Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

TFC Opening Library (?)

Started by oscalcis , Mar 15 2013 04:24 PM

  • Please log in to reply

#1
oscalcis
Posted 15 March 2013 - 04:24 PM

oscalcis

    New Member

  • Member
  • Pip
  • 4 posts
It seems that every time I open up (running as Administrator) the Temporary File Cleaner by Old Timer that it now openings up the Library from Windows Explorer and overlaps the TFC popup. And, when I close out of the Library popup window, the TFC does not restart the system as it should. Any suggestions?
  • 0

Advertisements

#2
Jintan
Posted 21 March 2013 - 05:48 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Welcome to Geeks2Go oscalcis,

Please do not post the same request in two different threads. Most of us are not TFC experts, but I can guess that there is a startup entry missing some quotes. A guess though. TFC does not always call for a reboot.


Download HijackThis from Here. Then click on the downloaded file, install HijackThis, and select Do a system scan and save logfile. Use copy/paste and post that log back here for review.
  • 0

#3
oscalcis
Posted 22 March 2013 - 12:47 AM

oscalcis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:42:10 AM, on 3/22/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files (x86)\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
C:\Program Files (x86)\Pamela\Pamela.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Users\admin\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {32b29df0-2237-4370-9a29-37cebb730e9b} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - (no file)
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [pamela.exe] "C:\Program Files (x86)\Pamela\Pamela.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files (x86)\ShowMyPCService\tvnserver.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: vseamps - Commtouch, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
O23 - Service: vsedsps - Commtouch, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
O23 - Service: vseqrts - Commtouch, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9091 bytes

Attached Files


  • 0

#4
Jintan
Posted 22 March 2013 - 04:50 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Iolo System Mechanic software. Not something I might recommend. And Iobit, another that more likely causes damage than does anything helpful. Not seeing anything related to the issues you first posted on, but I suggest we check further.


Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please.
  • 0

#5
oscalcis
Posted 23 March 2013 - 12:11 AM

oscalcis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
OTL Extras logfile created on: 3/23/2013 1:56:45 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 2.51 Gb Available Physical Memory | 64.93% Memory free
9.68 Gb Paging File | 8.27 Gb Available in Paging File | 85.46% Paging File free
Paging file location(s): c:\pagefile.sys 5947 5947 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.41 Gb Total Space | 29.00 Gb Free Space | 38.97% Space Free | Partition Type: NTFS
Drive E: | 148.96 Gb Total Space | 125.29 Gb Free Space | 84.11% Space Free | Partition Type: NTFS

Computer Name: ADMIN-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3822973686-234049461-2214256919-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{063E2B5F-84E6-40FC-AA9B-7C3DC73B949E}" = lport=138 | protocol=17 | dir=in | app=system |
"{1FDA06D5-A232-4834-951E-EB44ACBB6F9D}" = rport=138 | protocol=17 | dir=out | app=system |
"{2DC27A44-46E2-4191-88E5-4AA96E708A5D}" = lport=10081 | protocol=17 | dir=in | name=bitcomet 10081 udp |
"{3F69B571-F20E-40E0-9790-0C1F7129A766}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{44D521CF-BB5F-44E7-B64A-D646FE7DD4DA}" = lport=15217 | protocol=6 | dir=in | name=bitcomet 15217 tcp |
"{468B0EAB-8112-4A58-9EC4-4E14D9AD6596}" = lport=139 | protocol=6 | dir=in | app=system |
"{64F965BE-1977-4DC3-82AB-028BE9A260A5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{691C8DB0-2E19-4523-BA20-EF7882BAE2EF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6B65F42E-DDCF-41C7-8AA9-DF9307493B76}" = lport=15217 | protocol=17 | dir=in | name=bitcomet 15217 udp |
"{73001A4B-C820-45E5-89F6-928DE094489D}" = lport=10081 | protocol=17 | dir=in | name=bitcomet 10081 udp |
"{78B8868C-C679-4BA8-8854-E73511E176FF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A3767FFA-708E-4309-92E9-304D5D82AD51}" = lport=445 | protocol=6 | dir=in | app=system |
"{ABC9E604-E846-4B87-966D-05EACE61E5A3}" = lport=15217 | protocol=6 | dir=in | name=bitcomet 15217 tcp |
"{AC6E692D-8B2C-4F72-8875-066E39E9EA17}" = rport=445 | protocol=6 | dir=out | app=system |
"{B1743D25-7820-4257-B231-01B36C1D6595}" = lport=15217 | protocol=17 | dir=in | name=bitcomet 15217 udp |
"{B37C1DBC-8C60-4071-8A93-C19EE06C638B}" = lport=137 | protocol=17 | dir=in | app=system |
"{B989BE81-51A8-4806-9B66-B1C015C8E7C1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{C5D3A3FB-55A7-4EE0-A3D7-4F900EB23687}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D32F1F67-8503-42CB-BF3E-287AF02327E3}" = rport=139 | protocol=6 | dir=out | app=system |
"{D808856A-7235-4843-B665-26F1A06662F2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E3047CD3-4C0F-4381-A659-5E5A47EAF613}" = lport=10081 | protocol=6 | dir=in | name=bitcomet 10081 tcp |
"{FDD5C810-8020-4C50-BEE7-24B8215E59F0}" = rport=137 | protocol=17 | dir=out | app=system |
"{FFBBEED3-4C54-4F4C-B558-E4EF1F767DB4}" = lport=10081 | protocol=6 | dir=in | name=bitcomet 10081 tcp |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12802956-5803-4A70-9F6C-0A8F98C4EC5D}" = protocol=1 | dir=out | [email protected],-28544 |
"{1A3C9E4D-3D83-4FB1-ACB2-C1E647DC2149}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{37E68705-827B-4FE8-84A1-060D3CFE575F}" = protocol=58 | dir=in | [email protected],-28545 |
"{39C2C932-4185-4233-B7C4-D37872D92039}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3A6F9094-6F8B-401D-8B2D-CD4B5900934B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5CEBB83B-35DC-44D9-B849-B201F86597E8}" = protocol=1 | dir=in | [email protected],-28543 |
"{6077EF29-2D15-4352-9260-F88DB105FFC1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{60C3F4F1-116B-4035-833B-CAC46036D1A7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{88920953-7A76-4BBF-BF0E-AA608580026E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8B46441A-DD23-4EC8-A982-BB122E22F391}" = protocol=17 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{A5CAED10-E8EE-472B-AADD-3EA2C472B1B6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B322E328-42DD-4A1A-B3A0-B3A6D55E1F7E}" = protocol=58 | dir=out | [email protected],-28546 |
"{B8939C7C-AF09-4BC1-BFF2-172FF0D4417D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{BE17287D-92BF-4569-B4D1-1FAB523120E6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{C6201B68-6ED4-44D2-9BBA-C65AF9919CF4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C88D7439-CE7A-4504-93DF-32AE2307566E}" = protocol=6 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
"{CAA1D31A-FA4F-49A6-8F1D-724C9D601413}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE2D5E51-A1D9-4F97-B2B7-40D529FA014C}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{D62270A7-5155-49D6-A008-44846A7A2305}" = protocol=17 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |
"{F0BA7B3E-510A-4F73-B430-E51F09E7969D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F465838F-62A9-4182-81E9-EB6156E279BC}" = protocol=6 | dir=in | app=c:\program files (x86)\bitcomet\bitcomet.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series" = Canon MP495 series MP Drivers
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.8
"{7AAA00C4-26E6-4EC0-8069-955B0A9D6009}" = Intel® Network Connections 15.2.89.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D4A6E342-907C-4CEF-96CC-FC2F4990DC9C}" = AVSDK5
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HECI" = Intel® Management Engine Interface
"MESOL" = Intel® Active Management Technology
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PROSetDX" = Intel® Network Connections 15.2.89.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E5E7177-5156-4541-B8D5-B0C7E9064329}" = System Mechanic 11 Professional
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.0.0.9
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1" = iolo technologies' System Mechanic Professional
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DB93E2C2-851F-44B2-B09C-351D2C624AE1}" = Camtasia Studio 8
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{e0c2df15-ceed-44ce-800d-b80b7c39841c}" = Nero 9 Essentials
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}" = Palm Desktop by ACCESS
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"BitComet" = BitComet 1.31
"Canon MP495 series User Registration" = Canon MP495 series User Registration
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Coupon Printer for Windows5.0.0.2" = Coupon Printer for Windows
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.0.5.5 Ghosthunter release
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Mp3Recorder" = Mp3 Recorder 1.1
"MVApplication1" = Memorex exPressit Label Design Studio
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Pamela" = Pamela Pro 4.8
"Revo Uninstaller" = Revo Uninstaller 1.94
"Smart Defrag 2_is1" = Smart Defrag 2
"VLC media player" = VLC media player 2.0.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3822973686-234049461-2214256919-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/22/2013 11:07:49 PM | Computer Name = admin-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 3/22/2013 11:07:49 PM | Computer Name = admin-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 3/22/2013 11:07:49 PM | Computer Name = admin-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 3/22/2013 11:07:49 PM | Computer Name = admin-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 3/22/2013 11:07:49 PM | Computer Name = admin-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 3/22/2013 11:07:53 PM | Computer Name = admin-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 3/22/2013 11:07:53 PM | Computer Name = admin-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 3/22/2013 11:07:53 PM | Computer Name = admin-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 3/22/2013 11:07:53 PM | Computer Name = admin-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 3/23/2013 1:38:08 AM | Computer Name = admin-PC | Source = Application Hang | ID = 1002
Description = The program mmc.exe version 6.1.7600.16385 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: a6c Start
Time: 01ce2787eeeab065 Termination Time: 15849 Application Path: C:\Windows\system32\mmc.exe

