3d701a\System.ni.dll
MOD - [2012/03/29 03:06:57 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e5b31f3bb6508df0dc7c20ddc72f3191\mscorlib.ni.dll
MOD - [2012/02/17 04:47:43 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012/02/17 04:47:38 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012/02/17 04:47:35 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2012/01/07 02:45:30 | 000,653,640 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
MOD - [2012/01/06 19:38:32 | 000,009,544 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\lang\gui-eng.dll
MOD - [2011/12/22 22:16:50 | 000,086,696 | ---- | M] () -- C:\Program Files (x86)\blekkotb\blekkoDx.dll
MOD - [2011/11/22 01:47:46 | 000,468,992 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
MOD - [2011/11/22 01:47:44 | 001,609,728 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
MOD - [2011/11/22 01:47:44 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
MOD - [2011/11/22 01:47:42 | 005,694,976 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
MOD - [2011/11/22 01:46:28 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Raptr\sip.pyd
MOD - [2011/11/10 17:11:00 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2011/11/02 17:52:06 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/10/24 19:50:38 | 000,079,360 | ---- | M] () -- C:\Program Files (x86)\Raptr\easyhook32.dll
MOD - [2011/10/24 19:49:56 | 002,717,595 | ---- | M] () -- C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
MOD - [2011/10/14 03:49:40 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/09/09 00:47:40 | 001,183,699 | ---- | M] () -- C:\Program Files (x86)\Raptr\liboscar.dll
MOD - [2011/09/09 00:47:36 | 001,640,221 | ---- | M] () -- C:\Program Files (x86)\Raptr\libjabber.dll
MOD - [2011/09/09 00:47:32 | 001,052,194 | ---- | M] () -- C:\Program Files (x86)\Raptr\libymsg.dll
MOD - [2011/09/09 00:47:22 | 000,495,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libaim.dll
MOD - [2011/09/09 00:47:22 | 000,483,306 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libicq.dll
MOD - [2011/09/09 00:47:16 | 000,655,356 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libirc.dll
MOD - [2011/09/09 00:47:16 | 000,603,326 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
MOD - [2011/09/09 00:47:14 | 000,497,782 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
MOD - [2011/09/09 00:47:14 | 000,474,199 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl.dll
MOD - [2011/09/09 00:47:10 | 001,306,387 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libmsn.dll
MOD - [2011/09/09 00:47:04 | 000,565,461 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
MOD - [2011/09/09 00:46:56 | 000,506,276 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
MOD - [2011/08/07 17:47:27 | 000,516,368 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll
MOD - [2011/02/15 19:17:28 | 001,213,633 | ---- | M] () -- C:\Program Files (x86)\Raptr\libxml2-2.dll
MOD - [2011/02/15 19:17:28 | 000,417,501 | ---- | M] () -- C:\Program Files (x86)\Raptr\sqlite3.dll
MOD - [2010/11/23 00:06:22 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\Raptr\zlib1.dll
MOD - [2010/11/22 23:57:36 | 002,042,368 | ---- | M] () -- C:\Program Files (x86)\Raptr\libtorrent.pyd
MOD - [2010/11/22 23:57:34 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32gui.pyd
MOD - [2010/11/22 23:57:34 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32file.pyd
MOD - [2010/11/22 23:57:34 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32api.pyd
MOD - [2010/11/22 23:57:34 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32process.pyd
MOD - [2010/11/22 23:57:18 | 000,141,312 | ---- | M] () -- C:\Program Files (x86)\Raptr\gobject._gobject.pyd
MOD - [2010/11/22 23:57:06 | 000,263,168 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
MOD - [2010/11/22 23:56:56 | 000,354,304 | ---- | M] () -- C:\Program Files (x86)\Raptr\pythoncom26.dll
MOD - [2010/11/22 23:56:56 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\pywintypes26.dll
MOD - [2010/11/22 23:56:26 | 000,324,608 | ---- | M] () -- C:\Program Files (x86)\Raptr\PIL._imaging.pyd
MOD - [2010/11/22 23:56:02 | 000,805,376 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ssl.pyd
MOD - [2010/11/22 23:56:02 | 000,583,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\unicodedata.pyd
MOD - [2010/11/22 23:56:02 | 000,356,864 | ---- | M] () -- C:\Program Files (x86)\Raptr\_hashlib.pyd
MOD - [2010/11/22 23:56:02 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Raptr\pyexpat.pyd
MOD - [2010/11/22 23:56:02 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ctypes.pyd
MOD - [2010/11/22 23:56:02 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Raptr\_sqlite3.pyd
MOD - [2010/11/22 23:56:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Raptr\_socket.pyd
MOD - [2010/11/22 23:56:02 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Raptr\winsound.pyd
MOD - [2008/09/03 23:55:38 | 004,478,680 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2007/10/17 16:22:56 | 000,352,256 | ---- | M] () -- C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2011/08/12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2011/07/07 08:49:42 | 000,376,352 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/08/13 08:11:54 | 000,522,240 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2009/07/24 05:34:31 | 000,189,984 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2009/07/16 18:36:56 | 000,411,496 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/02 02:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/06/26 23:56:10 | 000,357,672 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2009/06/26 23:35:04 | 000,468,264 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2009/06/18 03:50:30 | 000,110,888 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2009/06/16 08:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Stopped] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control)
SRV - [2012/05/02 03:27:17 | 008,252,840 | ---- | M] (SurfRight B.V.) [Auto | Stopped] -- C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe -- (HitmanPro36CrusaderBoot) HitmanPro 3.6 Crusader (Boot)
SRV - [2012/03/22 01:32:18 | 000,773,624 | ---- | M] (bProtector) [Auto | Running] -- C:\ProgramData\bProtector\bProtect.exe -- (bProtector)
SRV - [2012/03/11 14:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/02/15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/31 05:12:36 | 001,378,040 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012/01/06 19:39:16 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.exe -- (ExpatTrayService)
SRV - [2012/01/06 19:32:46 | 000,331,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe -- (ExpatShieldService)
SRV - [2012/01/05 00:02:02 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -- (ExpatWd)
SRV - [2012/01/05 00:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe -- (ExpatSrv)
SRV - [2011/11/09 14:16:12 | 000,196,376 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/15 03:33:52 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/02/15 17:01:48 | 000,019,968 | ---- | M] (Fork Ltd.) [Auto | Running] -- C:\Prey\platform\windows\cronsvc.exe -- (CronService)
SRV - [2010/12/04 15:30:48 | 000,245,760 | ---- | M] (SMServer) [On_Demand | Stopped] -- C:\Windows\SysWOW64\snmvtsvc.exe -- (SMServer)
SRV - [2010/12/04 15:28:20 | 000,385,024 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\GSService.exe -- (GSService)
SRV - [2010/11/24 21:33:26 | 000,921,600 | ---- | M] () [Auto | Running] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2010/10/25 14:59:46 | 000,008,192 | ---- | M] () [Auto | Running] -- c:\Smsltd\Sam\platform\bin\Srvany.exe -- (smsltd-samctrll)
SRV - [2010/10/25 14:59:40 | 000,057,344 | ---- | M] (Apache Software Foundation) [Auto | Running] -- c:\Smsltd\Sam\platform\tomcat\bin\tomcat5.exe -- (smsltdsam)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/07/31 21:09:12 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009/07/28 01:58:40 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/07/28 01:58:38 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/07/28 01:58:38 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/07/28 01:58:38 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/07/28 01:58:36 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/07/23 19:39:38 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009/07/23 19:39:38 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/07/23 19:39:36 | 000,206,336 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/07/23 00:03:04 | 000,642,920 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/07/01 20:49:34 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/06/26 20:25:36 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/06/26 20:25:24 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/09/18 19:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/12/17 05:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [On_Demand | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/01/11 05:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [On_Demand | Stopped] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/08 02:33:50 | 000,065,600 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pssdklbf.sys -- (PSSDKLBF)
DRV:64bit: - [2012/04/08 02:33:46 | 000,053,312 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pssdk42.sys -- (PSSDK42)
DRV:64bit: - [2012/03/11 14:48:52 | 000,063,760 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2012/03/01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/27 02:25:54 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2011/10/27 02:25:54 | 000,095,928 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/07 08:34:08 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2011/03/11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/05 02:19:52 | 000,034,040 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DrmRAudio.sys -- (DrmRAudio)
DRV:64bit: - [2010/11/16 12:26:38 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2010/09/23 08:46:09 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/22 20:19:02 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2010/09/22 20:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2009/08/05 02:22:40 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2009/08/05 02:20:51 | 007,345,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/03 21:06:34 | 000,250,928 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/07/31 21:29:11 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/31 21:14:14 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2009/07/31 21:13:51 | 000,086,528 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2009/07/31 21:09:12 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/07/31 21:09:08 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2009/07/31 21:02:03 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/07/30 21:41:17 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/07/30 21:41:16 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/30 21:41:16 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/30 21:40:45 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/07/27 21:27:10 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/24 06:24:03 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/06/11 21:19:09 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 21:04:10 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/05 02:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 23:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/20 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/04/08 10:53:10 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\semcreserved64.sys -- (SEMCReserved)
DRV:64bit: - [2008/04/08 10:52:58 | 000,023,040 | ---- | M] (Sony Ericsson) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\seu4scard64.sys -- (Sony_EricssonWWSC)
DRV:64bit: - [2008/04/08 10:51:52 | 000,362,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembwwan.sys -- (sembwwan) Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM)
DRV:64bit: - [2008/04/08 10:51:48 | 000,396,800 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembunic.sys -- (sembunic) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM)
DRV:64bit: - [2008/04/08 10:51:46 | 000,033,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembnd5.sys -- (sembnd5) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS)
DRV:64bit: - [2008/04/08 10:51:44 | 000,370,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmgmt.sys -- (sembmgmt) Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM)
DRV:64bit: - [2008/04/08 10:51:42 | 000,445,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmdm2.sys -- (sembmdm2)
DRV:64bit: - [2008/04/08 10:51:38 | 000,019,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmdfl2.sys -- (sembmdfl2)
DRV:64bit: - [2008/04/08 10:51:32 | 000,362,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembcard.sys -- (sembcard) Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM)
DRV:64bit: - [2008/04/08 10:51:30 | 000,302,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembbus.sys -- (sembbus) SEMC WMC Composite Device driver (WDM)
DRV - [2012/03/11 14:48:52 | 000,061,712 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2012/03/11 14:48:52 | 000,055,056 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2012/01/31 05:13:20 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2011/12/15 18:00:06 | 000,397,520 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys -- (RapportCerberus_34302)
DRV - [2009/09/18 01:03:56 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\pcwt5\Downloads\PeerBlock_r162__x64_Release_(Vista)\pbfilter.sys -- (pbfilter)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook: {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2548838

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7SVEA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\pcwt5\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/01/25 17:14:55 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\pcwt5\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\pcwt5\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\pcwt5\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\pcwt5\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Gmail = C:\Users\pcwt5\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/07 15:34:54 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll (AnchorFree Inc.)
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Updater For Spam Free Search Bar) - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll (Visicom Media)
O2 - BHO: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll ()
O2 - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll (AnchorFree Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll File not found
O2 - BHO: (TVersitybar Toolbar) - {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (no name) - {C8748F11-F4AD-47AF-AB50-C7DF5792096B} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (TVersitybar Toolbar) - {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (TVersitybar Toolbar) - {66BD2442-241B-44CD-8C7A-B51037053CDB} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BbInstallUser] C:\Program Files\Bluebeam Software\Pushbutton PDF\Bluebeam Admin User.exe (Bluebeam Software, Inc.)
O4:64bit: - HKLM..\Run: [BbPrintMonitor] C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe (Bluebeam Software, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [Simpo PDF Creator Lite Server] C:\Program Files (x86)\Simpo PDF Creator Lite\SpcLiteSrv.exe (Simpo Technologies)
O4 - HKCU..\Run: [instanteyedropper] C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe ()
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\pcwt5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 4
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} http://mlvessel:8085...ms2/js/smsx.cab (MeadCo ScriptX)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} http://81.130.200.130/SysCamInst.cab (Panasonic Network Camera)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} http://driftwoodbeac...MJPEGRender.ocx (MJPEGRender Control)
O16 - DPF: {C32FE9F1-A857-48B0-B7BF-065B5792F28D} http://82.153.20.10:...l_mpeg4_dec.cab (CAxMP4Dec Class)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://smslimited.w...ex/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=724 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F6C6BA11-BA8F-404F-A447-49C76C73EE3E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA9DA235-FB7C-44AE-9483-1F2F3870663E}: DhcpNameServer = 10.205.8.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\hitromi: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\hitromi.dll) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


