Incessant pop up window every 10 minutes

Hello Everyone,

I keep getting a small window popping up every 10 minutes that says 'Carissa Antoinette short has stopped working' A problem has caused the program to stop working correctly.
when I close that window, immediately, another one pops up saying that 'Windows is searching for a solution'

These are the things that happened just before I started getting these error messages, in case any of them may help you to find a solution:

I was using Norton 360 but it expired so I searched out a free antivirus software and chose Microsoft Security Essentials, on the download I was told to remove any other antivirus software on my system so I removed Norton 360, in the middle of the removal, it asked me if I wanted to leave 'Critical information' on the computer so that it could save my settings in case I decided to re install Norton at a later date. So I said YES in case the free antivirus was not to my liking.

I also had had Microsoft Windows Defender on my system, which was working, but read that it was compatible with Microsoft Security Essentials so I left that on the system. After downloading the Microsoft Security Essentials the Windows Defender will not open to allow me to run a scan anymore.

I play a lot of downloaded games and had many of them saved on my computer, I removed many of them to free up some space on the computer and then this pop up started after removing them.

I ran a complete scan with Security Essentials and came up with nothing, the pop ups are still happening, so I did a System Restore going back about 1 week and still have the same problem.

I ran OTL and these are the results:

OTL logfile created on: 26/05/2012 11:24:52 AM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Rustea\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.93 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 51.98% Memory free
6.06 Gb Paging File | 4.63 Gb Available in Paging File | 76.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.37 Gb Total Space | 46.77 Gb Free Space | 16.27% Space Free | Partition Type: NTFS
Drive D: | 10.72 Gb Total Space | 1.25 Gb Free Space | 11.69% Space Free | Partition Type: NTFS

Computer Name: RUSTEA-PC | User Name: Rustea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2012/05/25 14:30:16 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2012/05/24 18:59:02 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Rustea\Downloads\OTL.exe
PRC - [2012/05/08 18:27:44 | 000,065,536 | ---- | M] (Anton-Phuoc Golda Drusy) -- C:\Users\Rustea\AppData\Roaming\6 5\rundll32.exe
PRC - [2012/04/03 18:23:35 | 000,024,576 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\2 2\rundll32.exe
PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/05/04 17:10:32 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/09/27 11:36:24 | 000,176,408 | ---- | M] (iWin Inc.) -- C:\Program Files\iWin Games\iWinTrusted.exe
PRC - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/05/18 13:36:38 | 000,241,664 | ---- | M] () -- C:\Program Files\Common Files\SNP2UVC\tsnp2uvc.exe
PRC - [2009/05/18 13:34:12 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/22 21:56:50 | 000,441,880 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll
MOD - [2012/05/22 21:56:49 | 003,922,456 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
MOD - [2012/05/22 21:55:24 | 000,134,696 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll
MOD - [2012/05/22 21:55:23 | 000,250,408 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll
MOD - [2012/05/22 21:55:21 | 002,375,720 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll
MOD - [2012/05/22 21:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
MOD - [2012/05/03 06:26:35 | 000,100,864 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll
MOD - [2012/05/03 06:26:34 | 004,050,944 | ---- | M] () -- C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll
MOD - [2012/04/03 18:23:35 | 000,024,576 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\2 2\rundll32.exe
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/05/18 13:36:38 | 000,241,664 | ---- | M] () -- C:\Program Files\Common Files\SNP2UVC\tsnp2uvc.exe
MOD - [2008/09/23 17:21:22 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/05/06 16:39:53 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/05 09:53:13 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/04 17:10:32 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/27 11:36:24 | 000,176,408 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/10/06 12:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/29 19:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F40EC59-BFC2-4184-81B8-35AFD15231CD}\MpKsl0536a8dc.sys -- (MpKsl0536a8dc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/10/01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011/09/09 21:34:28 | 000,018,432 | ---- | M] (XOSLAB.COM) [File_System | System | Running] -- C:\Windows\System32\drivers\xlkfs.sys -- (xlkfs)
DRV - [2011/07/29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/09/02 03:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/05/20 16:15:32 | 003,485,952 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/05/19 15:52:20 | 001,166,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/09/21 13:49:36 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2007/10/17 19:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2005/12/12 16:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.my-too...&as=0&isid=9851
IE - HKLM\..\URLSearchHook: {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKLM\..\SearchScopes\{A9C33EDE-4C6A-49DA-8F59-E7B54C5E6301}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3059010
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.my-too...q={searchTerms}
IE - HKLM\..\SearchScopes\{E6436A50-B03A-4713-A174-EFF271D201DA}: "URL" = http://www.ask.com/w...}&l=dis&o=cacql

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.my-too...&as=0&isid=9851
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.worldwinn.../cgi/login.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKCU\..\URLSearchHook: {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {62D526DA-ABC9-451C-863B-3195004F6CF7}
IE - HKCU\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000242c911aaf
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...15-0F39947E3EE5
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.c...rms}&tbid=60468
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.pogo.ip...q={searchTerms}
IE - HKCU\..\SearchScopes\{62D526DA-ABC9-451C-863B-3195004F6CF7}: "URL" = http://start.funmood...q={searchTerms}
IE - HKCU\..\SearchScopes\{6CF82D0E-88AD-6205-BC69-EBB0A35C4A0C}: "URL" = http://ala.asksearch...}&cfg=2-208-0-0
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKCU\..\SearchScopes\{A9C33EDE-4C6A-49DA-8F59-E7B54C5E6301}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3059010
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.my-too...q={searchTerms}
IE - HKCU\..\SearchScopes\{CD10120B-C165-4f8d-8C74-639629E238FF}: "URL" = http://mystart.magen...&loc=search_box
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...m=1&toolbar=UT2
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...ox&a=DidbavotNK
IE - HKCU\..\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{E6436A50-B03A-4713-A174-EFF271D201DA}: "URL" = http://www.ask.com/w...}&l=dis&o=cacql
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57091

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Vgrabber Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "MyTools"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: [email protected]:0.81.19
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.12.0.8
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.3.08
FF - prefs.js..extensions.enabledItems: {e7348bc0-16f6-11de-8c30-0800200c9a66}:3.6.19.02.10
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57091
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@photoproduct.rocketlife.com/RocketLife App Viewer;version=0.8: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realarcade.com/RAClient: C:\ProgramData\RealArcade\npraclient.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Rustea\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Rustea\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0849}: C:\ProgramData\iWin Games\firefox [2011/01/30 11:41:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/11/11 23:06:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/25 14:31:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/25 14:31:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/25 14:32:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/05/25 14:31:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/05/25 14:32:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{B466E482-3795-433F-8472-1CAC985B0B10}: C:\Users\Rustea\AppData\Local\{B466E482-3795-433F-8472-1CAC985B0B10} [2011/06/08 00:17:35 | 000,000,000 | ---D | M]