Report
Id: c912a6df-937b-11e2-b900-002564b8c340

[ Media Center Events ]
Error - 8/22/2011 7:29:04 PM | Computer Name = admin-PC | Source = MCUpdate | ID = 0
Description = 7:29:04 PM - Error connecting to the internet. 7:29:04 PM - Unable
to contact server..

Error - 8/22/2011 7:29:14 PM | Computer Name = admin-PC | Source = MCUpdate | ID = 0
Description = 7:29:09 PM - Error connecting to the internet. 7:29:09 PM - Unable
to contact server..

Error - 8/22/2011 8:29:24 PM | Computer Name = admin-PC | Source = MCUpdate | ID = 0
Description = 8:29:24 PM - Error connecting to the internet. 8:29:24 PM - Unable
to contact server..

Error - 8/22/2011 8:29:33 PM | Computer Name = admin-PC | Source = MCUpdate | ID = 0
Description = 8:29:29 PM - Error connecting to the internet. 8:29:29 PM - Unable
to contact server..

Error - 8/22/2011 10:04:47 PM | Computer Name = admin-PC | Source = MCUpdate | ID = 0
Description = 10:04:47 PM - Error connecting to the internet. 10:04:47 PM - Unable
to contact server..

Error - 8/22/2011 10:04:57 PM | Computer Name = admin-PC | Source = MCUpdate | ID = 0
Description = 10:04:52 PM - Error connecting to the internet. 10:04:52 PM - Unable
to contact server..

Error - 8/22/2011 11:05:11 PM | Computer Name = admin-PC | Source = MCUpdate | ID = 0
Description = 11:05:11 PM - Error connecting to the internet. 11:05:11 PM - Unable
to contact server..

[ System Events ]
Error - 3/22/2013 8:03:05 PM | Computer Name = admin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0104: nVidia - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2,
Other hardware - NVIDIA GeForce 8400 GS.

Error - 3/22/2013 11:06:36 PM | Computer Name = admin-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 3/22/2013 11:07:37 PM | Computer Name = admin-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
FileDisk

Error - 3/22/2013 11:07:53 PM | Computer Name = admin-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473535.

Error - 3/22/2013 11:07:54 PM | Computer Name = admin-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.

Error - 3/22/2013 11:13:00 PM | Computer Name = admin-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 3/22/2013 11:20:06 PM | Computer Name = admin-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 3/22/2013 11:20:26 PM | Computer Name = admin-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
FileDisk

Error - 3/23/2013 12:09:41 AM | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.

Error - 3/23/2013 12:09:43 AM | Computer Name = admin-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.


