My computer is a Dell XPS from 2011. It runs on an Intel i7 processor, 4GB RAM and 2GB graphic memory. Yet, the computer is performing unusually slow in the past three days. The computer took almost a full minute to open Windows Explorer, and even the Notepad to save my OTL log file.
I ran the Panda Cloud antivirus full scan and Malwarebytes quick scan on my computer yesterday. Cloud antivirus detected 12 threats while Malwarebytes showed a clean computer. To be sure, I also ran a quick scan on OTL and decided to consult you guys. Please tell me what is going on in my computer.
Here is the OTL log..
OTS logfile created on: 30/6/2013 11:33:52 PM - Run 3
OTS by OldTimer - Version 3.1.41.4 Folder = C:\Users\YaoTheHong\Documents\Info Center\Experts Help\KeyGenGuru Malware\OTS
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 67.30 Gb Free Space | 14.92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: BOMBOMCHA
Current User Name: admin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Quick Scan
[Processes - Safe List]
psuaservice.exe -> C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe -> [2013/05/28 11:42:24 | 000,037,344 | ---- | M] (Panda Security, S.L.)
psuamain.exe -> C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe -> [2013/05/28 11:42:23 | 000,032,736 | ---- | M] (Panda Security, S.L.)
psanhost.exe -> C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -> [2013/05/28 11:20:15 | 000,140,768 | ---- | M] (Panda Security, S.L.)
c2c_service.exe -> C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -> [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.)
armsvc.exe -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2012/12/18 22:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated)
sftvsa.exe -> C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -> [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation)
sftlist.exe -> C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -> [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation)
sftservice.exe -> C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -> [2011/08/18 23:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS)
vpnagent.exe -> C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -> [2011/08/04 04:43:45 | 000,645,048 | ---- | M] (Cisco Systems, Inc.)
ots.exe -> C:\Users\YaoTheHong\My Documents\Info Center\Experts Help\KeyGenGuru Malware\OTS\OTS.exe -> [2011/02/20 01:14:46 | 000,642,560 | ---- | M] (OldTimer Tools)
nvscpapisvr.exe -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -> [2010/12/23 18:48:02 | 000,378,984 | ---- | M] (NVIDIA Corporation)
fatrayalert.exe -> C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe -> [2010/11/02 12:40:30 | 002,006,664 | ---- | M] (Sensible Vision )
fatraymon.exe -> C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe -> [2010/11/02 12:40:30 | 000,093,832 | ---- | M] (Sensible Vision )
faservice.exe -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -> [2010/11/02 12:40:28 | 002,428,552 | ---- | M] (Sensible Vision )
uns.exe -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -> [2010/07/01 12:10:26 | 002,533,400 | ---- | M] (Intel Corporation)
lms.exe -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -> [2010/07/01 12:10:22 | 000,325,656 | ---- | M] (Intel Corporation)
nusb3mon.exe -> C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe -> [2010/04/27 13:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation)
iastordatamgrsvc.exe -> C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation)
iastoricon.exe -> C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe -> [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation)
flux.exe -> C:\Users\YaoTheHong\Local Settings\Apps\F.lux\flux.exe -> [2009/08/29 14:00:12 | 000,966,656 | ---- | M] ()
docklogin.exe -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2009/06/09 22:11:14 | 000,155,648 | ---- | M] (Stardock Corporation)
[Modules - Safe List]
ots.exe -> C:\Users\YaoTheHong\My Documents\Info Center\Experts Help\KeyGenGuru Malware\OTS\OTS.exe -> [2011/02/20 01:14:46 | 000,642,560 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll -> [2010/11/21 11:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation)
normaliz.dll -> C:\Windows\SysWOW64\normaliz.dll -> [2009/07/14 09:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation)
[Win32 Services - Safe List]
64bit-(FLEXnet Licensing Service 64) [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -> [2012/11/07 04:38:36 | 001,432,400 | ---- | M] (Flexera Software, Inc.)
64bit-(EvtEng) [Auto | Running] -> C:\Program Files\Intel\WiFi\bin\EvtEng.exe -> [2010/03/05 10:26:38 | 001,425,168 | ---- | M] (Intel® Corporation)
64bit-(MyWiFiDHCPDNS) [On_Demand | Stopped] -> C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -> [2010/03/05 10:07:58 | 000,340,240 | ---- | M] ()
64bit-(RegSrvc) [Auto | Running] -> C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -> [2010/03/05 10:06:22 | 000,831,760 | ---- | M] (Intel® Corporation)
64bit-(AERTFilters) [Auto | Running] -> C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -> [2009/11/17 18:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation)
64bit-(WinDefend) [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation)
64bit-(DockLoginService) [Auto | Running] -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2009/06/09 22:11:14 | 000,155,648 | ---- | M] (Stardock Corporation)
(AdobeFlashPlayerUpdateSvc) Adobe Flash Player Update Service [On_Demand | Stopped] -> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -> [2013/06/14 02:35:22 | 000,256,904 | ---- | M] (Adobe Systems Incorporated)
(PSUAService) Panda Product Service [Auto | Running] -> C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe -> [2013/05/28 11:42:24 | 000,037,344 | ---- | M] (Panda Security, S.L.)
(NanoServiceMain) Panda Cloud Antivirus Service [Auto | Running] -> C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -> [2013/05/28 11:20:15 | 000,140,768 | ---- | M] (Panda Security, S.L.)
(Skype C2C Service) Skype C2C Service [Auto | Running] -> C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -> [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.)
(SkypeUpdate) Skype Updater [Auto | Stopped] -> C:\Program Files (x86)\Skype\Updater\Updater.exe -> [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies)
(AdobeARMservice) Adobe Acrobat Update Service [Auto | Running] -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -> [2012/12/18 22:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated)
(MozillaMaintenance) Mozilla Maintenance Service [On_Demand | Stopped] -> C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -> [2012/07/14 08:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation)
(sftvsa) Application Virtualization Service Agent [On_Demand | Running] -> C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -> [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation)
(sftlist) Application Virtualization Client [Auto | Running] -> C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -> [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation)
(SftService) SoftThinks Agent Service [Auto | Running] -> C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -> [2011/08/18 23:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS)
(vpnagent) Cisco AnyConnect VPN Agent [Auto | Running] -> C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -> [2011/08/04 04:43:45 | 000,645,048 | ---- | M] (Cisco Systems, Inc.)