[2012/02/25 13:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Extensions
[2010/08/31 22:37:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/04/23 13:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/10/24 18:39:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/05/15 23:45:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions
[2011/06/06 16:11:02 | 000,000,000 | ---D | M] ("UserZoom survey tool") -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{0a9de085-6dc7-4bc8-b718-2b6b0921458d}
[2009/08/29 22:57:20 | 000,000,000 | ---D | M] (AvantGarde Mist) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{1bb9ca60-cdad-11dd-ad8b-0800200c9a66}
[2010/06/24 11:49:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/10 21:34:47 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2012/04/26 21:38:27 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2009/08/29 23:01:03 | 000,000,000 | ---D | M] (AvantGarde Rosepetal) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2011/11/05 20:20:51 | 000,000,000 | ---D | M] (Vgrabber Community Toolbar) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{b2ed7faf-72a0-46d1-9d9d-602226f5cb9f}
[2011/07/10 21:34:48 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/07/10 21:34:50 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011/07/20 12:30:19 | 000,000,000 | ---D | M] (Consumer Input) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\ConsumerInput@Compete
[2011/05/13 16:54:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\[email protected]
[2012/02/16 19:14:23 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\[email protected]
[2012/02/16 19:16:18 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\[email protected]
[2011/07/01 00:35:20 | 000,000,000 | ---D | M] (glowywine) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\[email protected]
[2012/05/06 16:40:00 | 000,000,000 | ---D | M] (MyTools extension) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\[email protected]
[2012/05/06 16:40:00 | 000,000,000 | ---D | M] (wxDfast extension) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\[email protected]
[2011/07/01 00:35:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\[email protected]\chrome\global\extension-icons
[2011/07/01 00:35:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\[email protected]\chrome\mozapps\extensions
[2011/07/01 00:35:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\extensions\[email protected]\chrome4\mozapps\extensions
[2010/12/10 14:41:05 | 000,002,233 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\alot-search.xml
[2011/01/28 20:24:33 | 000,001,739 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\ask.uk.xml
[2011/10/04 17:33:04 | 000,002,568 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\askcom.xml
[2011/10/30 19:08:08 | 000,000,919 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\conduit.xml
[2012/02/16 19:16:14 | 000,001,797 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\funmoods.xml
[2010/09/02 04:09:28 | 000,002,486 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\iMeshWebSearch.xml
[2011/03/15 21:03:49 | 000,002,183 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\MyStart Search.xml
[2012/02/16 19:19:19 | 000,000,544 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\MyTools.xml
[2011/11/05 20:24:23 | 000,002,517 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\SearchResults.xml
[2012/01/02 19:03:26 | 000,002,519 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Mozilla\Firefox\Profiles\89vwwwfd.default\searchplugins\Search_Results.xml
[2012/05/06 16:40:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/05/06 16:39:53 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/01 13:34:26 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/03/30 20:13:54 | 000,098,304 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npraclient.dll
[2005/04/27 16:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2012/05/25 14:30:49 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/02/16 19:14:17 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/05/06 16:39:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/05 20:24:23 | 000,002,517 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012/01/02 19:03:26 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/05/06 16:39:50 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-re...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Rustea\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealArcade NPAPI Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npraclient.dll
CHR - plugin: RealArcade Mozilla Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\Rustea\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Rustea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {070C35BD-60CA-6629-7DBF-7CD93F2B45C2} - C:\Windows\System32\bcdprrov.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {0C433F70-233B-7F1B-1EE3-134E09C70565} - C:\Windows\System32\NlsDataa0416.dll ()
O2 - BHO: (Vid-Saver) - {11111111-1111-1111-1111-110011341191} - C:\Program Files\Vid-Saver\Vid-Saver.dll (215 Apps)
O2 - BHO: (Adobe PDF Link Helper) - {165740A0-3D69-4A16-6EB1-600D1D486135} - C:\Windows\System32\mssssha.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {190C2B0C-75CD-4832-6354-195E6315252A} - C:\Windows\System32\comsnapp.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {1C09477F-0457-15FC-16BF-3625137858B0} - C:\Windows\System32\icmpp.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {23221E54-15C8-7330-7083-3F0908053F09} - C:\Windows\System32\iasaads.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {29DD5869-17F1-164F-79EE-25186E1E4989} - C:\Windows\System32\d3dxx9_25.dll ()
O2 - BHO: (Groove Folder Synchronization) - {2AA85371-3033-446B-2E95-70C35D69088C} - C:\Windows\System32\l2naacp.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {2BA2522D-032E-613C-1E74-5A2475F84659} - C:\Windows\System32\NlsDData0007.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {2D5E510A-490C-03F9-0A64-30A1628317CB} - C:\Windows\System32\comsnaap.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {2FB446A7-5028-429C-5CBB-4DE35BA32992} - C:\Windows\System32\msiefftp.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Groove Folder Synchronization) - {319E5BBD-01FF-76B5-7ACC-002A518E0098} - C:\Windows\System32\l2naaacp.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {31C24E61-0E51-1E3E-1B80-485819745392} - C:\Windows\System32\NlsDataa001d.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Windows Live ID Sign-in Helper) - {352A79F6-341C-35A7-62EB-355A6DD91116} - C:\Windows\System32\icmmui.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {3890247F-3FC5-5BAF-189B-66B47C28647D} - C:\Windows\System32\mseexcl40.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {3E6E683F-0B9C-131E-0562-379A3B765926} - C:\Windows\System32\softtpub.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {3FAA04B4-2741-5180-5DEB-60F413790C85} - C:\Windows\System32\KBBDBR.DLL ()
O2 - BHO: (Groove GFS Browser Helper) - {468909E9-0C1A-31C6-6A10-2C3F7975083F} - C:\Windows\System32\divx_xxx11.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {484E6B94-5FDD-718A-43A5-35907A963996} - C:\Windows\System32\nttdll.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {4C6315C1-6D00-39BF-4617-0C577A64050F} - C:\Windows\System32\PortableDeviceWiaCompatt.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {4D562042-3C78-5626-6683-74D7627A0E46} - C:\Windows\System32\gpeditt.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {53FA39C3-055A-0485-0276-71675F9F6693} - C:\Windows\System32\cfggmgr32.dll ()
O2 - BHO: (Groove Folder Synchronization) - {5B9B33CE-35C1-2669-7B52-40C9328C7E31} - C:\Windows\System32\NlsLexxicons0022.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {63166B0F-6696-7F54-443A-1ACD679A1A35} - C:\Windows\System32\hpbprrops.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {65B9704E-407F-2133-4430-50F52918657B} - C:\Windows\System32\igdumd322.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {6B2B6EB0-6215-4253-3460-380B03AF0A4D} - C:\Windows\System32\dpps.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {777E40BC-4769-64BF-44D8-45632F9348C2} - C:\Windows\System32\desskadp.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {79616298-466B-4C28-3695-01CF283A3303} - C:\Windows\System32\igffxpph.dll ()
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
O2 - BHO: (Vgrabber Toolbar) - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
O2 - BHO: (wxdfast Class) - {E8E4F971-D737-40a1-8046-16EAD6D806E1} - C:\Program Files\wxdfast\wxdfast.dll (wxdfast)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vgrabber Toolbar) - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - No CLSID value found.
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Vgrabber Toolbar) - {B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F} - C:\Program Files\Vgrabber\prxtbVgra.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KBD] C:\HP\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tsnp2uvc] C:\Program Files\Common Files\SNP2UVC\tsnp2uvc.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [adobeupdate] C:\Users\Rustea\AppData\Roaming\6 5\l3.lnk ()
O4 - HKCU..\Run: [adobeupdater] "C:\Users\Rustea\AppData\Roaming\6 5\rundll32.exe" File not found
O4 - HKCU..\Run: [F16.exe] C:\Users\Rustea\AppData\Roaming\Microsoft\F564\F16.exe (Microsoft Corporation)
O4 - HKCU..\Run: [FreeAC] C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - Startup: C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cfe.lnk = C:\Users\Rustea\AppData\Roaming\2 2\rundll32.exe ()
O4 - Startup: C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cwcwer.lnk = C:\Users\Rustea\AppData\Roaming\2 2\j.exe ()
O4 - Startup: C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wwer.lnk = C:\Users\Rustea\AppData\Roaming\k 42\j.exe ()
F3 - HKCU WinNT: Load - (C:\Users\Rustea\AppData\Local\Temp\csrss.exe) - File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinn...0/tpir/tpir.cab (TPIR Control)
O16 - DPF: {3D3DBC64-0D21-4EA4-94EE-86D6D9B31C0C} http://www.worldwinn...t/moneylist.cab (MoneyList Control)
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} http://www.worldwinn...litairerush.cab (SolitaireRush Control)
O16 - DPF: {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} http://www.psapoll.com/CopyGuardIE.cab (CopyGuardCtrl Class)
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} http://www.worldwinn...ts/wwhearts.cab (Reg Error: Key error.)
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} http://www.worldwinn...jattack/bja.cab (BJA Control)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {64CD313F-F079-4D93-959F-4D28B5519449} http://www.worldwinn...dy/jeopardy.cab (Reg Error: Key error.)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinn....0/iewwload.cab (Reg Error: Key error.)
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} http://www.worldwinn...eweledtwist.cab (BejeweledTwist Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (Reg Error: Key error.)
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} http://www.worldwinn...luxor/luxor.cab (WwLuxor Control)
O16 - DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} http://www.worldwinn...ly/monopoly.cab (Monopoly Control)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} http://www.worldwinn...es/wwspades.cab (WWSpades Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11ACC45E-A43C-4798-9DE0-E9242F4CA2A7}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\Rustea\AppData\Roaming\dwm.exe) - File not found
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Users\Rustea\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Rustea\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9c4adb91-94b0-11de-a909-001f16d9df56}\Shell - "" = AutoRun
O33 - MountPoints2\{9c4adb91-94b0-11de-a909-001f16d9df56}\Shell\AutoRun\command - "" = F:\StartClickFreeBackup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 90 Days ==========