========== Files/Folders - Created Within 30 Days ==========

[2012/05/07 17:19:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{74299221-BF3E-4DD3-BE7C-2C53C8EDC886}
[2012/05/07 17:19:18 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B0D59B8A-D900-476F-959D-A6EBD4CE8164}
[2012/05/07 17:11:23 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\pcwt5\Desktop\OTL.exe
[2012/05/07 16:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/07 16:54:09 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/05/07 16:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/07 16:52:28 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\pcwt5\Desktop\mbam-setup-1.61.0.1400.exe
[2012/05/07 16:37:12 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\pcwt5\Desktop\tdsskiller.exe
[2012/05/07 15:35:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/05/07 14:52:04 | 004,486,979 | R--- | C] (Swearware) -- C:\Users\pcwt5\Documents\ComboFix.exe
[2012/05/07 14:17:10 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{8D9763BE-35C8-443F-898E-CBCD216E556F}
[2012/05/07 14:16:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{49535924-86CB-4CA1-8ED3-73221B603CA9}
[2012/05/07 07:57:25 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\pcwt5\Desktop\aswMBR.exe
[2012/05/07 07:29:51 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1A780A6D-3F7D-47A1-87C5-3E153F89F024}
[2012/05/07 07:29:22 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F93A5862-B9D5-41C0-9320-A8BA7625F96C}
[2012/05/07 06:53:51 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{11BEC418-E75C-4DE0-B54B-B1BCC265EE25}
[2012/05/07 06:50:54 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/05/06 15:33:32 | 000,000,000 | ---D | C] -- C:\FRST
[2012/05/02 05:43:38 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/05/02 04:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2012/05/02 03:26:12 | 008,252,840 | ---- | C] (SurfRight B.V.) -- C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe
[2012/05/02 02:12:17 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F5353179-622E-47AA-9532-7FD204C7B70C}
[2012/05/02 02:11:56 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{933A7BA7-EA40-4E13-9414-F3E2E90F3588}
[2012/05/01 23:22:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E85104C4-2416-430E-BAE8-FF63DD741C55}
[2012/05/01 23:02:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{05F87219-D93B-418A-BEEC-9D2CACF2503E}
[2012/05/01 22:25:07 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{AB0E2318-2FD3-4888-92CE-51BE7B0E5478}
[2012/05/01 21:35:29 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1E9708A6-62C2-47A0-A8BF-D4111CAE3C12}
[2012/05/01 21:30:31 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A2975F85-EFFA-4B75-B6EB-38911A3DE0A5}
[2012/05/01 20:49:39 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D18AF664-8FB8-4D02-BF01-B78A88226172}
[2012/05/01 20:49:36 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery
[2012/05/01 20:49:18 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{021B4ECB-56E3-4844-B9EA-43E59C6576F6}
[2012/05/01 16:53:20 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E78D314A-0FF3-45F2-AD60-640F565F4906}
[2012/05/01 16:52:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1ADA076C-41D3-42E4-B40A-4D9EFF4CA05A}
[2012/05/01 16:15:43 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{3B207406-5269-40F8-BFCB-F0B8BB77D266}
[2012/05/01 16:14:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{075CAA42-8CEA-4FBB-BDFB-1ED928DE1D1F}
[2012/05/01 14:10:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{32B36069-735D-4CCA-A776-29B3565FE3DA}
[2012/05/01 14:10:15 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{AB03D844-CA98-4B74-BB32-D3D70394EE8B}
[2012/05/01 03:53:19 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{64FD770E-160E-4BBA-A849-9CB159B9659F}
[2012/05/01 03:52:54 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{52FF098F-2F01-4B83-834C-A9FDCDDDC138}
[2012/04/30 18:55:30 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{03FA506E-9631-44BD-85BD-A1A27E16823E}
[2012/04/30 18:55:04 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2EDE731F-374B-403F-8E55-0241F8E58F86}
[2012/04/30 16:32:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{33600838-AA50-4D26-969E-1E4F5C46B515}
[2012/04/30 16:32:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2FEEE62A-78AF-4546-B0C0-16D9AE495017}
[2012/04/30 15:29:47 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C2CF7053-C654-42C5-B309-866771921306}
[2012/04/30 15:29:34 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{79B31A9F-FCD1-472C-A50D-7A3904E78E2B}
[2012/04/30 14:11:52 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D3F65FE2-0574-47C8-8C19-FB662CF90ED6}
[2012/04/30 14:11:26 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9EDF099C-70C3-4236-B234-870275134302}
[2012/04/30 05:02:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2FBE040E-C82D-4463-ACD4-D9124F0D8E1E}
[2012/04/30 05:02:29 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{4CD64D5C-8771-458B-BCCF-D175B872D2EE}
[2012/04/30 02:43:49 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CC418A48-DD5A-486B-A7F4-CE0D2B83E4E8}
[2012/04/30 02:43:10 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D6AEC580-1A07-4B3A-BCE8-DD7E41DE6790}
[2012/04/30 02:28:31 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{576A53C0-CCD3-4BD2-A9C9-5B858017D6F8}
[2012/04/30 02:28:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5FC3AE8E-E727-4BB0-921A-DEEF8FFE49AB}
[2012/04/29 20:26:14 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{553F0817-2044-4627-9F0D-B308963417A9}
[2012/04/29 20:25:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CF5C11B9-00A8-4DF1-9A2B-9C6093128BAD}
[2012/04/29 17:19:05 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{558FE5DB-7EB1-4562-A264-12AB3C6BE863}
[2012/04/29 17:18:53 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{57F5021F-AB92-49D3-BD9C-2B24A4315BCF}
[2012/04/28 17:27:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A47945CB-A781-4E5D-8B7D-C4BA3C9A749A}
[2012/04/28 17:27:10 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B282FABB-52D9-4910-B8E2-9DFB3B0A3107}
[2012/04/28 17:06:46 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1B382B8F-87EA-4636-BC81-CBD65E17A27D}
[2012/04/28 17:06:16 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{531B8A56-6C79-4811-AC81-94A7B9D88AFE}
[2012/04/28 16:35:46 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2F80ECB8-52B9-4301-A1E4-6C4D9B6D586D}
[2012/04/28 16:35:13 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9F9FEF7D-0527-45C4-AC87-6AEEE7184FC5}
[2012/04/28 04:37:56 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E6872542-D5F7-47CE-BD23-36F9DCF97098}
[2012/04/28 04:37:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{108705A9-1A2B-48C7-8C74-AAABD8AC6BD9}
[2012/04/27 18:59:21 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1F3721B6-A781-472F-83C7-9D27CBB578F9}
[2012/04/27 18:59:06 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{FB38EC1A-6AB6-4353-B878-388C7ADE7B96}
[2012/04/27 18:57:20 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B426DF39-4D50-4388-BE99-03CF16ED7379}
[2012/04/27 18:57:04 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C5188DF6-F7BA-4E8B-8821-A60698DA82CB}
[2012/04/27 18:39:35 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2D581EFE-4700-4CAA-9158-676BD12A40AB}
[2012/04/27 18:39:19 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{3E7DAE22-3ED5-4B4E-AF3E-EB59A4DFF1BC}
[2012/04/27 16:33:35 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D4BAF2C8-0F63-4CF9-97D4-1876CC0AED1E}
[2012/04/27 16:33:13 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{41F2DFE5-C6A2-421C-9EB2-3BDF470232C5}
[2012/04/27 14:54:11 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A8FEA25A-B4C5-4029-BA6D-14B2BA8B80F9}
[2012/04/27 14:53:50 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5B1EEF44-10B1-4D58-AE44-908835AA8397}
[2012/04/27 14:04:47 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CD6A5E9D-A60B-4FF1-ACD4-A961812B18B6}
[2012/04/27 14:04:16 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{8ED8CBAA-63EE-423E-B9A1-5526E88DE3A4}
[2012/04/27 06:51:25 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{51E57184-713E-4E71-A8A2-1BA267E61EBD}
[2012/04/27 06:51:05 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{95DFD585-DA13-428F-B394-2688CBAA8F88}
[2012/04/27 04:16:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5DFEB043-46D2-4D8D-9863-77F088DA354A}
[2012/04/27 04:15:44 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D4FAEB01-F5EC-48DC-B88B-D0B90E307E26}
[2012/04/27 00:52:48 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{55DA07C6-E1F0-4E99-8DCC-132FB5D09D4A}
[2012/04/27 00:52:29 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{DFE1E5DF-D3A5-4447-8C60-F843DF81158C}
[2012/04/26 22:57:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{424DACEE-60F0-4829-B2C9-840C98C7738C}
[2012/04/26 22:57:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C1C7A6EC-701E-41CC-88A1-162ACB714D1E}
[2012/04/26 22:54:36 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{7505BF48-DE75-4B24-A3D1-8C66AE470666}
[2012/04/26 22:54:07 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{04D8B1B1-16C2-4C26-BB7D-E457CA34D198}
[2012/04/26 16:25:25 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{46A188E6-A9CD-4819-A40B-588063915CE9}
[2012/04/26 16:25:11 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CA922E3E-9C56-4BFD-B052-034CAB5CA1CE}
[2012/04/26 14:00:53 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0A9DAF1E-4D2B-4AFE-BB38-015559D64F2E}
[2012/04/26 14:00:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{DCFAB97E-8821-465F-BB25-0E5C25000104}
[2012/04/26 02:29:51 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{8A7C4930-DF62-4A1E-BE63-18DA113D706E}
[2012/04/26 02:29:36 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B207130E-BE6F-4F84-99EC-D00D0D36EAD2}
[2012/04/26 01:48:21 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A4EA1576-8793-4475-A05B-C42EB59C6489}
[2012/04/26 01:48:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{20612B03-EF2B-4E63-A563-1E1CFFCBDE4A}
[2012/04/26 01:07:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{859EAD84-BF9A-443F-8086-6AD1B44038D4}
[2012/04/26 01:06:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{811A91E9-233A-4944-B2E8-103A75AF0BB7}
[2012/04/25 16:38:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D1CA7815-275C-4288-8C42-5DAD0D8A3F3D}
[2012/04/25 14:22:29 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{33D6AC9C-7D95-4B5B-95C5-5BBE9475A908}
[2012/04/25 14:22:13 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B4B205DC-3D03-4B8F-BBDA-66795296BF89}
[2012/04/25 00:58:54 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D097A033-CFCB-4251-8AEE-22FAF638C6F2}
[2012/04/25 00:56:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E83F3566-3329-492C-9ED5-A2516B66BE04}
[2012/04/24 14:48:40 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{32B105ED-CE6C-4BF2-AD4D-09A76BFEC0B6}
[2012/04/24 14:48:24 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{4D5E7009-355F-4DC5-9B62-34906DC4B5E2}
[2012/04/24 07:46:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridinSoft Trojan Killer
[2012/04/24 04:24:27 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{97F48C24-A033-46DC-9CD8-ADCC8147FF21}
[2012/04/24 04:24:13 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{43AE9C61-05DE-4C91-853E-302F29661CCA}
[2012/04/24 04:23:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C219EA38-300B-49BB-8F6F-9EC74DAB2307}
[2012/04/24 04:23:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{52996862-9F5F-4364-8E7A-2B9AF6018770}
[2012/04/23 16:23:10 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{69164B96-39E7-4A76-80E2-026A0B147615}
[2012/04/23 16:22:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D6077CBC-A654-41DA-994E-592FD328ED83}
[2012/04/23 04:22:27 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{735FDAC4-2A2C-43EE-BA84-7A7399097F23}
[2012/04/23 04:22:15 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{288B7964-2EFA-43AF-93CA-28D15B4C3392}
[2012/04/23 04:22:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{89D02B0C-C3DD-486B-A895-D2945C76DED4}
[2012/04/23 04:21:48 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{29FF4DF6-8736-4AE0-AD15-062A7F1A748E}
[2012/04/22 16:21:19 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C56441E2-8276-4920-85FB-0D31FD66FBD7}
[2012/04/22 16:21:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{722040FF-6460-45D1-8E32-7894DF0D9CCD}
[2012/04/21 17:28:49 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{199DE0D8-5874-43F0-8F47-76CBE3BACD1E}
[2012/04/21 17:28:04 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5442258D-A63F-4949-8E15-DA761F238855}
[2012/04/21 02:18:25 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A4934BAF-31E7-4B74-B910-8AD120F4EC23}
[2012/04/21 02:18:11 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A1F149BD-6A28-4455-8460-7D1187E091F4}
[2012/04/20 14:17:18 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{4EA12E26-5A23-4697-A9EB-879467545178}
[2012/04/20 14:16:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{560730B6-ED93-48C1-ACE3-3594F6D781BD}
[2012/04/19 23:25:33 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{BF1DE36E-7F1C-45D1-839B-63F88C58528A}
[2012/04/19 23:24:59 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{91295554-F56C-4BE5-91FA-6C404F8567E2}
[2012/04/19 23:02:40 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{44C99892-68F9-4F98-83B7-D0B80B3F3FE1}
[2012/04/19 23:02:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{BF156C13-8B85-4654-A790-6F4D5A5C13C7}
[2012/04/19 22:38:20 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0CB1BC80-E6B3-46D1-9779-C0996C454200}
[2012/04/19 22:38:05 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D43A8419-CABA-4A29-A1BC-CA0E948AD6ED}
[2012/04/19 22:36:35 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{08F5D69C-7901-4EA1-98F6-430B2A2A0090}
[2012/04/19 22:36:19 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{18FF0A2E-8C82-42A7-BE9E-70AE7A2E5A04}
[2012/04/19 17:29:09 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{22374D4D-7C80-4349-A0B0-810A102FBAA4}
[2012/04/19 17:28:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{8DC38F73-3245-4E8C-8520-8EA3D8E01718}
[2012/04/19 17:05:15 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{57DE47CF-F98C-410A-ADE5-621D3CCF8804}
[2012/04/19 17:05:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CE54D447-7509-4B67-B89D-02B40C894469}
[2012/04/19 14:52:36 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1F8F429B-0543-4311-944D-FC66DFFC77CA}
[2012/04/19 14:52:21 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{70D9BC37-A4C0-4621-81EA-BE7152FC10BA}
[2012/04/19 14:28:28 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{61C5B988-DA83-4CFF-9CF7-E85D312B28C1}
[2012/04/19 14:27:40 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{BDAE4FCC-714F-4B4C-A51F-E76F39F072C2}
[2012/04/19 14:23:53 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{03C8D5CD-2DCF-4CD6-9B0E-337EC43B7D4B}
[2012/04/19 14:23:09 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D9C5E915-63DA-4DFF-BCD0-B801B13F1323}
[2012/04/19 03:45:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E2678831-FABB-4C75-A42E-7102B09F3A98}
[2012/04/19 03:44:46 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{82BBDDD2-A80A-4DD3-9255-AA985EEB91B6}
[2012/04/19 01:55:16 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A53C9D78-AF14-4259-9481-FE19169F680A}
[2012/04/19 01:55:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{DA57205D-14AF-4E5A-8696-15769F382670}
[2012/04/19 00:19:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1580ED82-76E1-4691-9FF8-0BDDDA1B5E38}
[2012/04/19 00:19:26 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{FA0BE2EC-3860-4287-9113-6F7A1E2785A5}
[2012/04/18 23:26:36 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1B0B7B5F-8DDB-485F-8E1C-5FFE30CDCE10}
[2012/04/18 23:25:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{434C05BB-2966-4200-9BE4-7A2EB7C036FA}
[2012/04/18 14:45:05 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{87391CD7-E608-4341-BD74-FC3F999C0638}
[2012/04/18 14:20:19 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B1C53AB1-B108-4FFB-8701-E86449390611}
[2012/04/18 14:19:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A67D1F11-FE4B-4F67-9F70-666689508F63}
[2012/04/18 14:14:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{210A9212-1CB2-404E-95EB-A560BAA7E532}
[2012/04/18 14:14:14 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{58C575D5-4FC9-4DDA-BD09-3555E8BBE601}
[2012/04/18 06:31:30 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{8C07C826-F6A0-485D-AFF7-1DF31D64F785}
[2012/04/18 06:31:16 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{AD848781-E807-4088-9396-E91826AAD135}
[2012/04/18 05:15:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B2EFE5D9-FBB7-4843-8964-0FAB9F2822EE}
[2012/04/18 05:14:31 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C4398CE3-91B5-42FA-8050-FAB92BE703C5}
[2012/04/18 04:26:44 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C45CA3AA-5444-4611-AA4E-21287E16D560}
[2012/04/18 04:26:26 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{58B8A91A-DC0F-4FCF-9DAD-EB2B7AC1D5F5}
[2012/04/18 00:54:40 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F4A00506-46BF-43AC-8B61-71EDEDEBDAD2}
[2012/04/18 00:54:00 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F02C6E1F-1F2A-465D-B7E7-03190852C68F}
[2012/04/17 15:49:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{3F96A602-47B6-4B85-BFBF-54550569C44C}
[2012/04/17 15:48:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{7EEA07A1-22C7-4BAE-926B-21AAFA611CFE}
[2012/04/17 14:18:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2DACD392-0E0F-4446-9FE2-96CDABD918EF}
[2012/04/17 14:18:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E18B719F-10C4-472B-9EFB-032FA7A63EFC}
[2012/04/17 14:15:07 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A32B6CDD-863D-40EE-95CB-33F06DEA0D44}
[2012/04/17 14:14:44 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F176C6E3-46CE-46A0-B510-7010FDD1DE4D}
[2012/04/17 14:11:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F3A19CE7-9943-44CF-832A-1FFCCC18FC72}
[2012/04/17 06:49:50 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E8001B5E-8B40-4597-9340-307654384186}
[2012/04/17 06:49:35 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{ABE57913-591E-46DF-AE23-7918AE6E8E39}
[2012/04/16 15:03:00 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1489A46E-E4A1-427A-92D0-021AAA7D907A}
[2012/04/16 15:02:44 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{45365696-A885-4A1D-8B86-829555F8F299}
[2012/04/16 14:17:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{94DFC8FC-ED4D-4BC1-BCC8-1EF65E016879}
[2012/04/16 14:16:25 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F0F60063-0DBF-4E48-B92E-348A294104CB}
[2012/04/16 04:23:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D4B70738-FE3E-4827-A789-AE711623858B}
[2012/04/16 03:10:48 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2CB0EE03-B12D-4BCB-9196-805CF535872F}
[2012/04/16 03:10:31 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{491945EF-E879-40B7-8EE8-AA17301D70F5}
[2012/04/15 16:23:09 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2748E8F8-0D87-4266-88FF-5921A7D0990A}
[2012/04/15 16:22:06 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{68CEE430-B38E-405B-8AC4-55A1C7B0C317}
[2012/04/15 16:17:50 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{AF10622C-DBA9-48A2-B281-0572241D7946}
[2012/04/15 16:17:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5FF3E234-1531-4C6B-87EB-983894087982}
[2012/04/15 07:50:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E0D0AA84-6462-4F1B-A8D0-5574DFCF3007}
[2012/04/15 07:49:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1E0D43D8-1EC0-4E4F-9F63-3CEB28890198}
[2012/04/15 04:49:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9A484E71-F550-451B-A73B-E86739E27EBD}
[2012/04/15 04:49:03 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{67E0F8EA-7860-4AA6-8937-FE1DB5FCC905}
[2012/04/14 18:41:46 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CB7FE5B6-6AD3-4E38-B371-6894CE3B287D}
[2012/04/14 18:41:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{ABEBD130-82C7-4C49-A985-F3E48C1C6183}
[2012/04/14 17:09:33 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0B556D15-FD19-438D-8B94-6E6D61B41BCA}
[2012/04/14 17:09:20 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0FC923E6-D953-44D5-B39F-9FFDADC407A5}
[2012/04/14 15:52:27 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{72A92459-7926-4922-BF6B-4463F8F80DC0}
[2012/04/14 15:52:11 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5D47B65F-2F72-4B05-8D4D-48E8FD528978}
[2012/04/14 15:23:58 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{313F7EDF-4DF2-42A2-B895-0DA5AEDD31CC}
[2012/04/14 15:23:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{313D4C30-E78E-407A-920D-BBD688050117}
[2012/04/14 06:22:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{BF521969-D467-4031-A912-F52C09F8BDB3}
[2012/04/14 06:21:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9840A383-5F1E-438D-9077-305671440D13}
[2012/04/14 00:06:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{81C5D2F1-0148-44C4-A76E-7C06AC1E192A}
[2012/04/14 00:05:53 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9606C1EB-455B-4263-8ACE-2469480A4E09}
[2012/04/13 18:41:26 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{653DD3B9-D5AD-4AE9-9636-7C8FF0016088}
[2012/04/13 18:41:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0067F58B-BB7D-4921-8415-A956CA5B91C2}
[2012/04/13 18:36:43 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F3965CFE-5CCE-438F-B5DF-B1439CF3E79B}
[2012/04/13 18:36:14 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A847926F-8746-4F4D-8509-DF3D811FD8C0}
[2012/04/13 14:35:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E4DF7679-72FF-4292-8A85-FEF50CE70334}
[2012/04/13 14:34:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{828CCF63-AD4B-49B0-B936-BA2B43234980}
[2012/04/13 03:55:05 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A4AB0C19-B51B-426E-83BB-08D24A444C79}
[2012/04/12 20:51:41 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/12 20:51:41 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/12 20:51:40 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/12 20:51:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/12 20:51:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/12 20:51:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/12 20:51:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/12 20:51:37 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/12 20:51:36 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/12 20:51:36 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/12 20:51:36 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/12 20:25:33 | 000,000,000 | ---D | C] -- C:\53d69b7d3999c7df3d785d5d
[2012/04/12 20:23:11 | 005,504,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/12 20:23:11 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/12 20:23:10 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/12 20:16:28 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/12 20:16:28 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/12 20:16:24 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/12 15:54:37 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9BED58FD-B02C-4C85-8924-70F1E62D2FCD}
[2012/04/12 03:53:59 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0A0DBCC2-1F4A-4CC9-B8A7-91036D32088E}
[2012/04/11 15:00:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{90E20183-D7B9-4275-967C-40903175EBC7}
[2012/04/11 02:59:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CEA53D8F-D31B-4B37-A5BE-6E93364126A7}
[2012/04/10 14:14:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E7BD7768-28D8-4205-ADB3-1FBC269072A2}
[2012/04/09 23:36:09 | 000,000,000 | ---D | C] -- C:\Windows\system64
[2012/04/09 22:56:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{01DD07FF-A88C-4A6C-81D8-1FE1CC4A21A3}
[2012/04/09 05:35:50 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CCC4CAEB-E454-49EB-A9D8-FC7F99F080EE}
[2012/04/08 17:35:27 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0CA70EB3-809F-41A8-8B31-75A13DC848CD}
[2012/04/08 05:34:58 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{28AD863C-A57E-4225-BD13-8A98E22F16D5}
[2012/04/07 17:34:25 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C0E83092-E37B-4227-A187-DAD3BE5D9EF6}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/07 17:14:27 | 000,000,029 | ---- | M] () -- C:\Windows\SysWow64\TempWmicBatchFile.bat
[2012/05/07 17:11:16 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\pcwt5\Desktop\OTL.exe
[2012/05/07 16:54:47 | 000,010,096 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/07 16:54:47 | 000,010,096 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/07 16:54:10 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/07 16:53:28 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\pcwt5\Desktop\mbam-setup-1.61.0.1400.exe
[2012/05/07 16:51:19 | 000,628,874 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/07 16:51:18 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/07 16:51:18 | 000,111,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/07 16:44:52 | 000,797,676 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_52.dmp
[2012/05/07 16:44:45 | 000,784,708 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_44.dmp
[2012/05/07 16:44:44 | 000,000,437 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012/05/07 16:44:33 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/07 16:44:29 | 000,001,051 | ---- | M] () -- C:\Windows\SysWow64\tversity.cookies
[2012/05/07 16:44:27 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/05/07 16:44:18 | 000,786,441 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_18.dmp
[2012/05/07 16:44:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/07 16:44:03 | 3094,622,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/07 16:37:20 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\pcwt5\Desktop\tdsskiller.exe
[2012/05/07 16:35:03 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/07 16:15:59 | 000,002,074 | ---- | M] () -- C:\Users\pcwt5\Documents\Default.rdp
[2012/05/07 15:34:54 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/05/07 15:34:06 | 000,779,617 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_34_06.dmp
[2012/05/07 15:33:57 | 000,777,156 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_33_57.dmp
[2012/05/07 15:33:49 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/05/07 15:33:23 | 000,788,059 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_33_22.dmp
[2012/05/07 14:53:09 | 004,486,979 | R--- | M] (Swearware) -- C:\Users\pcwt5\Documents\ComboFix.exe
[2012/05/07 14:13:50 | 000,788,553 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_14_13_50.dmp
[2012/05/07 14:13:44 | 000,792,155 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_14_13_43.dmp
[2012/05/07 14:13:22 | 000,802,829 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_14_13_22.dmp
[2012/05/07 08:07:33 | 000,000,512 | ---- | M] () -- C:\Users\pcwt5\Desktop\MBR.dat
[2012/05/07 07:57:53 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\pcwt5\Desktop\aswMBR.exe
[2012/05/07 07:29:30 | 000,782,310 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_07_29_30.dmp
[2012/05/07 07:29:11 | 000,785,493 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_07_29_11.dmp
[2012/05/07 07:25:55 | 000,794,052 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_07_25_52.dmp
[2012/05/07 06:53:54 | 000,787,088 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_06_53_52.dmp
[2012/05/07 06:53:44 | 000,792,537 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_06_53_37.dmp
[2012/05/07 06:51:28 | 002,375,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/07 06:51:01 | 000,781,145 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_06_51_00.dmp
[2012/05/02 05:43:38 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/05/02 03:27:17 | 008,252,840 | ---- | M] (SurfRight B.V.) -- C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe
[2012/05/02 02:21:25 | 000,784,039 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_21_25.dmp
[2012/05/02 02:21:18 | 000,781,691 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_21_18.dmp
[2012/05/02 02:21:09 | 000,782,766 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_21_08.dmp
[2012/05/02 02:07:48 | 000,803,839 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_07_47.dmp
[2012/05/02 02:07:40 | 000,800,420 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_07_39.dmp
[2012/05/02 02:07:24 | 000,792,075 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_07_24.dmp
[2012/05/01 23:18:36 | 000,791,957 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_23_18_36.dmp
[2012/05/01 23:18:29 | 000,799,081 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_23_18_28.dmp
[2012/05/01 23:18:09 | 000,782,060 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_23_18_09.dmp