(GoToAssist) GoToAssist [On_Demand | Stopped] -> C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -> [2011/01/18 03:48:47 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.)
(Stereo Service) NVIDIA Stereoscopic 3D Driver Service [Auto | Running] -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -> [2010/12/23 18:48:02 | 000,378,984 | ---- | M] (NVIDIA Corporation)
(FAService) FAService [Auto | Running] -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -> [2010/11/02 12:40:28 | 002,428,552 | ---- | M] (Sensible Vision )
(RoxWatch12) Roxio Hard Drive Watcher 12 [Disabled | Stopped] -> C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -> [2010/09/04 15:15:22 | 000,219,632 | ---- | M] (Sonic Solutions)
(RoxMediaDB12OEM) RoxMediaDB12OEM [Disabled | Stopped] -> C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -> [2010/09/04 15:14:26 | 001,116,656 | ---- | M] (Sonic Solutions)
(NOBU) Dell DataSafe Online [Disabled | Stopped] -> C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -> [2010/08/26 10:28:54 | 002,823,000 | ---- | M] (Dell, Inc.)
(UNS) Intel® Management & Security Application User Notification Service [Auto | Running] -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -> [2010/07/01 12:10:26 | 002,533,400 | ---- | M] (Intel Corporation)
(LMS) Intel® Management and Security Application Local Management Service [Auto | Running] -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -> [2010/07/01 12:10:22 | 000,325,656 | ---- | M] (Intel Corporation)
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [On_Demand | Stopped] -> C:\Program Files (x86)\WinPcap\rpcapd.exe -> [2010/06/26 01:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/19 04:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(IAStorDataMgrSvc) Intel® Rapid Storage Technology [Auto | Running] -> C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -> [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation)
[Driver Services - Safe List]
64bit-(PSINProt) PSINProt [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\PSINProt.sys -> [2013/05/29 17:16:45 | 000,137,448 | ---- | M] (Panda Security, S.L.)
64bit-(NNSSTRM) NNSSTRM [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNSStrm.sys -> [2013/05/29 05:55:24 | 000,246,504 | ---- | M] (Panda Security, S.L.)
64bit-(NNSTLSC) NNSTLSC [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNStlsc.sys -> [2013/05/29 05:55:24 | 000,106,216 | ---- | M] (Panda Security, S.L.)
64bit-(NNSPRV) NNSPRV [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNSPrv.sys -> [2013/05/29 05:55:23 | 000,118,504 | ---- | M] (Panda Security, S.L.)
64bit-(NNSSMTP) NNSSMTP [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNSSmtp.sys -> [2013/05/29 05:55:23 | 000,114,920 | ---- | M] (Panda Security, S.L.)
64bit-(NNSPROT) NNSPROT [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNSProt.sys -> [2013/05/29 05:55:22 | 000,305,896 | ---- | M] (Panda Security, S.L.)
64bit-(NNSPOP3) NNSPOP3 [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNSPop3.sys -> [2013/05/29 05:55:22 | 000,119,016 | ---- | M] (Panda Security, S.L.)
64bit-(NNSPIHSW) NNSPIHSW [Kernel | Disabled | Stopped] -> C:\Windows\SysNative\drivers\NNSPihsw.sys -> [2013/05/29 05:55:22 | 000,069,864 | ---- | M] (Panda Security, S.L.)
64bit-(NNSIDS) NNSIDS [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNSIds.sys -> [2013/05/29 05:55:21 | 000,114,920 | ---- | M] (Panda Security, S.L.)
64bit-(NNSHTTPS) NNSHTTPS [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNSHttps.sys -> [2013/05/29 05:55:21 | 000,109,288 | ---- | M] (Panda Security, S.L.)
64bit-(NNSPICC) NNSPICC [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNSpicc.sys -> [2013/05/29 05:55:21 | 000,095,464 | ---- | M] (Panda Security, S.L.)
64bit-(NNSHTTP) NNSHTTP [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNSHttp.sys -> [2013/05/29 05:55:20 | 000,122,088 | ---- | M] (Panda Security, S.L.)
64bit-(NNSALPC) NNSALPC [Kernel | System | Running] -> C:\Windows\SysNative\drivers\NNSAlpc.sys -> [2013/05/29 05:55:20 | 000,091,368 | ---- | M] (Panda Security, S.L.)
64bit-(PSINReg) PSINReg [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\PSINReg.sys -> [2013/05/28 11:25:41 | 000,105,704 | ---- | M] (Panda Security, S.L.)
64bit-(PSINKNC) PSINKNC [Kernel | System | Running] -> C:\Windows\SysNative\drivers\PSINKNC.sys -> [2013/05/28 11:25:40 | 000,205,544 | ---- | M] (Panda Security, S.L.)
64bit-(PSINProc) PSINProc [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\PSINProc.sys -> [2013/05/28 11:25:40 | 000,124,648 | ---- | M] (Panda Security, S.L.)
64bit-(PSINFile) PSINFile [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\PSINFile.sys -> [2013/05/28 11:25:05 | 000,122,088 | ---- | M] (Panda Security, S.L.)
64bit-(PSINAflt) PSINAflt [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\PSINAflt.sys -> [2013/05/28 11:25:04 | 000,168,680 | ---- | M] (Panda Security, S.L.)
64bit-(PSKMAD) PSKMAD [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\PSKMAD.sys -> [2013/04/29 09:17:30 | 000,058,808 | ---- | M] (Panda Security, S.L.)
64bit-(dtsoftbus01) DAEMON Tools Virtual Bus Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\dtsoftbus01.sys -> [2013/04/08 23:39:14 | 000,279,616 | ---- | M] (DT Soft Ltd)
64bit-(Sftvol) Sftvol [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Sftvollh.sys -> [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation)
64bit-(Sftplay) Sftplay [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Sftplaylh.sys -> [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation)
64bit-(Sftredir) Sftredir [File_System | On_Demand | Running] -> C:\Windows\SysNative\drivers\Sftredirlh.sys -> [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation)
64bit-(Sftfs) Sftfs [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Sftfslh.sys -> [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation)
64bit-(vpnva) Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\vpnva64.sys -> [2011/08/04 04:27:28 | 000,022,264 | ---- | M] (Cisco Systems, Inc.)