[2012/05/26 11:17:45 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{8CDC17A6-3922-4C0B-9352-6EE5B6AFF8A0}
[2012/05/26 11:17:16 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{D64AFE49-43E4-4A7B-A010-8C461DB13315}
[2012/05/26 00:11:06 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\RealNetworks
[2012/05/25 14:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012/05/25 14:30:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/05/23 18:36:04 | 000,000,000 | R--D | C] -- C:\Users\Rustea\Desktop\Jobs for Welfare
[2012/05/19 14:22:24 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\cerasus.media
[2012/05/19 14:21:13 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Legends - Tree of Life
[2012/05/18 16:08:56 | 000,000,000 | ---D | C] -- C:\Users\Rustea\Desktop\Animals
[2012/05/15 13:10:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2012/05/14 15:33:22 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{27B28548-04CC-4A4E-B969-F8ABE4A1D86B}
[2012/05/14 15:33:02 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{6D08C342-BE59-4878-80D2-100EF3342D56}
[2012/05/10 10:09:06 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/05/10 10:09:04 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/05/10 10:09:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/05/10 10:09:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/05/10 10:09:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/05/10 10:09:01 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/05/09 15:58:37 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{BC088907-4FF8-4AD5-B38A-F03338A8F01A}
[2012/05/09 15:58:25 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{42973574-DE12-4D4C-9262-66FF8E5CEBD3}
[2012/05/09 15:47:17 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/05/09 15:47:16 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/05/09 15:47:16 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/05/09 15:47:16 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/05/09 15:47:16 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/05/09 15:47:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/05/09 15:47:15 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/05/09 15:47:15 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/05/09 15:47:15 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/05/09 15:47:15 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/05/09 15:47:15 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/05/09 15:47:15 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/05/09 15:47:15 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/05/09 15:47:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/05/09 15:47:14 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/05/09 15:47:14 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/05/09 15:47:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/05/09 15:47:14 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/05/09 15:47:14 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/05/09 15:47:14 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/05/09 15:47:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/05/09 15:47:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/05/09 15:47:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/05/09 15:47:13 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/05/09 15:47:13 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/05/09 15:47:13 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/05/09 15:47:13 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/05/09 15:47:12 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/05/09 15:47:12 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/05/09 15:47:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/05/09 15:47:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/05/09 11:56:41 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\LegacyGames
[2012/05/09 11:54:56 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Legends of Atlantis - Exodus
[2012/05/08 18:54:12 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{E8B22813-9012-4BF0-B5C3-13CA58446692}
[2012/05/08 18:54:00 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{5F9CD2CE-641F-470D-AA05-F9C0CFC357D1}
[2012/05/08 16:20:53 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/05/08 16:20:53 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/08 16:20:53 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/05/08 16:20:52 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/05/08 16:20:52 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/05/08 16:20:14 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/08 16:20:14 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/08 16:20:13 | 002,044,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/05/08 13:39:27 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\6 5
[2012/05/07 16:42:13 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{36993243-6271-4AEF-B3FC-EC8045244153}
[2012/05/07 16:41:59 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{5FD40528-C707-4774-8A59-02D5139C36CA}
[2012/05/07 16:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/05/07 16:32:29 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/05/07 16:13:33 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\{9BAA45C9-1844-49DC-83F8-16815C613C61}
[2012/05/06 16:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/05/06 16:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/05 16:12:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\1076
[2012/05/05 14:46:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\3012
[2012/05/05 13:09:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\1011
[2012/05/05 11:36:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\2009
[2012/05/05 10:53:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\2025
[2012/05/05 08:23:27 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\3 2
[2012/05/05 00:32:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\3043
[2012/05/04 13:44:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\3071
[2012/05/04 11:43:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\1085
[2012/05/03 06:36:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\2094
[2012/05/01 18:43:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\3064
[2012/05/01 18:10:21 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\WeatherLord
[2012/05/01 18:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\WeatherLord
[2012/05/01 18:09:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\2063
[2012/05/01 12:36:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\2055
[2012/05/01 12:23:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\2052
[2012/05/01 12:21:21 | 146,394,112 | ---- | C] (Microsoft Corporation) -- C:\Users\Rustea\Desktop\Weather Lord Setup.exe
[2012/05/01 11:44:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\1049
[2012/04/30 14:27:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\2016
[2012/04/29 15:28:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\2017
[2012/04/29 13:29:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\30263027
[2012/04/28 18:26:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\3066
[2012/04/28 15:54:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\3044
[2012/04/28 14:32:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\2014
[2012/04/26 21:38:28 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\CRE
[2012/04/26 21:38:10 | 000,000,000 | ---D | C] -- C:\Program Files\Vid-Saver
[2012/04/25 14:51:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\3085
[2012/04/25 13:13:40 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Jumb-O-Fun Games
[2012/04/25 13:11:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\1056
[2012/04/21 20:03:57 | 000,000,000 | R--D | C] -- C:\Users\Rustea\Desktop\FOR THE TOWERS
[2012/04/19 20:20:17 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/04/15 16:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/04/09 08:51:16 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\2 2
[2012/04/02 18:02:44 | 000,000,000 | ---D | C] -- C:\Users\Rustea\.dvdcss
[2012/04/02 18:00:25 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\QuickPlay
[2012/04/02 17:58:18 | 000,000,000 | ---D | C] -- C:\Users\Rustea\Documents\Any Video Converter
[2012/04/02 17:57:58 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\AnvSoft
[2012/04/02 17:57:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2012/04/02 17:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2012/04/02 14:10:59 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/03/28 01:37:37 | 000,000,000 | R--D | C] -- C:\Users\Rustea\Desktop\Public TV 2
[2012/03/26 12:18:24 | 000,000,000 | R--D | C] -- C:\Users\Rustea\Desktop\PUBLIC TV COMEDY
[2012/03/23 16:56:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/03/22 23:21:35 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Memeo
[2012/03/22 16:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Partition Master 9.1.1 Home Edition
[2012/03/22 16:09:47 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Seagate
[2012/03/22 16:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
[2012/03/22 16:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
[2012/03/22 16:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Memeo
[2012/03/22 16:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\Memeo
[2012/03/22 16:06:20 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2012/03/22 16:03:08 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Leadertech
[2012/03/21 12:17:18 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elixir of Immortality
[2012/03/21 12:16:45 | 000,000,000 | ---D | C] -- C:\Program Files\Elixir of Immortality
[2012/03/20 20:44:12 | 000,074,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\NisDrvWFP.sys
[2012/03/20 09:38:09 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\k 42
[2012/03/18 16:43:09 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Maximize Games
[2012/03/18 16:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Maximize Games
[2012/03/17 19:18:37 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\New Yankee in King Arthurs Court
[2012/03/17 19:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\New Yankee in King Arthurs Court
[2012/03/17 19:18:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\2082
[2012/03/15 12:13:49 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mega World Smash
[2012/03/15 12:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mega World Smash
[2012/03/15 12:12:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\3047
[2012/03/14 15:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/03/14 15:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/03/14 11:27:19 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/03/13 09:46:08 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\HitPoint Studios
[2012/03/12 16:11:00 | 000,000,000 | ---D | C] -- C:\Users\Rustea\Documents\Wondershare Video Converter Platinum
[2012/03/12 16:11:00 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Wondershare Video Converter Platinum
[2012/03/12 16:10:50 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Local\Wondershare
[2012/03/12 16:10:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wondershare
[2012/03/12 16:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
[2012/03/12 16:10:41 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\System32\iconv.dll
[2012/03/12 16:10:40 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Wondershare
[2012/03/12 16:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Wondershare
[2012/03/12 16:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pazera Free MP4 to AVI Converter
[2012/03/12 16:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\pazera-software
[2012/03/10 17:04:34 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Anino Games
[2012/03/10 16:52:05 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Potion Bar