[2012/05/01 22:39:58 | 000,789,979 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_22_39_58.dmp
[2012/05/01 22:39:51 | 000,787,085 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_22_39_51.dmp
[2012/05/01 22:39:30 | 000,789,956 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_22_39_30.dmp
[2012/05/01 21:52:56 | 000,790,536 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_52_55.dmp
[2012/05/01 21:52:49 | 000,785,009 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_52_48.dmp
[2012/05/01 21:52:27 | 000,781,895 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_52_27.dmp
[2012/05/01 21:41:53 | 000,783,783 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_41_53.dmp
[2012/05/01 21:41:46 | 000,791,043 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_41_46.dmp
[2012/05/01 21:41:35 | 000,778,775 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_41_34.dmp
[2012/05/01 21:39:01 | 000,789,095 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_39_01.dmp
[2012/05/01 21:38:54 | 000,787,807 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_38_52.dmp
[2012/05/01 21:38:28 | 000,789,024 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_38_27.dmp
[2012/05/01 21:35:32 | 000,787,098 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_35_32.dmp
[2012/05/01 21:35:23 | 000,787,958 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_35_19.dmp
[2012/05/01 21:32:53 | 000,791,267 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_32_53.dmp
[2012/05/01 21:27:35 | 000,789,876 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_27_35.dmp
[2012/05/01 21:27:28 | 000,781,249 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_27_28.dmp
[2012/05/01 21:27:13 | 000,776,042 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_27_12.dmp
[2012/05/01 20:51:07 | 000,783,890 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_51_07.dmp
[2012/05/01 20:51:00 | 000,777,714 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_51_00.dmp
[2012/05/01 20:50:53 | 000,795,799 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_50_46.dmp
[2012/05/01 20:49:36 | 000,000,679 | ---- | M] () -- C:\Users\pcwt5\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/05/01 20:43:07 | 000,782,571 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_43_06.dmp
[2012/05/01 20:43:00 | 000,791,981 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_42_58.dmp
[2012/05/01 20:42:39 | 000,786,686 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_42_39.dmp
[2012/05/01 20:18:40 | 000,786,934 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_18_40.dmp
[2012/05/01 20:18:33 | 000,783,683 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_18_33.dmp
[2012/05/01 20:18:20 | 000,786,841 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_18_19.dmp
[2012/05/01 20:08:50 | 000,782,170 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_08_50.dmp
[2012/05/01 20:08:42 | 000,785,043 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_08_42.dmp
[2012/05/01 20:08:26 | 000,792,937 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_08_26.dmp
[2012/05/01 20:07:33 | 000,006,512 | ---- | M] () -- C:\bootsqm.dat
[2012/05/01 16:50:07 | 000,791,512 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_50_06.dmp
[2012/05/01 16:49:59 | 000,785,722 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_49_59.dmp
[2012/05/01 16:49:37 | 000,801,095 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_49_37.dmp
[2012/05/01 16:12:53 | 000,791,552 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_12_52.dmp
[2012/05/01 16:12:45 | 000,796,427 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_12_45.dmp
[2012/05/01 16:12:28 | 000,790,742 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_12_28.dmp
[2012/05/01 14:07:57 | 000,790,157 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_14_07_57.dmp
[2012/05/01 14:07:50 | 000,798,888 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_14_07_50.dmp
[2012/05/01 14:07:33 | 000,800,497 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_14_07_33.dmp
[2012/05/01 03:50:29 | 000,789,216 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_03_50_28.dmp
[2012/05/01 03:50:19 | 000,792,921 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_03_50_19.dmp
[2012/05/01 03:50:03 | 000,783,036 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_03_50_03.dmp
[2012/04/30 18:51:23 | 000,789,666 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_18_51_22.dmp
[2012/04/30 18:51:16 | 000,793,299 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_18_51_15.dmp
[2012/04/30 18:51:01 | 000,781,664 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_18_51_00.dmp
[2012/04/30 16:25:44 | 000,783,489 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_16_25_44.dmp
[2012/04/30 16:25:37 | 000,789,150 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_16_25_37.dmp
[2012/04/30 16:25:19 | 000,786,950 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_16_25_19.dmp
[2012/04/30 14:09:20 | 000,801,382 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_14_09_20.dmp
[2012/04/30 14:09:13 | 000,789,164 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_14_09_12.dmp
[2012/04/30 14:08:56 | 000,782,357 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_14_08_56.dmp
[2012/04/30 04:59:42 | 000,786,827 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_04_59_42.dmp
[2012/04/30 04:59:35 | 000,779,775 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_04_59_34.dmp
[2012/04/30 04:59:03 | 000,785,659 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_04_59_03.dmp
[2012/04/30 02:40:33 | 000,785,753 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_40_32.dmp
[2012/04/30 02:40:24 | 000,778,123 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_40_24.dmp
[2012/04/30 02:40:04 | 000,781,843 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_40_04.dmp
[2012/04/30 02:24:11 | 000,791,463 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_24_11.dmp
[2012/04/30 02:24:02 | 000,786,782 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_24_02.dmp
[2012/04/30 02:23:38 | 000,785,503 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_23_38.dmp
[2012/04/29 20:23:06 | 000,786,359 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_20_23_06.dmp
[2012/04/29 20:22:58 | 000,789,031 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_20_22_57.dmp
[2012/04/29 20:22:35 | 000,779,132 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_20_22_35.dmp
[2012/04/29 16:32:41 | 000,790,950 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_16_32_41.dmp
[2012/04/29 16:32:33 | 000,787,774 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_16_32_32.dmp
[2012/04/29 16:32:07 | 000,781,462 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_16_32_06.dmp
[2012/04/28 17:25:23 | 000,785,246 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_25_23.dmp
[2012/04/28 17:25:15 | 000,789,785 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_25_14.dmp
[2012/04/28 17:24:55 | 000,785,477 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_24_54.dmp
[2012/04/28 17:04:19 | 000,784,190 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_04_18.dmp
[2012/04/28 17:04:09 | 000,779,038 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_04_09.dmp
[2012/04/28 17:03:50 | 000,789,905 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_03_49.dmp
[2012/04/28 16:32:59 | 000,781,605 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_32_58.dmp
[2012/04/28 16:32:49 | 000,793,127 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_32_48.dmp
[2012/04/28 16:32:31 | 000,782,515 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_32_31.dmp
[2012/04/28 16:30:28 | 000,789,534 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_30_26.dmp
[2012/04/28 16:30:19 | 000,797,299 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_30_18.dmp
[2012/04/28 16:28:30 | 000,785,402 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_28_30.dmp
[2012/04/28 05:56:37 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2012/04/28 05:56:37 | 000,001,848 | ---- | M] () -- C:\Users\pcwt5\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2012/04/28 04:33:50 | 000,795,425 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_04_33_50.dmp
[2012/04/28 04:33:42 | 000,792,123 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_04_33_41.dmp
[2012/04/28 04:33:27 | 000,784,934 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_04_33_27.dmp
[2012/04/27 16:30:54 | 000,785,538 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_30_53.dmp
[2012/04/27 16:30:45 | 000,779,102 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_30_45.dmp
[2012/04/27 16:30:28 | 000,787,218 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_30_27.dmp
[2012/04/27 16:21:53 | 000,777,732 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_21_53.dmp
[2012/04/27 16:21:46 | 000,790,918 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_21_45.dmp
[2012/04/27 16:21:25 | 000,785,328 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_21_24.dmp
[2012/04/27 14:02:35 | 000,787,169 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_14_02_33.dmp
[2012/04/27 14:02:24 | 000,783,207 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_14_02_22.dmp
[2012/04/27 14:02:04 | 000,779,859 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_14_02_03.dmp
[2012/04/27 06:46:51 | 000,789,770 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_06_46_51.dmp
[2012/04/27 06:46:44 | 000,792,164 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_06_46_43.dmp
[2012/04/27 06:46:30 | 000,790,641 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_06_46_29.dmp
[2012/04/27 04:13:48 | 000,789,476 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_04_13_47.dmp
[2012/04/27 04:13:37 | 000,795,327 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_04_13_37.dmp
[2012/04/27 04:13:24 | 000,792,593 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_04_13_23.dmp
[2012/04/26 22:52:25 | 000,787,727 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_22_52_25.dmp
[2012/04/26 22:52:16 | 000,787,204 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_22_52_16.dmp
[2012/04/26 22:51:59 | 000,785,994 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_22_51_59.dmp
[2012/04/26 13:58:14 | 000,791,752 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_13_58_14.dmp
[2012/04/26 13:58:07 | 000,789,490 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_13_58_05.dmp
[2012/04/26 13:57:48 | 000,781,966 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_13_57_48.dmp
[2012/04/26 01:04:02 | 000,782,730 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_01_04_01.dmp
[2012/04/26 01:03:54 | 000,789,468 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_01_03_53.dmp
[2012/04/26 01:03:33 | 000,811,648 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_01_03_33.dmp
[2012/04/25 14:12:21 | 000,785,146 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_14_12_21.dmp
[2012/04/25 14:12:14 | 000,795,818 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_14_12_14.dmp
[2012/04/25 14:11:59 | 000,794,921 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_14_11_58.dmp
[2012/04/25 00:54:20 | 000,782,380 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_00_54_20.dmp
[2012/04/25 00:54:13 | 000,794,217 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_00_54_13.dmp
[2012/04/25 00:53:55 | 000,781,083 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_00_53_54.dmp
[2012/04/24 14:43:55 | 000,800,330 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_24_14_43_53.dmp
[2012/04/24 14:43:45 | 000,789,013 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_24_14_43_44.dmp
[2012/04/24 14:42:51 | 000,792,872 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_24_14_42_51.dmp
[2012/04/20 08:57:58 | 000,002,641 | ---- | M] () -- C:\Users\pcwt5\.xmlcopyeditor
[2012/04/19 22:57:33 | 000,784,965 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_22_57_32.dmp
[2012/04/19 22:57:25 | 000,778,389 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_22_57_24.dmp
[2012/04/19 22:57:01 | 000,780,438 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_22_57_00.dmp
[2012/04/19 14:22:56 | 000,790,945 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_14_22_49.dmp
[2012/04/19 14:22:38 | 000,796,352 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_14_22_35.dmp
[2012/04/19 14:20:27 | 000,784,984 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_14_20_26.dmp
[2012/04/19 03:44:03 | 000,790,586 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_03_44_02.dmp
[2012/04/19 03:43:49 | 000,784,060 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_03_43_47.dmp
[2012/04/19 03:42:10 | 000,786,154 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_03_42_09.dmp
[2012/04/18 23:23:42 | 000,781,542 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_23_23_42.dmp
[2012/04/18 23:23:34 | 000,790,901 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_23_23_33.dmp
[2012/04/18 23:23:12 | 000,785,757 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_23_23_09.dmp
[2012/04/18 14:11:44 | 000,795,388 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_14_11_43.dmp
[2012/04/18 14:11:36 | 000,786,984 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_14_11_35.dmp
[2012/04/18 14:11:14 | 000,783,674 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_14_11_13.dmp
[2012/04/18 05:10:29 | 000,791,872 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_05_10_28.dmp
[2012/04/18 05:10:21 | 000,788,883 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_05_10_20.dmp
[2012/04/18 05:10:07 | 000,783,495 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_05_10_06.dmp
[2012/04/18 00:50:52 | 000,785,677 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_00_50_51.dmp
[2012/04/18 00:50:44 | 000,784,649 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_00_50_43.dmp
[2012/04/18 00:50:26 | 000,781,193 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_00_50_26.dmp
[2012/04/17 14:10:32 | 000,786,175 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_17_14_10_31.dmp
[2012/04/17 14:10:21 | 000,785,602 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_17_14_10_20.dmp
[2012/04/17 14:10:01 | 000,787,995 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_17_14_10_00.dmp
[2012/04/16 14:14:41 | 000,783,185 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_16_14_14_40.dmp
[2012/04/16 14:14:32 | 000,789,595 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_16_14_14_30.dmp
[2012/04/16 14:14:12 | 000,787,549 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_16_14_14_11.dmp
[2012/04/15 16:15:00 | 000,779,291 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_16_14_58.dmp
[2012/04/15 16:14:48 | 000,785,973 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_16_14_47.dmp
[2012/04/15 16:14:31 | 000,782,209 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_16_14_30.dmp
[2012/04/15 04:46:19 | 000,783,479 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_04_46_17.dmp
[2012/04/15 04:46:09 | 000,790,764 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_04_46_08.dmp
[2012/04/15 04:45:48 | 000,778,715 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_04_45_47.dmp
[2012/04/14 18:40:36 | 000,780,846 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_18_40_35.dmp
[2012/04/14 18:40:25 | 000,785,641 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_18_40_24.dmp
[2012/04/14 18:38:41 | 000,790,272 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_18_38_41.dmp
[2012/04/14 15:19:53 | 000,787,562 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_15_19_53.dmp
[2012/04/14 15:19:46 | 000,787,277 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_15_19_44.dmp
[2012/04/14 15:19:20 | 000,784,531 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_15_19_20.dmp
[2012/04/13 18:31:09 | 000,790,237 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_18_31_08.dmp
[2012/04/13 18:31:00 | 000,791,681 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_18_31_00.dmp
[2012/04/13 18:30:39 | 000,778,717 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_18_30_39.dmp
[2012/04/13 14:31:21 | 000,784,531 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_14_31_21.dmp
[2012/04/13 14:31:13 | 000,792,463 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_14_31_13.dmp
[2012/04/13 14:30:54 | 000,790,106 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_14_30_54.dmp
[2012/04/13 03:30:05 | 000,785,607 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_03_30_05.dmp
[2012/04/13 03:29:58 | 000,791,112 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_03_29_57.dmp
[2012/04/13 03:29:39 | 000,783,487 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_03_29_39.dmp
[2012/04/12 21:20:07 | 000,779,458 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_21_20_07.dmp
[2012/04/12 21:19:59 | 000,782,612 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_21_19_57.dmp
[2012/04/12 21:19:43 | 000,781,808 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_21_19_42.dmp
[2012/04/12 20:36:37 | 000,785,453 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_20_36_36.dmp
[2012/04/12 20:36:29 | 000,786,966 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_20_36_26.dmp
[2012/04/12 20:35:14 | 000,780,589 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_20_35_14.dmp
[2012/04/12 15:08:51 | 000,000,000 | -HS- | M] () -- C:\Windows\SysNative\dds_trash_log.cmd
[2012/04/12 15:08:21 | 000,792,474 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_15_08_21.dmp
[2012/04/12 15:08:13 | 000,784,566 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_15_08_13.dmp
[2012/04/12 15:07:57 | 000,788,513 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_15_07_57.dmp
[2012/04/12 04:45:17 | 000,779,361 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_45_16.dmp
[2012/04/12 04:45:01 | 000,796,109 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_45_01.dmp
[2012/04/12 04:44:11 | 000,785,387 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_44_10.dmp
[2012/04/12 04:34:51 | 000,784,170 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_34_50.dmp
[2012/04/12 04:34:41 | 000,778,844 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_34_41.dmp
[2012/04/12 04:34:22 | 000,781,696 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_34_22.dmp
[2012/04/12 03:48:20 | 000,791,094 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_03_48_19.dmp
[2012/04/12 03:48:11 | 000,786,174 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_03_48_10.dmp
[2012/04/12 03:47:53 | 000,786,894 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_03_47_53.dmp
[2012/04/12 00:40:18 | 000,791,475 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_00_40_15.dmp
[2012/04/12 00:40:04 | 000,783,811 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_00_40_01.dmp
[2012/04/12 00:38:37 | 000,788,472 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_00_38_37.dmp
[2012/04/11 14:43:25 | 000,790,464 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_14_43_24.dmp
[2012/04/11 14:43:14 | 000,786,434 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_14_43_13.dmp
[2012/04/11 14:42:56 | 000,789,746 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_14_42_55.dmp
[2012/04/11 02:57:57 | 000,785,523 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_02_57_56.dmp
[2012/04/11 02:57:46 | 000,790,605 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_02_57_44.dmp
[2012/04/11 02:57:28 | 000,787,417 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_02_57_27.dmp
[2012/04/10 14:12:52 | 000,780,642 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_10_14_12_52.dmp
[2012/04/10 14:12:44 | 000,787,851 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_10_14_12_44.dmp
[2012/04/10 14:12:27 | 000,793,712 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_10_14_12_27.dmp
[2012/04/09 23:10:32 | 000,786,582 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_23_10_31.dmp
[2012/04/09 23:10:23 | 000,800,009 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_23_10_22.dmp
[2012/04/09 23:09:58 | 000,799,121 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_23_09_55.dmp
[2012/04/09 22:53:53 | 000,785,514 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_22_53_52.dmp
[2012/04/09 22:53:45 | 000,792,488 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_22_53_45.dmp
[2012/04/09 22:53:24 | 000,787,627 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_22_53_23.dmp
[2012/04/09 03:37:30 | 000,789,330 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_03_37_29.dmp
[2012/04/09 03:37:21 | 000,788,739 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_03_37_20.dmp
[2012/04/09 03:37:03 | 000,782,053 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_03_37_03.dmp
[2012/04/08 17:06:35 | 000,780,079 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_17_06_34.dmp
[2012/04/08 17:06:26 | 000,776,152 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_17_06_26.dmp
[2012/04/08 17:05:59 | 000,782,915 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_17_05_59.dmp
[2012/04/08 02:33:50 | 000,065,600 | ---- | M] (microOLAP Technologies LTD) -- C:\Windows\SysNative\drivers\pssdklbf.sys
[2012/04/08 02:33:46 | 000,053,312 | ---- | M] (microOLAP Technologies LTD) -- C:\Windows\SysNative\drivers\pssdk42.sys
[2012/04/08 02:32:47 | 000,791,776 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_02_32_46.dmp
[2012/04/08 02:32:38 | 000,791,288 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_02_32_37.dmp
[2012/04/08 02:32:05 | 000,790,229 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_02_32_05.dmp
[2012/04/07 17:31:36 | 000,789,654 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_07_17_31_36.dmp
[2012/04/07 17:31:29 | 000,787,146 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_07_17_31_29.dmp
[2012/04/07 17:30:57 | 000,785,691 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_07_17_30_57.dmp
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/07 16:54:10 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/07 16:44:52 | 000,797,676 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_52.dmp
[2012/05/07 16:44:44 | 000,784,708 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_44.dmp
[2012/05/07 16:44:18 | 000,786,441 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_18.dmp
[2012/05/07 15:34:06 | 000,779,617 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_34_06.dmp
[2012/05/07 15:33:57 | 000,777,156 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_33_57.dmp
[2012/05/07 15:33:22 | 000,788,059 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_33_22.dmp
[2012/05/07 15:16:01 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2012/05/07 15:15:47 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/05/07 15:15:47 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/05/07 15:15:47 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/05/07 15:15:47 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/05/07 15:15:47 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012/05/07 15:15:47 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/05/07 15:15:47 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/05/07 15:15:47 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012/05/07 15:15:47 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012/05/07 15:15:46 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2012/05/07 15:15:46 | 000,002,266 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
[2012/05/07 15:15:46 | 000,002,254 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
[2012/05/07 15:15:46 | 000,002,057 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Content Exporter.lnk
[2012/05/07 15:15:46 | 000,002,028 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Media plus.lnk
[2012/05/07 15:15:46 | 000,001,848 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
[2012/05/07 15:15:46 | 000,001,823 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TextPad.lnk
[2012/05/07 15:15:46 | 000,001,817 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk
[2012/05/07 15:15:46 | 000,001,758 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Movie Story.lnk
[2012/05/07 15:15:46 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/05/07 15:15:46 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012/05/07 15:15:46 | 000,001,129 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer Support.lnk
[2012/05/07 15:15:46 | 000,001,069 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Recovery Center.lnk
[2012/05/07 15:15:46 | 000,000,988 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2012/05/07 15:15:46 | 000,000,923 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk
[2012/05/07 15:15:46 | 000,000,869 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sendoid.lnk
[2012/05/07 15:15:45 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/07 15:15:45 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/05/07 15:15:45 | 000,002,327 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Pixel Bender Toolkit.lnk
[2012/05/07 15:15:45 | 000,002,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click to Disc.lnk
[2012/05/07 15:15:45 | 000,001,877 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2012/05/07 15:15:45 | 000,001,223 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Stock Photos CS3.lnk
[2012/05/07 15:15:45 | 000,001,215 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS4.lnk
[2012/05/07 15:15:45 | 000,001,137 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS3.lnk
[2012/05/07 15:15:45 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
[2012/05/07 15:15:45 | 000,001,085 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Flash CS4 Professional.lnk
[2012/05/07 15:15:45 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click to Disc Editor.lnk
[2012/05/07 15:15:45 | 000,001,018 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infix PDF Editor.lnk
[2012/05/07 15:15:45 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012/05/07 15:15:45 | 000,000,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BBC iPlayer Desktop.lnk
[2012/05/07 15:15:44 | 000,001,551 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2012/05/07 15:15:44 | 000,001,407 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
[2012/05/07 15:15:44 | 000,001,379 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2012/05/07 15:15:44 | 000,001,283 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
[2012/05/07 15:15:44 | 000,001,257 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Flash CS3 Video Encoder.lnk
[2012/05/07 15:15:44 | 000,001,205 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS3.lnk
[2012/05/07 15:15:44 | 000,001,085 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Flash CS3 Professional.lnk
[2012/05/07 15:15:43 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2012/05/07 15:15:43 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2012/05/07 15:15:43 | 000,001,436 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk
[2012/05/07 15:15:43 | 000,001,403 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk
[2012/05/07 15:15:43 | 000,001,278 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2012/05/07 15:15:43 | 000,001,247 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS5.5.lnk
[2012/05/07 15:15:43 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
[2012/05/07 15:15:43 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk
[2012/05/07 15:15:43 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS3.lnk
[2012/05/07 15:15:43 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
[2012/05/07 15:15:43 | 000,001,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS3.lnk
[2012/05/07 15:15:42 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\Wireless Manager 5.lnk
[2012/05/07 15:15:42 | 000,001,848 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2012/05/07 15:15:42 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Tunebite 7.lnk
[2012/05/07 15:15:42 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/05/07 15:15:41 | 000,002,633 | ---- | C] () -- C:\Users\Public\Desktop\Disk Scrubber.lnk
[2012/05/07 15:15:41 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\Bluebeam PDF Revu.lnk
[2012/05/07 15:15:41 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2012/05/07 15:15:41 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/07 15:15:41 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012/05/07 15:15:41 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2012/05/07 15:15:41 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\DrmRemoval.lnk
[2012/05/07 15:15:41 | 000,001,835 | ---- | C] () -- C:\Users\Public\Desktop\DrmRemoval CDRipper.lnk
[2012/05/07 15:15:41 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\Buy DrmRemoval Now.lnk
[2012/05/07 15:15:41 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/07 15:15:41 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/07 15:15:41 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2012/05/07 15:15:41 | 000,001,687 | ---- | C] () -- C:\Users\Public\Desktop\Cheetah DVD Burner.lnk
[2012/05/07 15:15:41 | 000,001,273 | ---- | C] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2012/05/07 15:15:41 | 000,001,264 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2012/05/07 15:15:41 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2012/05/07 15:15:41 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Expat Shield Launch.lnk