64bit-(amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsata.sys -> [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices)
64bit-(amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\amdxata.sys -> [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices)
64bit-(VClone) VClone [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\VClone.sys -> [2011/01/16 00:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG)
64bit-(nmwcdnsucx64) Nokia USB Flashing Generic [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -> [2010/12/02 10:36:40 | 000,012,800 | ---- | M] (Nokia)
64bit-(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbFlt.sys -> [2010/11/21 11:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation)
64bit-(HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\HpSAMD.sys -> [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company)
64bit-(TsUsbGD) Remote Desktop Generic USB Device [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\TsUsbGD.sys -> [2010/11/21 11:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation)
64bit-(NVHDA) Service for NVIDIA High Definition Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nvhda64v.sys -> [2010/11/12 04:40:50 | 000,155,752 | ---- | M] (NVIDIA Corporation)
64bit-(JMCR) JMCR [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\jmcr.sys -> [2010/09/27 14:13:16 | 000,169,048 | ---- | M] (JMicron Technology Corporation)
64bit-(stdcfltn) Disk Class Filter Driver for Accelerometer [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\stdcfltn.sys -> [2010/08/20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics)
64bit-(Acceler) Accelerometer Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Accelern.sys -> [2010/08/20 06:05:18 | 000,027,760 | ---- | M] (ST Microelectronics)
64bit-(CtClsFlt) Creative Camera Class Upper Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\CtClsFlt.sys -> [2010/08/13 00:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.)
64bit-(PCDSRVC{1E208CE0-FB7451FF-06020101}_0) PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver [Kernel | On_Demand | Stopped] -> c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -> [2010/07/30 15:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.)
64bit-(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\SynTP.sys -> [2010/07/15 12:54:20 | 001,381,936 | ---- | M] (Synaptics Incorporated)
64bit-(qicflt) upper Device Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\qicflt.sys -> [2010/07/12 18:38:06 | 000,029,288 | ---- | M] (Quanta Computer)
64bit-(NPF) NetGroup Packet Filter Driver [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\npf.sys -> [2010/06/26 01:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.)
64bit-(RTL8167) Realtek 8167 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\Rt64win7.sys -> [2010/06/23 17:10:56 | 000,344,680 | ---- | M] (Realtek )
64bit-(NETw5s64) Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\NETw5s64.sys -> [2010/05/31 12:05:06 | 007,689,216 | ---- | M] (Intel Corporation)
64bit-(nusb3xhc) Renesas Electronics USB 3.0 Host Controller Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nusb3xhc.sys -> [2010/04/27 12:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation)
64bit-(nusb3hub) Renesas Electronics USB 3.0 Hub Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\nusb3hub.sys -> [2010/04/27 12:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation)
64bit-(PxHlpa64) PxHlpa64 [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\PxHlpa64.sys -> [2010/03/19 17:00:00 | 000,055,856 | ---- | M] (Sonic Solutions)
64bit-(iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\SysNative\drivers\iaStor.sys -> [2010/03/03 18:51:40 | 000,540,696 | ---- | M] (Intel Corporation)
64bit-(Impcd) Impcd [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\Impcd.sys -> [2010/02/26 16:32:12 | 000,158,976 | ---- | M] (Intel Corporation)
64bit-(TurboB) Turbo Boost UI Monitor driver [Kernel | Auto | Running] -> C:\Windows\SysNative\drivers\TurboB.sys -> [2009/11/03 02:48:02 | 000,013,784 | ---- | M] ()
64bit-(HECIx64) Intel® Management Engine Interface [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\HECIx64.sys -> [2009/09/17 07:54:54 | 000,056,344 | ---- | M] (Intel Corporation)
64bit-(NMgamingmsFltr) USB Optical Mouse [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\NMgamingms.sys -> [2009/07/24 08:55:10 | 000,011,264 | ---- | M] (Primax Ltd)
64bit-(amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\amdsbs.sys -> [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.)
64bit-(LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\lsi_sas2.sys -> [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation)
64bit-(stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\stexstor.sys -> [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology)
64bit-(Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\SysNative\wbem\ntfs.mof -> [2009/06/11 04:38:56 | 000,000,308 | ---- | M] ()
64bit-(ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\evbda.sys -> [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation)
64bit-(b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\bxvbda.sys -> [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation)
64bit-(b57nd60a) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\b57nd60a.sys -> [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation)
64bit-(hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\hcw85cir.sys -> [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
64bit-(mcdbus) Driver for MagicISO SCSI Host Controller [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\mcdbus.sys -> [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.)