[2012/03/10 16:51:31 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grave Mania - Undead Fever
[2012/03/10 16:51:03 | 000,000,000 | ---D | C] -- C:\Program Files\Grave Mania - Undead Fever
[2012/03/10 16:50:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\2027
[2012/03/04 14:55:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SpookyMall
[2012/02/29 16:05:42 | 000,000,000 | ---D | C] -- C:\Users\Rustea\AppData\Roaming\Realore All My Gods
[2012/02/29 12:49:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\3069
[2012/02/27 19:33:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
[2012/02/27 19:23:46 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2012/02/27 19:21:34 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/02/27 19:21:33 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/02/27 19:21:33 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/02/27 19:19:10 | 000,000,000 | ---D | C] -- C:\Users\Rustea\Desktop\OpenOffice.org 3.3 (en-GB) Installation Files
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2012/05/26 11:24:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2937116624-3378611677-1033156524-1000UA.job
[2012/05/26 11:17:03 | 000,000,284 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2012/05/26 11:15:56 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/26 11:15:15 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-Rustea-Startup.job
[2012/05/26 11:14:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/26 11:14:57 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/26 11:14:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/26 10:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/26 10:38:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/26 10:12:06 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At24.job
[2012/05/26 09:12:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At23.job
[2012/05/25 23:12:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At22.job
[2012/05/25 20:24:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2937116624-3378611677-1033156524-1000Core.job
[2012/05/25 19:32:59 | 000,000,476 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Rustea.job
[2012/05/25 18:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2012/05/25 14:32:12 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/05/25 14:31:14 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2012/05/25 14:30:33 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2012/05/25 14:30:33 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2012/05/25 14:30:28 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2012/05/25 12:30:34 | 000,153,600 | ---- | M] () -- C:\Users\Rustea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/25 12:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At21.job
[2012/05/25 10:12:03 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At20.job
[2012/05/24 11:12:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At4.job
[2012/05/24 05:12:01 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At19.job
[2012/05/24 01:59:02 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2012/05/24 01:26:54 | 000,002,047 | ---- | M] () -- C:\Users\Rustea\Desktop\Google Chrome.lnk
[2012/05/24 01:26:54 | 000,002,009 | ---- | M] () -- C:\Users\Rustea\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/23 13:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At7.job
[2012/05/23 12:12:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At6.job
[2012/05/23 10:12:01 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At2.job
[2012/05/23 10:10:15 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\At13.job
[2012/05/22 18:11:48 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At5.job
[2012/05/22 14:11:48 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At3.job
[2012/05/21 14:47:27 | 000,000,989 | ---- | M] () -- C:\Users\Rustea\Desktop\Any Video Converter.lnk
[2012/05/20 14:12:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At12.job
[2012/05/20 12:12:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At11.job
[2012/05/19 17:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At10.job
[2012/05/19 15:12:03 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\At27.job
[2012/05/19 14:21:13 | 000,002,196 | ---- | M] () -- C:\Users\Rustea\Desktop\Play Over 11.000 Online Games on The Playing Bay.lnk
[2012/05/19 14:21:13 | 000,002,078 | ---- | M] () -- C:\Users\Rustea\Desktop\Jewel Legends - Tree of Life.lnk
[2012/05/19 14:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At9.job
[2012/05/19 13:12:00 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At8.job
[2012/05/19 13:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At26.job
[2012/05/19 12:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At25.job
[2012/05/19 12:01:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1.job
[2012/05/18 17:37:25 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Monopoly Here & Now Edition.lnk
[2012/05/18 17:37:25 | 000,000,152 | ---- | M] () -- C:\Users\Public\Desktop\More Games at GameHouse.com.url
[2012/05/18 12:59:49 | 000,001,403 | ---- | M] () -- C:\Users\Rustea\Desktop\Cover Letter 1.rtf
[2012/05/16 13:03:47 | 000,006,336 | ---- | M] () -- C:\Users\Rustea\Desktop\Resume 4.rtf
[2012/05/15 13:09:00 | 000,001,217 | ---- | M] () -- C:\Users\Rustea\Desktop\virus stuff.rtf
[2012/05/12 17:13:01 | 000,000,680 | ---- | M] () -- C:\Users\Rustea\AppData\Local\d3d9caps.dat
[2012/05/09 15:56:16 | 000,000,903 | ---- | M] () -- C:\Users\Rustea\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/09 15:47:30 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012/05/09 15:47:30 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012/05/09 15:47:17 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/05/09 15:47:16 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/05/09 15:47:16 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/05/09 15:47:16 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/05/09 15:47:16 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/05/09 15:47:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/05/09 15:47:15 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/05/09 15:47:15 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/05/09 15:47:15 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/05/09 15:47:15 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/05/09 15:47:15 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/05/09 15:47:15 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/05/09 15:47:15 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/05/09 15:47:15 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/05/09 15:47:15 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/05/09 15:47:14 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/05/09 15:47:14 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/05/09 15:47:14 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/05/09 15:47:14 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/05/09 15:47:14 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/05/09 15:47:14 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/05/09 15:47:13 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/05/09 15:47:13 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/05/09 15:47:13 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/05/09 15:47:13 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/05/09 15:47:13 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/05/09 15:47:13 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/05/09 15:47:13 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/05/09 15:47:12 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/05/09 15:47:12 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/05/09 15:47:12 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/05/09 15:47:12 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/05/09 11:54:56 | 000,001,973 | ---- | M] () -- C:\Users\Rustea\Desktop\Legends of Atlantis - Exodus.lnk
[2012/05/08 18:37:47 | 000,327,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/08 17:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At17.job
[2012/05/08 17:12:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At18.job
[2012/05/08 16:34:20 | 000,712,078 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012/05/08 16:34:20 | 000,634,732 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/08 16:34:20 | 000,145,322 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2012/05/08 16:34:20 | 000,120,000 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/08 16:15:58 | 001,423,446 | -H-- | M] () -- C:\Users\Rustea\AppData\Roaming\Rusteav1.18.0 - Trial versionlog.dat
[2012/05/08 14:58:44 | 000,000,250 | ---- | M] () -- C:\Users\Rustea\Desktop\games to dl.rtf
[2012/05/08 11:12:00 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At15.job
[2012/05/08 11:12:00 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At16.job
[2012/05/08 10:12:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At14.job
[2012/05/07 22:41:55 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/05/07 16:35:14 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/05/07 15:18:45 | 000,008,356 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\wklnhst.dat
[2012/05/05 09:53:13 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/05/05 09:53:13 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/05/01 17:26:13 | 146,394,112 | ---- | M] (Microsoft Corporation) -- C:\Users\Rustea\Desktop\Weather Lord Setup.exe
[2012/04/26 21:38:05 | 000,000,756 | ---- | M] () -- C:\Users\Rustea\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/04/23 13:51:39 | 000,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/04/15 18:34:03 | 000,000,180 | ---- | M] () -- C:\Users\Rustea\Desktop\watch hockey.rtf
[2012/04/15 16:08:57 | 000,000,819 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/04/14 17:00:01 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/04/10 14:13:02 | 000,000,799 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cfe.lnk
[2012/04/09 08:51:22 | 000,001,666 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cwcwer.lnk
[2012/04/05 17:42:44 | 000,000,802 | ---- | M] () -- C:\Users\Rustea\Desktop\Brent's MY ACCOUNT information.rtf
[2012/04/03 04:16:12 | 003,602,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/04/03 04:16:11 | 003,550,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/04/02 09:36:21 | 002,044,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/03/31 18:26:00 | 000,001,015 | -H-- | M] () -- C:\Windows\EPMBatch.ept
[2012/03/23 17:07:01 | 010,884,266 | ---- | M] () -- C:\Users\Rustea\Desktop\LD DVD PLAYER.pdf
[2012/03/23 16:56:35 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/03/23 00:50:15 | 000,000,869 | ---- | M] () -- C:\Users\Rustea\Desktop\CyberLink DVD Suite.lnk
[2012/03/22 16:27:56 | 000,000,980 | ---- | M] () -- C:\Users\Public\Desktop\EASEUS Partition Master 9.1.1 Home Edition.lnk
[2012/03/22 16:08:33 | 000,001,034 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Dashboard.lnk
[2012/03/21 03:32:42 | 000,001,713 | ---- | M] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wwer.lnk
[2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NisDrvWFP.sys
[2012/03/18 18:49:18 | 000,000,355 | ---- | M] () -- C:\Users\Rustea\Desktop\pension payment dates 2012.rtf
[2012/03/15 12:13:49 | 000,001,765 | ---- | M] () -- C:\Users\Rustea\Desktop\Mega World Smash.lnk
[2012/03/15 11:20:25 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
[2012/03/14 15:28:36 | 000,001,854 | ---- | M] () -- C:\Users\Rustea\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/03/14 15:26:30 | 000,000,628 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2012/03/14 15:24:57 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/13 19:18:02 | 002,469,760 | ---- | M] () -- C:\Windows\System32\BootMan.exe
[2012/03/12 16:10:46 | 000,001,128 | ---- | M] () -- C:\Users\Rustea\Desktop\Wondershare Video Converter Platinum.lnk