[2012/05/07 15:15:41 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/05/07 15:15:41 | 000,001,006 | ---- | C] () -- C:\Users\Public\Desktop\Infix PDF Editor.lnk
[2012/05/07 15:15:41 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Beyond Compare 3.lnk
[2012/05/07 15:15:41 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\BBC iPlayer Desktop.lnk
[2012/05/07 15:15:41 | 000,000,968 | ---- | C] () -- C:\Users\Public\Desktop\RAR Password Unlocker.lnk
[2012/05/07 15:15:41 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2012/05/07 15:15:41 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\Sendoid.lnk
[2012/05/07 15:15:41 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\ROME.lnk
[2012/05/07 14:13:55 | 000,000,029 | ---- | C] () -- C:\Windows\SysWow64\TempWmicBatchFile.bat
[2012/05/07 14:13:50 | 000,788,553 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_14_13_50.dmp
[2012/05/07 14:13:43 | 000,792,155 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_14_13_43.dmp
[2012/05/07 14:13:22 | 000,802,829 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_14_13_22.dmp
[2012/05/07 08:07:33 | 000,000,512 | ---- | C] () -- C:\Users\pcwt5\Desktop\MBR.dat
[2012/05/07 07:29:30 | 000,782,310 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_07_29_30.dmp
[2012/05/07 07:29:11 | 000,785,493 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_07_29_11.dmp
[2012/05/07 07:25:52 | 000,794,052 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_07_25_52.dmp
[2012/05/07 06:53:52 | 000,787,088 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_06_53_52.dmp
[2012/05/07 06:53:37 | 000,792,537 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_06_53_37.dmp
[2012/05/07 06:51:00 | 000,781,145 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_06_51_00.dmp
[2012/05/02 02:21:25 | 000,784,039 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_21_25.dmp
[2012/05/02 02:21:18 | 000,781,691 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_21_18.dmp
[2012/05/02 02:21:08 | 000,782,766 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_21_08.dmp
[2012/05/02 02:07:47 | 000,803,839 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_07_47.dmp
[2012/05/02 02:07:39 | 000,800,420 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_07_39.dmp
[2012/05/02 02:07:24 | 000,792,075 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_07_24.dmp
[2012/05/01 23:18:36 | 000,791,957 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_23_18_36.dmp
[2012/05/01 23:18:28 | 000,799,081 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_23_18_28.dmp
[2012/05/01 23:18:09 | 000,782,060 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_23_18_09.dmp
[2012/05/01 22:39:58 | 000,789,979 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_22_39_58.dmp
[2012/05/01 22:39:51 | 000,787,085 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_22_39_51.dmp
[2012/05/01 22:39:30 | 000,789,956 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_22_39_30.dmp
[2012/05/01 21:52:55 | 000,790,536 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_52_55.dmp
[2012/05/01 21:52:48 | 000,785,009 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_52_48.dmp
[2012/05/01 21:52:27 | 000,781,895 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_52_27.dmp
[2012/05/01 21:41:53 | 000,783,783 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_41_53.dmp
[2012/05/01 21:41:46 | 000,791,043 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_41_46.dmp
[2012/05/01 21:41:34 | 000,778,775 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_41_34.dmp
[2012/05/01 21:39:01 | 000,789,095 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_39_01.dmp
[2012/05/01 21:38:52 | 000,787,807 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_38_52.dmp
[2012/05/01 21:38:27 | 000,789,024 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_38_27.dmp
[2012/05/01 21:35:32 | 000,787,098 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_35_32.dmp
[2012/05/01 21:35:19 | 000,787,958 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_35_19.dmp
[2012/05/01 21:32:53 | 000,791,267 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_32_53.dmp
[2012/05/01 21:27:35 | 000,789,876 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_27_35.dmp
[2012/05/01 21:27:28 | 000,781,249 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_27_28.dmp
[2012/05/01 21:27:12 | 000,776,042 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_27_12.dmp
[2012/05/01 20:51:07 | 000,783,890 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_51_07.dmp
[2012/05/01 20:51:00 | 000,777,714 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_51_00.dmp
[2012/05/01 20:50:46 | 000,795,799 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_50_46.dmp
[2012/05/01 20:49:36 | 000,000,679 | ---- | C] () -- C:\Users\pcwt5\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/05/01 20:43:06 | 000,782,571 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_43_06.dmp
[2012/05/01 20:42:58 | 000,791,981 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_42_58.dmp
[2012/05/01 20:42:39 | 000,786,686 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_42_39.dmp
[2012/05/01 20:18:40 | 000,786,934 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_18_40.dmp
[2012/05/01 20:18:33 | 000,783,683 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_18_33.dmp
[2012/05/01 20:18:19 | 000,786,841 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_18_19.dmp
[2012/05/01 20:08:50 | 000,782,170 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_08_50.dmp
[2012/05/01 20:08:42 | 000,785,043 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_08_42.dmp
[2012/05/01 20:08:26 | 000,792,937 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_08_26.dmp
[2012/05/01 20:07:33 | 000,006,512 | ---- | C] () -- C:\bootsqm.dat
[2012/05/01 16:50:06 | 000,791,512 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_50_06.dmp
[2012/05/01 16:49:59 | 000,785,722 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_49_59.dmp
[2012/05/01 16:49:37 | 000,801,095 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_49_37.dmp
[2012/05/01 16:12:52 | 000,791,552 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_12_52.dmp
[2012/05/01 16:12:45 | 000,796,427 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_12_45.dmp
[2012/05/01 16:12:28 | 000,790,742 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_12_28.dmp
[2012/05/01 14:07:57 | 000,790,157 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_14_07_57.dmp
[2012/05/01 14:07:50 | 000,798,888 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_14_07_50.dmp
[2012/05/01 14:07:33 | 000,800,497 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_14_07_33.dmp
[2012/05/01 03:50:28 | 000,789,216 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_03_50_28.dmp
[2012/05/01 03:50:19 | 000,792,921 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_03_50_19.dmp
[2012/05/01 03:50:03 | 000,783,036 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_03_50_03.dmp
[2012/04/30 18:51:22 | 000,789,666 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_18_51_22.dmp
[2012/04/30 18:51:15 | 000,793,299 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_18_51_15.dmp
[2012/04/30 18:51:00 | 000,781,664 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_18_51_00.dmp
[2012/04/30 16:25:44 | 000,783,489 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_16_25_44.dmp
[2012/04/30 16:25:37 | 000,789,150 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_16_25_37.dmp
[2012/04/30 16:25:19 | 000,786,950 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_16_25_19.dmp
[2012/04/30 14:09:20 | 000,801,382 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_14_09_20.dmp
[2012/04/30 14:09:12 | 000,789,164 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_14_09_12.dmp
[2012/04/30 14:08:56 | 000,782,357 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_14_08_56.dmp
[2012/04/30 04:59:42 | 000,786,827 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_04_59_42.dmp
[2012/04/30 04:59:34 | 000,779,775 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_04_59_34.dmp
[2012/04/30 04:59:03 | 000,785,659 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_04_59_03.dmp
[2012/04/30 02:40:32 | 000,785,753 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_40_32.dmp
[2012/04/30 02:40:24 | 000,778,123 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_40_24.dmp
[2012/04/30 02:40:04 | 000,781,843 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_40_04.dmp
[2012/04/30 02:24:11 | 000,791,463 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_24_11.dmp
[2012/04/30 02:24:02 | 000,786,782 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_24_02.dmp
[2012/04/30 02:23:38 | 000,785,503 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_23_38.dmp
[2012/04/29 20:23:06 | 000,786,359 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_20_23_06.dmp
[2012/04/29 20:22:57 | 000,789,031 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_20_22_57.dmp
[2012/04/29 20:22:35 | 000,779,132 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_20_22_35.dmp
[2012/04/29 16:32:41 | 000,790,950 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_16_32_41.dmp
[2012/04/29 16:32:32 | 000,787,774 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_16_32_32.dmp
[2012/04/29 16:32:06 | 000,781,462 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_16_32_06.dmp
[2012/04/28 17:25:23 | 000,785,246 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_25_23.dmp
[2012/04/28 17:25:14 | 000,789,785 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_25_14.dmp
[2012/04/28 17:24:54 | 000,785,477 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_24_54.dmp
[2012/04/28 17:04:18 | 000,784,190 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_04_18.dmp
[2012/04/28 17:04:09 | 000,779,038 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_04_09.dmp
[2012/04/28 17:03:49 | 000,789,905 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_03_49.dmp
[2012/04/28 16:32:58 | 000,781,605 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_32_58.dmp
[2012/04/28 16:32:48 | 000,793,127 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_32_48.dmp
[2012/04/28 16:32:31 | 000,782,515 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_32_31.dmp
[2012/04/28 16:30:27 | 000,789,534 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_30_26.dmp
[2012/04/28 16:30:18 | 000,797,299 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_30_18.dmp
[2012/04/28 16:28:30 | 000,785,402 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_28_30.dmp
[2012/04/28 04:33:50 | 000,795,425 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_04_33_50.dmp
[2012/04/28 04:33:41 | 000,792,123 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_04_33_41.dmp
[2012/04/28 04:33:27 | 000,784,934 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_04_33_27.dmp
[2012/04/27 16:30:53 | 000,785,538 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_30_53.dmp
[2012/04/27 16:30:45 | 000,779,102 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_30_45.dmp
[2012/04/27 16:30:27 | 000,787,218 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_30_27.dmp
[2012/04/27 16:21:53 | 000,777,732 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_21_53.dmp
[2012/04/27 16:21:45 | 000,790,918 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_21_45.dmp
[2012/04/27 16:21:24 | 000,785,328 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_21_24.dmp
[2012/04/27 14:02:33 | 000,787,169 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_14_02_33.dmp
[2012/04/27 14:02:22 | 000,783,207 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_14_02_22.dmp
[2012/04/27 14:02:03 | 000,779,859 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_14_02_03.dmp
[2012/04/27 06:46:51 | 000,789,770 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_06_46_51.dmp
[2012/04/27 06:46:43 | 000,792,164 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_06_46_43.dmp
[2012/04/27 06:46:29 | 000,790,641 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_06_46_29.dmp
[2012/04/27 04:13:47 | 000,789,476 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_04_13_47.dmp
[2012/04/27 04:13:37 | 000,795,327 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_04_13_37.dmp
[2012/04/27 04:13:23 | 000,792,593 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_04_13_23.dmp
[2012/04/26 22:52:25 | 000,787,727 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_22_52_25.dmp
[2012/04/26 22:52:16 | 000,787,204 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_22_52_16.dmp
[2012/04/26 22:51:59 | 000,785,994 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_22_51_59.dmp
[2012/04/26 13:58:14 | 000,791,752 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_13_58_14.dmp
[2012/04/26 13:58:05 | 000,789,490 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_13_58_05.dmp
[2012/04/26 13:57:48 | 000,781,966 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_13_57_48.dmp
[2012/04/26 01:04:01 | 000,782,730 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_01_04_01.dmp
[2012/04/26 01:03:53 | 000,789,468 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_01_03_53.dmp
[2012/04/26 01:03:33 | 000,811,648 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_01_03_33.dmp
[2012/04/25 14:12:21 | 000,785,146 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_14_12_21.dmp
[2012/04/25 14:12:14 | 000,795,818 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_14_12_14.dmp
[2012/04/25 14:11:58 | 000,794,921 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_14_11_58.dmp
[2012/04/25 00:54:20 | 000,782,380 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_00_54_20.dmp
[2012/04/25 00:54:13 | 000,794,217 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_00_54_13.dmp
[2012/04/25 00:53:54 | 000,781,083 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_00_53_54.dmp
[2012/04/24 14:43:53 | 000,800,330 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_24_14_43_53.dmp
[2012/04/24 14:43:44 | 000,789,013 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_24_14_43_44.dmp
[2012/04/24 14:42:51 | 000,792,872 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_24_14_42_51.dmp
[2012/04/19 22:57:32 | 000,784,965 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_22_57_32.dmp
[2012/04/19 22:57:24 | 000,778,389 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_22_57_24.dmp
[2012/04/19 22:57:00 | 000,780,438 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_22_57_00.dmp
[2012/04/19 14:22:49 | 000,790,945 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_14_22_49.dmp
[2012/04/19 14:22:35 | 000,796,352 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_14_22_35.dmp
[2012/04/19 14:20:26 | 000,784,984 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_14_20_26.dmp
[2012/04/19 03:44:02 | 000,790,586 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_03_44_02.dmp
[2012/04/19 03:43:47 | 000,784,060 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_03_43_47.dmp
[2012/04/19 03:42:09 | 000,786,154 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_03_42_09.dmp
[2012/04/18 23:23:42 | 000,781,542 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_23_23_42.dmp
[2012/04/18 23:23:33 | 000,790,901 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_23_23_33.dmp
[2012/04/18 23:23:09 | 000,785,757 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_23_23_09.dmp
[2012/04/18 14:11:43 | 000,795,388 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_14_11_43.dmp
[2012/04/18 14:11:35 | 000,786,984 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_14_11_35.dmp
[2012/04/18 14:11:13 | 000,783,674 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_14_11_13.dmp
[2012/04/18 05:10:28 | 000,791,872 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_05_10_28.dmp
[2012/04/18 05:10:20 | 000,788,883 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_05_10_20.dmp
[2012/04/18 05:10:06 | 000,783,495 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_05_10_06.dmp
[2012/04/18 00:50:51 | 000,785,677 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_00_50_51.dmp
[2012/04/18 00:50:43 | 000,784,649 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_00_50_43.dmp
[2012/04/18 00:50:26 | 000,781,193 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_00_50_26.dmp
[2012/04/17 14:10:31 | 000,786,175 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_17_14_10_31.dmp
[2012/04/17 14:10:20 | 000,785,602 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_17_14_10_20.dmp
[2012/04/17 14:10:00 | 000,787,995 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_17_14_10_00.dmp
[2012/04/16 14:14:40 | 000,783,185 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_16_14_14_40.dmp
[2012/04/16 14:14:30 | 000,789,595 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_16_14_14_30.dmp
[2012/04/16 14:14:11 | 000,787,549 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_16_14_14_11.dmp
[2012/04/15 16:14:58 | 000,779,291 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_16_14_58.dmp
[2012/04/15 16:14:47 | 000,785,973 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_16_14_47.dmp
[2012/04/15 16:14:30 | 000,782,209 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_16_14_30.dmp
[2012/04/15 04:46:17 | 000,783,479 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_04_46_17.dmp
[2012/04/15 04:46:08 | 000,790,764 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_04_46_08.dmp
[2012/04/15 04:45:47 | 000,778,715 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_04_45_47.dmp
[2012/04/14 18:40:35 | 000,780,846 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_18_40_35.dmp
[2012/04/14 18:40:24 | 000,785,641 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_18_40_24.dmp
[2012/04/14 18:38:41 | 000,790,272 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_18_38_41.dmp
[2012/04/14 15:19:53 | 000,787,562 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_15_19_53.dmp
[2012/04/14 15:19:44 | 000,787,277 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_15_19_44.dmp
[2012/04/14 15:19:20 | 000,784,531 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_15_19_20.dmp
[2012/04/13 18:31:08 | 000,790,237 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_18_31_08.dmp
[2012/04/13 18:31:00 | 000,791,681 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_18_31_00.dmp
[2012/04/13 18:30:39 | 000,778,717 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_18_30_39.dmp
[2012/04/13 14:31:21 | 000,784,531 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_14_31_21.dmp
[2012/04/13 14:31:13 | 000,792,463 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_14_31_13.dmp
[2012/04/13 14:30:54 | 000,790,106 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_14_30_54.dmp
[2012/04/13 03:30:05 | 000,785,607 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_03_30_05.dmp
[2012/04/13 03:29:57 | 000,791,112 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_03_29_57.dmp
[2012/04/13 03:29:39 | 000,783,487 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_03_29_39.dmp
[2012/04/12 21:20:07 | 000,779,458 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_21_20_07.dmp
[2012/04/12 21:19:57 | 000,782,612 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_21_19_57.dmp
[2012/04/12 21:19:42 | 000,781,808 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_21_19_42.dmp
[2012/04/12 20:36:36 | 000,785,453 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_20_36_36.dmp
[2012/04/12 20:36:26 | 000,786,966 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_20_36_26.dmp
[2012/04/12 20:35:14 | 000,780,589 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_20_35_14.dmp
[2012/04/12 15:08:21 | 000,792,474 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_15_08_21.dmp
[2012/04/12 15:08:13 | 000,784,566 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_15_08_13.dmp
[2012/04/12 15:07:57 | 000,788,513 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_15_07_57.dmp
[2012/04/12 04:45:16 | 000,779,361 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_45_16.dmp
[2012/04/12 04:45:01 | 000,796,109 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_45_01.dmp
[2012/04/12 04:44:10 | 000,785,387 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_44_10.dmp
[2012/04/12 04:34:50 | 000,784,170 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_34_50.dmp
[2012/04/12 04:34:41 | 000,778,844 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_34_41.dmp
[2012/04/12 04:34:22 | 000,781,696 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_34_22.dmp
[2012/04/12 03:48:19 | 000,791,094 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_03_48_19.dmp
[2012/04/12 03:48:10 | 000,786,174 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_03_48_10.dmp
[2012/04/12 03:47:53 | 000,786,894 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_03_47_53.dmp
[2012/04/12 00:40:15 | 000,791,475 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_00_40_15.dmp
[2012/04/12 00:40:01 | 000,783,811 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_00_40_01.dmp
[2012/04/12 00:38:37 | 000,788,472 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_00_38_37.dmp
[2012/04/11 14:43:24 | 000,790,464 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_14_43_24.dmp
[2012/04/11 14:43:13 | 000,786,434 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_14_43_13.dmp
[2012/04/11 14:42:55 | 000,789,746 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_14_42_55.dmp
[2012/04/11 02:57:56 | 000,785,523 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_02_57_56.dmp
[2012/04/11 02:57:44 | 000,790,605 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_02_57_44.dmp
[2012/04/11 02:57:27 | 000,787,417 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_02_57_27.dmp
[2012/04/10 14:12:52 | 000,780,642 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_10_14_12_52.dmp
[2012/04/10 14:12:44 | 000,787,851 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_10_14_12_44.dmp
[2012/04/10 14:12:27 | 000,793,712 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_10_14_12_27.dmp
[2012/04/09 23:37:19 | 000,000,000 | -HS- | C] () -- C:\Windows\SysNative\dds_trash_log.cmd
[2012/04/09 23:10:31 | 000,786,582 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_23_10_31.dmp
[2012/04/09 23:10:22 | 000,800,009 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_23_10_22.dmp
[2012/04/09 23:09:55 | 000,799,121 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_23_09_55.dmp
[2012/04/09 22:53:52 | 000,785,514 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_22_53_52.dmp
[2012/04/09 22:53:45 | 000,792,488 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_22_53_45.dmp
[2012/04/09 22:53:23 | 000,787,627 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_22_53_23.dmp
[2012/04/09 03:37:29 | 000,789,330 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_03_37_29.dmp
[2012/04/09 03:37:20 | 000,788,739 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_03_37_20.dmp
[2012/04/09 03:37:03 | 000,782,053 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_03_37_03.dmp
[2012/04/08 17:06:34 | 000,780,079 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_17_06_34.dmp
[2012/04/08 17:06:26 | 000,776,152 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_17_06_26.dmp
[2012/04/08 17:05:59 | 000,782,915 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_17_05_59.dmp
[2012/04/08 02:32:46 | 000,791,776 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_02_32_46.dmp
[2012/04/08 02:32:37 | 000,791,288 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_02_32_37.dmp
[2012/04/08 02:32:05 | 000,790,229 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_08_02_32_05.dmp
[2012/04/07 17:31:36 | 000,789,654 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_07_17_31_36.dmp
[2012/04/07 17:31:29 | 000,787,146 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_07_17_31_29.dmp
[2012/04/07 17:30:57 | 000,785,691 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_07_17_30_57.dmp
[2012/03/22 01:32:18 | 000,790,520 | ---- | C] () -- C:\Windows\SysWow64\protector.dll
[2012/02/05 07:09:22 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/05 07:09:22 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/05 07:09:22 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/05 07:09:22 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/05 07:09:22 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/12 19:26:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2011/10/31 12:22:42 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/10/31 12:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/10/31 12:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/10/31 12:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/10/31 12:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/09/20 23:51:22 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2011/09/13 17:10:48 | 000,001,374 | ---- | C] () -- C:\Windows\SysWow64\bash.exe.stackdump
[2011/07/31 19:31:38 | 003,854,848 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2011/07/22 18:04:43 | 000,000,000 | ---- | C] () -- C:\Users\pcwt5\AppData\Local\{208D71D6-AA30-4F05-8E4E-A30C5855FED5}
[2011/07/19 20:08:04 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/07/19 20:06:48 | 000,259,584 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2011/07/19 20:06:36 | 000,158,208 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2011/07/19 20:06:34 | 001,524,224 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2011/07/19 20:06:34 | 000,096,768 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2011/07/19 20:06:32 | 000,145,920 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2011/07/19 20:06:30 | 000,136,704 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2011/07/19 20:06:30 | 000,113,664 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2011/07/19 20:06:28 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2011/07/19 20:06:28 | 000,211,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2011/06/27 14:52:44 | 000,000,000 | ---- | C] () -- C:\Users\pcwt5\AppData\Local\Lsalahalev.bin
[2011/06/27 14:52:43 | 000,000,120 | ---- | C] () -- C:\Users\pcwt5\AppData\Local\Szajejariv.dat
[2011/05/30 14:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/05/23 08:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/05/14 02:50:11 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/05/14 02:50:11 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/05/10 01:20:54 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\viscomgifenc.dll
[2011/05/10 01:20:54 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\viscomtran.dll
[2011/05/10 01:20:53 | 006,963,712 | ---- | C] () -- C:\Windows\SysWow64\videotrans.dll
[2011/05/10 01:20:53 | 000,452,608 | ---- | C] () -- C:\Windows\SysWow64\videoformat.dll
[2011/05/10 01:20:53 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\FoxImager.dll
[2011/05/10 01:20:53 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2011/05/10 01:20:53 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\imgscaler.dll
[2011/05/10 01:20:53 | 000,028,160 | ---- | C] () -- C:\Windows\SysWow64\img_utils.dll
[2011/05/10 01:20:53 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\videocore.dll
[2011/04/12 05:36:48 | 000,000,000 | ---- | C] () -- C:\Windows\winfile.ini
[2011/03/08 15:03:26 | 000,000,317 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2011/03/03 12:40:08 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011/03/03 12:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2011/03/03 12:39:46 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011/03/03 12:39:34 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011/03/03 12:39:02 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011/03/03 12:38:54 | 000,154,112 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011/03/03 12:38:40 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011/03/03 12:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2011/03/03 12:38:04 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011/03/03 12:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2011/03/03 12:37:40 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011/03/03 12:35:32 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011/03/03 12:35:26 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011/02/25 04:17:36 | 000,001,103 | ---- | C] () -- C:\Windows\APDFPRP.INI
[2011/02/18 01:48:42 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2010/12/30 04:06:44 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\GSService.exe
[2010/12/25 23:52:44 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/10/28 21:22:36 | 000,000,164 | ---- | C] () -- C:\Windows\SysWow64\psconv.ini
[2010/09/08 18:09:06 | 000,120,832 | ---- | C] () -- C:\Windows\PreConvertLite.dll
[2010/08/18 20:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini
[2010/05/17 16:05:56 | 000,004,096 | ---- | C] () -- C:\Users\pcwt5\AppData\Local\keyfile3.drm
[2010/05/15 01:56:58 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\system64] -> \systemroot\system32 -> Mount Point