< End of report >


______________________________________________________________________________________________________



OTL logfile created on: 3/23/2013 1:56:45 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 2.51 Gb Available Physical Memory | 64.93% Memory free
9.68 Gb Paging File | 8.27 Gb Available in Paging File | 85.46% Paging File free
Paging file location(s): c:\pagefile.sys 5947 5947 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.41 Gb Total Space | 29.00 Gb Free Space | 38.97% Space Free | Partition Type: NTFS
Drive E: | 148.96 Gb Total Space | 125.29 Gb Free Space | 84.11% Space Free | Partition Type: NTFS

Computer Name: ADMIN-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/23 01:55:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
PRC - [2013/03/18 00:25:38 | 001,438,848 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
PRC - [2013/03/17 23:41:44 | 001,070,080 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2013/03/12 18:57:31 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013/03/08 21:47:31 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/01/31 11:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/01/17 18:40:39 | 012,140,032 | ---- | M] (Scendix Software-Vertriebsges. mbH) -- C:\Program Files (x86)\Pamela\Pamela.exe
PRC - [2012/12/25 16:11:24 | 001,611,216 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/04/17 13:54:58 | 002,071,320 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
PRC - [2012/04/17 13:54:52 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\AMT\LMS.exe
PRC - [2010/07/08 09:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) -- C:\Program Files (x86)\ShowMyPCService\tvnserver.exe
PRC - [2010/04/05 15:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/07/20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/12 18:57:31 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/08 21:47:11 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/01/17 18:40:41 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Pamela\zlib.dll
MOD - [2011/08/19 17:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/24 15:36:52 | 000,181,600 | ---- | M] (Commtouch, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV:64bit: - [2012/08/24 15:36:48 | 000,119,136 | R--- | M] (Commtouch, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV:64bit: - [2012/08/24 15:36:34 | 000,121,696 | R--- | M] (Commtouch, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/03/17 23:41:44 | 001,070,080 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2013/03/12 18:57:32 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/08 21:47:30 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/31 11:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/04/17 13:54:58 | 002,071,320 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS)
SRV - [2012/04/17 13:54:52 | 000,174,872 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\AMT\LMS.exe -- (LMS)
SRV - [2012/02/29 20:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010/12/28 04:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [Disabled | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010/07/08 09:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Program Files (x86)\ShowMyPCService\tvnserver.exe -- (tvnserver)
SRV - [2010/04/05 15:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/07/20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/03/17 23:36:24 | 000,082,160 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFsFilter)
DRV:64bit: - [2013/03/17 23:36:16 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2012/08/24 15:44:12 | 000,173,408 | R--- | M] (Commtouch, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\amp.sys -- (AMP)
DRV:64bit: - [2012/08/24 15:44:06 | 001,504,608 | R--- | M] (Commtouch, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ampse.sys -- (AMPSE)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/03 18:14:59 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011/07/15 21:49:57 | 000,066,552 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AceecaUSBDx64.sys -- (AceecaUSBDx64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/01 22:37:24 | 001,454,400 | ---- | M] (ShiningMorning Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vasdDev.sys -- (VASDeviceDrm)
DRV:64bit: - [2010/11/26 19:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/06 01:37:42 | 000,301,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/09/15 04:36:48 | 001,061,888 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/23 15:28:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/29 16:28:30 | 000,030,208 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009/04/23 11:41:06 | 000,497,152 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 24 2F 74 BC 31 27 CC 01 [binary data]
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\..\SearchScopes,DefaultScope = {F98BAF63-F588-4B18-B969-98F05259E46F}
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\..\SearchScopes\{2FF99749-E3F1-44F9-B6D3-67C18C5FCDFF}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\..\SearchScopes\{A73E9F57-A212-43C9-89BC-9AC213166CD9}: "URL" = http://www.microsoft...s={searchTerms}
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\..\SearchScopes\{F98BAF63-F588-4B18-B969-98F05259E46F}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.6.110
FF - prefs.js..extensions.enabledAddons: %7B0b457cAA-602d-484a-8fe7-c1d894a011ba%7D:0.98.31
FF - prefs.js..extensions.enabledAddons: idme%40abine.com:1.11.177
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.5
FF - prefs.js..extensions.enabledAddons: %7B82AF8DCA-6DE9-405D-BD5E-43525BDAD38A%7D:6.6.0.11664
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@palmsource.com/installer,version=1.0: C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/08 21:47:31 | 000,000,000 | ---D | M]