[2012/03/12 16:05:44 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Pazera Free MP4 to AVI Converter.lnk
[2012/03/05 14:10:15 | 000,001,523 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DFX.lnk
[2012/03/01 13:34:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012/03/01 13:34:26 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/03/01 13:34:26 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/03/01 13:34:26 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/03/01 10:46:01 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/03/01 10:46:01 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/02/29 10:08:47 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/02/29 09:44:50 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/02/29 09:41:40 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/02/27 21:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/02/27 21:11:21 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/02/27 21:09:51 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/02/27 21:08:15 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/02/27 21:03:16 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/02/27 20:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/02/27 19:23:51 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/25 14:32:12 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/05/19 14:21:13 | 000,002,196 | ---- | C] () -- C:\Users\Rustea\Desktop\Play Over 11.000 Online Games on The Playing Bay.lnk
[2012/05/19 14:21:13 | 000,002,078 | ---- | C] () -- C:\Users\Rustea\Desktop\Jewel Legends - Tree of Life.lnk
[2012/05/18 17:37:25 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Monopoly Here & Now Edition.lnk
[2012/05/18 17:37:25 | 000,000,152 | ---- | C] () -- C:\Users\Public\Desktop\More Games at GameHouse.com.url
[2012/05/15 10:49:26 | 000,001,217 | ---- | C] () -- C:\Users\Rustea\Desktop\virus stuff.rtf
[2012/05/09 15:47:15 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/05/09 11:54:56 | 000,001,973 | ---- | C] () -- C:\Users\Rustea\Desktop\Legends of Atlantis - Exodus.lnk
[2012/05/08 14:58:43 | 000,000,250 | ---- | C] () -- C:\Users\Rustea\Desktop\games to dl.rtf
[2012/05/07 16:35:14 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/05/07 16:34:49 | 000,001,786 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/05/07 16:28:02 | 000,001,985 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/05/05 16:12:38 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\At27.job
[2012/05/05 14:46:52 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At26.job
[2012/05/05 13:09:45 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At25.job
[2012/05/05 11:36:51 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\At24.job
[2012/05/05 10:53:30 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\At23.job
[2012/05/05 00:32:22 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At22.job
[2012/05/04 13:44:51 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At21.job
[2012/05/04 11:43:19 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\At20.job
[2012/05/03 06:36:17 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At19.job
[2012/05/01 18:43:05 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\At18.job
[2012/05/01 18:09:47 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At17.job
[2012/05/01 12:36:43 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At16.job
[2012/05/01 12:23:14 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At15.job
[2012/05/01 11:44:40 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At14.job
[2012/04/30 14:27:01 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\At13.job
[2012/04/29 15:28:01 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\At12.job
[2012/04/29 13:29:43 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At11.job
[2012/04/28 18:26:40 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At10.job
[2012/04/28 15:54:46 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At9.job
[2012/04/28 14:32:13 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At8.job
[2012/04/25 14:51:06 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At7.job
[2012/04/25 13:11:48 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\At6.job
[2012/04/19 20:20:20 | 000,002,047 | ---- | C] () -- C:\Users\Rustea\Desktop\Google Chrome.lnk
[2012/04/19 20:20:20 | 000,002,009 | ---- | C] () -- C:\Users\Rustea\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/19 20:19:36 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2937116624-3378611677-1033156524-1000UA.job
[2012/04/19 20:19:34 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2937116624-3378611677-1033156524-1000Core.job
[2012/04/15 18:34:03 | 000,000,180 | ---- | C] () -- C:\Users\Rustea\Desktop\watch hockey.rtf
[2012/04/15 16:08:56 | 000,000,819 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/04/09 08:51:19 | 000,000,799 | ---- | C] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cfe.lnk
[2012/04/09 08:51:18 | 000,001,666 | ---- | C] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cwcwer.lnk
[2012/04/02 17:57:40 | 000,000,989 | ---- | C] () -- C:\Users\Rustea\Desktop\Any Video Converter.lnk
[2012/04/02 14:11:01 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/03/31 18:24:25 | 000,001,015 | -H-- | C] () -- C:\Windows\EPMBatch.ept
[2012/03/23 17:07:01 | 010,884,266 | ---- | C] () -- C:\Users\Rustea\Desktop\LD DVD PLAYER.pdf
[2012/03/23 16:56:34 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/03/23 16:56:34 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/03/22 23:34:06 | 000,000,869 | ---- | C] () -- C:\Users\Rustea\Desktop\CyberLink DVD Suite.lnk
[2012/03/22 16:27:55 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2012/03/22 16:27:55 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2012/03/22 16:27:55 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2012/03/22 16:27:55 | 000,000,980 | ---- | C] () -- C:\Users\Public\Desktop\EASEUS Partition Master 9.1.1 Home Edition.lnk
[2012/03/22 16:27:54 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2012/03/22 16:27:54 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2012/03/22 16:08:31 | 000,001,034 | ---- | C] () -- C:\Users\Public\Desktop\Seagate Dashboard.lnk
[2012/03/20 09:38:09 | 000,001,713 | ---- | C] () -- C:\Users\Rustea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wwer.lnk
[2012/03/18 18:49:18 | 000,000,355 | ---- | C] () -- C:\Users\Rustea\Desktop\pension payment dates 2012.rtf
[2012/03/17 19:18:20 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At5.job
[2012/03/15 12:13:49 | 000,001,765 | ---- | C] () -- C:\Users\Rustea\Desktop\Mega World Smash.lnk
[2012/03/15 12:13:01 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At4.job
[2012/03/14 15:24:57 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/12 16:10:46 | 000,001,128 | ---- | C] () -- C:\Users\Rustea\Desktop\Wondershare Video Converter Platinum.lnk
[2012/03/12 16:10:43 | 000,158,720 | ---- | C] () -- C:\Windows\System32\WS_VideoConverterContextMenu.dll
[2012/03/12 16:10:41 | 000,675,840 | ---- | C] () -- C:\Windows\System32\ac3filter.ax
[2012/03/12 16:10:41 | 000,496,640 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2012/03/12 16:05:44 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\Pazera Free MP4 to AVI Converter.lnk
[2012/03/10 16:50:38 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At3.job
[2012/03/05 14:10:15 | 000,001,523 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DFX.lnk
[2012/02/29 12:49:23 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At2.job
[2012/02/27 19:23:51 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2012/01/11 14:11:25 | 000,073,728 | ---- | C] () -- C:\Windows\System32\nttdll.dll
[2011/10/13 05:20:51 | 000,061,440 | ---- | C] () -- C:\Windows\System32\oleeacc.dll
[2011/08/17 17:19:16 | 000,142,032 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/06/08 00:17:36 | 000,000,120 | ---- | C] () -- C:\Users\Rustea\AppData\Local\Vqelihajilesoqa.dat
[2011/06/08 00:17:36 | 000,000,000 | ---- | C] () -- C:\Users\Rustea\AppData\Local\Kqoma.bin
[2011/06/08 00:15:54 | 000,000,148 | ---- | C] () -- C:\Users\Rustea\AppData\Roaming\d5jc6fnb.bat
[2011/03/24 13:51:34 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/03/18 23:05:49 | 000,029,504 | ---- | C] () -- C:\Windows\cscmondump.bin
[2011/03/18 19:52:01 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/02/10 02:08:58 | 000,196,608 | ---- | C] () -- C:\Windows\System32\mfmp4ssrc.dll
[2011/02/10 02:08:56 | 000,061,440 | ---- | C] () -- C:\Windows\System32\d3d10levell9.dll
[2010/12/15 04:31:21 | 000,045,056 | ---- | C] () -- C:\Windows\System32\taaskeng.exe
[2010/11/27 20:07:44 | 002,205,064 | ---- | C] () -- C:\ProgramData\shs_setup_4059-354328.exe
[2010/11/27 20:07:42 | 000,000,653 | ---- | C] () -- C:\ProgramData\SHSupdates.xml
[2010/11/13 14:25:39 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/10/27 10:23:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\gameuux.dll
[2010/10/26 13:32:08 | 000,019,521 | ---- | C] () -- C:\Windows\hpqins13.dat
[2010/09/30 23:06:59 | 003,485,952 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2010/09/30 23:06:59 | 000,239,616 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2010/09/30 23:06:59 | 000,196,608 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2010/09/30 23:06:59 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2010/09/30 23:06:59 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2010/08/17 19:25:30 | 000,116,839 | ---- | C] () -- C:\Windows\hpqins00.dat
[2010/08/17 18:36:31 | 000,121,356 | ---- | C] () -- C:\Windows\hpoins15.dat.temp
[2010/08/17 18:36:31 | 000,001,037 | ---- | C] () -- C:\Windows\hpomdl15.dat.temp
[2010/08/17 18:30:08 | 000,139,576 | ---- | C] () -- C:\Windows\hpoins15.dat
[2010/08/17 18:30:08 | 000,001,039 | ---- | C] () -- C:\Windows\hpomdl15.dat
[2010/07/28 21:22:56 | 000,045,056 | ---- | C] () -- C:\Windows\System32\igfxperrs.exe
[2010/07/28 20:20:56 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB62280$] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:69AF9D20
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:F7F6E6CB
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:D37966A8
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:D24FEF9D
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:5AA97E18
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:375FC7E7
@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_SBXNV9VVGV1BFLV360B061TJTHX6HW0405NB9MXFSVF7VBCVP4GV
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:B0193F8E
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:84151293
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:3118E26B
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:14750D76
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:15752405
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:02A78DF6
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:69FD6BF0
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:538B96B5
@Alternate Data Stream - 8 bytes -> C:\Windows:
@Alternate Data Stream - 237 bytes -> C:\ProgramData\Temp:9B8C5BA8
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:C8AD98B9
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:178093AE
@Alternate Data Stream - 233 bytes -> C:\ProgramData\Temp:8FBE6CA7
@Alternate Data Stream - 233 bytes -> C:\ProgramData\Temp:6B940F20
@Alternate Data Stream - 232 bytes -> C:\ProgramData\Temp:6E11933F
@Alternate Data Stream - 228 bytes -> C:\ProgramData\Temp:75B7DDDF
@Alternate Data Stream - 227 bytes -> C:\ProgramData\Temp:F35AE645
@Alternate Data Stream - 227 bytes -> C:\ProgramData\Temp:1288D434
@Alternate Data Stream - 223 bytes -> C:\ProgramData\Temp:1F3E38E9
@Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:AEEC88F6
@Alternate Data Stream - 220 bytes -> C:\ProgramData\Temp:F5E90ED3
@Alternate Data Stream - 220 bytes -> C:\ProgramData\Temp:BBBC0EE4
@Alternate Data Stream - 220 bytes -> C:\ProgramData\Temp:797D7632
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:AC0528D9