64bit-(FACAP) facap, FastAccess Video Capture [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\facap.sys -> [2008/09/25 10:36:14 | 000,238,848 | ---- | M] (Sensible Vision )
64bit-(nmwcdx64) Nokia USB Phone Parent [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\nmwcdx64.sys -> [2007/06/28 11:47:14 | 000,173,056 | ---- | M] (Nokia)
64bit-(WimFltr) WimFltr [File_System | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\WimFltr.sys -> [2006/11/02 02:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation)
[Registry - Safe List]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\] > -> ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\: Main\\"Start Page" -> http://www1.ap.dell....c=my&l=en&s=gen ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\] > -> ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\: Main\\"Default_Page_URL" -> http://www1.ap.dell....c=my&l=en&s=gen ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\: Main\\"Start Page" -> http://www.google.com.my/ ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\: URLSearchHooks\\"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\: "ProxyOverride" -> local ->
< FireFox Settings [Prefs.js] > -> C:\Users\admin\AppData\Roaming\Mozilla\FireFox\Profiles\uuc5hb10.default\prefs.js ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
HKLM\software\mozilla\Firefox\Extensions\\[email protected] -> C:\PROGRAM FILES (X86)\SENSIBLE VISION\FAST ACCESS\XPCOM_FASSO\ [C:\PROGRAM FILES (X86)\SENSIBLE VISION\FAST ACCESS\XPCOM_FASSO\] -> [2013/04/02 13:48:14 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\[email protected] -> C:\USERS\YAOTHEHONG\DOCUMENTS\APPENDICAL PROGRAMS\FREEMAKE VIDEO CONVERTER V2.1.3.0\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX\ [C:\USERS\YAOTHEHONG\DOCUMENTS\APPENDICAL PROGRAMS\FREEMAKE VIDEO CONVERTER V2.1.3.0\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX\] -> [2013/04/02 14:18:02 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 14.0.1\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components -> C:\Users\Ajnim\My Documents\Appendical Programs\Mozilla Firefox\components [C:\USERS\AJNIM\DOCUMENTS\APPENDICAL PROGRAMS\MOZILLA FIREFOX\COMPONENTS] -> [2013/04/02 14:11:33 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins -> C:\USERS\AJNIM\DOCUMENTS\APPENDICAL PROGRAMS\MOZILLA FIREFOX\PLUGINS ->
HKLM\software\mozilla\Mozilla Firefox 4.0\extensions -> ->
HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components -> C:\Users\YaoTheHong\My Documents\Appendical Programs\Mozilla Firefox\components [C:\USERS\YAOTHEHONG\DOCUMENTS\APPENDICAL PROGRAMS\MOZILLA FIREFOX\COMPONENTS] -> [2013/04/02 14:18:47 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins -> C:\USERS\YAOTHEHONG\DOCUMENTS\APPENDICAL PROGRAMS\MOZILLA FIREFOX\PLUGINS ->
< FireFox Extensions [User Folders] > ->
-> C:\Users\admin\AppData\Roaming\Mozilla\Extensions -> [2011/11/28 13:06:06 | 000,000,000 | ---D | M]
-> C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\uuc5hb10.default\extensions -> [2013/04/02 14:23:36 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > ->
No name found -> -> File not found
No name found -> C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE -> File not found
No name found -> C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR -> File not found
FastAccess Web Login -> C:\PROGRAM FILES (X86)\SENSIBLE VISION\FAST ACCESS\XPCOM_FASSO -> [2013/04/02 13:48:14 | 000,000,000 | ---D | M]
Freemake Video Converter Plugin -> C:\USERS\YAOTHEHONG\DOCUMENTS\APPENDICAL PROGRAMS\FREEMAKE VIDEO CONVERTER V2.1.3.0\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX -> [2013/04/02 14:18:02 | 000,000,000 | ---D | M]
< HOSTS File > ([2013/04/13 23:15:39 | 000,000,855 | ---- | M] - 24 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [McAfee Phishing Filter] -> File not found
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [Skype add-on for Internet Explorer] -> [2013/05/14 13:18:32 | 006,307,960 | ---- | M] (Skype Technologies S.A.)
{DA5BCE70-D057-4D63-943D-5F3927EC59F1} [HKLM] -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [SSOIEAddonBHO Class] -> [2010/11/02 12:40:26 | 000,746,120 | ---- | M] (Sensible Vision )
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> Reg Error: Key error. [Java Plug-In 2 SSV Helper] -> File not found
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{000123B4-9B42-4900-B3F7-F4B073EFC214} [HKLM] -> C:\Users\YaoTheHong\My Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitcth.dll [Octh Class] -> [2012/06/20 15:52:10 | 000,241,464 | ---- | M] (Orbitdownloader.com)
{27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> Reg Error: Key error. [McAfee Phishing Filter] -> File not found
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Users\YaoTheHong\My Documents\Appendical Programs\Spybot SD 1.6.2\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2009/01/26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [Java Plug-In SSV Helper] -> [2013/04/24 00:07:57 | 000,462,752 | ---- | M] (Oracle Corporation)
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Browser Helper] -> [2013/05/14 13:26:08 | 004,531,320 | ---- | M] (Skype Technologies S.A.)
{DA5BCE70-D057-4D63-943D-5F3927EC59F1} [HKLM] -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [SSOIEAddonBHO Class] -> [2010/11/02 12:40:26 | 000,574,088 | ---- | M] (Sensible Vision )
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [Java Plug-In 2 SSV Helper] -> [2013/04/24 00:07:55 | 000,171,424 | ---- | M] (Oracle Corporation)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" [HKLM] -> C:\Users\YaoTheHong\My Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\GrabPro.dll [Grab Pro] -> [2012/06/20 15:52:10 | 000,696,000 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" [HKLM] -> C:\Users\YaoTheHong\My Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\GrabPro.dll [Grab Pro] -> [2012/06/20 15:52:10 | 000,696,000 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" [HKLM] -> C:\Users\YaoTheHong\My Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\GrabPro.dll [Grab Pro] -> [2012/06/20 15:52:10 | 000,696,000 | ---- | M] ()
< 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"IntelWireless" -> C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe ["C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray] -> [2010/03/05 10:09:02 | 001,928,976 | ---- | M] (Intel® Corporation)
"NVHotkey" -> C:\Windows\SysNative\nvHotkey.dll [rundll32.exe C:\Windows\system32\nvHotkey.dll,Start] -> [2010/08/12 13:19:40 | 000,283,240 | ---- | M] (NVIDIA Corporation)
"RtHDVBg" -> C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 ] -> [2011/01/18 14:53:06 | 002,188,904 | ---- | M] (Realtek Semiconductor)
"RTHDVCPL" -> C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s] -> [2011/02/18 15:48:58 | 006,611,048 | ---- | M] (Realtek Semiconductor)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"FAStartup" -> [] -> File not found
"FATrayAlert" -> C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe] -> [2010/11/02 12:40:30 | 000,093,832 | ---- | M] (Sensible Vision )
"IAStorIcon" -> C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe] -> [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation)
"NUSB3MON" -> c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe ["c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"] -> [2010/04/27 13:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation)
"PSUAMain" -> C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe ["C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray] -> [2013/05/28 11:42:23 | 000,032,736 | ---- | M] (Panda Security, S.L.)
< RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"Malwarebytes Anti-Malware" -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent] -> [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation)
< Run [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"DAEMON Tools Lite" -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ["C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2011/11/10 17:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd)
"F.lux" -> C:\Users\YaoTheHong\Local Settings\Apps\F.lux\flux.exe ["C:\Users\YaoTheHong\Local Settings\Apps\F.lux\flux.exe" /noshow] -> [2009/08/29 14:00:12 | 000,966,656 | ---- | M] ()
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< Software Policy Settings [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"" -> [] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"" -> [] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Download by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/201] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
&Grab video by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/204] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
Do&wnload selected by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/203] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
Down&load all by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/202] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Download by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/201] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
&Grab video by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/204] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
Do&wnload selected by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/203] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
Down&load all by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/202] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
< 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Download by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/201] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
&Grab video by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/204] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
Do&wnload selected by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/203] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
Down&load all by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/202] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Download by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/201] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
&Grab video by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/204] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
Do&wnload selected by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/203] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
Down&load all by Orbit -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll [res://C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitmxt.dll/202] -> [2012/06/20 15:52:10 | 000,102,080 | ---- | M] (Orbitdownloader.com)
Send image to &Bluetooth Device... -> [c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> File not found
Send page to &Bluetooth Device... -> [c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> File not found
< 64bit-Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [Button: Skype Click to Call] -> [2013/05/14 13:18:32 | 006,307,960 | ---- | M] (Skype Technologies S.A.)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype Click to Call] -> [2013/05/14 13:26:08 | 004,531,320 | ---- | M] (Skype Technologies S.A.)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Users\YaoTheHong\My Documents\Appendical Programs\Spybot SD 1.6.2\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2009/01/26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited)
< 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.micro...?ext=%s&mime=%s ->
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7720 domain(s) found. ->
< 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7718 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 7722 domain(s) found. ->
dell.com .[*] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\] > -> HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-3057907370-1423405045-2432694329-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset...lineScanner.cab [Reg Error: Key error.] ->
{C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} [HKLM] -> http://support.dell....lSystemLite.CAB [DellSystemLite.Scanner] ->
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [HKLM] -> http://messenger.zon...nt.cab56907.cab [MessengerStatsClient Class] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.1.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{78A71A00-BC74-4F42-904C-6612B42C1F19}\\DhcpNameServer -> 192.168.1.1 (Intel® Centrino® Advanced-N 6200 AGN) ->
< 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 14:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
64bit-*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\SysNative\SystemPropertiesPerformance.exe -> [2009/07/14 09:39:47 | 000,082,432 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
/pagefile -> -> File not found
*MultiFile Done* -> ->
< 64bit-Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
GoToAssist -> -> File not found
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
FastAccess -> C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll -> [2010/11/02 12:40:28 | 000,147,080 | ---- | M] ()
< 64bit-SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications ->
< Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications ->
64bit-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
\List\\"C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitdm.exe" -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitdm.exe [C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit] -> [2012/06/20 15:52:10 | 002,637,624 | ---- | M] (Orbitdownloader.com)
\List\\"C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitnet.exe" -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitnet.exe [C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit] -> [2012/06/20 15:43:38 | 000,557,056 | ---- | M] (Orbitdownloader.com)
< Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{13FD0C2B-F90D-4202-BA0F-9FF93D64388A} -> lport=6004 | profile=private | protocol=17 | dir=in | action=allow | name=microsoft office outlook | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
{36A6D726-CB33-4B76-AAFC-E487E1B717D5} -> lport=1900 | protocol=17 | dir=in | action=allow | name=windows live communications platform (ssdp) |
{37EC36F6-72C8-4A9F-A260-052B7CB165CD} -> lport=49242 | profile=private | protocol=6 | dir=in | action=allow | name=akamai netsession interface |
{57C62B11-3A30-441F-9436-A86BFC7818D5} -> lport=808 | protocol=6 | dir=in | action=allow | name=@c:\windows\microsoft.net\framework64\v4.0.30319\\servicemodelevents.dll,-2000 | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | svc=nettcpactivator |
{6B62572C-6667-4A62-A057-272E6C3B904E} -> lport=5000 | profile=private | protocol=17 | dir=in | action=allow | name=akamai netsession interface |
{8F10E703-E703-4AFF-85A7-23B640B9F21C} -> lport=2869 | protocol=6 | dir=in | action=allow | name=windows live communications platform (upnp) |
{B99ADA06-7F1B-45E0-97CF-111F9757A78F} -> lport=5355 | profile=private | protocol=17 | dir=in | action=allow | name=file and printer sharing (llmnr-udp-in) | app=%systemroot%\system32\svchost.exe | svc=dnscache |
{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB} -> rport=5355 | profile=private | protocol=17 | dir=out | action=allow | name=file and printer sharing (llmnr-udp-out) | app=%systemroot%\system32\svchost.exe | svc=dnscache |
< Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
{0D76D760-EAE3-40F2-A83F-37F3FFF58941} -> dir=in | action=allow | name=skype | app=c:\program files (x86)\skype\phone\skype.exe |
{19E61D96-D256-4A9F-854D-68EED8BC781B} -> profile=private | protocol=6 | dir=in | action=allow | name=microsoft sharepoint workspace | app=c:\program files (x86)\microsoft office\office14\groove.exe |
{247807A8-0BA2-4F6C-889B-3CCD7D81332A} -> profile=private | protocol=6 | dir=in | action=allow | name=microsoft onenote | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
{42B6E22D-BEBF-4A7A-8392-0E258EADECC3} -> dir=in | action=allow | name=wireless pan dhcp server | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
{5165E028-8B4E-4D95-AD4B-75D649985E94} -> profile=private | protocol=17 | dir=in | action=allow | name=microsoft sharepoint workspace | app=c:\program files (x86)\microsoft office\office14\groove.exe |
{6850C763-6DE0-46FF-AB40-5616FCC8237D} -> profile=private | protocol=17 | dir=in | action=allow | name=microsoft onenote | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
{8B2B6B84-ACB5-4AE4-B0CD-947F77305926} -> dir=in | action=allow | name=windows live messenger | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
{B4C00699-AC6F-431F-A081-4736E93842E6} -> profile=private | protocol=17 | dir=in | action=allow | name=blizzard launcher | app=c:\users\yaothehong\documents\starcraft 2\starcraft ii beta\starcraft ii.exe |
{B4CE19A6-99F8-4791-8AFA-A2AC5EA80D2C} -> dir=in | action=allow | name=windows live communications platform | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
{CEDF2E52-F56D-4DCD-B481-F3E6ADAE227C} -> profile=private | protocol=6 | dir=in | action=allow | name=blizzard launcher | app=c:\users\yaothehong\documents\starcraft 2\starcraft ii beta\starcraft ii.exe |
TCP Query User{1192A90D-5660-4795-B275-6AE7E70E9F6B}C:\users\yaothehong\desktop\givme7\garena\garena.exe -> profile=private | protocol=6 | dir=in | action=allow | name=garena.exe | app=c:\users\yaothehong\desktop\givme7\garena\garena.exe |
TCP Query User{3067BD7E-5ECC-449E-A7EF-0F8A858138DF}C:\users\yaothehong\saved games\nintendo ds emulator\desmume v.0.9.7 x86-x32 wifi capability winpcap v.4.1.2\desmume_vs2008.exe -> profile=private | protocol=6 | dir=in | action=block | name=desmume_vs2008.exe | app=c:\users\yaothehong\saved games\nintendo ds emulator\desmume v.0.9.7 x86-x32 wifi capability winpcap v.4.1.2\desmume_vs2008.exe |
TCP Query User{48A21A1F-98D5-4AFB-970A-CAD484C9C597}C:\users\yaothehong\appdata\local\temp\spoon\cache\0x8f67b19608374cdb\stubexe\0x7496e8aa457f6b77\sketchup.exe -> profile=private | protocol=6 | dir=in | action=block | name=sketchup.exe | app=c:\users\yaothehong\appdata\local\temp\spoon\cache\0x8f67b19608374cdb\stubexe\0x7496e8aa457f6b77\sketchup.exe |
TCP Query User{7BDF4309-AC4A-41C8-B345-DE501EFE6B26}C:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader\orbitdownloader\orbitnet.exe -> profile=private | protocol=6 | dir=in | action=block | name=orbitnet.exe | app=c:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader\orbitdownloader\orbitnet.exe |
TCP Query User{7CD42776-45D1-4B96-B0E6-837BD359BEF8}C:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader 4.0.0.10\orbitdownloader\orbitnet.exe -> profile=private | protocol=6 | dir=in | action=block | name=orbitnet.exe | app=c:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader 4.0.0.10\orbitdownloader\orbitnet.exe |
TCP Query User{A17ABDDF-04AB-41BB-B818-24B36FC78149}C:\users\yaothehong\documents\appendical programs\mozilla firefox\firefox.exe -> profile=private | protocol=6 | dir=in | action=allow | name=firefox.exe | app=c:\users\yaothehong\documents\appendical programs\mozilla firefox\firefox.exe |
TCP Query User{BAC4F60C-CCFA-476D-948C-853327F14F5C}C:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader\orbitdownloader\orbitnet.exe -> profile=public | protocol=6 | dir=in | action=block | name=orbitnet.exe | app=c:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader\orbitdownloader\orbitnet.exe |
TCP Query User{BEE720A7-EC38-4BA2-BB7C-3B65FFB64F3F}C:\program files (x86)\internet explorer\iexplore.exe -> profile=public | protocol=6 | dir=in | action=allow | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe |
TCP Query User{C0C2948C-25CE-4F22-A096-BF42C060FDF5}C:\program files (x86)\internet explorer\iexplore.exe -> profile=private | protocol=6 | dir=in | action=allow | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe |
TCP Query User{F1E9668C-CAA0-4129-896F-E4AAB7D742BC}C:\users\ajnim\appdata\local\temp\spoon\cache\0x8f67b19608374cdb\stubexe\0x7496e8aa457f6b77\sketchup.exe -> profile=public | protocol=6 | dir=in | action=block | name=sketchup.exe | app=c:\users\ajnim\appdata\local\temp\spoon\cache\0x8f67b19608374cdb\stubexe\0x7496e8aa457f6b77\sketchup.exe |