[2013/01/31 19:13:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Extensions
[2013/03/17 18:28:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s2xms48u.default\extensions
[2013/02/22 20:24:00 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s2xms48u.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2013/02/14 06:39:23 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s2xms48u.default\extensions\[email protected]
[2013/03/15 17:05:58 | 000,000,000 | ---D | M] (MaskMe) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s2xms48u.default\extensions\[email protected]
[2013/03/15 22:09:16 | 000,386,363 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s2xms48u.default\extensions\[email protected]
[2013/02/12 01:55:59 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\s2xms48u.default\extensions\[email protected]\chrome\content\ff\view_expiry.js
[2013/03/08 21:47:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/08 21:47:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/03/08 21:47:31 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/01/16 16:10:30 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/02/26 20:24:03 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: PalmSource Package Installer (Enabled) = C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\
CHR - Extension: Gmail = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/02/21 22:52:36 | 000,000,021 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - No CLSID value found.
O3 - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3822973686-234049461-2214256919-1001..\Run: [pamela.exe] C:\Program Files (x86)\Pamela\Pamela.exe (Scendix Software-Vertriebsges. mbH)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3822973686-234049461-2214256919-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\iavlsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\iavlsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\iavlsp64.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWow64\iavlsp.dll (iolo technologies, LLC)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52E2CA3B-E68C-46C8-8D20-1B1A0145A662}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D55E7A38-4088-4123-919B-681F7443290E}: DhcpNameServer = 65.32.5.111 65.32.5.112
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/05 11:17:44 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SmartDefragBootTime.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/23 01:55:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2013/03/23 01:37:13 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2013/03/22 02:40:17 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\admin\Desktop\HijackThis.exe
[2013/03/21 23:45:23 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/21 23:45:16 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/21 23:45:16 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/21 23:45:16 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/21 18:06:54 | 001,504,608 | R--- | C] (Commtouch, Inc.) -- C:\Windows\SysNative\drivers\ampse.sys
[2013/03/21 18:06:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Authentium
[2013/03/21 18:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium
[2013/03/21 18:06:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Authentium
[2013/03/21 18:06:49 | 000,118,784 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysWow64\iavlsp.dll
[2013/03/21 18:06:43 | 002,155,688 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\Incinerator64.dll
[2013/03/21 18:06:43 | 002,097,472 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysWow64\Incinerator32.dll
[2013/03/21 18:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic Professional
[2013/03/21 18:06:41 | 000,082,160 | ---- | C] (Raxco Software, Inc.) -- C:\Windows\SysNative\drivers\PDFsFilter.sys
[2013/03/21 18:06:41 | 000,069,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offreg.dll
[2013/03/21 18:06:41 | 000,057,584 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\iolobtdfg.exe
[2013/03/21 18:06:41 | 000,056,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offreg.dll
[2013/03/21 18:06:41 | 000,026,184 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\smrgdf.exe
[2013/03/21 18:06:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iolo
[2013/03/21 17:45:04 | 000,030,752 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\drivers\ElRawDsk.sys
[2013/03/21 17:41:15 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\iolo
[2013/03/21 01:11:59 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\EN BIZ CARD
[2013/03/20 22:50:15 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\NVIDIA
[2013/03/20 21:50:13 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Akamai
[2013/03/19 20:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/03/19 20:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/03/13 20:35:49 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/13 20:35:49 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/03/13 20:35:49 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/03/13 20:35:49 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/13 20:35:48 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/13 20:35:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/03/13 20:35:48 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/03/13 20:35:48 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/03/13 20:35:48 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/13 20:35:48 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/03/13 20:35:48 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/03/13 20:35:48 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/13 20:35:48 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/03/13 20:35:47 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/03/13 20:35:47 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/13 20:35:47 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/13 20:35:47 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/03/13 20:35:47 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/03/13 20:35:47 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/03/13 20:35:47 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/03/13 20:35:47 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/13 20:35:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/03/13 20:35:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/03/13 20:35:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/03/13 20:35:46 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/13 20:35:46 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/13 20:35:46 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/03/13 20:35:46 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/03/13 20:35:46 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/03/13 20:35:46 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/03/13 20:35:46 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/03/13 20:35:46 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/03/13 20:35:46 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/03/13 20:35:46 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/13 20:35:46 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/13 20:35:46 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/03/13 20:35:46 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/03/13 20:35:46 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/03/13 20:35:46 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/13 20:35:46 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/03/13 20:35:46 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/03/13 20:35:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/03/13 20:35:46 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/03/13 20:35:46 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/03/13 20:35:46 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/03/13 20:35:46 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/03/13 20:35:46 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/03/13 20:35:46 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/03/13 20:35:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/03/13 20:35:45 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/13 20:35:45 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/13 20:35:45 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/13 20:35:45 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/13 20:35:45 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/13 20:35:45 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/13 20:35:45 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/03/13 20:35:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/03/13 20:35:45 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/03/13 20:35:45 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/03/13 20:35:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/03/13 20:35:45 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/03/13 20:35:45 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/03/13 20:35:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/03/13 20:35:45 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/03/13 20:35:45 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/03/13 20:35:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/03/13 20:35:45 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/03/13 20:35:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/03/13 20:34:24 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/13 20:26:14 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\CrashDumps
[2013/03/13 19:33:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
[2013/03/13 19:33:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/03/13 19:33:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2013/03/13 19:33:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2013/03/13 19:11:46 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\TechSmith
[2013/03/13 19:11:33 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\TechSmith
[2013/03/13 19:11:26 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Camtasia Studio
[2013/03/13 19:10:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2013/03/12 23:45:38 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\DOMINIC JONES - EN
[2013/03/10 18:20:28 | 084,125,848 | ---- | C] (Microsoft Corporation) -- C:\Users\admin\Desktop\msert.exe
[2013/03/08 21:47:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/07 19:28:19 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\PYMTS
[2013/02/26 21:00:32 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/02/26 21:00:31 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/02/26 21:00:31 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/02/26 21:00:31 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/02/26 21:00:26 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/02/26 21:00:26 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/02/26 21:00:23 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/02/26 21:00:23 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/02/26 21:00:23 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/26 21:00:23 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/26 21:00:23 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/26 21:00:23 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/26 21:00:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/26 21:00:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/26 21:00:23 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/26 21:00:23 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/26 21:00:22 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/02/26 21:00:22 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/02/26 21:00:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/26 21:00:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/26 21:00:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/26 21:00:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/26 21:00:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/26 21:00:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/26 21:00:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/26 21:00:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/26 21:00:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/26 21:00:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/26 21:00:21 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/02/26 21:00:21 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/02/26 21:00:21 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/02/26 21:00:21 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/02/26 21:00:21 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/02/26 21:00:21 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/02/26 21:00:21 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/02/26 21:00:20 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/02/26 21:00:20 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/02/26 21:00:20 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/02/26 21:00:20 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/02/26 21:00:20 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/02/26 21:00:19 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/02/26 00:32:44 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/02/26 00:32:44 | 002,505,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013/02/26 00:32:42 | 015,129,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013/02/26 00:32:40 | 006,262,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/02/26 00:32:38 | 018,055,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013/02/26 00:32:36 | 026,929,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/02/26 00:32:36 | 002,720,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/02/26 00:32:34 | 007,932,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/02/26 00:32:34 | 002,346,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/02/26 00:32:28 | 002,904,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/02/26 00:32:26 | 020,449,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/02/26 00:32:26 | 015,053,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013/02/26 00:32:24 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/02/26 00:32:08 | 012,641,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/02/26 00:32:08 | 007,564,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/02/26 00:32:08 | 001,985,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/02/26 00:32:06 | 009,390,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/02/23 14:20:48 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013/02/23 14:20:31 | 000,345,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\PROUnstl.exe