@Alternate Data Stream - 215 bytes -> C:\ProgramData\Temp:A18121AD
@Alternate Data Stream - 215 bytes -> C:\ProgramData\Temp:03D08225
@Alternate Data Stream - 214 bytes -> C:\ProgramData\Temp:F9E46E4C
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:F2CB0B25
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:EA701346
@Alternate Data Stream - 212 bytes -> C:\ProgramData\Temp:D2397415
@Alternate Data Stream - 212 bytes -> C:\ProgramData\Temp:A6CDBCAC
@Alternate Data Stream - 212 bytes -> C:\ProgramData\Temp:36517E77
@Alternate Data Stream - 211 bytes -> C:\ProgramData\Temp:CB0FEE2B
@Alternate Data Stream - 211 bytes -> C:\ProgramData\Temp:5AE33054
@Alternate Data Stream - 210 bytes -> C:\ProgramData\Temp:8140CB50
@Alternate Data Stream - 210 bytes -> C:\ProgramData\Temp:80B291A7
@Alternate Data Stream - 210 bytes -> C:\ProgramData\Temp:5F1019FF
@Alternate Data Stream - 209 bytes -> C:\ProgramData\Temp:76987FE5
@Alternate Data Stream - 209 bytes -> C:\ProgramData\Temp:417B6FAC
@Alternate Data Stream - 209 bytes -> C:\ProgramData\Temp:007D45CF
@Alternate Data Stream - 208 bytes -> C:\ProgramData\Temp:0DFE2AE1
@Alternate Data Stream - 207 bytes -> C:\ProgramData\Temp:BDF08FAF
@Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:E412AAF2
@Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:9026FFAC
@Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:4F96D8E6
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:6677D85A
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:38F6DFA8
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:16B49C20
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:0DACB2B7
@Alternate Data Stream - 202 bytes -> C:\ProgramData\Temp:3BE7E50E
@Alternate Data Stream - 201 bytes -> C:\ProgramData\Temp:66AA0486
@Alternate Data Stream - 201 bytes -> C:\ProgramData\Temp:61A065F2
@Alternate Data Stream - 200 bytes -> C:\ProgramData\Temp:E1D818F7
@Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:D1713795
@Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:A0A7408F
@Alternate Data Stream - 198 bytes -> C:\ProgramData\Temp:EC7C9796
@Alternate Data Stream - 197 bytes -> C:\ProgramData\Temp:D3A8AA31
@Alternate Data Stream - 196 bytes -> C:\ProgramData\Temp:FBFC061F
@Alternate Data Stream - 196 bytes -> C:\ProgramData\Temp:062AF572
@Alternate Data Stream - 194 bytes -> C:\ProgramData\Temp:957E9765
@Alternate Data Stream - 193 bytes -> C:\ProgramData\Temp:126591AF
@Alternate Data Stream - 191 bytes -> C:\ProgramData\Temp:8247A199
@Alternate Data Stream - 191 bytes -> C:\ProgramData\Temp:5EC637CB
@Alternate Data Stream - 190 bytes -> C:\ProgramData\Temp:77F07255
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:4E6B8D68
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:1CB3187E
@Alternate Data Stream - 188 bytes -> C:\ProgramData\Temp:9E50C1C9
@Alternate Data Stream - 186 bytes -> C:\ProgramData\Temp:E84CA8F2
@Alternate Data Stream - 186 bytes -> C:\ProgramData\Temp:0A6D6CB4
@Alternate Data Stream - 185 bytes -> C:\ProgramData\Temp:059167AF
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:5E7B9C6F
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:EA1F715F
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:1A25E48A
@Alternate Data Stream - 167 bytes -> C:\ProgramData\Temp:15947BF6
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:E5DE9C8F
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:7BFFC6A9
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:88AE8AB0
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:656793F6
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:46A2F27B
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:C2F24DB5
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:BDD80819
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:BCDC6E07
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:A1023D41
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:EE7AAC75
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:B38BEEEE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:F5FC5DCE
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:A819A132
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:A652BC99
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:6FD36C4B
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:6E1F359F
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:F84B8DB5
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:92D91D7E
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:05F547A9
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:D4BB0AD6
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:7E239580
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:55C54F7C
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:5520ED93
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:C0A2E219
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:A26AFC00
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:51387F29
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:4B244549
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:3324963C
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:2150E7D5
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:08801FDB
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:ED1A96EE
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:9D6EAEC3
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:38D2EA83
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:32FFF2D1
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:1B29BBE9
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:F9EDCFB0
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:DD41E87C
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:689AB7E9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:ED2D63E4
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:A6F30843
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:393F7B1E
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:2AF322BF
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:193CB03B
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:BA24E689
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:99C301D0
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:4A966CC2
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:3CC01EE7
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:329BA65B
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:0DE97E88
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:04BB186B
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E6D148BC
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:91B240CD
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:2C399CCA
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0E22C5DB
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:751D6870
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:4EC7F009
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:413E2927
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:10CFA7D4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:9C3AAD57
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:9AE67195
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:56F368C9
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:CFF6B3FF
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:BB1102D7
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:A1A1140A
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:920AA345
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:0ADB5110
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:FF9C44FE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:EA7D76BE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:CF1334B0
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:97E93E2D
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:57B2B96C
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:450741F6
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:1F96ED45
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:F64FED66
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:D453E38B
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:D354012D
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:82A33606
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:2F8E6A71
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:029BAB9F
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:E8CB831A
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:B2A16064
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:8AED9359
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:3F7C1917
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:36A39835
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:00C296E2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:F986CC21
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:D5458F6B
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:E5BA9ADD
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:588B60C7
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:1F7A10DD
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:F7370879
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:C611D6C8
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:902C848D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:4023E53E
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:17F7AEA3
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:04D4F170
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:E40D7F76
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:9D03192E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:6BFA43EB
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:5335CE76
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:38FF076E
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:ADFAD95A
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:98F6F85C
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:69E3AF64
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:EF794BCD
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:DD95E6D9
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:DA18D4E3
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:2F27A2BB
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:2E9900EE
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:1E93E0ED
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:8C81B36D
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:DAFFEEC7
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:8EA16179
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:85F6C941
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:735BC4D1
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:4A2862FF
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:2C250258
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:207C4C79
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:1B389835
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:CCB49694
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:A7BFF8A2
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:B9B3B2FE
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:75798D9A
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:3BD11093
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:2F8138B7
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:0D52F295
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:3790BACD
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:7DC6E295
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F1F85068
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:BFAE3D83
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:D682A3D9
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:0709176B
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:10F6E97E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:A745DB5D
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:C74009E5
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:239F40E7
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:9E395C78
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:EB485B25
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:1A8BB29B