UDP Query User{03B712D5-E2F8-41CF-B8CD-9458AA17FDF5}C:\users\ajnim\appdata\local\temp\spoon\cache\0x8f67b19608374cdb\stubexe\0x7496e8aa457f6b77\sketchup.exe -> profile=public | protocol=17 | dir=in | action=block | name=sketchup.exe | app=c:\users\ajnim\appdata\local\temp\spoon\cache\0x8f67b19608374cdb\stubexe\0x7496e8aa457f6b77\sketchup.exe |
UDP Query User{207E6FDF-AC04-4187-A6A2-AAE11E709716}C:\users\yaothehong\appdata\local\temp\spoon\cache\0x8f67b19608374cdb\stubexe\0x7496e8aa457f6b77\sketchup.exe -> profile=private | protocol=17 | dir=in | action=block | name=sketchup.exe | app=c:\users\yaothehong\appdata\local\temp\spoon\cache\0x8f67b19608374cdb\stubexe\0x7496e8aa457f6b77\sketchup.exe |
UDP Query User{58EF9EB5-08C9-42AA-8079-FD319894AF24}C:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader\orbitdownloader\orbitnet.exe -> profile=private | protocol=17 | dir=in | action=block | name=orbitnet.exe | app=c:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader\orbitdownloader\orbitnet.exe |
UDP Query User{7B0E603D-4740-400E-B4DB-7D982DD71684}C:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader\orbitdownloader\orbitnet.exe -> profile=public | protocol=17 | dir=in | action=block | name=orbitnet.exe | app=c:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader\orbitdownloader\orbitnet.exe |
UDP Query User{849D103E-E904-4AA2-B0FC-78E9C5CA17B2}C:\users\yaothehong\documents\appendical programs\mozilla firefox\firefox.exe -> profile=private | protocol=17 | dir=in | action=allow | name=firefox.exe | app=c:\users\yaothehong\documents\appendical programs\mozilla firefox\firefox.exe |
UDP Query User{9EE3C564-A7FE-4A68-8301-95CD28614D22}C:\program files (x86)\internet explorer\iexplore.exe -> profile=public | protocol=17 | dir=in | action=allow | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe |
UDP Query User{A285EC91-8A96-40F0-90AD-0BCCEBCD7048}C:\users\yaothehong\desktop\givme7\garena\garena.exe -> profile=private | protocol=17 | dir=in | action=allow | name=garena.exe | app=c:\users\yaothehong\desktop\givme7\garena\garena.exe |
UDP Query User{B56D4821-BBBC-4C96-B196-27B916154682}C:\users\yaothehong\saved games\nintendo ds emulator\desmume v.0.9.7 x86-x32 wifi capability winpcap v.4.1.2\desmume_vs2008.exe -> profile=private | protocol=17 | dir=in | action=block | name=desmume_vs2008.exe | app=c:\users\yaothehong\saved games\nintendo ds emulator\desmume v.0.9.7 x86-x32 wifi capability winpcap v.4.1.2\desmume_vs2008.exe |
UDP Query User{CC4EF418-F73F-42E0-A0C8-1F998A42DA45}C:\program files (x86)\internet explorer\iexplore.exe -> profile=private | protocol=17 | dir=in | action=allow | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe |
UDP Query User{D7A5CA6A-A8C9-41EF-9CD3-18F862CA1120}C:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader 4.0.0.10\orbitdownloader\orbitnet.exe -> profile=private | protocol=17 | dir=in | action=block | name=orbitnet.exe | app=c:\users\yaothehong\documents\appendical programs\firefox plugins\orbit downloader 4.0.0.10\orbitdownloader\orbitnet.exe |
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitdm.exe" -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitdm.exe [C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit] -> [2012/06/20 15:52:10 | 002,637,624 | ---- | M] (Orbitdownloader.com)
"C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitnet.exe" -> C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitnet.exe [C:\Users\YaoTheHong\Documents\Appendical Programs\Firefox Plugins\Orbit Downloader\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit] -> [2012/06/20 15:43:38 | 000,557,056 | ---- | M] (Orbitdownloader.com)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> C:\Windows\SysNative\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2010/11/21 11:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\Autodesk [] -> C:\Autodesk [ NTFS ] -> [2012/11/07 03:59:48 | 000,000,000 | ---D | M]
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
64bit-comfile [open] -> "%1" %* -> File not found
64bit-exefile [open] -> "%1" %* -> File not found
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
[Files/Folders - Created Within 30 Days]
PSKMAD.sys -> C:\Windows\SysNative\drivers\PSKMAD.sys -> [2013/06/29 02:05:01 | 000,058,808 | ---- | C] (Panda Security, S.L.)
Panda Cloud Antivirus -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus -> [2013/06/28 12:57:03 | 000,000,000 | ---D | C]
1 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->
[Files/Folders - Modified Within 30 Days]
Adobe Flash Player Updater.job -> C:\Windows\tasks\Adobe Flash Player Updater.job -> [2013/06/30 23:34:53 | 000,000,830 | ---- | M] ()
SystemToolsDailyTest.job -> C:\Windows\tasks\SystemToolsDailyTest.job -> [2013/06/30 23:30:00 | 000,000,422 | ---- | M] ()
GoogleUpdateTaskUserS-1-5-21-3057907370-1423405045-2432694329-1001UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3057907370-1423405045-2432694329-1001UA.job -> [2013/06/30 23:05:24 | 000,000,928 | ---- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2013/06/30 22:58:17 | 000,000,896 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2013/06/30 18:59:48 | 000,000,892 | ---- | M] ()
GoogleUpdateTaskUserS-1-5-21-3057907370-1423405045-2432694329-1001Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3057907370-1423405045-2432694329-1001Core.job -> [2013/06/30 15:06:57 | 000,000,876 | ---- | M] ()
PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2013/06/30 12:35:02 | 000,779,080 | ---- | M] ()
perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2013/06/30 12:35:02 | 000,664,544 | ---- | M] ()
perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2013/06/30 12:35:02 | 000,124,990 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2013/06/30 12:34:32 | 000,019,136 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2013/06/30 12:34:32 | 000,019,136 | ---- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2013/06/30 12:29:05 | 000,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2013/06/30 12:28:59 | 3168,043,008 | -HS- | M] ()