[2013/02/23 14:20:12 | 000,301,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\e1k62x64.sys
[2013/02/23 14:20:12 | 000,091,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicInstK.dll
[2013/02/23 14:20:12 | 000,068,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\e1kmsg.dll
[2013/02/23 14:20:12 | 000,000,000 | ---D | C] -- C:\drvrtmp
[2013/02/23 14:18:24 | 003,628,205 | ---- | C] (Intel) -- C:\Program Files (x86)\BDSetup.exe
[2013/02/23 14:18:24 | 000,147,584 | ---- | C] (Intel® Corporation) -- C:\Program Files (x86)\DxSetup.exe
[2013/02/23 14:17:22 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Dell
[2013/02/23 14:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaSDK
[2013/02/23 14:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Control Center
[2013/02/23 14:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIPS
[2013/02/23 14:16:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ibxHDMI
[2013/02/23 14:16:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HDMI
[2013/02/23 14:16:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Graphics
[2013/02/23 14:11:04 | 000,953,912 | ---- | C] (Intel Corporation) -- C:\Program Files (x86)\setup.exe
[2013/02/23 14:11:04 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\difxapi.dll
[2013/02/23 14:11:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\x64
[2013/02/23 14:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UNS
[2013/02/23 14:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SOLinf
[2013/02/23 14:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PICON
[2013/02/23 14:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NAC_PP
[2013/02/23 14:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LMS
[2013/02/23 14:11:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lang
[2013/02/23 13:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2013/02/23 04:28:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/02/23 04:28:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/02/23 04:28:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/02/23 04:28:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/02/23 04:28:58 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/02/23 04:28:55 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/02/23 04:28:55 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/02/23 04:28:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/02/23 04:28:55 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/02/23 04:28:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/02/23 04:28:55 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/02/23 04:28:55 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/02/23 04:28:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/02/23 04:28:54 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/02/23 04:28:54 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/02/23 04:28:54 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/02/23 04:28:54 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/02/23 04:28:54 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/02/23 04:28:54 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/02/23 04:28:54 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/02/23 04:28:54 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/02/23 04:28:54 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/02/23 04:28:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/02/23 04:28:53 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/02/23 04:28:21 | 000,385,024 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMA9.DLL
[2013/02/23 04:26:54 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/02/21 19:31:29 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/02/21 19:31:29 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/02/21 19:19:05 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/02/21 19:19:05 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/02/21 19:19:05 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/02/21 19:19:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/02/21 19:18:00 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/02/21 19:17:59 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/02/21 19:17:59 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/02/21 19:17:59 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/02/21 19:09:41 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013/02/21 19:09:41 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013/02/21 19:09:41 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/02/21 19:09:14 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/02/21 19:09:14 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/02/21 19:09:14 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/02/21 19:09:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/02/21 19:09:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/02/21 19:09:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/02/21 19:09:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/02/21 19:09:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/02/21 19:09:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/02/21 19:09:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/02/21 19:09:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/02/21 19:09:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/02/21 19:09:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/02/21 19:09:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/21 19:09:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/02/21 19:09:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/02/21 19:09:11 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/02/21 19:09:11 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/02/21 19:09:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/02/21 19:09:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/02/21 19:09:11 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/02/21 19:09:11 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/02/21 19:09:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/02/21 19:09:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/02/21 19:09:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/02/21 19:09:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/02/21 19:09:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/02/21 19:09:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/02/21 19:09:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/02/21 19:09:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/02/21 19:09:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/02/21 19:09:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/02/21 19:09:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/02/21 19:09:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/02/21 19:09:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/02/21 19:09:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/02/21 19:09:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/02/21 19:09:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/02/21 19:09:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/02/21 19:09:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/02/21 19:09:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/02/21 19:09:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/02/21 19:09:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/02/21 19:09:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/02/21 19:09:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/02/21 19:09:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/02/21 19:09:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/21 19:09:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/02/21 19:09:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/02/21 19:09:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/02/21 19:09:06 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/02/21 19:09:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/02/21 19:09:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/02/21 19:09:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/02/21 19:09:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/02/21 19:09:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/02/21 19:09:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/02/21 19:09:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/02/21 19:09:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/02/21 19:09:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/02/21 19:09:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/02/21 19:09:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/02/21 19:09:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/02/21 19:07:51 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/02/21 19:07:50 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/02/21 19:07:50 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/02/21 19:07:50 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/02/21 19:07:50 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/02/21 19:07:50 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/02/21 19:07:50 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/02/21 19:07:50 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/02/21 19:07:50 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/02/21 19:07:50 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/02/21 19:07:50 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/02/21 19:07:50 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/02/21 19:07:50 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/02/21 19:07:50 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/02/21 19:07:50 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/02/21 19:07:50 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/02/21 19:07:50 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/02/21 19:07:50 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/02/21 19:07:50 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/02/21 19:07:50 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/02/21 19:07:50 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/02/21 19:07:50 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/02/21 19:07:49 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/02/21 19:07:49 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/02/21 19:07:48 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/02/21 19:07:48 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/02/21 19:07:48 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/02/21 19:07:48 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/02/21 19:07:48 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/02/21 19:07:48 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/02/21 19:07:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/02/21 19:07:48 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/02/21 19:07:35 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/02/21 19:07:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/02/21 19:07:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/02/21 19:07:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/02/21 19:07:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/02/21 19:07:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/02/21 19:06:56 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/02/21 19:06:55 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/02/21 19:06:55 