< End of report >
_________________________________________________________________-

OTL Extras logfile created on: 26/05/2012 11:24:52 AM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Rustea\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.93 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 51.98% Memory free
6.06 Gb Paging File | 4.63 Gb Available in Paging File | 76.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.37 Gb Total Space | 46.77 Gb Free Space | 16.27% Space Free | Partition Type: NTFS
Drive D: | 10.72 Gb Total Space | 1.25 Gb Free Space | 11.69% Space Free | Partition Type: NTFS

Computer Name: RUSTEA-PC | User Name: Rustea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{358471A5-1990-42E6-96AD-8048E76873FB}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{596ACE56-67E0-4FA6-AD26-0C160F44AC64}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5C8587E5-6B45-4E34-86A4-A07CFFF03926}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6B59572E-6AEE-4176-957B-4B40496723C4}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{6EBE2BF0-791F-41FB-A95F-B9687020EDB5}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9C1FCDEE-907A-432C-B7BA-15E5C238019E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A9C91163-2AA5-4177-AE0D-FEFE9133A656}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B65F4D62-236E-44FF-9453-8DB9D2F08FAA}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{DE58EC7F-7573-474C-A9BF-6548A2FE03BF}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E53717C5-C545-41B8-A399-A083B3E213AE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F03592AE-F7FF-4D10-BB4E-7E7464FFE5C0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046E6ED7-08F4-4B14-817C-F89DEBA7277F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0785974D-1190-4F2C-848C-7BBED70B80E8}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{07F9E749-CE7B-4C0B-B4BC-1288B4C0A2B0}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{0ACC7473-C49F-4F93-9955-5A9EE792A66C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{11CA9F79-B1DC-4C37-BE81-DE3FCD55BE7C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1ABFC8CC-FE0B-4CA9-9ECB-C28FFE538646}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2677DF22-1FB4-44C3-82C3-F96F2973A69A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{269A5581-6575-4DDC-9600-56984F481AFA}" = dir=in | app=c:\program files\seagate\seagate dashboard\hipservagent\hipservagent.exe |
"{3F1E00C0-807E-4D72-871A-171F76C67932}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5066A224-F926-4B15-BDD9-0909D0F7CC14}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5F0F3923-F208-43E4-8F65-DE651534E566}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{652696EC-1F4E-4F1B-9795-5FB4BA2AE6AF}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{688F220B-8B8A-4984-B059-A9F3B32159B0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6C867E8F-C373-4540-9558-C97CDA49A15F}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{6D5C7B26-8AF9-4B3D-B600-5562A9BB4249}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{70CBB3BA-A6FB-49BA-BCD6-6F0934E3678F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{77916689-7AB6-4181-B62D-0F8AA3E3634D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7C148B50-FCE2-4785-9B31-4564CAB07506}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{8886AFBA-B663-47BA-BD3C-794DD55A6A7A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{9AB9139A-5801-4B15-BDF9-2FFD62476164}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A0585C03-B804-44A6-950F-BF42E2BA5CDB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A2B00D50-3BF8-4FF4-9529-3641910AF39F}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{B8CF559C-EADC-49BB-A935-57AAA817B64B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{BAB3DA13-CAD1-483D-898D-3714300B8B2A}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{D6D8C990-C044-4C5D-82BC-84F8546122F0}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{DEBB070B-C8F9-4ACB-A2D6-1D0828A99B00}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E9E81A26-4CC5-49D2-AB88-3D193AB092E3}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{F037F0ED-D2CB-41EB-9229-B0ED1C3E6BF6}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{F50F8D3A-6093-475D-A1FC-448B3B10FCDD}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FDB0BC55-7015-4C64-8F22-4149611B4661}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{120a0630-0f8e-4b82-aef0-5d21698730b5}" = Slots Jungle Casino
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java™ 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33A783E8-DC11-427F-A56C-8ED43EEC0695}" = RPS CRT
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = USB Video Device
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{6009F2FC-EC56-4e28-B91C-0BA5104D6419}" = SF_CDA_Software
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{665CBCA4-5AB0-414B-A288-3F8F99FEFC45}" = HP User Guides 0118
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6b984ba0-8563-4fb9-b237-2efec2eb25ea}" = Nero 9
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7579D301-A4DE-4BDC-A100-FE7FABB69234}" = Treo 700wx User Guide
"{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{82AF3E91-57E1-4754-84D0-40A46E2479AB}" = OpenOffice.org 3.3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{88908767-B7AD-4b0d-ACBC-FBCCF2761D31}" = HP Photosmart All-In-One Software 9.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1" = Free Alarm Clock 2.2.1
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140011-0062-0409-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - English
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9718521B-A345-4ad9-A52B-74D1435FB708}" = SF_CDA_ProductContext
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981DE354-9301-440f-AAFC-025AA2354A93}" = HP Deskjet & Photosmart Printer Driver Software 8.0.A
"{99A4344A-C723-4661-A507-D9D939480358}" = Cisco LEAP Module
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}" = Cisco EAP-FAST Module
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A08BAD08-9AA3-410F-98F3-C92C8EE37218}" = Safari
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD344FA5-6657-47CD-940F-8727EED35595}" = Cisco PEAP Module
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{DFB3FAE4-41BC-4851-A397-4C955997FB04}" = ps_aio_corporate
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{EFF56C56-9091-4D36-91AE-834E802A8E74}" = Hotel Dash 2 - Lost Luxuries
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Any Video Converter_is1" = Any Video Converter 3.3.8
"BFGC" = Big Fish Games: Game Manager
"BFG-Cubis Gold 2" = Cubis Gold 2
"BFG-Diner Dash 5 - Boom" = Diner Dash 5: Boom
"BFG-DQ Tycoon" = DQ Tycoon
"BFG-Fairy Treasure" = Fairy Treasure
"BFG-Fiona Finch and the Finest Flowers" = Fiona Finch and the Finest Flowers
"BFG-Fizzball" = Fizzball
"BFG-Great Adventures - Lost in Mountains" = Great Adventures: Lost in Mountains
"BFG-Heartwild Solitaire" = Heartwild Solitaire
"BFG-Hells Kitchen" = [bleep]'s Kitchen
"BFG-Nanny Mania 2 - Goes to Hollywood" = Nanny Mania 2: Goes to Hollywood
"BFG-Ozzy Bubbles" = Ozzy Bubbles
"BFG-Supercow" = Supercow
"BFG-Supermarket Mania" = Supermarket Mania
"BFG-The Tuttles - Madcap Misadventures" = The Tuttles: Madcap Misadventures
"BFG-Turtle Odyssey 2" = Turtle Odyssey 2
"BFG-Westward III" = Westward III: Gold Rush
"BFG-Youda Farmer" = Youda Farmer
"Birds Town 1.00" = Birds Town 1.00
"BitTorrent" = BitTorrent
"Blue Moon Screensaver" = Blue Moon Screensaver
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"Cooking Dash 3 Thrills and Spills Collectors Edition 1.00" = Cooking Dash 3 Thrills and Spills Collectors Edition 1.00
"DFX" = DFX
"DFX for RealPlayer" = DFX for RealPlayer
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.1 Home Edition
"Easy File Locker" = Easy File Locker 1.3
"Elixir of Immortality1.0" = Elixir of Immortality
"ExtractNow_is1" = ExtractNow
"Fences" = Fences
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FreeArc" = FreeArc 0.666
"Go-Go Gourmet 2 - Chef of the Year1.0" = Go-Go Gourmet 2 - Chef of the Year
"Granny in Paradise" = Granny in Paradise (remove only)
"Grave Mania - Undead Fever1.0" = Grave Mania - Undead Fever
"Great Adventures - Xmas Edition1.0" = Great Adventures - Xmas Edition
"HDMI" = Intel® Graphics Media Accelerator Driver
"Hotel MogulJust For Fun Games" = Hotel MogulJust For Fun Games
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photo Creations" = HP Photo Creations
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HP Wireless Elite Desktop_is1" = HP Wireless Elite Desktop
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"iLivid" = iLivid
"IncrediMail_MediaBar_2 Toolbar" = IncrediMail_MediaBar_2 Toolbar
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Island Tribe 31.0" = Island Tribe 3
"iWinArcade" = iWin Games (remove only)
"Jewel Legends - Tree of Life1.0" = Jewel Legends - Tree of Life
"Legends of Atlantis - Exodus1.0" = Legends of Atlantis - Exodus
"Mega World Smash1.0" = Mega World Smash
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Mishap 2 An Intentional Haunting Collectors Edition 1.00" = Mishap 2 An Intentional Haunting Collectors Edition 1.00
"Monopoly Here & Now Edition" = Monopoly Here & Now Edition
"Monster Mash1.0" = Monster Mash
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3-Info extension_is1" = MP3-Info extension V3.4.23
"My Kingdom for the Princess III ~ Just For Fun Games" = My Kingdom for the Princess III ~ Just For Fun Games
"New Yankee in King Arthurs Court1.0" = New Yankee in King Arthurs Court
"NSS" = Norton Security Scan
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PC-Doctor for Windows" = Lenovo System Toolbox
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"Pirate Mysteries A Tale of Monkeys, Masks, and Hidden Objects BFG 1.00" = Pirate Mysteries A Tale of Monkeys, Masks, and Hidden Objects BFG 1.00
"PokerStars" = PokerStars
"Potion Bar1.0" = Potion Bar
"RadialpointSecurityAdvisorService_is1" = Radialpoint Security Advisor 2.5.10
"RealPlayer 15.0" = RealPlayer
"Roads Of Rome 2 1.00" = Roads Of Rome 2 1.00
"Royal Envoy Collector's Edition" = Royal Envoy Collector's Edition
"Royal Envoy II CE1.0" = Royal Envoy II CE
"RSH Home Networking Wizard" = RSH Home Networking Wizard
"Sandlot Connect_is1" = Sandlot Connect Version 1.2.6
"Stone Age Cafe 1.00" = Stone Age Cafe 1.00
"Super Granny 3" = Super Granny 3 (remove only)
"Super Granny 5 1.00" = Super Granny 5 1.00
"Super Granny 61.0" = Super Granny 6
"Supermarket Mania 2 1.00" = Supermarket Mania 2 1.00
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"vGrabber" = vGrabber
"Vgrabber Toolbar" = Vgrabber Toolbar
"Vid-Saver" = Vid-Saver
"Virtual Villagers 5 - New Believers1.0" = Virtual Villagers 5 - New Believers
"VLC media player" = VLC media player 2.0.1
"Westward II Heroes of the Frontier" = Westward II Heroes of the Frontier (remove only)
"Westward IV" = Westward IV (remove only)
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"Wondershare Video Converter Platinum_is1" = Wondershare Video Converter Platinum(Build 5.2.2.2)
"WTA-7f6856c0-195f-43b1-8141-7e32f5146267" = Women's Murder Club - A Darker Shade of Grey
"WTA-ad66c435-a350-4ff4-b657-54b363fcfec2" = Haunted Domains
"Wxdfast" = Wxdfast
"wxDownload Fast_is1" = wxDownload Fast 0.6.0
"Yahtzee" = Yahtzee (remove only)
"Youda Farmer 2 Save the Village1.0" = Youda Farmer 2 Save the Village