FNTCACHE.DAT -> C:\Windows\SysNative\FNTCACHE.DAT -> [2013/06/28 13:09:51 | 000,507,664 | ---- | M] ()
NanoRepository.bin -> C:\ProgramData\NanoRepository.bin -> [2013/06/28 00:11:05 | 000,005,488 | ---- | M] ()
NanoRepository.bin.bak -> C:\ProgramData\NanoRepository.bin.bak -> [2013/06/27 02:56:42 | 000,005,488 | ---- | M] ()
1 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->
1 C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\Icon Cache\*.tmp files -> C:\ProgramData\Microsoft\Application Virtualization Client\SoftGrid Client\Icon Cache\*.tmp ->
[Files - No Company Name]
NanoRepository.bin.bak -> C:\ProgramData\NanoRepository.bin.bak -> [2013/04/14 15:10:29 | 000,005,488 | ---- | C] ()
NanoRepository.bin -> C:\ProgramData\NanoRepository.bin -> [2013/04/14 15:10:29 | 000,005,488 | ---- | C] ()
HamsterFreeArchiver.cfg -> C:\Users\admin\AppData\Local\HamsterFreeArchiver.cfg -> [2013/04/13 12:08:34 | 000,001,610 | ---- | C] ()
0x0304A000.sfl -> C:\ProgramData\0x0304A000.sfl -> [2013/04/06 02:13:10 | 000,000,000 | ---- | C] ()
PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2013/04/04 03:30:56 | 000,764,992 | ---- | C] ()
FAIEExtension.dll -> C:\Windows\SysWow64\FAIEExtension.dll -> [2010/11/02 12:40:34 | 000,087,176 | ---- | C] ()
FAib.dll -> C:\Windows\SysWow64\FAib.dll -> [2010/11/02 12:40:30 | 000,057,480 | ---- | C] ()
FACrashRpt.dll -> C:\Windows\SysWow64\FACrashRpt.dll -> [2010/11/02 12:40:24 | 000,248,968 | ---- | C] ()
pthreadVC.dll -> C:\Windows\SysWow64\pthreadVC.dll -> [2010/06/26 01:03:12 | 000,053,299 | ---- | C] ()
BWContextHandler.dll -> C:\Windows\SysWow64\BWContextHandler.dll -> [2009/07/14 07:42:10 | 000,064,000 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/07/14 05:03:59 | 000,364,544 | ---- | C] ()
[File - Lop Check]
Autodesk -> C:\Users\admin\AppData\Roaming\Autodesk -> [2013/04/02 14:23:32 | 000,000,000 | ---D | M]
BleachBit -> C:\Users\admin\AppData\Roaming\BleachBit -> [2013/04/02 14:23:32 | 000,000,000 | ---D | M]
DAEMON Tools Lite -> C:\Users\admin\AppData\Roaming\DAEMON Tools Lite -> [2013/04/02 14:23:32 | 000,000,000 | ---D | M]
DassaultSystemes -> C:\Users\admin\AppData\Roaming\DassaultSystemes -> [2013/04/02 14:23:32 | 000,000,000 | ---D | M]
DriverCure -> C:\Users\admin\AppData\Roaming\DriverCure -> [2013/04/02 14:23:32 | 000,000,000 | ---D | M]
GlarySoft -> C:\Users\admin\AppData\Roaming\GlarySoft -> [2013/04/02 14:23:32 | 000,000,000 | ---D | M]
GrabPro -> C:\Users\admin\AppData\Roaming\GrabPro -> [2011/01/24 02:57:25 | 000,000,000 | ---D | M]
iExpert Software -> C:\Users\admin\AppData\Roaming\iExpert Software -> [2013/04/02 14:23:32 | 000,000,000 | ---D | M]
OpenCandy -> C:\Users\admin\AppData\Roaming\OpenCandy -> [2013/04/02 14:23:36 | 000,000,000 | ---D | M]
Orbit -> C:\Users\admin\AppData\Roaming\Orbit -> [2013/04/02 14:23:37 | 000,000,000 | ---D | M]
Panda Security -> C:\Users\admin\AppData\Roaming\Panda Security -> [2013/04/03 14:52:54 | 000,000,000 | ---D | M]
ParetoLogic -> C:\Users\admin\AppData\Roaming\ParetoLogic -> [2013/04/02 14:23:37 | 000,000,000 | ---D | M]
PCDr -> C:\Users\admin\AppData\Roaming\PCDr -> [2013/04/17 10:01:38 | 000,000,000 | ---D | M]
Philipp Winterberg -> C:\Users\admin\AppData\Roaming\Philipp Winterberg -> [2012/05/01 23:50:39 | 000,000,000 | ---D | M]
ProgSense -> C:\Users\admin\AppData\Roaming\ProgSense -> [2013/04/02 14:23:37 | 000,000,000 | ---D | M]
SoftGrid Client -> C:\Users\admin\AppData\Roaming\SoftGrid Client -> [2013/04/02 14:23:37 | 000,000,000 | ---D | M]
TP -> C:\Users\admin\AppData\Roaming\TP -> [2011/01/22 18:59:39 | 000,000,000 | ---D | M]
TuneUp Software -> C:\Users\admin\AppData\Roaming\TuneUp Software -> [2013/04/02 14:23:37 | 000,000,000 | ---D | M]
Orbit -> C:\Users\Ajnim\AppData\Roaming\Orbit -> [2013/04/02 14:11:24 | 000,000,000 | ---D | M]
ProgSense -> C:\Users\Ajnim\AppData\Roaming\ProgSense -> [2013/04/02 14:11:25 | 000,000,000 | ---D | M]
SoftGrid Client -> C:\Users\Ajnim\AppData\Roaming\SoftGrid Client -> [2013/04/02 14:11:25 | 000,000,000 | ---D | M]
TuneUp Software -> C:\Users\Ajnim\AppData\Roaming\TuneUp Software -> [2013/04/02 14:11:25 | 000,000,000 | ---D | M]
AnvSoft -> C:\Users\YaoTheHong\AppData\Roaming\AnvSoft -> [2013/04/02 14:14:54 | 000,000,000 | ---D | M]
Audacity -> C:\Users\YaoTheHong\AppData\Roaming\Audacity -> [2013/04/02 14:14:54 | 000,000,000 | ---D | M]
Autodesk -> C:\Users\YaoTheHong\AppData\Roaming\Autodesk -> [2013/04/02 14:15:10 | 000,000,000 | ---D | M]
BleachBit -> C:\Users\YaoTheHong\AppData\Roaming\BleachBit -> [2013/04/02 14:15:10 | 000,000,000 | ---D | M]
com.prezi.PreziDesktop -> C:\Users\YaoTheHong\AppData\Roaming\com.prezi.PreziDesktop -> [2013/04/02 14:15:10 | 000,000,000 | ---D | M]
DAEMON Tools Lite -> C:\Users\YaoTheHong\AppData\Roaming\DAEMON Tools Lite -> [2013/06/27 01:36:51 | 000,000,000 | ---D | M]
Gizmo -> C:\Users\YaoTheHong\AppData\Roaming\Gizmo -> [2013/04/02 14:15:18 | 000,000,000 | ---D | M]
GrabPro -> C:\Users\YaoTheHong\AppData\Roaming\GrabPro -> [2013/04/02 14:15:18 | 000,000,000 | ---D | M]
Orbit -> C:\Users\YaoTheHong\AppData\Roaming\Orbit -> [2013/06/16 02:50:24 | 000,000,000 | ---D | M]
Panda Security -> C:\Users\YaoTheHong\AppData\Roaming\Panda Security -> [2013/04/02 14:16:11 | 000,000,000 | ---D | M]
Philipp Winterberg -> C:\Users\YaoTheHong\AppData\Roaming\Philipp Winterberg -> [2013/04/02 14:16:11 | 000,000,000 | ---D | M]
ProgSense -> C:\Users\YaoTheHong\AppData\Roaming\ProgSense -> [2013/04/02 14:16:12 | 000,000,000 | ---D | M]
QuickScan -> C:\Users\YaoTheHong\AppData\Roaming\QuickScan -> [2013/06/29 02:34:28 | 000,000,000 | ---D | M]
SoftGrid Client -> C:\Users\YaoTheHong\AppData\Roaming\SoftGrid Client -> [2013/04/02 14:16:13 | 000,000,000 | ---D | M]
Windows Live Writer -> C:\Users\YaoTheHong\AppData\Roaming\Windows Live Writer -> [2013/05/15 00:06:23 | 000,000,000 | ---D | M]
PCDoctorBackgroundMonitorTask.job -> C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job -> [2013/04/08 04:00:00 | 000,000,564 | ---- | M] ()
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2013/06/27 00:58:24 | 000,029,916 | ---- | M] ()
SystemToolsDailyTest.job -> C:\Windows\Tasks\SystemToolsDailyTest.job -> [2013/06/30 23:30:00 | 000,000,422 | ---- | M] ()
[File - Purity Scan]
< End of report >