< End of report >Attached File  log.txt   838.78KB   290 downloads
  • 0

#6
nightporter

nightporter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Ron, Here are the rest of the logs (apologies if I should have attached some of them instead of pasting ) Things seem to be back to normal.

2nd OTL log Extras:-

OTL Extras logfile created on: 5/7/2012 5:14:08 PM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\pcwt5\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.84 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 47.70% Memory free
7.68 Gb Paging File | 5.44 Gb Available in Paging File | 70.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.66 Gb Total Space | 132.19 Gb Free Space | 45.79% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 61.87 Mb Free Space | 61.87% Space Free | Partition Type: NTFS

Computer Name: PCWT5-VAIO | User Name: pcwt5 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = jsfile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = jsfile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2312F634-50C3-4A26-AAA9-63BF1E2C7970}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{26FC8304-B97B-4154-9E00-01F12ED3BA6F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3931EFD2-C81C-4325-B0F6-087903FCA084}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3C4858D1-0A7C-46A5-9618-F274D155D4B9}" = lport=138 | protocol=17 | dir=in | app=system |
"{3FB4734A-A391-415C-B441-4138C73C2E71}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{41EB72A6-A153-4359-8186-4225BFD4806E}" = rport=138 | protocol=17 | dir=out | app=system |
"{473A5FF0-A1CB-436A-8BE3-DF174E5FC0DD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51CDB52C-0167-4699-9B3F-6E8EE69A13F4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5932A7A6-2953-4876-B8D2-1CBD2D662E5D}" = rport=2869 | protocol=6 | dir=out | app=system |
"{631C6146-D6EB-4A9C-9B83-1707F1C74C70}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{635438F0-D103-4A57-A56D-734156D32DFF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6DCA79AE-8BC4-4306-9029-092F89BFCA74}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6DCBE6EE-A242-4191-BBE0-21C21B001CDB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{712DE0DE-7598-48B4-96C6-D097E94CFDF4}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7D422AD4-CAA1-453D-B04E-0B9197BA27AB}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{8788F648-3569-4E4E-B619-CB45FB0241B3}" = lport=137 | protocol=17 | dir=in | app=system |
"{8CA0B8D7-C072-4A4D-A919-D344CB0FFAEA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{914C2BE0-664E-46F9-8E52-208A68264254}" = rport=139 | protocol=6 | dir=out | app=system |
"{9E0A2A89-9ABB-4C0F-9E35-2841C4929655}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9F35D88D-8975-48EA-844E-51666BDE43EC}" = rport=445 | protocol=6 | dir=out | app=system |
"{A2451193-709C-413C-BED5-E3D32A2397D4}" = lport=139 | protocol=6 | dir=in | app=system |
"{B25A24BA-846D-46D5-880B-9BF3A971D12D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B93EF334-C111-4FDC-B0A4-78D08B5CEECF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BF78B9C7-E777-44FE-83CF-918AD16DF01B}" = rport=137 | protocol=17 | dir=out | app=system |
"{C121184D-FA8E-4A86-AEF0-116F2446847B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C12AD2AD-2070-4041-AFAA-7F0E7641F95F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C2197C12-07C0-4C2C-BAD3-4A3A9EC8E111}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C69B8C1D-1567-4C4B-AF6E-0852939CE975}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C8446348-46B6-43EA-8EE5-E2C16B72264A}" = lport=445 | protocol=6 | dir=in | app=system |
"{CED45F22-332D-409C-9227-F423170D7FE1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D19FC79E-3EBC-424B-83F5-4E80AE547996}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D2922FBB-A2CC-4EA6-89E6-5C945F0B4513}" = lport=10245 | protocol=6 | dir=in | app=system |
"{E3122BC1-6B6A-4882-A289-08DB4FD369FE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E3BC6F29-CD55-4DFD-900A-0A6EF3F3DF8A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E5244B25-B9BC-4654-AC88-548D3797AE0D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033294F7-B33E-410D-A51B-1ACD4BB8088D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0AC8044E-C8D2-462F-BBC9-622CBDF01355}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B10FAF5-777C-47F7-8CE9-7C632D73319F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{102DCD0F-63A1-4C0B-BFF7-E49956BC3CE0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{104ADCD3-90CF-442C-B799-E95BE5B73CAB}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{1192C1F4-8FD1-4650-8AA8-0F613EA9ED38}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{12D1352E-863F-4EF7-BDB5-ED590E2C5F38}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{16AAFA2C-0B24-4ED1-8393-0FB8EC4487EE}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{194AF76F-B671-408F-A26A-407776869CED}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20CED754-12D9-4500-B129-4743FC3CC36E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3053B390-9EA1-469A-B724-151105E46EC2}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{37EDBEC4-B6CD-4C83-92D8-395CFC18B6D7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41719654-12F8-43DE-B8E9-BD79F3303255}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{49850E69-0829-46E6-8539-01AA33D87126}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{4EEDFC50-4834-49D3-B1EA-5B3FA844887F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{53A7161A-3819-49B7-AB63-AC3D034241A0}" = protocol=6 | dir=out | app=system |
"{63C65C55-6148-4DBC-905E-3662C984C95B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6B39ED4E-984B-40AC-8C83-2E555E093F0C}" = protocol=1 | dir=in | [email protected],-28543 |
"{70C19CEF-E373-4C9B-B445-05A097B29D6E}" = protocol=58 | dir=in | [email protected],-28545 |
"{71919B0C-D6FC-430B-BDDC-EDF06F533143}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7AE3355F-8FA8-48AC-BB18-E8D43F6D09CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7C86DDB7-4CEE-4633-B88B-DEAD0A2DE493}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{842FAA54-6437-4776-BB2D-C97215988DB9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{91CAADBF-4EDE-471D-B4D7-241B0B9E7BFF}" = protocol=1 | dir=out | [email protected],-28544 |
"{92ABC147-0300-4AE1-A7CA-74F7FE8D12E9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{95C2B268-EEDC-44EC-92C8-3428E3BD8549}" = protocol=58 | dir=in | [email protected],-148 |
"{ABC2F02A-889D-4DF3-AF5D-6B8E6BAE7402}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{AC416F85-DE22-45BF-A243-C68AE1B1DD5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ADA90147-7541-481B-A887-E53133287F21}" = protocol=17 | dir=in | app=c:\programdata\tversity\media server\mediaserver.exe |
"{BED90A8B-66FA-41E8-8FDD-B9B6F7CDB613}" = protocol=58 | dir=out | [email protected],-28546 |
"{C5A81692-6668-4E9B-B340-0601664FEC6C}" = protocol=6 | dir=in | app=c:\programdata\tversity\media server\mediaserver.exe |
"{C9150A61-1FDD-4823-A39C-991A86F134D9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CAA27E50-375F-47E1-965B-4D72DFD5E4ED}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF075E07-94DA-427A-B56D-73E36E719CB9}" = protocol=6 | dir=in | app=c:\users\pcwt5\appdata\local\vivox\vvs\current\vivoxvoiceservice.exe |
"{D026BB63-67BD-4800-AACF-176B13F970D0}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D0DA08A9-6FC6-4A84-B054-35A8E81A5467}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{D4E6B5B2-B587-4DC8-8E09-9F6758992905}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{D7F6242B-E788-4F33-B5AD-0E33F588952A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DA223C09-7D37-4A7C-987D-30415169C52F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DEA5C299-0CCD-4313-9BCA-D018BA08FE87}" = protocol=17 | dir=in | app=c:\users\pcwt5\appdata\local\vivox\vvs\current\vivoxvoiceservice.exe |
"{EA5D3523-82BA-4EE9-B9F8-C6307F38BAF2}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{FDA7CC88-1F1E-4A46-85A7-2575918BB82A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FFB43809-D47E-46E4-84E4-A82BA7860232}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{0C54072B-6B97-402D-8FDE-2D63BCD9FD94}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{3DA5CC7B-A3CB-4B8D-ADAC-B93C6178EAB8}C:\users\pcwt5\appdata\local\vivox\vvs\current\vivoxvoiceservice.exe" = protocol=6 | dir=in | app=c:\users\pcwt5\appdata\local\vivox\vvs\current\vivoxvoiceservice.exe |
"TCP Query User{3DB7D621-80EC-4198-B5F2-ACEB759056E4}C:\program files (x86)\adobe\adobe flash cs4\flash.exe" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe flash cs4\flash.exe |
"TCP Query User{5EE81853-7D51-4F98-8309-AACF6357FAE3}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{61AC7669-1FA4-4464-8304-D803C759028A}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{682EC0AE-117D-4FC9-B1E9-643F75B69B6A}C:\users\pcwt5\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\pcwt5\appdata\roaming\spotify\spotify.exe |
"TCP Query User{8615E12D-87BE-49FE-A232-095397B9AB41}C:\program files (x86)\raptr\raptr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"TCP Query User{B7936DA1-95F4-40F6-89A3-82A42AE976BE}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{BD615114-7EB1-4AE9-840E-1288E50FC4BA}C:\users\pcwt5\appdata\roaming\huok\cyda.exe" = protocol=6 | dir=in | app=c:\users\pcwt5\appdata\roaming\huok\cyda.exe |
"TCP Query User{C0D9A2C5-17FA-487C-85D9-670D4A9A8BAE}C:\program files (x86)\windows live\contacts\wlcomm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"TCP Query User{C1F281B5-B819-49CE-9FEF-A81819C36ECA}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{E1268721-BD0C-4ED7-AECF-5BCBEEDD141B}C:\users\pcwt5\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\pcwt5\appdata\roaming\spotify\spotify.exe |
"TCP Query User{F8B1467E-EA46-42C3-83B0-46741C3CB509}C:\program files (x86)\windows live\contacts\wlcomm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"TCP Query User{FCFF4513-DC49-4ADB-90FA-59F23D552DF6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{FF1EDA5C-FEFB-40A9-B314-C90F3250098F}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{08A14E66-E4CA-4B5D-AFEE-A04EA29AF64A}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"UDP Query User{198567B7-0CEF-4CD5-B591-DB5054D36E70}C:\users\pcwt5\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\pcwt5\appdata\roaming\spotify\spotify.exe |
"UDP Query User{34488675-1934-4A62-A3E0-A5C8957F1916}C:\program files (x86)\windows live\contacts\wlcomm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"UDP Query User{6E349F1A-7054-49DC-A875-AEEE47623FF7}C:\program files (x86)\raptr\raptr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"UDP Query User{717B9AC0-C72F-4FF2-BD24-02380699DCA6}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"UDP Query User{7B83949E-9883-4294-8137-BF2FF6ED9A64}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{7CF5A98B-E026-4562-B5D1-75A6B1A59BF0}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{9880659D-E803-478B-A41D-1276D8C97C27}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{ABBC7B6F-B041-41DF-87E8-6564C5C8CA5A}C:\users\pcwt5\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\pcwt5\appdata\roaming\spotify\spotify.exe |
"UDP Query User{B0AE5A03-D442-4AA8-8F18-EC0E7D606BC0}C:\program files (x86)\adobe\adobe flash cs4\flash.exe" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe flash cs4\flash.exe |
"UDP Query User{BA22385C-7DC3-4C25-AD9D-A4D1243337DF}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{CFAA63C1-FAD6-4AF7-993E-8CC3987C6E54}C:\users\pcwt5\appdata\roaming\huok\cyda.exe" = protocol=17 | dir=in | app=c:\users\pcwt5\appdata\roaming\huok\cyda.exe |
"UDP Query User{D12BA3FF-2419-4114-A874-FE0E0619B0A2}C:\users\pcwt5\appdata\local\vivox\vvs\current\vivoxvoiceservice.exe" = protocol=17 | dir=in | app=c:\users\pcwt5\appdata\local\vivox\vvs\current\vivoxvoiceservice.exe |
"UDP Query User{F1005D31-2714-4DC5-AE5A-4BC0E8E8FC1A}C:\program files (x86)\windows live\contacts\wlcomm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"UDP Query User{FA35A79B-D96B-48FF-BEBA-21A3F0B75EA6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java™ 6 Update 14 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{AF4CD5A3-7D69-445E-B0C0-A6A575793B94}" = Soluto
"{B2F36211-EA94-4BC4-819C-25913C800E8A}" = Bluebeam PDF Revu x64 v6.5.4
"{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1" = RAR Password Unlocker 4.3.0.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E4900509-77B0-4515-8061-E96237D69585}" = Sony Ericsson MD300 Wireless Modem
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"EPSON SX410 Series" = EPSON SX410 Series Printer Uninstall
"HDMI" = Intel® Graphics Media Accelerator Driver
"HitmanPro36" = HitmanPro 3.6
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PeerGuardian_is1" = PeerGuardian 2.0
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0215A652-E081-4B09-9333-DC85AAB67FFA}" = Adobe Dreamweaver CS5.5
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}" = Adobe Flash Player 10 Plugin
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{083A7AA2-8871-42B0-8513-7428F44DFC38}" = MariusSoft Disk Scrubber
"{0876C3CC-0D9A-4AE8-9B9D-29B0FB5113BD}" = iPlayer
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A5F02E5-1A52-4F85-892C-A35227641C75}" = VAIO Content Metadata Intelligent Analyzing Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = VAIO Presentation Support
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Monitoring Settings
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 23
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2BE51320-174A-44EC-8041-50E35E091283}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java™ SE Development Kit 6 Update 20
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37964A88-DAA1-488B-AE88-A5B6DDC6E9A6}" = Sony Ericsson Wireless Manager 5
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3B1168DE-1F8C-471C-AC49-0CA52F096170}" = VAIO Content Metadata Intelligent Network Service Manager
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{41888B21-922B-4241-4594-EF1E6828A72B}" = BBC iPlayer Desktop
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{48E91AD2-2A80-4E70-98E6-450A189F6048}" = VAIO Movie Story
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51BEF30C-58E4-490F-BA40-A2F12AB8B5F9}" = VAIO Content Metadata Manager Settings
"{51CFD8DC-5C66-42ec-9598-72E28FD62ED5}" = MusicStation
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57AABF73-E17F-4212-A103-13A9794F0869}" = VAIO Content Metadata XML Interface Library
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5B96BF29-1CC0-42FB-AB2C-1E12E3226E7A}" = Bing Bar
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{5F2D882B-A663-4EB5-9851-48CC6C75FD2D}" = VAIO Content Metadata Intelligent Network Service Manager
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Power Management
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6530EB5E-F2BE-45D3-906B-E4AFFF2D1588}" = Windows Live Device Manager
"{67EA4F15-C7C4-436A-B6A2-352BC2CE11DC}" = Dealio Toolbar v4.7
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7395DD51-0D1A-47A7-9993-742073ECF4CE}" = VAIO Content Metadata Manager Settings
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7A512C74-7780-43A1-93DA-29C23D0DF374}" = VAIO Content Metadata XML Interface Library
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7E8DE539-B044-48B3-BC76-4F0A089ABE2F}" = VAIO Content Metadata Intelligent Analyzing Manager
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = MyDSC2
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8F47B673-8D71-49E3-98B6-BCF547C82F57}" = Click to Disc
"{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1" = Yawcam 0.3.3
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91D18A92-69C2-9A7B-6662-159D8E6CBEF1}" = Project ROME
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = VAIO Quick Web Access
"{949419DF-F4AF-4693-B60A-522B24F233C6}" = VAIO Content Metadata XML Interface Library
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D912275-85FD-45F6-9AF3-388A0F8AADB2}" = VAIO Content Metadata Intelligent Network Service Manager
"{9E39EA0D-38CD-4739-9E28-DEA4A1155522}" = Sony Home Network Library
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A568DFBD-4A04-484E-86BB-165AA6C53E2B}" = VAIO Content Monitoring Settings
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Settings
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABD45A2C-0F28-8760-0F42-3AEB7AC03A1B}" = Sendoid
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2AE2254-8133-4091-A671-E77BE909766C}" = CodeTwo OutlookExport
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B6EC7388-E277-4A5B-8C8F-71067A41BA64}" = TextPad 5
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}" = Cheetah DVD Burner
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C13A22F5-B0FF-44E9-982B-821578CE5E98}" = Tunebite
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D8AE7D4E-BA8B-4F7B-BF50-8D2F090034F0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}" = AdobeColorCommonSetCMYK
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EED50C97-C79E-4149-BD82-7C5A22437708}" = Adobe Setup
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FBBF5D9C-1989-4933-AE4E-19EE368385B4}" = VAIO Entertainment Platform
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"3ivx MPEG-4 5.0.2" = 3ivx MPEG-4 5.0.2 (remove only)
"43442AE9-6512-4392-B5DD-9167BECD1114_is1" = Infix 4.04
"8461-7759-5462-8226" = Vuze
"ActiveTouchMeetingClient" = WebEx
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Adobe_a68eec966ce913ddaa63251dc82ed31" = Adobe Flash CS4 Professional
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"Age of Empires II Trial" = Microsoft Age of Empires II Trial Version
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"AudibleManager" = AudibleManager
"AVIcodec" = AVIcodec (remove only)
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"BeyondCompare3_is1" = Beyond Compare Version 3.1.8
"blekkotb" = Spam Free Search Bar
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.newhope.NHProject.prod.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Project ROME
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"com.caffeinatedmind.Sendoid" = Sendoid
"DebugMode Wax 2.0" = DebugMode Wax 2.0
"DrmRemoval_is1" = DrmRemoval 4.1.4
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"ExpatShield" = Expat Shield 2.24
"FormatFactory" = FormatFactory 2.60
"Free MP3 to CD Converter & Burner (by minidvdsoft)_is1" = Free DVD ISO Burner version 2.5
"Free PowerPoint/PPT to Pdf Converter_is1" = Free PowerPoint/PPT to Pdf Converter 5.5
"Free PS Convert driver_is1" = Free PS Convert driver 8.15
"Free Window Registry Repair" = Free Window Registry Repair
"Google Chrome" = Google Chrome
"Hardware Helper_is1" = Hardware Helper
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImgBurn" = ImgBurn
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{B2F36211-EA94-4BC4-819C-25913C800E8A}" = Bluebeam PDF Revu x64 v6.5.4
"Instant Eyedropper_is1" = Instant Eyedropper 1.75
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Standard)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"MarketingTools" = VAIO Marketing Tools
"MFU Module" =
"NSIS" = Nullsoft Install System
"QuickTime" = QuickTime
"Rapport_msi" = Rapport
"Raptr" = Raptr
"RealPlayer 12.0" = RealPlayer
"Simpo PDF Creator Lite_is1" = Simpo PDF Creator Lite 3.1.1.0
"SMS Applications Manager (Server)" = SMS Applications Manager (Server)
"splashtop" = VAIO Quick Web Access
"SubtitleEdit_is1" = Subtitle Edit v3.0
"The Rosetta Stone" = The Rosetta Stone
"TVersity Codec Pack" = TVersity Codec Pack 1.4
"TVersity Media Server" = TVersity Media Server 1.9.3
"TVersitybar Toolbar" = TVersitybar Toolbar
"VAIO Help and Support" =
"VAIO NW screensaver" = VAIO NW screensaver
"VAIO Premium Partners 1.00" = VAIO Premium Partners 1.00
"VLC media player" = VLC media player 1.1.5
"VueScan" = VueScan
"Vuze_Remote Toolbar" = Vuze_Remote Toolbar
"webmmf" = WebM Media Foundation Components
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 3.3.0
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinZip" = WinZip
"Word to PDF Converter_is1" = Word to PDF Converter 3.0
"XML Copy Editor_is1" = XML Copy Editor 1.2.0.6
"XML Marker_is1" = XML Marker version 1.1

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Advanced PDF Password Recovery" = Advanced PDF Password Recovery
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/7/2012 10:34:20 AM | Computer Name = pcwt5-VAIO | Source = Soluto PC-Genome Service | ID = 0
Description = Failed to process session change. System.Exception: Database doesn't
exist at Soluto.Common.Database.Client.LocalGenomeSingleton.AquireLocalGenome(String
callerName) at Soluto.Client.Common.SystemStateManager.GetSystemStateObject(Int32
aModuleId) at Soluto.Client.Common.SystemStateManager.GetModuleSystemState(Modules
aModule) at Soluto.Client.Common.BackgroundProcess.PCState.LoadActivityFromDB()

at Soluto.Client.Common.BackgroundProcess.PCState..ctor() at Soluto.Client.Common.BackgroundProcess.PCState.get_Instance()

at Soluto.Client.Core.Service.Service.OnSessionChange(SessionChangeDescription
changeDescription) at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32
eventType, IntPtr eventData)

Error - 5/7/2012 10:35:58 AM | Computer Name = pcwt5-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 5/7/2012 11:20:58 AM | Computer Name = pcwt5-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/7/2012 11:21:04 AM | Computer Name = pcwt5-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/7/2012 11:43:16 AM | Computer Name = pcwt5-VAIO | Source = Soluto PC-Genome Service | ID = 0
Description = Failed to process session change. System.Exception: Database doesn't
exist at Soluto.Common.Database.Client.LocalGenomeSingleton.AquireLocalGenome(String
callerName) at Soluto.Client.Common.SystemStateManager.GetSystemStateObject(Int32
aModuleId) at Soluto.Client.Common.SystemStateManager.GetModuleSystemState(Modules
aModule) at Soluto.Client.Common.BackgroundProcess.PCState.LoadActivityFromDB()

at Soluto.Client.Common.BackgroundProcess.PCState..ctor() at Soluto.Client.Common.BackgroundProcess.PCState.get_Instance()

at Soluto.Client.Core.Service.Service.OnSessionChange(SessionChangeDescription
changeDescription) at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32
eventType, IntPtr eventData)

Error - 5/7/2012 11:44:18 AM | Computer Name = pcwt5-VAIO | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 5/7/2012 11:44:45 AM | Computer Name = pcwt5-VAIO | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 5/7/2012 11:44:48 AM | Computer Name = pcwt5-VAIO | Source = Soluto PC-Genome Service | ID = 0
Description = Failed to process session change. System.Exception: Database doesn't
exist at Soluto.Common.Database.Client.LocalGenomeSingleton.AquireLocalGenome(String
callerName) at Soluto.Client.Common.SystemStateManager.GetSystemStateObject(Int32
aModuleId) at Soluto.Client.Common.SystemStateManager.GetModuleSystemState(Modules
aModule) at Soluto.Client.Common.BackgroundProcess.PCState.LoadActivityFromDB()

at Soluto.Client.Common.BackgroundProcess.PCState..ctor() at Soluto.Client.Common.BackgroundProcess.PCState.get_Instance()

at Soluto.Client.Core.Service.Service.OnSessionChange(SessionChangeDescription
changeDescription) at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32
eventType, IntPtr eventData)

Error - 5/7/2012 11:44:52 AM | Computer Name = pcwt5-VAIO | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 5/7/2012 11:46:52 AM | Computer Name = pcwt5-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

[ Media Center Events ]
Error - 8/17/2011 7:04:57 AM | Computer Name = pcwt5-VAIO | Source = MCUpdate | ID = 0
Description = 12:04:57 - Error connecting to the internet. 12:04:57 - Unable
to contact server..

Error - 8/17/2011 7:05:04 AM | Computer Name = pcwt5-VAIO | Source = MCUpdate | ID = 0
Description = 12:05:03 - Error connecting to the internet. 12:05:03 - Unable
to contact server..

Error - 8/18/2011 7:40:47 AM | Computer Name = pcwt5-VAIO | Source = MCUpdate | ID = 0
Description = 12:40:47 - Error connecting to the internet. 12:40:47 - Unable
to contact server..

Error - 8/18/2011 7:40:57 AM | Computer Name = pcwt5-VAIO | Source = MCUpdate | ID = 0
Description = 12:40:53 - Error connecting to the internet. 12:40:53 - Unable
to contact server..

Error - 3/14/2012 8:02:48 PM | Computer Name = pcwt5-VAIO | Source = MCUpdate | ID = 0
Description = 00:02:47 - Error connecting to the internet. 00:02:47 - Unable
to contact server..

Error - 3/14/2012 8:03:23 PM | Computer Name = pcwt5-VAIO | Source = MCUpdate | ID = 0
Description = 00:03:17 - Error connecting to the internet. 00:03:17 - Unable
to contact server..

Error - 5/7/2012 1:58:00 AM | Computer Name = pcwt5-VAIO | Source = MCUpdate | ID = 0
Description = 06:58:00 - Error connecting to the internet. 06:58:00 - Unable
to contact server..

Error - 5/7/2012 1:58:27 AM | Computer Name = pcwt5-VAIO | Source = MCUpdate | ID = 0
Description = 06:58:06 - Error connecting to the internet. 06:58:06 - Unable
to contact server..

Error - 5/7/2012 10:20:31 AM | Computer Name = pcwt5-VAIO | Source = MCUpdate | ID = 0
Description = 15:20:30 - Failed to retrieve MCEClientUX (Error: The remote name
could not be resolved: 'data.tvdownload.microsoft.com')

Error - 5/7/2012 10:20:45 AM | Computer Name = pcwt5-VAIO | Source = MCUpdate | ID = 0
Description = 15:20:31 - Failed to retrieve Broadband (Error: The remote name could
not be resolved: 'data.tvdownload.microsoft.com')

[ OSession Events ]
Error - 10/20/2011 1:42:23 AM | Computer Name = pcwt5-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 24128
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/20/2011 5:55:17 PM | Computer Name = pcwt5-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 30464
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/29/2011 7:16:10 PM | Computer Name = pcwt5-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 440
seconds with 120 seconds of active time. This session ended with a crash.

Error - 11/18/2011 1:25:58 AM | Computer Name = pcwt5-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 43957
seconds with 240 seconds of active time. This session ended with a crash.

Error - 12/21/2011 3:54:22 AM | Computer Name = pcwt5-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/6/2012 12:44:58 AM | Computer Name = pcwt5-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4136
seconds with 240 seconds of active time. This session ended with a crash.

Error - 2/6/2012 12:46:02 AM | Computer Name = pcwt5-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4199
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/6/2012 1:07:05 AM | Computer Name = pcwt5-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1228
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/6/2012 11:19:10 AM | Computer Name = pcwt5-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2077
seconds with 240 seconds of active time. This session ended with a crash.

Error - 3/19/2012 3:49:14 AM | Computer Name = pcwt5-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3851
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 5/7/2012 11:44:16 AM | Computer Name = pcwt5-VAIO | Source = Service Control Manager | ID = 7000
Description = The HitmanPro Scheduler service failed to start due to the following
error: %%2

Error - 5/7/2012 11:44:16 AM | Computer Name = pcwt5-VAIO | Source = Service Control Manager | ID = 7023
Description = The HitmanPro 3.6 Crusader (Boot) service terminated with the following
error: %%10

Error - 5/7/2012 11:44:27 AM | Computer Name = pcwt5-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService
service to connect.

Error - 5/7/2012 11:44:27 AM | Computer Name = pcwt5-VAIO | Source = Service Control Manager | ID = 7000
Description = The HsfXAudioService service failed to start due to the following
error: %%1053

Error - 5/7/2012 11:44:27 AM | Computer Name = pcwt5-VAIO | Source = Service Control Manager | ID = 7000
Description = The Printer Control service failed to start due to the following error:
%%2

Error - 5/7/2012 11:44:27 AM | Computer Name = pcwt5-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Upnp Server 10 service to connect.

Error - 5/7/2012 11:44:38 AM | Computer Name = pcwt5-VAIO | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.

Error - 5/7/2012 11:44:38 AM | Computer Name = pcwt5-VAIO | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Soluto

Error - 5/7/2012 11:44:45 AM | Computer Name = pcwt5-VAIO | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 2 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.

Error - 5/7/2012 11:44:52 AM | Computer Name = pcwt5-VAIO | Source = Service Control Manager | ID = 7034
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 3 time(s).


< End of report >


Event log 1
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 07/05/2012 18:23:29

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 07/05/2012 16:32:57
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 3 time(s).

Log: 'System' Date/Time: 07/05/2012 16:32:50
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Log: 'System' Date/Time: 07/05/2012 16:32:42
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: Soluto

Log: 'System' Date/Time: 07/05/2012 16:32:42
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Log: 'System' Date/Time: 07/05/2012 16:32:27
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Log: 'System' Date/Time: 07/05/2012 16:32:27
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Printer Control service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 07/05/2012 16:32:27
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HsfXAudioService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 07/05/2012 16:32:27
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService service to connect.

Log: 'System' Date/Time: 07/05/2012 16:32:21
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The HitmanPro 3.6 Crusader (Boot) service terminated with the following error: The environment is incorrect.

Log: 'System' Date/Time: 07/05/2012 16:32:21
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HitmanPro Scheduler service failed to start due to the following error: The system cannot find the file specified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 07/05/2012 16:31:33
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.


Event log 2

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 07/05/2012 18:22:02

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 07/05/2012 16:34:59
Type: Error Category: 0
Event: 7 Source: VzCdbSvc
Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Log: 'Application' Date/Time: 07/05/2012 16:32:57
Type: Error Category: 0
Event: 0 Source: Lavasoft Ad-Aware Service
The event description cannot be found.

Log: 'Application' Date/Time: 07/05/2012 16:32:50
Type: Error Category: 0
Event: 0 Source: Lavasoft Ad-Aware Service
The event description cannot be found.

Log: 'Application' Date/Time: 07/05/2012 16:32:39
Type: Error Category: 0
Event: 0 Source: Soluto PC-Genome Service
Failed to process session change. System.Exception: Database doesn't exist at Soluto.Common.Database.Client.LocalGenomeSingleton.AquireLocalGenome(String callerName) at Soluto.Client.Common.SystemStateManager.GetSystemStateObject(Int32 aModuleId) at Soluto.Client.Common.SystemStateManager.GetModuleSystemState(Modules aModule) at Soluto.Client.Common.BackgroundProcess.PCState.LoadActivityFromDB() at Soluto.Client.Common.BackgroundProcess.PCState..ctor() at Soluto.Client.Common.BackgroundProcess.PCState.get_Instance() at Soluto.Client.Core.Service.Service.OnSessionChange(SessionChangeDescription changeDescription) at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, IntPtr eventData)

Log: 'Application' Date/Time: 07/05/2012 16:32:23
Type: Error Category: 0
Event: 0 Source: Lavasoft Ad-Aware Service
The event description cannot be found.

Log: 'Application' Date/Time: 07/05/2012 16:31:22
Type: Error Category: 0
Event: 0 Source: Soluto PC-Genome Service
Failed to process session change. System.Exception: Database doesn't exist at Soluto.Common.Database.Client.LocalGenomeSingleton.AquireLocalGenome(String callerName) at Soluto.Client.Common.SystemStateManager.GetSystemStateObject(Int32 aModuleId) at Soluto.Client.Common.SystemStateManager.GetModuleSystemState(Modules aModule) at Soluto.Client.Common.BackgroundProcess.PCState.LoadActivityFromDB() at Soluto.Client.Common.BackgroundProcess.PCState..ctor() at Soluto.Client.Common.BackgroundProcess.PCState.get_Instance() at Soluto.Client.Core.Service.Service.OnSessionChange(SessionChangeDescription changeDescription) at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, IntPtr eventData)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
I think the CF log was too big this time to copy and paste so no problem.

I've got to run out for a couple of hours but run TDSSKiller again like you did the last time and this time tell it to Delete:

16:42:26.0879 5868 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:42:26.0879 5868 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

What sort of problems are you seeing now? Anything missing?
  • 0

#8
nightporter

nightporter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
OK I've run TDSSKiller again and deleted the items found. I've not noticed anything missing yet, the important things are definitely there.
My only problems now are an adapter/charger that gets roasting hot (I keep it on ice all day), must be a forum for that somewhere. Thanks again for saving my bacon, much appreciated. My windows firewall is up and I'm going to download the latest AVG antivirus, any tips you have for avoiding getting infected would be appreciated, by that I mean AVG and the like and or regular maintenance activities. Actually I've just noticed "How did I get infected in the first place?" and thats full of recommendations I will use.

Edited by nightporter, 07 May 2012 - 12:57 PM.

  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
We aren't quite done yet.

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 23
Java™ SE Development Kit 6 Update 20
Java™ 6 Update 14 (64-bit)

Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
(There are actually two different versions of this. Which one you get will depend on which browser you use. If you use regular IE or Firefox you will get the 32 bit version. If you use the 64 bit IE you will get the 64 bit version. Just get the one for the browser you use most of the time.)

Uninstall
Bing Bar - Don't need
Adobe Reader 9.3 Obsolete. Get the latest Adobe Reader at adobe.com. Uncheck whatever toolbar or other freebie they offer you before downloading. If they sneak it past you just uninstall it afterward.
Spam Free Search Bar - Don't need
Free Window Registry Repair - Don't need and can do more hamr than good.
TVersitybar Toolbar - Don't need
Vuze_Remote Toolbar - Don't need
WinPcap 4.1.2 -Unless you know why this is there, uninstall it. Often used by malware to monitor your network traffic.

Ad-Aware - This one is not working correctly. If you reinstall it make sure you do not let it install its own anti-virus. One Anti-virus is all you want. Two will fight each other.
Soluto -This one is broken. Not sure it works all that well with 64 bit systems.
HitmanPro 3.6 -This one is broken and as you know from experience is not to be trusted.

IF you don't use it then uninstall Windows Live. It's not really happy on a 64 bit system.