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/02/21 19:06:52 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013/02/21 19:06:52 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013/02/21 19:06:52 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013/02/21 19:06:52 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013/02/21 19:06:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/02/21 19:06:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/02/21 19:06:37 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013/02/21 19:06:34 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013/02/21 19:06:34 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013/02/21 19:06:12 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/02/21 19:06:06 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013/02/21 19:06:06 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/02/21 19:05:56 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/02/21 19:05:56 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/02/21 19:05:54 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/02/21 19:05:52 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/02/21 19:05:50 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013/02/21 19:05:48 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013/02/21 19:05:48 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013/02/21 19:05:47 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/02/21 19:01:19 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/02/21 19:01:18 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/02/21 18:50:11 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/08/03 18:14:59 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\admin\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/03/23 01:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/23 01:55:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2013/03/23 01:42:25 | 000,126,934 | ---- | M] () -- C:\Users\admin\Desktop\Screenshot21.jpg
[2013/03/23 01:40:25 | 000,070,231 | ---- | M] () -- C:\Users\admin\Desktop\Screenshot20.jpg
[2013/03/23 00:53:30 | 000,234,465 | ---- | M] () -- C:\Users\admin\Desktop\100_0151.JPG
[2013/03/23 00:12:35 | 000,730,512 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/23 00:12:35 | 000,627,066 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/23 00:12:35 | 000,107,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/22 23:27:34 | 000,027,184 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/22 23:27:34 | 000,027,184 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/22 23:20:34 | 000,000,408 | ---- | M] () -- C:\Windows\SysWow64\iolo.ini
[2013/03/22 23:20:34 | 000,000,408 | ---- | M] () -- C:\Windows\SysNative\iolo.ini
[2013/03/22 23:20:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/22 23:20:13 | 3118,682,112 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/22 16:24:21 | 000,077,696 | ---- | M] () -- C:\Users\admin\Desktop\FREE LISTING.jpg
[2013/03/22 09:58:06 | 000,158,726 | ---- | M] () -- C:\Users\admin\Desktop\PYMT - BOA.jpg
[2013/03/22 02:40:17 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\admin\Desktop\HijackThis.exe
[2013/03/22 00:44:17 | 000,023,018 | ---- | M] () -- C:\Users\admin\Desktop\PHOTOSHOP.jpg
[2013/03/21 23:45:06 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/21 23:45:03 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/21 23:45:03 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/21 23:45:03 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/21 23:45:02 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/03/21 23:45:02 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/03/21 22:13:05 | 000,000,386 | ---- | M] () -- C:\Windows\SysNative\ioloBootDefrag.cfg
[2013/03/21 19:53:20 | 000,462,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/21 18:06:43 | 000,002,271 | ---- | M] () -- C:\Users\admin\Desktop\System Mechanic Professional.lnk
[2013/03/21 18:06:03 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/03/21 17:44:58 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dat
[2013/03/21 17:01:02 | 000,628,751 | ---- | M] () -- C:\Users\admin\Desktop\PC GRAPHICS ISSUE.pdf
[2013/03/20 00:40:43 | 000,033,005 | ---- | M] () -- C:\Users\admin\Desktop\LIST BUILDER.jpg
[2013/03/19 20:17:49 | 000,007,680 | ---- | M] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/18 19:57:26 | 000,022,750 | ---- | M] () -- C:\Users\admin\Desktop\ANN'S BIZ CARD.jpg
[2013/03/18 19:52:24 | 001,070,145 | ---- | M] () -- C:\Users\admin\Desktop\HOME FLYER.pdf
[2013/03/18 18:47:58 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/17 23:59:04 | 000,057,584 | ---- | M] (iolo technologies, LLC) -- C:\Windows\SysNative\iolobtdfg.exe
[2013/03/17 23:58:56 | 000,026,184 | ---- | M] (iolo technologies, LLC) -- C:\Windows\SysNative\smrgdf.exe
[2013/03/17 23:43:58 | 002,155,688 | ---- | M] (iolo technologies, LLC) -- C:\Windows\SysNative\Incinerator64.dll
[2013/03/17 23:43:56 | 002,097,472 | ---- | M] (iolo technologies, LLC) -- C:\Windows\SysWow64\Incinerator32.dll
[2013/03/17 23:36:30 | 000,160,256 | ---- | M] () -- C:\Windows\SysNative\iavlsp64.dll
[2013/03/17 23:36:30 | 000,118,784 | ---- | M] (iolo technologies, LLC) -- C:\Windows\SysWow64\iavlsp.dll
[2013/03/17 23:36:24 | 000,082,160 | ---- | M] (Raxco Software, Inc.) -- C:\Windows\SysNative\drivers\PDFsFilter.sys
[2013/03/17 23:36:22 | 000,069,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\offreg.dll
[2013/03/17 23:36:22 | 000,056,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\offreg.dll
[2013/03/17 23:36:16 | 000,030,752 | ---- | M] (EldoS Corporation) -- C:\Windows\SysNative\drivers\ElRawDsk.sys
[2013/03/17 16:53:31 | 000,121,906 | ---- | M] () -- C:\Users\admin\Desktop\GOT IT.jpg
[2013/03/16 22:16:53 | 000,001,242 | ---- | M] () -- C:\Users\admin\Desktop\Paint.lnk
[2013/03/15 21:43:47 | 000,344,608 | ---- | M] () -- C:\Users\admin\Desktop\NOTIFIER CAPTURE PAGE.jpg
[2013/03/15 19:46:31 | 000,213,240 | ---- | M] () -- C:\Users\admin\Desktop\BANK PAGE.jpg
[2013/03/15 18:27:27 | 000,005,621 | ---- | M] () -- C:\Users\admin\Desktop\PHOTO.jpg
[2013/03/14 01:15:42 | 000,004,096 | -H-- | M] () -- C:\Users\admin\AppData\Local\keyfile3.drm
[2013/03/13 20:35:49 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/13 20:35:49 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/03/13 20:35:49 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/03/13 20:35:49 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/13 20:35:48 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/13 20:35:48 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/03/13 20:35:48 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/03/13 20:35:48 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/03/13 20:35:48 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/13 20:35:48 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/03/13 20:35:48 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/03/13 20:35:48 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/13 20:35:48 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/03/13 20:35:47 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/03/13 20:35:47 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/13 20:35:47 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/03/13 20:35:47 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/13 20:35:47 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/03/13 20:35:47 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/03/13 20:35:47 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/03/13 20:35:47 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/03/13 20:35:47 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/13 20:35:47 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/03/13 20:35:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/03/13 20:35:47 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/03/13 20:35:46 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/13 20:35:46 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/13 20:35:46 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/03/13 20:35:46 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/03/13 20:35:46 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/03/13 20:35:46 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/03/13 20:35:46 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/03/13 20:35:46 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/03/13 20:35:46 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/13 20:35:46 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/13 20:35:46 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/03/13 20:35:46 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/03/13 20:35:46 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/03/13 20:35:46 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/13 20:35:46 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/03/13 20:35:46 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/03/13 20:35:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/03/13 20:35:46 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/03/13 20:35:46 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/03/13 20:35:46 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/03/13 20:35:46 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/03/13 20:35:46 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/03/13 20:35:46 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/03/13 20:35:46 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/13 20:35:46 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/13 20:35:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/03/13 20:35:45 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/13 20:35:45 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/13 20:35:45 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/13 20:35:45 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/13 20:35:45 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/13 20:35:45 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/13 20:35:45 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/03/13 20:35:45 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/03/13 20:35:45 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/03/13 20:35:45 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/03/13 20:35:45 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/03/13 20:35:45 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/03/13 20:35:45 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/03/13 20:35:45 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/03/13 20:35:45 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/03/13 20:35:45 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/03/13 20:35:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/03/13 20:35:45 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/03/13 20:35:45 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/03/12 18:57:32 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/12 18:57:32 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/10 18:20:57 | 084,125,848 | ---- | M] (Microsoft Corporation) -- C:\Users\admin\Desktop\msert.exe
[2013/02/26 00:32:44 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/02/26 00:32:44 | 002,505,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013/02/26 00:32:42 | 015,129,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013/02/26 00:32:40 | 006,262,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/02/26 00:32:40 | 002,826,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013/02/26 00:32:38 | 018,055,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013/02/26 00:32:38 | 001,814,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2013/02/26 00:32:36 | 026,929,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/02/26 00:32:36 | 002,720,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/02/26 00:32:34 | 007,932,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/02/26 00:32:34 | 002,346,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/02/26 00:32:32 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2013/02/26 00:32:28 | 002,904,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/02/26 00:32:26 | 020,449,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/02/26 00:32:26 | 015,053,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013/02/26 00:32:24 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/02/26 00:32:08 | 012,641,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/02/26 00:32:08 | 007,564,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/02/26 00:32:08 | 001,985,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/02/26 00:32:08 | 000,017,266 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013/02/26 00:32:06 | 009,390,760 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/02/23 13:31:17 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dll
[2013/02/23 02:05:52 | 000,748,650 | ---- | M] () -- C:\Users\admin\Desktop\Prayer Secrets.pdf
[2013/02/23 00:03:16 | 000,000,246 | ---- | M] () -- C:\Users\admin\Desktop\FACEBOOK.url