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/05/2012 3:08:20 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x28b8, application start time
0x01cd3b0e54c54600.

Error - 26/05/2012 3:10:30 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x2f74, application start time
0x01cd3b0ea24cfda0.

Error - 26/05/2012 3:13:21 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x271c, application start time
0x01cd3b0f080b2220.

Error - 26/05/2012 3:21:32 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0xef0, application start time
0x01cd3b102ce0cd10.

Error - 26/05/2012 3:24:19 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x16ec, application start time
0x01cd3b1090c54f90.

Error - 26/05/2012 3:26:27 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x664, application start time
0x01cd3b10dd1aa1b0.

Error - 26/05/2012 3:39:17 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x1648, application start time
0x01cd3b12a79cddd0.

Error - 26/05/2012 3:41:24 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0xc78, application start time
0x01cd3b12f39d3220.

Error - 26/05/2012 10:47:32 AM | Computer Name = Rustea-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost2.exe, version 5.35.0.34, time stamp 0x4f44bd9e,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe06d7363, fault offset 0x0003fc56, process id 0x1df8, application start time
0x01cd3b4e7b4f8020.

Error - 26/05/2012 11:16:29 AM | Computer Name = Rustea-PC | Source = WinMgmt | ID = 10
Description =

[ Hewlett-Packard Events ]
Error - 23/05/2012 8:55:03 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051223085431.xml
File not created by asset agent

Error - 23/05/2012 8:55:38 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051223085506.xml
File not created by asset agent

Error - 23/05/2012 8:56:10 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051223085538.xml
File not created by asset agent

Error - 24/05/2012 9:24:29 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051224092357.xml
File not created by asset agent

Error - 24/05/2012 9:25:01 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051224092429.xml
File not created by asset agent

Error - 24/05/2012 9:25:36 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051224092504.xml
File not created by asset agent

Error - 24/05/2012 9:26:08 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051224092536.xml
File not created by asset agent

Error - 25/05/2012 9:54:42 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051225095410.xml
File not created by asset agent

Error - 25/05/2012 9:55:14 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051225095442.xml
File not created by asset agent

Error - 25/05/2012 9:55:48 PM | Computer Name = Rustea-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051225095516.xml
File not created by asset agent

[ Media Center Events ]
Error - 07/10/2009 7:20:45 PM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 18/05/2012 10:11:29 PM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 19/05/2012 12:04:33 AM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 19/05/2012 10:53:12 AM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 19/05/2012 10:14:57 PM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 20/05/2012 10:09:40 AM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 23/05/2012 10:11:07 AM | Computer Name = Rustea-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 19/05/2012 1:08:29 AM | Computer Name = Rustea-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.19 for the Network Card with network
address 00242C911AAF has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 19/05/2012 3:51:45 PM | Computer Name = Rustea-PC | Source = Microsoft Antimalware | ID = 1119
Description = %%860 has encountered a critical error when taking action on malware
or other potentially unwanted software. For more information please see the following:
http://go.microsoft....atid=2147642627

Name:
TrojanDownloader:Win32/Regonid.A ID: 2147642627 Severity: Severe Category: Trojan
Downloader Path: file:_C:\Users\Rustea\AppData\Local\Temp\IXP000.TMP\Sale_Frenzy_Setup.exe

Detection
Origin: %%845 Detection Type: %%822 Detection Source: %%818 User: NT AUTHORITY\SYSTEM

Process
Name: C:\Users\Rustea\Desktop\Sale Frenzy Setup.exe Action: %%809 Action Status:
No additional actions required Error Code: 0x80070490 Error description: Element
not found. Signature Version: AV: 1.127.250.0, AS: 1.127.250.0, NIS: 11.0.0.0 Engine
Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

Error - 19/05/2012 3:52:20 PM | Computer Name = Rustea-PC | Source = Microsoft Antimalware | ID = 1119
Description = %%860 has encountered a critical error when taking action on malware
or other potentially unwanted software. For more information please see the following:
http://go.microsoft....atid=2147642627

Name:
TrojanDownloader:Win32/Regonid.A ID: 2147642627 Severity: Severe Category: Trojan
Downloader Path: file:_C:\Users\Rustea\AppData\Local\Temp\IXP000.TMP\Sale_Frenzy_Setup.exe

Detection
Origin: %%845 Detection Type: %%822 Detection Source: %%818 User: NT AUTHORITY\SYSTEM

Process
Name: C:\Users\Rustea\Desktop\Sale Frenzy Setup.exe Action: %%809 Action Status:
No additional actions required Error Code: 0x80070490 Error description: Element
not found. Signature Version: AV: 1.127.250.0, AS: 1.127.250.0, NIS: 11.0.0.0 Engine
Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

Error - 19/05/2012 3:52:50 PM | Computer Name = Rustea-PC | Source = Microsoft Antimalware | ID = 1119
Description = %%860 has encountered a critical error when taking action on malware
or other potentially unwanted software. For more information please see the following:
http://go.microsoft....atid=2147642627

Name:
TrojanDownloader:Win32/Regonid.A ID: 2147642627 Severity: Severe Category: Trojan
Downloader Path: file:_C:\Users\Rustea\AppData\Local\Temp\IXP000.TMP\Sale_Frenzy_Setup.exe

Detection
Origin: %%845 Detection Type: %%822 Detection Source: %%818 User: NT AUTHORITY\SYSTEM

Process
Name: C:\Users\Rustea\Desktop\Sale Frenzy Setup.exe Action: %%809 Action Status:
No additional actions required Error Code: 0x80070490 Error description: Element
not found. Signature Version: AV: 1.127.250.0, AS: 1.127.250.0, NIS: 11.0.0.0 Engine
Version: AM: 1.1.8403.0, NIS: 2.0.8001.0

Error - 21/05/2012 11:19:27 PM | Computer Name = Rustea-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.127.327.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8403.0 Error
code: 0x80072ee2 Error description: The operation timed out

Error - 26/05/2012 11:12:29 AM | Computer Name = Rustea-PC | Source = DCOM | ID = 10010
Description =

Error - 26/05/2012 11:16:29 AM | Computer Name = Rustea-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26/05/2012 11:17:34 AM | Computer Name = Rustea-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 26/05/2012 11:17:34 AM | Computer Name = Rustea-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 26/05/2012 11:32:55 AM | Computer Name = Rustea-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =

< End of report >

#1
rustea

Posted 26 May 2012 - 10:26 AM

Advertisements

#2
Gammo

Posted 31 May 2012 - 09:09 AM

Similar Topics

1 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us