Copy the text in the code box by highlighting and Ctrl + c


:OTL
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
IE - HKLM\..\URLSearchHook: {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2548838
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Updater For Spam Free Search Bar) - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll (Visicom Media)
O2 - BHO: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll File not found
O2 - BHO: (TVersitybar Toolbar) - {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (no name) - {C8748F11-F4AD-47AF-AB50-C7DF5792096B} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (TVersitybar Toolbar) - {66bd2442-241b-44cd-8c7a-b51037053cdb} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (TVersitybar Toolbar) - {66BD2442-241B-44CD-8C7A-B51037053CDB} - C:\Program Files (x86)\TVersitybar\prxtbTVe2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4 - Startup: C:\Users\pcwt5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O20 - Winlogon\Notify\hitromi: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\hitromi.dll) - File not found

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
C:\Windows\SysWow64\(null)AAWService*.dmp
C:\Users\pcwt5\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
sc config HsfXAudioService start= disabled /c
sc config "Printer Control" start= disabled /c
sc config HitmanPro36CrusaderBoot start= disabled /c
    
:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]


then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.


Run OTL, Quickscan and post the log.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

(I'm trying to clear up the errors in your event logs as they can slow your boot down a lot.)

Ron
  • 0

#10
nightporter

nightporter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Here are those two logs:-

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 08/05/2012 04:46:56

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/05/2012 03:34:10
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Log: 'System' Date/Time: 08/05/2012 03:34:10
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HsfXAudioService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 08/05/2012 03:34:10
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService service to connect.

Log: 'System' Date/Time: 08/05/2012 03:34:08
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Lavasoft Ad-Aware Service service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 08/05/2012 03:34:08
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The HitmanPro 3.6 Crusader (Boot) service terminated with the following error: The environment is incorrect.

Log: 'System' Date/Time: 08/05/2012 03:34:08
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HitmanPro Scheduler service failed to start due to the following error: The system cannot find the file specified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/05/2012 03:26:40
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 08/05/2012 04:58:40

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/05/2012 03:48:05
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Unexpected conflict discarding 18 100.0.168.192.in-addr.arpa. PTR pcwt5-VAIO.local.

Log: 'Application' Date/Time: 08/05/2012 03:48:05
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Received from 192.168.0.100:5353 20 100.0.168.192.in-addr.arpa. PTR pcwt5-VAIO-2.local.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/05/2012 03:34:40
Type: Warning Category: 0
Event: 1021 Source: .NET Runtime
.NET Runtime version 2.0.50727.5448 - Executable "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe" AppDomain "DefaultDomain" deleted obsolete native image "C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\bd820bcb2f28345cc5aabace981f2944\mscorlib.ni.dll"

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 08/05/2012 04:58:40

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/05/2012 03:48:05
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Unexpected conflict discarding 18 100.0.168.192.in-addr.arpa. PTR pcwt5-VAIO.local.

Log: 'Application' Date/Time: 08/05/2012 03:48:05
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Received from 192.168.0.100:5353 20 100.0.168.192.in-addr.arpa. PTR pcwt5-VAIO-2.local.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/05/2012 03:34:40
Type: Warning Category: 0
Event: 1021 Source: .NET Runtime
.NET Runtime version 2.0.50727.5448 - Executable "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe" AppDomain "DefaultDomain" deleted obsolete native image "C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\bd820bcb2f28345cc5aabace981f2944\mscorlib.ni.dll"

Edited by nightporter, 07 May 2012 - 10:14 PM.

  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP

Log: 'System' Date/Time: 08/05/2012 03:34:10
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.


This is some Roxio program that is not working and causing a 30 second delay at boot. Perhaps an uninstall and reinstall (remember to right click and Run as Admin)

Log: 'System' Date/Time: 08/05/2012 03:34:10
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HsfXAudioService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 08/05/2012 03:34:10
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService service to connect.


These two are some Conexant Systems audio driver which is also not working and is causing a delay. Right click on (My) Computer and select Manage and then Device Manager. See if you see it. It should have a yellow or red mark next to it. Right click and uninstall it then reboot. Windows will reinstall it and that may fix the problem. If not then go to the PC maker's website and download the latest audi driver and see if that helps.


Log: 'System' Date/Time: 08/05/2012 03:34:08
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Lavasoft Ad-Aware Service service failed to start due to the following error: The system cannot find the file specified.


This is Ad-Aware which is broken.

Log: 'System' Date/Time: 08/05/2012 03:34:08
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The HitmanPro 3.6 Crusader (Boot) service terminated with the following error: The environment is incorrect.


Log: 'System' Date/Time: 08/05/2012 03:34:08
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HitmanPro Scheduler service failed to start due to the following error: The system cannot find the file specified.

This is HitmanPro which is broken.


Please run OTL, Quickscan and post the log.
  • 0

#12
nightporter

nightporter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I've uninstalled Roxio.

In Device Manager there were no red or yellow icons against any of the items in the list. According to the Conexant website they only provide directly to manufacturers, I tried the Sony site, couldn't find anything that was obviously what i was looking for. I found another site offering conexant drivers but I wasn't sure whether to download anything from there or not.

I cant find anything to delete or uninstall regarding Adaware or HitmanPro (I think I've already uninstalled them) not in Add/remove programs or even in windows explorer, there are remnants in C:\Programdata though. eg C:\ProgramData\Lavasoft\License\adaware.da2

I've run the OTL quick scan, results attached.
  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Was off island all day. Just got back. Don't see the OTL log tho when I reply it acts like it should be there. Please copy and paste it into a reply.
  • 0

#14
nightporter

nightporter

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Which Island is that?

I tried twice before to attach the log, strange. I notice there is an Add Reply button and on clicking that I get Add Reply / Preview Post or cancel as the options, no Post button, even after preview there is no post button.

Here's the log.
OTL logfile created on: 5/9/2012 6:46:40 AM - Run 3
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\pcwt5\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.84 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 25.80% Memory free
7.68 Gb Paging File | 4.64 Gb Available in Paging File | 60.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.66 Gb Total Space | 129.63 Gb Free Space | 44.91% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 61.87 Mb Free Space | 61.87% Space Free | Partition Type: NTFS

Computer Name: PCWT5-VAIO | User Name: pcwt5 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2012/05/07 17:11:16 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\pcwt5\Desktop\OTL.exe
PRC - [2012/04/28 03:07:02 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/03/22 01:32:18 | 000,773,624 | ---- | M] (bProtector) -- C:\ProgramData\bProtector\bProtect.exe
PRC - [2012/03/11 14:48:36 | 001,652,536 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/03/11 14:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/02/07 20:17:42 | 000,065,448 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr.exe
PRC - [2012/02/07 20:17:42 | 000,043,944 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr_im.exe
PRC - [2012/01/07 02:45:30 | 000,653,640 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
PRC - [2012/01/06 19:32:46 | 000,331,608 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
PRC - [2012/01/05 00:02:02 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
PRC - [2012/01/05 00:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
PRC - [2011/12/21 23:13:46 | 000,206,504 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/11/02 17:52:06 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/11/02 17:51:54 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011/01/30 16:45:14 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010/11/20 13:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2010/10/25 14:59:40 | 000,057,344 | ---- | M] (Apache Software Foundation) -- c:\Smsltd\Sam\platform\tomcat\bin\tomcat5.exe
PRC - [2010/08/18 18:04:14 | 000,101,376 | ---- | M] (Simpo Technologies) -- C:\Program Files (x86)\Simpo PDF Creator Lite\SpcLiteSrv.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009/12/03 02:57:52 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
PRC - [2009/07/28 01:58:36 | 000,099,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
PRC - [2009/07/02 02:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/07/01 20:49:34 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/07/01 20:49:34 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/06/26 23:35:04 | 000,468,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2009/06/05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/05/26 18:23:14 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2008/09/18 19:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007/10/17 16:22:56 | 000,352,256 | ---- | M] () -- C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/08 05:06:18 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\075d9c27aa02085fef8983b5f5f85834\System.ServiceProcess.ni.dll
MOD - [2012/05/08 05:04:25 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012/05/08 05:03:59 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/05/08 05:03:54 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/05/08 05:03:53 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/05/08 05:03:46 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2012/05/07 15:37:50 | 000,115,137 | ---- | M] () -- C:\Users\pcwt5\AppData\Local\Temp\b3ac04aa-9413-4ecb-ac45-ed44495e62a6\CliSecureRT.dll
MOD - [2012/04/28 03:07:01 | 000,444,400 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppgooglenaclpluginchrome.dll
MOD - [2012/04/28 03:06:59 | 003,915,248 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll
MOD - [2012/04/28 03:05:34 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\avutil-51.dll
MOD - [2012/04/28 03:05:33 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\avformat-53.dll
MOD - [2012/04/28 03:05:32 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\avcodec-53.dll
MOD - [2012/04/28 02:09:18 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
MOD - [2012/04/12 20:29:11 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\caf9fdf2957d955ccb07d837d095eae1\PresentationFramework.ni.dll
MOD - [2012/04/12 20:28:53 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7a2fecd8284d0c427d16ff278a1e574f\PresentationCore.ni.dll
MOD - [2012/04/12 20:28:48 | 013,197,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\a36af74ac369a8c1f3171cd6fb18f3a6\System.Windows.Forms.ni.dll
MOD - [2012/04/12 20:28:39 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\32a65725ff7d128428e35d8100dad4be\WindowsBase.ni.dll
MOD - [2012/04/12 20:28:37 | 001,665,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\64ea1d0193e735b953c94d16d6fd2146\System.Drawing.ni.dll
MOD - [2012/03/29 23:44:16 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\eef171dee81858018c3956485fff7ba7\System.Management.ni.dll
MOD - [2012/03/29 23:40:40 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4017661cfa4a173b878d7e2a949c3a9e\System.Runtime.Remoting.ni.dll
MOD - [2012/03/29 23:40:22 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b9942cb07813f553f6d6374dd4541362\System.Xaml.ni.dll
MOD - [2012/03/29 03:07:46 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1c5b741f270fccb3b527b4fc3a8431f3\PresentationFramework.Aero.ni.dll
MOD - [2012/03/29 03:07:18 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b7409080f31b0a702281b68c37bac326\System.Core.ni.dll
MOD - [2012/03/29 03:07:18 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\68345d6b57fe33c9a94fe6a72ab5e85e\System.Xml.ni.dll
MOD - [2012/03/29 03:07:06 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\57e066d0b97757dbd26d59302c3d701a\System.ni.dll
MOD - [2012/03/29 03:06:57 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e5b31f3bb6508df0dc7c20ddc72f3191\mscorlib.ni.dll
MOD - [2012/01/07 02:45:30 | 000,653,640 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
MOD - [2012/01/06 19:38:32 | 000,009,544 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\lang\gui-eng.dll
MOD - [2011/11/22 01:47:46 | 000,468,992 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
MOD - [2011/11/22 01:47:44 | 001,609,728 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
MOD - [2011/11/22 01:47:44 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
MOD - [2011/11/22 01:47:42 | 005,694,976 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
MOD - [2011/11/22 01:46:28 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Raptr\sip.pyd
MOD - [2011/11/10 17:11:00 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2011/11/02 17:52:06 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/10/24 19:50:38 | 000,079,360 | ---- | M] () -- C:\Program Files (x86)\Raptr\easyhook32.dll
MOD - [2011/10/24 19:49:56 | 002,717,595 | ---- | M] () -- C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
MOD - [2011/09/09 00:47:40 | 001,183,699 | ---- | M] () -- C:\Program Files (x86)\Raptr\liboscar.dll
MOD - [2011/09/09 00:47:36 | 001,640,221 | ---- | M] () -- C:\Program Files (x86)\Raptr\libjabber.dll
MOD - [2011/09/09 00:47:32 | 001,052,194 | ---- | M] () -- C:\Program Files (x86)\Raptr\libymsg.dll
MOD - [2011/09/09 00:47:22 | 000,495,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libaim.dll
MOD - [2011/09/09 00:47:22 | 000,483,306 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libicq.dll
MOD - [2011/09/09 00:47:16 | 000,655,356 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libirc.dll
MOD - [2011/09/09 00:47:16 | 000,603,326 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
MOD - [2011/09/09 00:47:14 | 000,497,782 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
MOD - [2011/09/09 00:47:14 | 000,474,199 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl.dll
MOD - [2011/09/09 00:47:10 | 001,306,387 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libmsn.dll
MOD - [2011/09/09 00:47:04 | 000,565,461 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
MOD - [2011/09/09 00:46:56 | 000,506,276 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
MOD - [2011/08/07 17:47:27 | 000,516,368 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll
MOD - [2011/03/29 23:33:52 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011/03/03 12:39:46 | 000,141,824 | ---- | M] () -- C:\Windows\SysWOW64\mp4.dll
MOD - [2011/03/03 12:35:32 | 000,080,384 | ---- | M] () -- C:\Windows\SysWOW64\mkzlib.dll
MOD - [2011/03/03 12:35:26 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\mkunicode.dll
MOD - [2011/02/15 19:17:28 | 001,213,633 | ---- | M] () -- C:\Program Files (x86)\Raptr\libxml2-2.dll
MOD - [2011/02/15 19:17:28 | 000,417,501 | ---- | M] () -- C:\Program Files (x86)\Raptr\sqlite3.dll
MOD - [2010/11/23 00:06:22 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\Raptr\zlib1.dll
MOD - [2010/11/22 23:57:36 | 002,042,368 | ---- | M] () -- C:\Program Files (x86)\Raptr\libtorrent.pyd
MOD - [2010/11/22 23:57:34 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32gui.pyd
MOD - [2010/11/22 23:57:34 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32file.pyd
MOD - [2010/11/22 23:57:34 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32api.pyd
MOD - [2010/11/22 23:57:34 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32process.pyd
MOD - [2010/11/22 23:57:18 | 000,141,312 | ---- | M] () -- C:\Program Files (x86)\Raptr\gobject._gobject.pyd
MOD - [2010/11/22 23:57:06 | 000,263,168 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
MOD - [2010/11/22 23:56:56 | 000,354,304 | ---- | M] () -- C:\Program Files (x86)\Raptr\pythoncom26.dll
MOD - [2010/11/22 23:56:56 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\pywintypes26.dll
MOD - [2010/11/22 23:56:26 | 000,324,608 | ---- | M] () -- C:\Program Files (x86)\Raptr\PIL._imaging.pyd
MOD - [2010/11/22 23:56:02 | 000,805,376 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ssl.pyd
MOD - [2010/11/22 23:56:02 | 000,583,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\unicodedata.pyd
MOD - [2010/11/22 23:56:02 | 000,356,864 | ---- | M] () -- C:\Program Files (x86)\Raptr\_hashlib.pyd
MOD - [2010/11/22 23:56:02 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Raptr\pyexpat.pyd
MOD - [2010/11/22 23:56:02 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ctypes.pyd
MOD - [2010/11/22 23:56:02 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Raptr\_sqlite3.pyd
MOD - [2010/11/22 23:56:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Raptr\_socket.pyd
MOD - [2010/11/22 23:56:02 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Raptr\winsound.pyd
MOD - [2010/11/05 02:57:39 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009/12/03 02:52:03 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2009/06/10 22:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2008/09/03 23:55:38 | 004,478,680 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2007/10/17 16:22:56 | 000,352,256 | ---- | M] () -- C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2011/08/12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/24 05:34:31 | 000,189,984 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2009/07/16 18:36:56 | 000,411,496 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/02 02:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/06/26 23:56:10 | 000,357,672 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2009/06/26 23:35:04 | 000,468,264 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2009/06/18 03:50:30 | 000,110,888 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2012/05/02 03:27:17 | 008,252,840 | ---- | M] (SurfRight B.V.) [Auto | Stopped] -- C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe -- (HitmanPro36CrusaderBoot) HitmanPro 3.6 Crusader (Boot)
SRV - [2012/03/22 01:32:18 | 000,773,624 | ---- | M] (bProtector) [Auto | Running] -- C:\ProgramData\bProtector\bProtect.exe -- (bProtector)
SRV - [2012/03/11 14:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/02/15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/06 19:39:16 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.exe -- (ExpatTrayService)
SRV - [2012/01/06 19:32:46 | 000,331,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe -- (ExpatShieldService)
SRV - [2012/01/05 00:02:02 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -- (ExpatWd)
SRV - [2012/01/05 00:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe -- (ExpatSrv)
SRV - [2011/10/15 03:33:52 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/10/25 14:59:40 | 000,057,344 | ---- | M] (Apache Software Foundation) [Auto | Running] -- c:\Smsltd\Sam\platform\tomcat\bin\tomcat5.exe -- (smsltdsam)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/07/31 21:09:12 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009/07/28 01:58:40 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/07/28 01:58:38 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/07/28 01:58:38 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/07/28 01:58:38 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/07/28 01:58:36 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/07/23 19:39:38 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009/07/23 00:03:04 | 000,642,920 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/07/01 20:49:34 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/09/18 19:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/08 02:33:50 | 000,065,600 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pssdklbf.sys -- (PSSDKLBF)
DRV:64bit: - [2012/04/08 02:33:46 | 000,053,312 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pssdk42.sys -- (PSSDK42)
DRV:64bit: - [2012/03/11 14:48:52 | 000,063,760 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/27 02:25:54 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2011/10/27 02:25:54 | 000,095,928 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/05 02:19:52 | 000,034,040 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DrmRAudio.sys -- (DrmRAudio)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/16 12:26:38 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2010/09/23 08:46:09 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/09/23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/22 20:19:02 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2010/09/22 20:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2009/08/05 02:22:40 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2009/08/05 02:20:51 | 007,345,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/03 21:06:34 | 000,250,928 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/07/31 21:29:11 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/31 21:14:14 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2009/07/31 21:13:51 | 000,086,528 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2009/07/31 21:09:12 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/07/31 21:09:08 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2009/07/31 21:02:03 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/07/30 21:41:17 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/07/30 21:41:16 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/30 21:41:16 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/30 21:40:45 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/07/27 21:27:10 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/24 06:24:03 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 21:19:09 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 21:04:10 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/05 02:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 23:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/20 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/04/08 10:53:10 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\semcreserved64.sys -- (SEMCReserved)
DRV:64bit: - [2008/04/08 10:52:58 | 000,023,040 | ---- | M] (Sony Ericsson) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\seu4scard64.sys -- (Sony_EricssonWWSC)
DRV:64bit: - [2008/04/08 10:51:52 | 000,362,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembwwan.sys -- (sembwwan) Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM)
DRV:64bit: - [2008/04/08 10:51:48 | 000,396,800 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembunic.sys -- (sembunic) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM)
DRV:64bit: - [2008/04/08 10:51:46 | 000,033,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembnd5.sys -- (sembnd5) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS)
DRV:64bit: - [2008/04/08 10:51:44 | 000,370,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmgmt.sys -- (sembmgmt) Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM)
DRV:64bit: - [2008/04/08 10:51:42 | 000,445,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmdm2.sys -- (sembmdm2)
DRV:64bit: - [2008/04/08 10:51:38 | 000,019,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmdfl2.sys -- (sembmdfl2)
DRV:64bit: - [2008/04/08 10:51:32 | 000,362,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembcard.sys -- (sembcard) Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM)
DRV:64bit: - [2008/04/08 10:51:30 | 000,302,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembbus.sys -- (sembbus) SEMC WMC Composite Device driver (WDM)
DRV - [2012/03/11 14:48:52 | 000,061,712 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2012/03/11 14:48:52 | 000,055,056 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2011/12/15 18:00:06 | 000,397,520 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys -- (RapportCerberus_34302)
DRV - [2009/09/18 01:03:56 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\pcwt5\Downloads\PeerBlock_r162__x64_Release_(Vista)\pbfilter.sys -- (pbfilter)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2548838

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7SVEA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\pcwt5\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/01/25 17:14:55 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\pcwt5\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\pcwt5\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\pcwt5\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\pcwt5\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Gmail = C:\Users\pcwt5\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/07 15:34:54 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll (AnchorFree Inc.)
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Updater For Spam Free Search Bar) - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll File not found
O2 - BHO: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll File not found
O2 - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll (AnchorFree Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (no name) - {C8748F11-F4AD-47AF-AB50-C7DF5792096B} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Spam Free Search Bar) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {66BD2442-241B-44CD-8C7A-B51037053CDB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {742E70CF-7770-412D-86CB-230B322E807C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BbInstallUser] C:\Program Files\Bluebeam Software\Pushbutton PDF\Bluebeam Admin User.exe (Bluebeam Software, Inc.)
O4:64bit: - HKLM..\Run: [BbPrintMonitor] C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe (Bluebeam Software, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [Simpo PDF Creator Lite Server] C:\Program Files (x86)\Simpo PDF Creator Lite\SpcLiteSrv.exe (Simpo Technologies)
O4 - HKCU..\Run: [instanteyedropper] C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe ()
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - Startup: C:\Users\pcwt5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 4
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} http://mlvessel:8085...ms2/js/smsx.cab (MeadCo ScriptX)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} http://81.130.200.130/SysCamInst.cab (Panasonic Network Camera)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} http://driftwoodbeac...MJPEGRender.ocx (MJPEGRender Control)
O16 - DPF: {C32FE9F1-A857-48B0-B7BF-065B5792F28D} http://82.153.20.10:...l_mpeg4_dec.cab (CAxMP4Dec Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://smslimited.w...ex/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=724 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F6C6BA11-BA8F-404F-A447-49C76C73EE3E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA9DA235-FB7C-44AE-9483-1F2F3870663E}: DhcpNameServer = 10.205.8.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\hitromi: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\hitromi.dll) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/09 05:51:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2B177418-36BA-462D-92D9-177D943484C6}
[2012/05/09 05:51:09 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B9CE8A29-6419-480B-BBCE-21935CB15581}
[2012/05/09 04:50:59 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C3FE33D1-E838-4E1B-AA32-258887EE3A64}
[2012/05/09 04:50:24 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{3BCFAA96-4110-4968-82DD-39CE34684825}
[2012/05/08 22:39:06 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{67FF33F5-1C6B-4890-9F6F-80104C8991EA}
[2012/05/08 22:38:33 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{DAB78AD8-8862-40EC-89ED-38282681FA40}
[2012/05/08 19:48:29 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Roaming\Roxio Log Files
[2012/05/08 17:48:51 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{279E30A1-B237-4D56-A20C-EEBAC08D4AB5}
[2012/05/08 17:48:35 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{AE902CE2-87F1-4D9E-8B2A-61AB553AA50E}
[2012/05/08 14:17:31 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B4ED3829-C62C-4657-89F9-75D0FA838265}
[2012/05/08 05:34:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5194DD5B-E8FD-4B2E-9AEE-177CED146925}
[2012/05/08 05:33:43 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1316EDE3-0026-4DA4-8560-84CD122000A0}
[2012/05/08 05:16:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{FECEB89E-20BF-4813-A4A4-D258AABD71E3}
[2012/05/08 05:16:17 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{005580A7-37F9-4E3D-AC92-E8C0403F7145}
[2012/05/08 04:03:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/08 02:04:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/05/08 02:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/05/08 02:02:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/05/08 00:14:17 | 003,255,248 | ---- | C] (Javacool Software LLC ) -- C:\Users\pcwt5\Desktop\spywareblastersetup46.exe
[2012/05/07 23:47:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/05/07 23:45:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/05/07 19:33:04 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/05/07 18:35:46 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{622035EC-FE47-400A-8998-0CA1BBA3BC7E}
[2012/05/07 18:35:35 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{7796F4C2-4BD5-467D-BE3E-7E762F5F1674}
[2012/05/07 17:19:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{74299221-BF3E-4DD3-BE7C-2C53C8EDC886}
[2012/05/07 17:19:18 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B0D59B8A-D900-476F-959D-A6EBD4CE8164}
[2012/05/07 17:11:23 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\pcwt5\Desktop\OTL.exe
[2012/05/07 16:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/07 16:54:09 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/05/07 16:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/07 16:52:28 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\pcwt5\Desktop\mbam-setup-1.61.0.1400.exe
[2012/05/07 16:37:12 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\pcwt5\Desktop\tdsskiller.exe
[2012/05/07 15:35:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/05/07 14:52:04 | 004,486,979 | R--- | C] (Swearware) -- C:\Users\pcwt5\Documents\ComboFix.exe
[2012/05/07 14:17:10 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{8D9763BE-35C8-443F-898E-CBCD216E556F}
[2012/05/07 14:16:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{49535924-86CB-4CA1-8ED3-73221B603CA9}
[2012/05/07 07:57:25 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\pcwt5\Desktop\aswMBR.exe
[2012/05/07 07:29:51 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1A780A6D-3F7D-47A1-87C5-3E153F89F024}
[2012/05/07 07:29:22 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F93A5862-B9D5-41C0-9320-A8BA7625F96C}
[2012/05/07 06:53:51 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{11BEC418-E75C-4DE0-B54B-B1BCC265EE25}
[2012/05/07 06:50:54 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/05/06 15:33:32 | 000,000,000 | ---D | C] -- C:\FRST
[2012/05/02 05:43:38 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/05/02 04:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2012/05/02 03:26:12 | 008,252,840 | ---- | C] (SurfRight B.V.) -- C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe
[2012/05/02 02:12:17 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F5353179-622E-47AA-9532-7FD204C7B70C}
[2012/05/02 02:11:56 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{933A7BA7-EA40-4E13-9414-F3E2E90F3588}
[2012/05/01 23:22:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E85104C4-2416-430E-BAE8-FF63DD741C55}
[2012/05/01 23:02:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{05F87219-D93B-418A-BEEC-9D2CACF2503E}
[2012/05/01 22:25:07 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{AB0E2318-2FD3-4888-92CE-51BE7B0E5478}
[2012/05/01 21:35:29 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1E9708A6-62C2-47A0-A8BF-D4111CAE3C12}
[2012/05/01 21:30:31 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A2975F85-EFFA-4B75-B6EB-38911A3DE0A5}
[2012/05/01 20:49:39 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D18AF664-8FB8-4D02-BF01-B78A88226172}
[2012/05/01 20:49:36 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery
[2012/05/01 20:49:18 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{021B4ECB-56E3-4844-B9EA-43E59C6576F6}
[2012/05/01 16:53:20 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E78D314A-0FF3-45F2-AD60-640F565F4906}
[2012/05/01 16:52:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1ADA076C-41D3-42E4-B40A-4D9EFF4CA05A}
[2012/05/01 16:15:43 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{3B207406-5269-40F8-BFCB-F0B8BB77D266}
[2012/05/01 16:14:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{075CAA42-8CEA-4FBB-BDFB-1ED928DE1D1F}
[2012/05/01 14:10:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{32B36069-735D-4CCA-A776-29B3565FE3DA}
[2012/05/01 14:10:15 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{AB03D844-CA98-4B74-BB32-D3D70394EE8B}
[2012/05/01 03:53:19 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{64FD770E-160E-4BBA-A849-9CB159B9659F}
[2012/05/01 03:52:54 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{52FF098F-2F01-4B83-834C-A9FDCDDDC138}
[2012/04/30 18:55:30 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{03FA506E-9631-44BD-85BD-A1A27E16823E}
[2012/04/30 18:55:04 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2EDE731F-374B-403F-8E55-0241F8E58F86}
[2012/04/30 16:32:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{33600838-AA50-4D26-969E-1E4F5C46B515}
[2012/04/30 16:32:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2FEEE62A-78AF-4546-B0C0-16D9AE495017}
[2012/04/30 15:29:47 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C2CF7053-C654-42C5-B309-866771921306}
[2012/04/30 15:29:34 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{79B31A9F-FCD1-472C-A50D-7A3904E78E2B}
[2012/04/30 14:11:52 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D3F65FE2-0574-47C8-8C19-FB662CF90ED6}
[2012/04/30 14:11:26 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9EDF099C-70C3-4236-B234-870275134302}
[2012/04/30 05:02:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2FBE040E-C82D-4463-ACD4-D9124F0D8E1E}
[2012/04/30 05:02:29 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{4CD64D5C-8771-458B-BCCF-D175B872D2EE}
[2012/04/30 02:43:49 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CC418A48-DD5A-486B-A7F4-CE0D2B83E4E8}
[2012/04/30 02:43:10 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D6AEC580-1A07-4B3A-BCE8-DD7E41DE6790}
[2012/04/30 02:28:31 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{576A53C0-CCD3-4BD2-A9C9-5B858017D6F8}
[2012/04/30 02:28:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5FC3AE8E-E727-4BB0-921A-DEEF8FFE49AB}
[2012/04/29 20:26:14 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{553F0817-2044-4627-9F0D-B308963417A9}
[2012/04/29 20:25:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CF5C11B9-00A8-4DF1-9A2B-9C6093128BAD}
[2012/04/29 17:19:05 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{558FE5DB-7EB1-4562-A264-12AB3C6BE863}
[2012/04/29 17:18:53 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{57F5021F-AB92-49D3-BD9C-2B24A4315BCF}
[2012/04/28 17:27:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A47945CB-A781-4E5D-8B7D-C4BA3C9A749A}
[2012/04/28 17:27:10 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B282FABB-52D9-4910-B8E2-9DFB3B0A3107}
[2012/04/28 17:06:46 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1B382B8F-87EA-4636-BC81-CBD65E17A27D}
[2012/04/28 17:06:16 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{531B8A56-6C79-4811-AC81-94A7B9D88AFE}
[2012/04/28 16:35:46 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2F80ECB8-52B9-4301-A1E4-6C4D9B6D586D}
[2012/04/28 16:35:13 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9F9FEF7D-0527-45C4-AC87-6AEEE7184FC5}
[2012/04/28 04:37:56 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E6872542-D5F7-47CE-BD23-36F9DCF97098}
[2012/04/28 04:37:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{108705A9-1A2B-48C7-8C74-AAABD8AC6BD9}
[2012/04/27 18:59:21 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1F3721B6-A781-472F-83C7-9D27CBB578F9}
[2012/04/27 18:59:06 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{FB38EC1A-6AB6-4353-B878-388C7ADE7B96}
[2012/04/27 18:57:20 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B426DF39-4D50-4388-BE99-03CF16ED7379}
[2012/04/27 18:57:04 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C5188DF6-F7BA-4E8B-8821-A60698DA82CB}
[2012/04/27 18:39:35 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2D581EFE-4700-4CAA-9158-676BD12A40AB}
[2012/04/27 18:39:19 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{3E7DAE22-3ED5-4B4E-AF3E-EB59A4DFF1BC}
[2012/04/27 16:33:35 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D4BAF2C8-0F63-4CF9-97D4-1876CC0AED1E}
[2012/04/27 16:33:13 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{41F2DFE5-C6A2-421C-9EB2-3BDF470232C5}
[2012/04/27 14:54:11 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A8FEA25A-B4C5-4029-BA6D-14B2BA8B80F9}
[2012/04/27 14:53:50 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5B1EEF44-10B1-4D58-AE44-908835AA8397}
[2012/04/27 14:04:47 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CD6A5E9D-A60B-4FF1-ACD4-A961812B18B6}
[2012/04/27 14:04:16 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{8ED8CBAA-63EE-423E-B9A1-5526E88DE3A4}
[2012/04/27 06:51:25 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{51E57184-713E-4E71-A8A2-1BA267E61EBD}
[2012/04/27 06:51:05 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{95DFD585-DA13-428F-B394-2688CBAA8F88}
[2012/04/27 04:16:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5DFEB043-46D2-4D8D-9863-77F088DA354A}
[2012/04/27 04:15:44 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D4FAEB01-F5EC-48DC-B88B-D0B90E307E26}
[2012/04/27 00:52:48 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{55DA07C6-E1F0-4E99-8DCC-132FB5D09D4A}
[2012/04/27 00:52:29 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{DFE1E5DF-D3A5-4447-8C60-F843DF81158C}
[2012/04/26 22:57:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{424DACEE-60F0-4829-B2C9-840C98C7738C}
[2012/04/26 22:57:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C1C7A6EC-701E-41CC-88A1-162ACB714D1E}
[2012/04/26 22:54:36 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{7505BF48-DE75-4B24-A3D1-8C66AE470666}
[2012/04/26 22:54:07 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{04D8B1B1-16C2-4C26-BB7D-E457CA34D198}
[2012/04/26 16:25:25 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{46A188E6-A9CD-4819-A40B-588063915CE9}
[2012/04/26 16:25:11 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CA922E3E-9C56-4BFD-B052-034CAB5CA1CE}
[2012/04/26 14:00:53 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0A9DAF1E-4D2B-4AFE-BB38-015559D64F2E}
[2012/04/26 14:00:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{DCFAB97E-8821-465F-BB25-0E5C25000104}
[2012/04/26 02:29:51 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{8A7C4930-DF62-4A1E-BE63-18DA113D706E}
[2012/04/26 02:29:36 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B207130E-BE6F-4F84-99EC-D00D0D36EAD2}
[2012/04/26 01:48:21 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A4EA1576-8793-4475-A05B-C42EB59C6489}
[2012/04/26 01:48:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{20612B03-EF2B-4E63-A563-1E1CFFCBDE4A}
[2012/04/26 01:07:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{859EAD84-BF9A-443F-8086-6AD1B44038D4}
[2012/04/26 01:06:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{811A91E9-233A-4944-B2E8-103A75AF0BB7}
[2012/04/25 16:38:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D1CA7815-275C-4288-8C42-5DAD0D8A3F3D}
[2012/04/25 14:22:29 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{33D6AC9C-7D95-4B5B-95C5-5BBE9475A908}
[2012/04/25 14:22:13 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B4B205DC-3D03-4B8F-BBDA-66795296BF89}
[2012/04/25 00:58:54 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D097A033-CFCB-4251-8AEE-22FAF638C6F2}
[2012/04/25 00:56:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E83F3566-3329-492C-9ED5-A2516B66BE04}
[2012/04/24 14:48:40 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{32B105ED-CE6C-4BF2-AD4D-09A76BFEC0B6}
[2012/04/24 14:48:24 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{4D5E7009-355F-4DC5-9B62-34906DC4B5E2}
[2012/04/24 07:46:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridinSoft Trojan Killer
[2012/04/24 04:24:27 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{97F48C24-A033-46DC-9CD8-ADCC8147FF21}
[2012/04/24 04:24:13 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{43AE9C61-05DE-4C91-853E-302F29661CCA}
[2012/04/24 04:23:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C219EA38-300B-49BB-8F6F-9EC74DAB2307}
[2012/04/24 04:23:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{52996862-9F5F-4364-8E7A-2B9AF6018770}
[2012/04/23 16:23:10 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{69164B96-39E7-4A76-80E2-026A0B147615}
[2012/04/23 16:22:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D6077CBC-A654-41DA-994E-592FD328ED83}
[2012/04/23 04:22:27 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{735FDAC4-2A2C-43EE-BA84-7A7399097F23}
[2012/04/23 04:22:15 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{288B7964-2EFA-43AF-93CA-28D15B4C3392}
[2012/04/23 04:22:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{89D02B0C-C3DD-486B-A895-D2945C76DED4}
[2012/04/23 04:21:48 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{29FF4DF6-8736-4AE0-AD15-062A7F1A748E}
[2012/04/22 16:21:19 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C56441E2-8276-4920-85FB-0D31FD66FBD7}
[2012/04/22 16:21:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{722040FF-6460-45D1-8E32-7894DF0D9CCD}
[2012/04/21 17:28:49 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{199DE0D8-5874-43F0-8F47-76CBE3BACD1E}
[2012/04/21 17:28:04 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5442258D-A63F-4949-8E15-DA761F238855}
[2012/04/21 02:18:25 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A4934BAF-31E7-4B74-B910-8AD120F4EC23}
[2012/04/21 02:18:11 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A1F149BD-6A28-4455-8460-7D1187E091F4}
[2012/04/20 14:17:18 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{4EA12E26-5A23-4697-A9EB-879467545178}
[2012/04/20 14:16:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{560730B6-ED93-48C1-ACE3-3594F6D781BD}
[2012/04/19 23:25:33 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{BF1DE36E-7F1C-45D1-839B-63F88C58528A}
[2012/04/19 23:24:59 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{91295554-F56C-4BE5-91FA-6C404F8567E2}
[2012/04/19 23:02:40 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{44C99892-68F9-4F98-83B7-D0B80B3F3FE1}
[2012/04/19 23:02:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{BF156C13-8B85-4654-A790-6F4D5A5C13C7}
[2012/04/19 22:38:20 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0CB1BC80-E6B3-46D1-9779-C0996C454200}
[2012/04/19 22:38:05 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D43A8419-CABA-4A29-A1BC-CA0E948AD6ED}
[2012/04/19 22:36:35 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{08F5D69C-7901-4EA1-98F6-430B2A2A0090}
[2012/04/19 22:36:19 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{18FF0A2E-8C82-42A7-BE9E-70AE7A2E5A04}
[2012/04/19 17:29:09 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{22374D4D-7C80-4349-A0B0-810A102FBAA4}
[2012/04/19 17:28:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{8DC38F73-3245-4E8C-8520-8EA3D8E01718}
[2012/04/19 17:05:15 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{57DE47CF-F98C-410A-ADE5-621D3CCF8804}
[2012/04/19 17:05:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CE54D447-7509-4B67-B89D-02B40C894469}
[2012/04/19 14:52:36 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1F8F429B-0543-4311-944D-FC66DFFC77CA}
[2012/04/19 14:52:21 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{70D9BC37-A4C0-4621-81EA-BE7152FC10BA}
[2012/04/19 14:28:28 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{61C5B988-DA83-4CFF-9CF7-E85D312B28C1}
[2012/04/19 14:27:40 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{BDAE4FCC-714F-4B4C-A51F-E76F39F072C2}
[2012/04/19 14:23:53 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{03C8D5CD-2DCF-4CD6-9B0E-337EC43B7D4B}
[2012/04/19 14:23:09 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D9C5E915-63DA-4DFF-BCD0-B801B13F1323}
[2012/04/19 03:45:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E2678831-FABB-4C75-A42E-7102B09F3A98}
[2012/04/19 03:44:46 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{82BBDDD2-A80A-4DD3-9255-AA985EEB91B6}
[2012/04/19 01:55:16 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A53C9D78-AF14-4259-9481-FE19169F680A}
[2012/04/19 01:55:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{DA57205D-14AF-4E5A-8696-15769F382670}
[2012/04/19 00:19:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1580ED82-76E1-4691-9FF8-0BDDDA1B5E38}
[2012/04/19 00:19:26 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{FA0BE2EC-3860-4287-9113-6F7A1E2785A5}
[2012/04/18 23:26:36 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1B0B7B5F-8DDB-485F-8E1C-5FFE30CDCE10}
[2012/04/18 23:25:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{434C05BB-2966-4200-9BE4-7A2EB7C036FA}
[2012/04/18 14:45:05 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{87391CD7-E608-4341-BD74-FC3F999C0638}
[2012/04/18 14:20:19 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B1C53AB1-B108-4FFB-8701-E86449390611}
[2012/04/18 14:19:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A67D1F11-FE4B-4F67-9F70-666689508F63}
[2012/04/18 14:14:55 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{210A9212-1CB2-404E-95EB-A560BAA7E532}
[2012/04/18 14:14:14 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{58C575D5-4FC9-4DDA-BD09-3555E8BBE601}
[2012/04/18 06:31:30 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{8C07C826-F6A0-485D-AFF7-1DF31D64F785}
[2012/04/18 06:31:16 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{AD848781-E807-4088-9396-E91826AAD135}
[2012/04/18 05:15:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{B2EFE5D9-FBB7-4843-8964-0FAB9F2822EE}
[2012/04/18 05:14:31 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C4398CE3-91B5-42FA-8050-FAB92BE703C5}
[2012/04/18 04:26:44 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{C45CA3AA-5444-4611-AA4E-21287E16D560}
[2012/04/18 04:26:26 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{58B8A91A-DC0F-4FCF-9DAD-EB2B7AC1D5F5}
[2012/04/18 00:54:40 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F4A00506-46BF-43AC-8B61-71EDEDEBDAD2}
[2012/04/18 00:54:00 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F02C6E1F-1F2A-465D-B7E7-03190852C68F}
[2012/04/17 15:49:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{3F96A602-47B6-4B85-BFBF-54550569C44C}
[2012/04/17 15:48:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{7EEA07A1-22C7-4BAE-926B-21AAFA611CFE}
[2012/04/17 14:18:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2DACD392-0E0F-4446-9FE2-96CDABD918EF}
[2012/04/17 14:18:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E18B719F-10C4-472B-9EFB-032FA7A63EFC}
[2012/04/17 14:15:07 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A32B6CDD-863D-40EE-95CB-33F06DEA0D44}
[2012/04/17 14:14:44 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F176C6E3-46CE-46A0-B510-7010FDD1DE4D}
[2012/04/17 14:11:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F3A19CE7-9943-44CF-832A-1FFCCC18FC72}
[2012/04/17 06:49:50 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E8001B5E-8B40-4597-9340-307654384186}
[2012/04/17 06:49:35 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{ABE57913-591E-46DF-AE23-7918AE6E8E39}
[2012/04/16 15:03:00 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1489A46E-E4A1-427A-92D0-021AAA7D907A}
[2012/04/16 15:02:44 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{45365696-A885-4A1D-8B86-829555F8F299}
[2012/04/16 14:17:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{94DFC8FC-ED4D-4BC1-BCC8-1EF65E016879}
[2012/04/16 14:16:25 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F0F60063-0DBF-4E48-B92E-348A294104CB}
[2012/04/16 04:23:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{D4B70738-FE3E-4827-A789-AE711623858B}
[2012/04/16 03:10:48 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2CB0EE03-B12D-4BCB-9196-805CF535872F}
[2012/04/16 03:10:31 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{491945EF-E879-40B7-8EE8-AA17301D70F5}
[2012/04/15 16:23:09 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{2748E8F8-0D87-4266-88FF-5921A7D0990A}
[2012/04/15 16:22:06 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{68CEE430-B38E-405B-8AC4-55A1C7B0C317}
[2012/04/15 16:17:50 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{AF10622C-DBA9-48A2-B281-0572241D7946}
[2012/04/15 16:17:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5FF3E234-1531-4C6B-87EB-983894087982}
[2012/04/15 07:50:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E0D0AA84-6462-4F1B-A8D0-5574DFCF3007}
[2012/04/15 07:49:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{1E0D43D8-1EC0-4E4F-9F63-3CEB28890198}
[2012/04/15 04:49:41 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9A484E71-F550-451B-A73B-E86739E27EBD}
[2012/04/15 04:49:03 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{67E0F8EA-7860-4AA6-8937-FE1DB5FCC905}
[2012/04/14 18:41:46 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CB7FE5B6-6AD3-4E38-B371-6894CE3B287D}
[2012/04/14 18:41:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{ABEBD130-82C7-4C49-A985-F3E48C1C6183}
[2012/04/14 17:09:33 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0B556D15-FD19-438D-8B94-6E6D61B41BCA}
[2012/04/14 17:09:20 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0FC923E6-D953-44D5-B39F-9FFDADC407A5}
[2012/04/14 15:52:27 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{72A92459-7926-4922-BF6B-4463F8F80DC0}
[2012/04/14 15:52:11 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{5D47B65F-2F72-4B05-8D4D-48E8FD528978}
[2012/04/14 15:23:58 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{313F7EDF-4DF2-42A2-B895-0DA5AEDD31CC}
[2012/04/14 15:23:23 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{313D4C30-E78E-407A-920D-BBD688050117}
[2012/04/14 06:22:02 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{BF521969-D467-4031-A912-F52C09F8BDB3}
[2012/04/14 06:21:42 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9840A383-5F1E-438D-9077-305671440D13}
[2012/04/14 00:06:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{81C5D2F1-0148-44C4-A76E-7C06AC1E192A}
[2012/04/14 00:05:53 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9606C1EB-455B-4263-8ACE-2469480A4E09}
[2012/04/13 18:41:26 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{653DD3B9-D5AD-4AE9-9636-7C8FF0016088}
[2012/04/13 18:41:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0067F58B-BB7D-4921-8415-A956CA5B91C2}
[2012/04/13 18:36:43 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{F3965CFE-5CCE-438F-B5DF-B1439CF3E79B}
[2012/04/13 18:36:14 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A847926F-8746-4F4D-8509-DF3D811FD8C0}
[2012/04/13 14:35:08 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E4DF7679-72FF-4292-8A85-FEF50CE70334}
[2012/04/13 14:34:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{828CCF63-AD4B-49B0-B936-BA2B43234980}
[2012/04/13 03:55:05 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{A4AB0C19-B51B-426E-83BB-08D24A444C79}
[2012/04/12 20:25:33 | 000,000,000 | ---D | C] -- C:\53d69b7d3999c7df3d785d5d
[2012/04/12 15:54:37 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{9BED58FD-B02C-4C85-8924-70F1E62D2FCD}
[2012/04/12 03:53:59 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{0A0DBCC2-1F4A-4CC9-B8A7-91036D32088E}
[2012/04/11 15:00:12 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{90E20183-D7B9-4275-967C-40903175EBC7}
[2012/04/11 02:59:32 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{CEA53D8F-D31B-4B37-A5BE-6E93364126A7}
[2012/04/10 14:14:57 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{E7BD7768-28D8-4205-ADB3-1FBC269072A2}
[2012/04/09 23:36:09 | 000,000,000 | ---D | C] -- C:\Windows\system64
[2012/04/09 22:56:01 | 000,000,000 | ---D | C] -- C:\Users\pcwt5\AppData\Local\{01DD07FF-A88C-4A6C-81D8-1FE1CC4A21A3}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/09 06:35:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/09 04:58:15 | 000,010,096 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/09 04:58:15 | 000,010,096 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/09 04:46:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/09 04:46:00 | 000,000,437 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012/05/09 04:45:37 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/05/09 04:45:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/09 04:45:18 | 3094,622,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/08 20:36:31 | 000,002,074 | ---- | M] () -- C:\Users\pcwt5\Documents\Default.rdp
[2012/05/08 19:50:07 | 000,000,181 | ---- | M] () -- C:\Windows\WININIT.INI
[2012/05/08 03:28:21 | 000,790,262 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_28_21.dmp
[2012/05/08 03:28:13 | 000,787,784 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_28_13.dmp
[2012/05/08 03:28:03 | 002,375,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/08 03:26:44 | 000,787,182 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_26_44.dmp
[2012/05/08 03:24:17 | 000,796,269 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_24_13.dmp
[2012/05/08 03:23:51 | 000,794,654 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_23_45.dmp
[2012/05/08 03:22:24 | 000,797,656 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_22_19.dmp
[2012/05/08 02:54:42 | 000,784,858 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_02_54_42.dmp
[2012/05/08 02:54:28 | 000,774,380 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_02_54_28.dmp
[2012/05/08 02:52:13 | 000,786,538 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_02_51_14.dmp
[2012/05/08 02:48:23 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2012/05/08 01:04:24 | 000,013,923 | ---- | M] () -- C:\Users\pcwt5\Desktop\iexplore.exe - Shortcut.lnk
[2012/05/08 00:48:05 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/08 00:48:05 | 000,628,874 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/08 00:48:05 | 000,111,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/08 00:41:24 | 000,786,197 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_00_41_24.dmp
[2012/05/08 00:41:18 | 000,784,608 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_00_41_18.dmp
[2012/05/08 00:39:26 | 000,785,264 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_00_39_25.dmp
[2012/05/08 00:13:39 | 003,255,248 | ---- | M] (Javacool Software LLC ) -- C:\Users\pcwt5\Desktop\spywareblastersetup46.exe
[2012/05/07 23:33:38 | 000,786,682 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_23_33_37.dmp
[2012/05/07 23:33:28 | 000,776,873 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_23_33_25.dmp
[2012/05/07 23:30:53 | 000,783,074 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_23_30_53.dmp
[2012/05/07 19:34:57 | 000,786,254 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_19_34_56.dmp
[2012/05/07 19:34:51 | 000,782,596 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_19_34_50.dmp
[2012/05/07 19:34:32 | 000,789,033 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_19_34_32.dmp
[2012/05/07 19:32:28 | 000,000,029 | ---- | M] () -- C:\Windows\SysWow64\TempWmicBatchFile.bat
[2012/05/07 18:16:51 | 000,061,440 | ---- | M] ( ) -- C:\Users\pcwt5\Desktop\VEW.exe
[2012/05/07 17:32:57 | 000,788,087 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_17_32_57.dmp
[2012/05/07 17:32:50 | 000,791,292 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_17_32_49.dmp
[2012/05/07 17:32:34 | 000,001,051 | ---- | M] () -- C:\Windows\SysWow64\tversity.cookies
[2012/05/07 17:32:23 | 000,789,538 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_17_32_22.dmp
[2012/05/07 17:11:16 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\pcwt5\Desktop\OTL.exe
[2012/05/07 16:54:10 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/07 16:53:28 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\pcwt5\Desktop\mbam-setup-1.61.0.1400.exe
[2012/05/07 16:44:52 | 000,797,676 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_52.dmp
[2012/05/07 16:44:45 | 000,784,708 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_44.dmp
[2012/05/07 16:44:18 | 000,786,441 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_18.dmp
[2012/05/07 16:37:20 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\pcwt5\Desktop\tdsskiller.exe
[2012/05/07 15:34:54 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/05/07 15:34:06 | 000,779,617 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_34_06.dmp
[2012/05/07 15:33:57 | 000,777,156 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_33_57.dmp
[2012/05/07 15:33:49 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/05/07 15:33:23 | 000,788,059 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_33_22.dmp
[2012/05/07 14:53:09 | 004,486,979 | R--- | M] (Swearware) -- C:\Users\pcwt5\Documents\ComboFix.exe
[2012/05/07 14:13:50 | 000,788,553 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_14_13_50.dmp
[2012/05/07 14:13:44 | 000,792,155 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_14_13_43.dmp
[2012/05/07 14:13:22 | 000,802,829 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_14_13_22.dmp
[2012/05/07 08:07:33 | 000,000,512 | ---- | M] () -- C:\Users\pcwt5\Desktop\MBR.dat
[2012/05/07 07:57:53 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\pcwt5\Desktop\aswMBR.exe
[2012/05/07 07:29:30 | 000,782,310 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_07_29_30.dmp
[2012/05/07 07:29:11 | 000,785,493 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_07_29_11.dmp
[2012/05/07 07:25:55 | 000,794,052 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_07_25_52.dmp
[2012/05/07 06:53:54 | 000,787,088 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_06_53_52.dmp
[2012/05/07 06:53:44 | 000,792,537 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_06_53_37.dmp
[2012/05/07 06:51:01 | 000,781,145 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_06_51_00.dmp
[2012/05/02 05:43:38 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012/05/02 03:27:17 | 008,252,840 | ---- | M] (SurfRight B.V.) -- C:\Users\pcwt5\Desktop\HitmanPro36_x64.exe
[2012/05/02 02:21:25 | 000,784,039 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_21_25.dmp
[2012/05/02 02:21:18 | 000,781,691 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_21_18.dmp
[2012/05/02 02:21:09 | 000,782,766 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_21_08.dmp
[2012/05/02 02:07:48 | 000,803,839 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_07_47.dmp
[2012/05/02 02:07:40 | 000,800,420 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_07_39.dmp
[2012/05/02 02:07:24 | 000,792,075 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_02_02_07_24.dmp
[2012/05/01 23:18:36 | 000,791,957 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_23_18_36.dmp
[2012/05/01 23:18:29 | 000,799,081 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_23_18_28.dmp
[2012/05/01 23:18:09 | 000,782,060 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_23_18_09.dmp
[2012/05/01 22:39:58 | 000,789,979 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_22_39_58.dmp
[2012/05/01 22:39:51 | 000,787,085 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_22_39_51.dmp
[2012/05/01 22:39:30 | 000,789,956 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_22_39_30.dmp
[2012/05/01 21:52:56 | 000,790,536 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_52_55.dmp
[2012/05/01 21:52:49 | 000,785,009 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_52_48.dmp
[2012/05/01 21:52:27 | 000,781,895 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_52_27.dmp
[2012/05/01 21:41:53 | 000,783,783 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_41_53.dmp
[2012/05/01 21:41:46 | 000,791,043 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_41_46.dmp
[2012/05/01 21:41:35 | 000,778,775 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_41_34.dmp
[2012/05/01 21:39:01 | 000,789,095 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_39_01.dmp
[2012/05/01 21:38:54 | 000,787,807 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_38_52.dmp
[2012/05/01 21:38:28 | 000,789,024 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_38_27.dmp
[2012/05/01 21:35:32 | 000,787,098 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_35_32.dmp
[2012/05/01 21:35:23 | 000,787,958 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_35_19.dmp
[2012/05/01 21:32:53 | 000,791,267 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_32_53.dmp
[2012/05/01 21:27:35 | 000,789,876 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_27_35.dmp
[2012/05/01 21:27:28 | 000,781,249 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_27_28.dmp
[2012/05/01 21:27:13 | 000,776,042 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_21_27_12.dmp
[2012/05/01 20:51:07 | 000,783,890 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_51_07.dmp
[2012/05/01 20:51:00 | 000,777,714 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_51_00.dmp
[2012/05/01 20:50:53 | 000,795,799 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_50_46.dmp
[2012/05/01 20:49:36 | 000,000,679 | ---- | M] () -- C:\Users\pcwt5\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/05/01 20:43:07 | 000,782,571 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_43_06.dmp
[2012/05/01 20:43:00 | 000,791,981 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_42_58.dmp
[2012/05/01 20:42:39 | 000,786,686 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_42_39.dmp
[2012/05/01 20:18:40 | 000,786,934 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_18_40.dmp
[2012/05/01 20:18:33 | 000,783,683 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_18_33.dmp
[2012/05/01 20:18:20 | 000,786,841 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_18_19.dmp
[2012/05/01 20:08:50 | 000,782,170 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_08_50.dmp
[2012/05/01 20:08:42 | 000,785,043 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_08_42.dmp
[2012/05/01 20:08:26 | 000,792,937 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_20_08_26.dmp
[2012/05/01 16:50:07 | 000,791,512 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_50_06.dmp
[2012/05/01 16:49:59 | 000,785,722 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_49_59.dmp
[2012/05/01 16:49:37 | 000,801,095 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_49_37.dmp
[2012/05/01 16:12:53 | 000,791,552 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_12_52.dmp
[2012/05/01 16:12:45 | 000,796,427 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_12_45.dmp
[2012/05/01 16:12:28 | 000,790,742 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_16_12_28.dmp
[2012/05/01 14:07:57 | 000,790,157 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_14_07_57.dmp
[2012/05/01 14:07:50 | 000,798,888 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_14_07_50.dmp
[2012/05/01 14:07:33 | 000,800,497 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_14_07_33.dmp
[2012/05/01 03:50:29 | 000,789,216 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_03_50_28.dmp
[2012/05/01 03:50:19 | 000,792,921 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_03_50_19.dmp
[2012/05/01 03:50:03 | 000,783,036 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_01_03_50_03.dmp
[2012/04/30 18:51:23 | 000,789,666 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_18_51_22.dmp
[2012/04/30 18:51:16 | 000,793,299 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_18_51_15.dmp
[2012/04/30 18:51:01 | 000,781,664 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_18_51_00.dmp
[2012/04/30 16:25:44 | 000,783,489 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_16_25_44.dmp
[2012/04/30 16:25:37 | 000,789,150 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_16_25_37.dmp
[2012/04/30 16:25:19 | 000,786,950 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_16_25_19.dmp
[2012/04/30 14:09:20 | 000,801,382 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_14_09_20.dmp
[2012/04/30 14:09:13 | 000,789,164 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_14_09_12.dmp
[2012/04/30 14:08:56 | 000,782,357 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_14_08_56.dmp
[2012/04/30 04:59:42 | 000,786,827 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_04_59_42.dmp
[2012/04/30 04:59:35 | 000,779,775 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_04_59_34.dmp
[2012/04/30 04:59:03 | 000,785,659 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_04_59_03.dmp
[2012/04/30 02:40:33 | 000,785,753 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_40_32.dmp
[2012/04/30 02:40:24 | 000,778,123 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_40_24.dmp
[2012/04/30 02:40:04 | 000,781,843 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_40_04.dmp
[2012/04/30 02:24:11 | 000,791,463 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_24_11.dmp
[2012/04/30 02:24:02 | 000,786,782 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_24_02.dmp
[2012/04/30 02:23:38 | 000,785,503 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_30_02_23_38.dmp
[2012/04/29 20:23:06 | 000,786,359 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_20_23_06.dmp
[2012/04/29 20:22:58 | 000,789,031 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_20_22_57.dmp
[2012/04/29 20:22:35 | 000,779,132 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_20_22_35.dmp
[2012/04/29 16:32:41 | 000,790,950 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_16_32_41.dmp
[2012/04/29 16:32:33 | 000,787,774 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_16_32_32.dmp
[2012/04/29 16:32:07 | 000,781,462 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_29_16_32_06.dmp
[2012/04/28 17:25:23 | 000,785,246 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_25_23.dmp
[2012/04/28 17:25:15 | 000,789,785 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_25_14.dmp
[2012/04/28 17:24:55 | 000,785,477 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_24_54.dmp
[2012/04/28 17:04:19 | 000,784,190 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_04_18.dmp
[2012/04/28 17:04:09 | 000,779,038 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_04_09.dmp
[2012/04/28 17:03:50 | 000,789,905 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_17_03_49.dmp
[2012/04/28 16:32:59 | 000,781,605 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_32_58.dmp
[2012/04/28 16:32:49 | 000,793,127 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_32_48.dmp
[2012/04/28 16:32:31 | 000,782,515 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_32_31.dmp
[2012/04/28 16:30:28 | 000,789,534 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_30_26.dmp
[2012/04/28 16:30:19 | 000,797,299 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_30_18.dmp
[2012/04/28 16:28:30 | 000,785,402 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_16_28_30.dmp
[2012/04/28 05:56:37 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2012/04/28 05:56:37 | 000,001,848 | ---- | M] () -- C:\Users\pcwt5\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2012/04/28 04:33:50 | 000,795,425 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_04_33_50.dmp
[2012/04/28 04:33:42 | 000,792,123 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_04_33_41.dmp
[2012/04/28 04:33:27 | 000,784,934 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_28_04_33_27.dmp
[2012/04/27 16:30:54 | 000,785,538 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_30_53.dmp
[2012/04/27 16:30:45 | 000,779,102 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_30_45.dmp
[2012/04/27 16:30:28 | 000,787,218 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_30_27.dmp
[2012/04/27 16:21:53 | 000,777,732 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_21_53.dmp
[2012/04/27 16:21:46 | 000,790,918 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_21_45.dmp
[2012/04/27 16:21:25 | 000,785,328 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_16_21_24.dmp
[2012/04/27 14:02:35 | 000,787,169 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_14_02_33.dmp
[2012/04/27 14:02:24 | 000,783,207 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_14_02_22.dmp
[2012/04/27 14:02:04 | 000,779,859 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_14_02_03.dmp
[2012/04/27 06:46:51 | 000,789,770 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_06_46_51.dmp
[2012/04/27 06:46:44 | 000,792,164 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_06_46_43.dmp
[2012/04/27 06:46:30 | 000,790,641 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_06_46_29.dmp
[2012/04/27 04:13:48 | 000,789,476 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_04_13_47.dmp
[2012/04/27 04:13:37 | 000,795,327 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_04_13_37.dmp
[2012/04/27 04:13:24 | 000,792,593 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_27_04_13_23.dmp
[2012/04/26 22:52:25 | 000,787,727 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_22_52_25.dmp
[2012/04/26 22:52:16 | 000,787,204 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_22_52_16.dmp
[2012/04/26 22:51:59 | 000,785,994 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_22_51_59.dmp
[2012/04/26 13:58:14 | 000,791,752 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_13_58_14.dmp
[2012/04/26 13:58:07 | 000,789,490 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_13_58_05.dmp
[2012/04/26 13:57:48 | 000,781,966 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_13_57_48.dmp
[2012/04/26 01:04:02 | 000,782,730 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_01_04_01.dmp
[2012/04/26 01:03:54 | 000,789,468 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_01_03_53.dmp
[2012/04/26 01:03:33 | 000,811,648 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_26_01_03_33.dmp
[2012/04/25 14:12:21 | 000,785,146 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_14_12_21.dmp
[2012/04/25 14:12:14 | 000,795,818 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_14_12_14.dmp
[2012/04/25 14:11:59 | 000,794,921 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_14_11_58.dmp
[2012/04/25 00:54:20 | 000,782,380 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_00_54_20.dmp
[2012/04/25 00:54:13 | 000,794,217 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_00_54_13.dmp
[2012/04/25 00:53:55 | 000,781,083 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_25_00_53_54.dmp
[2012/04/24 14:43:55 | 000,800,330 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_24_14_43_53.dmp
[2012/04/24 14:43:45 | 000,789,013 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_24_14_43_44.dmp
[2012/04/24 14:42:51 | 000,792,872 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_24_14_42_51.dmp
[2012/04/20 08:57:58 | 000,002,641 | ---- | M] () -- C:\Users\pcwt5\.xmlcopyeditor
[2012/04/19 22:57:33 | 000,784,965 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_22_57_32.dmp
[2012/04/19 22:57:25 | 000,778,389 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_22_57_24.dmp
[2012/04/19 22:57:01 | 000,780,438 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_22_57_00.dmp
[2012/04/19 14:22:56 | 000,790,945 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_14_22_49.dmp
[2012/04/19 14:22:38 | 000,796,352 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_14_22_35.dmp
[2012/04/19 14:20:27 | 000,784,984 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_14_20_26.dmp
[2012/04/19 03:44:03 | 000,790,586 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_03_44_02.dmp
[2012/04/19 03:43:49 | 000,784,060 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_03_43_47.dmp
[2012/04/19 03:42:10 | 000,786,154 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_19_03_42_09.dmp
[2012/04/18 23:23:42 | 000,781,542 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_23_23_42.dmp
[2012/04/18 23:23:34 | 000,790,901 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_23_23_33.dmp
[2012/04/18 23:23:12 | 000,785,757 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_23_23_09.dmp
[2012/04/18 14:11:44 | 000,795,388 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_14_11_43.dmp
[2012/04/18 14:11:36 | 000,786,984 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_14_11_35.dmp
[2012/04/18 14:11:14 | 000,783,674 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_14_11_13.dmp
[2012/04/18 05:10:29 | 000,791,872 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_05_10_28.dmp
[2012/04/18 05:10:21 | 000,788,883 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_05_10_20.dmp
[2012/04/18 05:10:07 | 000,783,495 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_05_10_06.dmp
[2012/04/18 00:50:52 | 000,785,677 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_00_50_51.dmp
[2012/04/18 00:50:44 | 000,784,649 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_00_50_43.dmp
[2012/04/18 00:50:26 | 000,781,193 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_18_00_50_26.dmp
[2012/04/17 14:10:32 | 000,786,175 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_17_14_10_31.dmp
[2012/04/17 14:10:21 | 000,785,602 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_17_14_10_20.dmp
[2012/04/17 14:10:01 | 000,787,995 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_17_14_10_00.dmp
[2012/04/16 14:14:41 | 000,783,185 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_16_14_14_40.dmp
[2012/04/16 14:14:32 | 000,789,595 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_16_14_14_30.dmp
[2012/04/16 14:14:12 | 000,787,549 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_16_14_14_11.dmp
[2012/04/15 16:15:00 | 000,779,291 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_16_14_58.dmp
[2012/04/15 16:14:48 | 000,785,973 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_16_14_47.dmp
[2012/04/15 16:14:31 | 000,782,209 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_16_14_30.dmp
[2012/04/15 04:46:19 | 000,783,479 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_04_46_17.dmp
[2012/04/15 04:46:09 | 000,790,764 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_04_46_08.dmp
[2012/04/15 04:45:48 | 000,778,715 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_15_04_45_47.dmp
[2012/04/14 18:40:36 | 000,780,846 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_18_40_35.dmp
[2012/04/14 18:40:25 | 000,785,641 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_18_40_24.dmp
[2012/04/14 18:38:41 | 000,790,272 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_18_38_41.dmp
[2012/04/14 15:19:53 | 000,787,562 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_15_19_53.dmp
[2012/04/14 15:19:46 | 000,787,277 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_15_19_44.dmp
[2012/04/14 15:19:20 | 000,784,531 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_14_15_19_20.dmp
[2012/04/13 18:31:09 | 000,790,237 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_18_31_08.dmp
[2012/04/13 18:31:00 | 000,791,681 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_18_31_00.dmp
[2012/04/13 18:30:39 | 000,778,717 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_18_30_39.dmp
[2012/04/13 14:31:21 | 000,784,531 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_14_31_21.dmp
[2012/04/13 14:31:13 | 000,792,463 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_14_31_13.dmp
[2012/04/13 14:30:54 | 000,790,106 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_14_30_54.dmp
[2012/04/13 03:30:05 | 000,785,607 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_03_30_05.dmp
[2012/04/13 03:29:58 | 000,791,112 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_03_29_57.dmp
[2012/04/13 03:29:39 | 000,783,487 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_13_03_29_39.dmp
[2012/04/12 21:20:07 | 000,779,458 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_21_20_07.dmp
[2012/04/12 21:19:59 | 000,782,612 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_21_19_57.dmp
[2012/04/12 21:19:43 | 000,781,808 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_21_19_42.dmp
[2012/04/12 20:36:37 | 000,785,453 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_20_36_36.dmp
[2012/04/12 20:36:29 | 000,786,966 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_20_36_26.dmp
[2012/04/12 20:35:14 | 000,780,589 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_20_35_14.dmp
[2012/04/12 15:08:51 | 000,000,000 | -HS- | M] () -- C:\Windows\SysNative\dds_trash_log.cmd
[2012/04/12 15:08:21 | 000,792,474 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_15_08_21.dmp
[2012/04/12 15:08:13 | 000,784,566 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_15_08_13.dmp
[2012/04/12 15:07:57 | 000,788,513 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_15_07_57.dmp
[2012/04/12 04:45:17 | 000,779,361 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_45_16.dmp
[2012/04/12 04:45:01 | 000,796,109 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_45_01.dmp
[2012/04/12 04:44:11 | 000,785,387 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_44_10.dmp
[2012/04/12 04:34:51 | 000,784,170 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_34_50.dmp
[2012/04/12 04:34:41 | 000,778,844 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_34_41.dmp
[2012/04/12 04:34:22 | 000,781,696 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_04_34_22.dmp
[2012/04/12 03:48:20 | 000,791,094 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_03_48_19.dmp
[2012/04/12 03:48:11 | 000,786,174 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_03_48_10.dmp
[2012/04/12 03:47:53 | 000,786,894 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_03_47_53.dmp
[2012/04/12 00:40:18 | 000,791,475 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_00_40_15.dmp
[2012/04/12 00:40:04 | 000,783,811 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_00_40_01.dmp
[2012/04/12 00:38:37 | 000,788,472 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_12_00_38_37.dmp
[2012/04/11 14:43:25 | 000,790,464 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_14_43_24.dmp
[2012/04/11 14:43:14 | 000,786,434 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_14_43_13.dmp
[2012/04/11 14:42:56 | 000,789,746 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_14_42_55.dmp
[2012/04/11 02:57:57 | 000,785,523 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_02_57_56.dmp
[2012/04/11 02:57:46 | 000,790,605 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_02_57_44.dmp
[2012/04/11 02:57:28 | 000,787,417 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_11_02_57_27.dmp
[2012/04/10 14:12:52 | 000,780,642 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_10_14_12_52.dmp
[2012/04/10 14:12:44 | 000,787,851 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_10_14_12_44.dmp
[2012/04/10 14:12:27 | 000,793,712 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_10_14_12_27.dmp
[2012/04/09 23:10:32 | 000,786,582 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_23_10_31.dmp
[2012/04/09 23:10:23 | 000,800,009 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_23_10_22.dmp
[2012/04/09 23:09:58 | 000,799,121 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_23_09_55.dmp
[2012/04/09 22:53:53 | 000,785,514 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_22_53_52.dmp
[2012/04/09 22:53:45 | 000,792,488 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_22_53_45.dmp
[2012/04/09 22:53:24 | 000,787,627 | ---- | M] () -- C:\Windows\SysWow64\(null)AAWService__2012_04_09_22_53_23.dmp
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/08 19:50:07 | 000,000,181 | ---- | C] () -- C:\Windows\WININIT.INI
[2012/05/08 03:28:21 | 000,790,262 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_28_21.dmp
[2012/05/08 03:28:13 | 000,787,784 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_28_13.dmp
[2012/05/08 03:26:44 | 000,787,182 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_26_44.dmp
[2012/05/08 03:24:13 | 000,796,269 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_24_13.dmp
[2012/05/08 03:23:45 | 000,794,654 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_23_45.dmp
[2012/05/08 03:22:19 | 000,797,656 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_03_22_19.dmp
[2012/05/08 02:54:42 | 000,784,858 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_02_54_42.dmp
[2012/05/08 02:54:28 | 000,774,380 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_02_54_28.dmp
[2012/05/08 02:51:21 | 000,786,538 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_02_51_14.dmp
[2012/05/08 02:48:23 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/05/08 01:04:24 | 000,013,923 | ---- | C] () -- C:\Users\pcwt5\Desktop\iexplore.exe - Shortcut.lnk
[2012/05/08 00:41:24 | 000,786,197 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_00_41_24.dmp
[2012/05/08 00:41:18 | 000,784,608 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_00_41_18.dmp
[2012/05/08 00:39:25 | 000,785,264 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_08_00_39_25.dmp
[2012/05/07 23:33:37 | 000,786,682 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_23_33_37.dmp
[2012/05/07 23:33:26 | 000,776,873 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_23_33_25.dmp
[2012/05/07 23:30:53 | 000,783,074 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_23_30_53.dmp
[2012/05/07 19:34:56 | 000,786,254 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_19_34_56.dmp
[2012/05/07 19:34:50 | 000,782,596 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_19_34_50.dmp
[2012/05/07 19:34:32 | 000,789,033 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_19_34_32.dmp
[2012/05/07 18:17:01 | 000,061,440 | ---- | C] ( ) -- C:\Users\pcwt5\Desktop\VEW.exe
[2012/05/07 17:32:57 | 000,788,087 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_17_32_57.dmp
[2012/05/07 17:32:49 | 000,791,292 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_17_32_49.dmp
[2012/05/07 17:32:22 | 000,789,538 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_17_32_22.dmp
[2012/05/07 16:54:10 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/07 16:44:52 | 000,797,676 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_52.dmp
[2012/05/07 16:44:44 | 000,784,708 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_44.dmp
[2012/05/07 16:44:18 | 000,786,441 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_16_44_18.dmp
[2012/05/07 15:34:06 | 000,779,617 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_34_06.dmp
[2012/05/07 15:33:57 | 000,777,156 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_33_57.dmp
[2012/05/07 15:33:22 | 000,788,059 | ---- | C] () -- C:\Windows\SysWow64\(null)AAWService__2012_05_07_15_33_22.dmp
[2012/05/07 15:16:01 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2012/05/07 15:15:47 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/05/07 15:15:47 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/05/07 15:15:47 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/05/07 15:15:47 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/05/07 15:15:47 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012/05/07 15:15