========== Files Created - No Company Name ==========

[2013/03/23 01:41:50 | 000,126,934 | ---- | C] () -- C:\Users\admin\Desktop\Screenshot21.jpg
[2013/03/23 01:39:53 | 000,070,231 | ---- | C] () -- C:\Users\admin\Desktop\Screenshot20.jpg
[2013/03/23 00:52:02 | 000,234,465 | ---- | C] () -- C:\Users\admin\Desktop\100_0151.JPG
[2013/03/22 23:20:34 | 000,000,408 | ---- | C] () -- C:\Windows\SysWow64\iolo.ini
[2013/03/22 23:20:34 | 000,000,408 | ---- | C] () -- C:\Windows\SysNative\iolo.ini
[2013/03/22 16:23:51 | 000,077,696 | ---- | C] () -- C:\Users\admin\Desktop\FREE LISTING.jpg
[2013/03/22 09:58:06 | 000,158,726 | ---- | C] () -- C:\Users\admin\Desktop\PYMT - BOA.jpg
[2013/03/22 00:44:17 | 000,023,018 | ---- | C] () -- C:\Users\admin\Desktop\PHOTOSHOP.jpg
[2013/03/21 18:12:59 | 000,000,386 | ---- | C] () -- C:\Windows\SysNative\ioloBootDefrag.cfg
[2013/03/21 18:06:49 | 000,160,256 | ---- | C] () -- C:\Windows\SysNative\iavlsp64.dll
[2013/03/21 18:06:43 | 000,002,271 | ---- | C] () -- C:\Users\admin\Desktop\System Mechanic Professional.lnk
[2013/03/21 17:44:58 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2013/03/21 17:01:02 | 000,628,751 | ---- | C] () -- C:\Users\admin\Desktop\PC GRAPHICS ISSUE.pdf
[2013/03/20 00:39:15 | 000,033,005 | ---- | C] () -- C:\Users\admin\Desktop\LIST BUILDER.jpg
[2013/03/19 20:32:33 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/03/18 19:52:24 | 001,070,145 | ---- | C] () -- C:\Users\admin\Desktop\HOME FLYER.pdf
[2013/03/18 19:29:52 | 000,022,750 | ---- | C] () -- C:\Users\admin\Desktop\ANN'S BIZ CARD.jpg
[2013/03/17 16:53:31 | 000,121,906 | ---- | C] () -- C:\Users\admin\Desktop\GOT IT.jpg
[2013/03/16 22:16:53 | 000,001,242 | ---- | C] () -- C:\Users\admin\Desktop\Paint.lnk
[2013/03/15 21:43:47 | 000,344,608 | ---- | C] () -- C:\Users\admin\Desktop\NOTIFIER CAPTURE PAGE.jpg
[2013/03/15 19:46:31 | 000,213,240 | ---- | C] () -- C:\Users\admin\Desktop\BANK PAGE.jpg
[2013/03/15 18:27:10 | 000,005,621 | ---- | C] () -- C:\Users\admin\Desktop\PHOTO.jpg
[2013/03/14 01:15:42 | 000,004,096 | -H-- | C] () -- C:\Users\admin\AppData\Local\keyfile3.drm
[2013/03/13 20:35:46 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/13 20:35:46 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/02 15:41:48 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/02/23 14:22:22 | 000,007,381 | ---- | C] () -- C:\Program Files (x86)\e1909wdd.cat
[2013/02/23 14:22:22 | 000,002,964 | ---- | C] () -- C:\Program Files (x86)\E1909WDD.icm
[2013/02/23 14:22:22 | 000,001,558 | ---- | C] () -- C:\Program Files (x86)\E1909WDD.inf
[2013/02/23 14:20:32 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din
[2013/02/23 14:20:12 | 000,003,143 | ---- | C] () -- C:\Windows\SysNative\e1k62x64.din
[2013/02/23 14:18:24 | 006,777,344 | ---- | C] () -- C:\Program Files (x86)\PROSETDX.msi
[2013/02/23 14:18:24 | 003,294,747 | ---- | C] () -- C:\Program Files (x86)\DMIX.cab
[2013/02/23 14:18:24 | 001,844,288 | ---- | C] () -- C:\Program Files (x86)\Help.cab
[2013/02/23 14:18:24 | 001,659,677 | ---- | C] () -- C:\Program Files (x86)\LR_DMIX.cab
[2013/02/23 14:18:24 | 001,524,736 | ---- | C] () -- C:\Program Files (x86)\VC90_CRT_x64.msi
[2013/02/23 14:18:24 | 000,365,056 | ---- | C] () -- C:\Program Files (x86)\1042.mst
[2013/02/23 14:18:24 | 000,168,448 | ---- | C] () -- C:\Program Files (x86)\1041.mst
[2013/02/23 14:18:24 | 000,123,392 | ---- | C] () -- C:\Program Files (x86)\1028.mst
[2013/02/23 14:18:24 | 000,113,664 | ---- | C] () -- C:\Program Files (x86)\2052.mst
[2013/02/23 14:18:24 | 000,110,080 | ---- | C] () -- C:\Program Files (x86)\1036.mst
[2013/02/23 14:18:24 | 000,108,544 | ---- | C] () -- C:\Program Files (x86)\1031.mst
[2013/02/23 14:18:24 | 000,105,472 | ---- | C] () -- C:\Program Files (x86)\1040.mst
[2013/02/23 14:18:24 | 000,104,448 | ---- | C] () -- C:\Program Files (x86)\1046.mst
[2013/02/23 14:18:24 | 000,104,448 | ---- | C] () -- C:\Program Files (x86)\1034.mst
[2013/02/23 14:18:24 | 000,103,638 | ---- | C] () -- C:\Program Files (x86)\SNMP.cab
[2013/02/23 14:18:24 | 000,100,006 | ---- | C] () -- C:\Program Files (x86)\setup.cab
[2013/02/23 14:18:24 | 000,003,584 | ---- | C] () -- C:\Program Files (x86)\1033.mst
[2013/02/23 14:18:24 | 000,002,138 | ---- | C] () -- C:\Program Files (x86)\OemVer.reg
[2013/02/23 14:18:24 | 000,000,240 | ---- | C] () -- C:\Program Files (x86)\custom.ini
[2013/02/23 14:18:24 | 000,000,179 | ---- | C] () -- C:\Program Files (x86)\DxSetup.ini
[2013/02/23 14:16:43 | 000,019,402 | ---- | C] () -- C:\Program Files (x86)\Setup.if2
[2013/02/23 14:16:43 | 000,013,029 | ---- | C] () -- C:\Program Files (x86)\mup.xml
[2013/02/23 14:16:43 | 000,002,302 | ---- | C] () -- C:\Program Files (x86)\Setup2.if2
[2013/02/23 14:11:04 | 000,725,092 | ---- | C] () -- C:\Program Files (x86)\Intel®_IMSS_User_Guide.pdf
[2013/02/23 14:11:04 | 000,005,413 | ---- | C] () -- C:\Program Files (x86)\IIF2.ini
[2013/02/23 14:11:04 | 000,003,154 | ---- | C] () -- C:\Program Files (x86)\PIcon.ini
[2013/02/23 14:11:04 | 000,000,025 | ---- | C] () -- C:\Program Files (x86)\autorun.inf
[2013/02/23 13:31:17 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2013/02/23 02:05:50 | 000,748,650 | ---- | C] () -- C:\Users\admin\Desktop\Prayer Secrets.pdf
[2013/02/23 00:03:16 | 000,000,246 | ---- | C] () -- C:\Users\admin\Desktop\FACEBOOK.url
[2013/02/21 19:31:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/02/21 19:17:59 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/01/02 02:05:55 | 000,000,600 | ---- | C] () -- C:\Users\admin\PUTTY.RND
[2012/09/04 23:17:32 | 000,000,184 | -H-- | C] () -- C:\ProgramData\-Wr5huX7hUq1NvGr
[2012/09/04 23:17:32 | 000,000,160 | -H-- | C] () -- C:\ProgramData\-Wr5huX7hUq1NvG
[2012/09/04 23:17:26 | 000,000,368 | -H-- | C] () -- C:\ProgramData\Wr5huX7hUq1NvG
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/01/19 23:02:56 | 000,001,041 | -H-- | C] () -- C:\Users\admin\AppData\Roaming\vso_ts_preview.xml
[2011/09/08 18:51:03 | 000,000,835 | -H-- | C] () -- C:\Users\admin\.recently-used.xbel
[2011/08/06 17:20:02 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\sx83p32.dll
[2011/08/06 17:18:41 | 000,117,760 | ---- | C] () -- C:\Windows\SysWow64\NCSPI8EN.DLL
[2011/08/06 17:18:26 | 000,022,480 | ---- | C] () -- C:\Windows\SysWow64\PFMAPI16.DLL
[2011/08/06 17:18:26 | 000,020,992 | ---- | C] () -- C:\Windows\SysWow64\PFMAPI32.DLL
[2011/08/03 18:14:59 | 000,099,384 | ---- | C] () -- C:\Users\admin\AppData\Roaming\inst.exe
[2011/08/03 18:14:59 | 000,007,859 | ---- | C] () -- C:\Users\admin\AppData\Roaming\pcouffin.cat
[2011/08/03 18:14:59 | 000,001,167 | ---- | C] () -- C:\Users\admin\AppData\Roaming\pcouffin.inf
[2011/07/10 14:25:27 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/06 02:09:13 | 000,007,609 | ---- | C] () -- C:\Users\admin\AppData\Local\resmon.resmoncfg
[2011/07/01 22:32:56 | 000,007,680 | ---- | C] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/28 00:15:26 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:6B9ADB51
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:9341E0C6

< End of report >
  • 0

#6
Jintan
Posted 23 March 2013 - 01:07 PM

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
No outright culprit so far, aside from Iolo. Though can't see how it would cause the Library folder to open, once TFC restarted Explorer.

As for Iolo, other than my personal experience of having to repair systems in threads once Iolo made bad choice changes, if you look through the reviews here, it's a mixture of cudos, and then members who have had their system trashed by allowing Iolo to make changes.

As for Iobit's defrag program, defragging regularly hasn't been needed sine Windows 98 and the FAT32 file system days, but vendors like Iobit play off the belief that it's still of value. I have seen where daily of frequent running of some defrag program can corrupt the file system. So just my suggesting you uninstall these two softwares, before they damage your system.

----------

Be sure to continue to temporarily disable any protective software when running the scan tools we use here.



Download RogueKiller from here to your desktop.

Close all open programs
Remember to right click -> run as administrator, and click the downloaded file.
Wen RogueKiller finises it's opening scan, press the Scan button..
A RKreport.txt will be created in the same location as the RogueKiller file.
If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe, and try again.

Please post the contents of the RKreport.txt.

Close all open programs
Remember to right click -> run as administrator, and click the downloaded file.
Wen RogueKiller finises it's opening scan, press the Scan button..
A RKreport.txt will be created in the same location as the RogueKiller file.
If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe, and try again.

Please post the contents of the RKreport.txt.

---------

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP