First of all thank you for taking the time to help me.
OTL.txt
OTL logfile created on: 8/6/2013 1:20:34 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mars\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.68 Gb Total Physical Memory | 2.47 Gb Available Physical Memory | 67.07% Memory free
7.36 Gb Paging File | 5.40 Gb Available in Paging File | 73.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.66 Gb Total Space | 403.33 Gb Free Space | 90.10% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 70.34 Mb Free Space | 70.34% Space Free | Partition Type: NTFS
Drive F: | 447.66 Gb Total Space | 24.59 Gb Free Space | 5.49% Space Free | Partition Type: NTFS
Computer Name: MARS-PC | User Name: Mars | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/08/05 16:50:30 | 001,130,576 | ---- | M] (BitTorrent Inc.) -- C:\Users\Mars\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/08/02 14:57:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mars\Desktop\OTL.exe
PRC - [2013/08/01 22:36:51 | 000,096,056 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013/07/26 09:57:54 | 000,101,888 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2013/07/20 14:23:34 | 001,206,624 | ---- | M] (TorchMedia Inc.) -- C:\Users\Mars\AppData\Local\Torch\Update\TorchCrashHandler.exe
PRC - [2013/06/19 23:13:16 | 002,445,304 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2013/06/19 22:41:38 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2011/03/31 08:38:38 | 000,416,848 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011/03/31 08:38:36 | 000,352,848 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011/03/31 08:38:36 | 000,334,416 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011/03/31 08:38:34 | 001,092,688 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/22 13:02:16 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2011/02/22 13:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2011/02/18 19:21:22 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
PRC - [2011/02/15 14:36:10 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/02/15 14:35:34 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/09/27 22:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010/09/17 19:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/09/17 19:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/04/13 12:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 12:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/18 00:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 00:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
========== Modules (No Company Name) ========== MOD - [2013/07/23 20:56:50 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll
MOD - [2013/07/23 20:56:49 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013/07/23 20:56:46 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\45e4072bdc78b50abd6a5f28386e8153\IAStorUtil.ni.dll
MOD - [2013/07/23 20:56:43 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013/07/23 20:56:36 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013/07/23 20:56:30 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\bda7430e393758ce03bd26509f5a8762\System.Xml.ni.dll
MOD - [2013/07/23 20:56:26 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013/07/23 20:56:24 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/23 20:56:18 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2011/02/22 13:01:38 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2011/02/22 13:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MOD - [2011/02/15 14:37:10 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
========== Services (SafeList) ========== SRV:
64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2013/05/23 16:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:
64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:
64bit: - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:
64bit: - [2011/02/23 00:00:46 | 000,873,064 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:
64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/08/01 23:09:44 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/26 09:57:54 | 000,101,888 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/07/23 01:49:53 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/07/20 14:23:34 | 001,206,624 | ---- | M] (TorchMedia Inc.) [Auto | Running] -- C:\Users\Mars\AppData\Local\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - [2013/06/19 23:13:16 | 002,445,304 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2013/06/18 03:34:34 | 000,054,160 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2013/05/22 10:24:02 | 000,120,592 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/03/31 08:38:36 | 000,352,848 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/03/02 00:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/15 14:36:10 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/27 21:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/06/01 18:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/04/13 12:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 00:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 00:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/08/01 22:35:59 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:
64bit: - [2013/08/01 22:35:59 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:
64bit: - [2013/08/01 22:35:59 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:
64bit: - [2013/06/13 16:34:16 | 000,451,096 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:
64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:
64bit: - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:
64bit: - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:
64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:
64bit: - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:
64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/01/10 22:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2011/04/19 00:51:36 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:
64bit: - [2011/04/19 00:51:36 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:
64bit: - [2011/04/19 00:51:36 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:
64bit: - [2011/03/17 05:42:38 | 002,712,064 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/03/10 00:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:
64bit: - [2011/03/10 00:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:
64bit: - [2011/03/01 10:33:16 | 004,720,704 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:
64bit: - [2011/01/17 18:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:
64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/10/08 06:32:28 | 001,395,248 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2010/09/21 21:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:
64bit: - [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:
64bit: - [2010/04/13 12:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2010/02/26 19:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:
64bit: - [2009/12/02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:
64bit: - [2009/12/02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:
64bit: - [2009/12/02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:
64bit: - [2009/12/02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:
64bit: - [2009/09/17 01:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:
64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...rc=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3905402568-11843471-3572921917-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://acer.msn.comIE - HKU\S-1-5-21-3905402568-11843471-3572921917-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://acer.msn.comIE - HKU\S-1-5-21-3905402568-11843471-3572921917-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3905402568-11843471-3572921917-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3905402568-11843471-3572921917-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/07/23 23:52:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013/07/28 18:04:34 | 000,000,000 | ---D | M]
========== Chrome ========== CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url =
http://www.bing.com/...rc=IE-SearchBoxCHR - default_search_provider: suggest_url =
http://api.bing.com/...=U019&dt=072813CHR - homepage:
http://www.msn.com/?...19DHP&dt=072813CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Mars\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Mars\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Mars\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Mars\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: SiteAdvisor = C:\Users\Mars\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1\
CHR - Extension: avast! Online Security = C:\Users\Mars\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Freemake Video Converter = C:\Users\Mars\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: Torch Share = C:\Users\Mars\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3604_0\
CHR - Extension: Gmail = C:\Users\Mars\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:
64bit: - BHO: (avast! EasyPass Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (AVAST Software)
O2:
64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (avast! EasyPass Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:
64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:
64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:
64bit: - HKLM\..\Toolbar: (avast! EasyPass Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (AVAST Software)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! EasyPass Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3905402568-11843471-3572921917-1000..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-21-3905402568-11843471-3572921917-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-3905402568-11843471-3572921917-1000..\Run: [uTorrent] C:\Users\Mars\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3905402568-11843471-3572921917-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:
64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:
64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:
64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:
64bit: - Extra context menu item: Show avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:
64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (AVAST Software)
O9:
64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (AVAST Software)
O9:
64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (AVAST Software)
O9:
64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (AVAST Software)
O9:
64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (AVAST Software)
O9:
64bit: - Extra 'Tools' menuitem : Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (AVAST Software)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra 'Tools' menuitem : Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A628AEC7-B29E-4539-B31B-F5752705852B}: DhcpNameServer = 192.168.1.1
O18:
64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2013/08/05 16:49:53 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\uTorrent
[2013/08/03 21:14:30 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Mars\Desktop\aswMBR.exe
[2013/08/02 17:03:43 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\FFP
[2013/08/02 14:57:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mars\Desktop\OTL.exe
[2013/08/02 01:09:46 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\SUPERAntiSpyware.com
[2013/08/02 01:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/08/02 01:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/08/02 01:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/08/01 23:09:42 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/08/01 23:09:42 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/08/01 23:09:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/08/01 22:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2013/08/01 22:40:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2013/08/01 22:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2013/08/01 22:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2013/08/01 22:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! EasyPass
[2013/08/01 22:37:03 | 000,000,000 | ---D | C] -- C:\Users\Mars\Documents\My Avast EasyPass Data
[2013/08/01 22:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2013/08/01 22:35:32 | 000,378,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/08/01 22:35:32 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/08/01 22:35:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/08/01 22:35:31 | 000,072,016 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/08/01 22:35:31 | 000,064,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/08/01 22:35:30 | 001,030,952 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/08/01 22:35:27 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/08/01 22:35:27 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/08/01 22:34:32 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/08/01 22:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/08/01 22:33:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/07/29 22:06:50 | 000,000,000 | ---D | C] -- C:\Users\Mars\Documents\Calibre Library
[2013/07/29 22:06:49 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\calibre
[2013/07/29 22:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Calibre2
[2013/07/29 22:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
[2013/07/28 18:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TorchCrashHandler
[2013/07/28 18:58:54 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2013/07/28 18:58:54 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2013/07/28 18:58:54 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCFR.DLL
[2013/07/28 18:58:54 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6FR.DLL
[2013/07/28 18:58:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL
[2013/07/28 18:58:54 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CMDLGFR.DLL
[2013/07/28 18:58:54 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\TFP
[2013/07/28 18:58:43 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
[2013/07/28 18:51:45 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Torch
[2013/07/28 18:19:10 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\FreemakeVideoConverter
[2013/07/28 18:04:41 | 000,000,000 | ---D | C] -- C:\Users\Mars\Documents\Freemake
[2013/07/28 18:04:36 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
[2013/07/28 18:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
[2013/07/28 18:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2013/07/28 18:04:14 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\OpenCandy
[2013/07/28 18:04:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2013/07/28 17:58:08 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Programs
[2013/07/23 18:02:45 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/07/23 18:02:45 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/07/23 18:02:34 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2013/07/23 18:02:33 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2013/07/23 18:02:33 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013/07/23 18:02:33 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2013/07/23 18:02:33 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2013/07/23 18:02:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2013/07/23 18:02:33 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2013/07/23 18:01:59 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/07/23 15:48:45 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\TP
[2013/07/23 14:40:51 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Adobe_Systems_Incorporate
[2013/07/23 14:40:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2013/07/23 14:40:30 | 000,000,000 | ---D | C] -- C:\Users\Mars\Documents\My Digital Editions
[2013/07/23 11:11:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/07/23 02:43:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/07/23 02:33:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/07/23 02:33:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/07/23 02:33:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/07/23 02:33:08 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/07/23 02:33:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013/07/23 02:33:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/07/23 02:33:07 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/07/23 02:33:07 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/07/23 02:33:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/07/23 02:33:06 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/07/23 02:33:06 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/07/23 02:33:06 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/07/23 02:33:06 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/07/23 02:33:06 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/07/23 02:33:06 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/07/23 02:33:06 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/07/23 02:33:06 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/07/23 02:33:06 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/07/23 02:33:06 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/07/23 02:33:06 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/07/23 02:33:06 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/07/23 02:33:06 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/07/23 02:33:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/07/23 02:33:05 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/07/23 02:33:05 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/07/23 02:31:05 | 000,000,000 | ---D | C] -- C:\Windows\NAPP_Dism_Log
[2013/07/23 02:27:10 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/07/23 02:26:49 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/07/23 02:26:45 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/07/23 02:26:45 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/07/23 02:11:28 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/23 02:11:28 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/07/23 02:11:28 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/07/23 02:11:28 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/07/23 02:11:28 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/07/23 02:11:28 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/07/23 02:11:28 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/07/23 02:11:28 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/23 02:11:28 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/07/23 02:11:28 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/07/23 02:11:28 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/23 02:11:28 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/07/23 02:11:28 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/23 02:11:28 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/07/23 02:11:28 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/23 02:11:28 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/07/23 02:11:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/07/23 02:11:28 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/23 02:11:28 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/07/23 02:11:28 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/07/23 02:11:28 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/07/23 02:11:28 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/07/23 02:11:28 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/07/23 02:11:28 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/07/23 02:11:28 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/07/23 02:11:28 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/07/23 02:11:28 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/07/23 02:11:28 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/07/23 02:11:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/07/23 02:11:28 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/07/23 02:11:28 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/07/23 02:11:28 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/07/23 02:11:28 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/07/23 02:11:28 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/07/23 02:11:28 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/23 02:11:28 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/07/23 02:11:28 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/07/23 02:11:28 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/07/23 02:11:28 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/07/23 02:11:28 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/07/23 02:11:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/23 02:11:28 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/07/23 02:11:28 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/07/23 02:11:28 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/07/23 02:11:28 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/23 02:11:28 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/07/23 02:11:28 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/07/23 02:11:28 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/07/23 02:11:28 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/07/23 02:11:28 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/07/23 02:11:28 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/23 02:11:28 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/07/23 02:11:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/23 02:11:28 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/07/23 02:11:28 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/07/23 02:11:28 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/23 02:11:28 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/07/23 02:11:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/23 02:11:28 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/07/23 02:11:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/07/23 02:11:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/07/23 02:11:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/23 02:11:28 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/23 02:11:28 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/07/23 02:11:28 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/07/23 02:11:28 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/07/23 02:11:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/07/23 02:11:28 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/07/23 02:08:14 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/07/23 02:08:14 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/07/23 02:08:14 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/07/23 02:08:14 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/07/23 02:08:14 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/07/23 02:08:14 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/07/23 02:08:14 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/07/23 02:08:14 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/07/23 02:08:14 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/07/23 02:08:14 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/07/23 02:08:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/07/23 02:08:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/07/23 02:08:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/07/23 02:08:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/07/23 02:08:14 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/07/23 02:08:13 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/07/23 02:08:13 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/07/23 02:08:13 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/07/23 02:08:13 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/07/23 02:08:13 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/07/23 02:08:13 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/07/23 02:08:13 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/07/23 02:08:13 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/07/23 02:08:13 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/07/23 02:08:13 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/07/23 02:08:13 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/07/23 02:08:13 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/07/23 02:08:13 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/07/23 02:08:13 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/07/23 02:07:24 | 000,000,000 | ---D | C] -- C:\Users\Mars\Documents\Youcam
[2013/07/23 02:05:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/07/23 02:05:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/07/23 01:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barnes & Noble
[2013/07/23 01:58:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Barnes & Noble
[2013/07/23 01:58:29 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
[2013/07/23 01:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\CLSK
[2013/07/23 01:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2013/07/23 01:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013/07/23 01:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013/07/23 01:51:54 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clear.fi
[2013/07/23 01:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\NTI Launcher
[2013/07/23 01:51:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
[2013/07/23 01:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2013/07/23 01:49:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2013/07/23 01:48:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/07/23 01:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AUPEO!
[2013/07/23 01:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013/07/23 01:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/07/23 01:42:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager
[2013/07/23 01:40:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2013/07/23 01:40:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2013/07/23 01:38:41 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/07/23 01:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\EgisTec
[2013/07/23 01:37:32 | 000,000,000 | ---D | C] -- C:\book
[2013/07/23 01:37:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
[2013/07/23 01:34:02 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/07/23 00:57:58 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/07/23 00:57:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/07/23 00:46:57 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/07/23 00:46:57 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/07/23 00:46:57 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/07/23 00:46:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/07/23 00:45:53 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/07/23 00:45:52 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/07/23 00:45:52 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/07/23 00:45:52 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/07/23 00:42:25 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/07/23 00:42:25 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013/07/23 00:39:18 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2013/07/23 00:39:13 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013/07/23 00:39:13 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013/07/23 00:39:13 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013/07/23 00:39:13 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013/07/23 00:39:13 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013/07/23 00:39:13 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013/07/23 00:39:13 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013/07/23 00:39:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013/07/23 00:39:13 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013/07/23 00:39:13 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013/07/23 00:39:13 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013/07/23 00:39:13 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013/07/23 00:39:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013/07/23 00:39:09 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013/07/23 00:39:09 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013/07/23 00:39:04 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2013/07/23 00:39:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013/07/23 00:38:48 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013/07/23 00:38:48 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013/07/23 00:38:47 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013/07/23 00:38:33 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/07/23 00:38:33 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/07/23 00:38:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/07/23 00:38:33 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/07/23 00:37:35 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013/07/23 00:37:35 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013/07/23 00:37:34 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/07/23 00:37:07 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013/07/23 00:37:07 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/07/23 00:37:06 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/07/23 00:37:06 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/07/23 00:37:03 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2013/07/23 00:37:03 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2013/07/23 00:37:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2013/07/23 00:37:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2013/07/23 00:37:03 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2013/07/23 00:37:03 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2013/07/23 00:37:03 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2013/07/23 00:37:03 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2013/07/23 00:37:03 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2013/07/23 00:37:01 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/07/23 00:37:01 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/07/23 00:36:40 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/07/23 00:36:39 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/07/23 00:36:39 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/07/23 00:36:39 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/07/23 00:36:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/07/23 00:36:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/07/23 00:36:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/07/23 00:36:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/07/23 00:36:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/07/23 00:36:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/07/23 00:36:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/23 00:36:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/23 00:36:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/07/23 00:36:38 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/07/23 00:36:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/07/23 00:36:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/07/23 00:36:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/07/23 00:36:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/07/23 00:36:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/07/23 00:36:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/07/23 00:36:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/07/23 00:36:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/07/23 00:36:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/07/23 00:36:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/07/23 00:36:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/07/23 00:36:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/07/23 00:36:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/07/23 00:36:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/07/23 00:36:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/07/23 00:36:10 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/07/23 00:36:09 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/07/23 00:35:36 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/07/23 00:35:36 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/07/23 00:35:36 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/07/23 00:35:36 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/07/23 00:35:36 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/07/23 00:35:36 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/07/23 00:35:36 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/07/23 00:35:36 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/07/23 00:35:36 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/07/23 00:35:36 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/07/23 00:35:36 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/07/23 00:35:36 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/07/23 00:35:36 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/07/23 00:35:36 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/07/23 00:35:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/07/23 00:35:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/07/23 00:35:36 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/07/23 00:35:36 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/07/23 00:35:35 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/07/23 00:35:35 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/07/23 00:35:35 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/07/23 00:35:35 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/07/23 00:35:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/07/23 00:35:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/07/23 00:35:34 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/07/23 00:35:34 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/07/23 00:35:34 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/07/23 00:35:34 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/07/23 00:35:34 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/07/23 00:35:34 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/07/23 00:35:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/07/23 00:35:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/07/23 00:33:38 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/07/23 00:33:38 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/07/23 00:33:38 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/07/23 00:33:38 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/07/23 00:33:38 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/07/23 00:33:38 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/07/23 00:33:24 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2013/07/23 00:33:24 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2013/07/23 00:33:16 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/07/23 00:33:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/07/23 00:33:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/07/23 00:33:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/07/23 00:33:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/07/23 00:33:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/07/23 00:33:09 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013/07/23 00:33:09 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013/07/23 00:33:09 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013/07/23 00:33:09 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013/07/23 00:33:09 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013/07/23 00:33:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013/07/23 00:33:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013/07/23 00:32:57 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013/07/23 00:32:57 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013/07/23 00:32:57 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013/07/23 00:32:57 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013/07/23 00:32:57 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2013/07/23 00:32:57 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2013/07/23 00:32:57 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2013/07/23 00:32:54 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2013/07/23 00:32:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/07/23 00:32:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/07/23 00:32:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/07/23 00:32:40 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013/07/23 00:32:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013/07/23 00:32:24 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/07/23 00:32:15 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013/07/23 00:32:13 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2013/07/23 00:32:12 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013/07/23 00:32:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2013/07/23 00:32:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2013/07/23 00:32:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2013/07/23 00:32:09 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2013/07/23 00:31:52 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013/07/23 00:31:52 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013/07/23 00:31:51 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013/07/23 00:31:51 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013/07/23 00:31:50 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2013/07/23 00:31:50 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013/07/23 00:31:50 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2013/07/23 00:31:49 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/07/23 00:31:46 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/07/23 00:31:45 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/07/23 00:30:24 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2013/07/23 00:30:24 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013/07/23 00:29:25 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2013/07/23 00:29:24 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/07/23 00:29:24 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/07/23 00:29:20 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/07/23 00:29:20 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/07/23 00:29:16 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2013/07/23 00:29:16 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2013/07/23 00:29:16 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2013/07/23 00:29:16 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2013/07/23 00:29:11 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2013/07/23 00:29:11 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013/07/23 00:29:11 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2013/07/23 00:29:11 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013/07/23 00:29:06 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/07/23 00:29:05 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/07/23 00:29:05 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/07/23 00:29:05 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/07/23 00:29:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/07/23 00:29:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013/07/23 00:29:02 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/23 00:29:02 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/23 00:29:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2013/07/23 00:29:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2013/07/23 00:28:59 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/07/23 00:28:54 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013/07/23 00:28:54 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013/07/23 00:28:52 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2013/07/23 00:28:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2013/07/23 00:28:49 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/07/23 00:28:47 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2013/07/23 00:28:46 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/07/23 00:28:46 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2013/07/23 00:28:44 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2013/07/23 00:28:42 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/07/23 00:28:24 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2013/07/23 00:28:24 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2013/07/23 00:28:23 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2013/07/23 00:28:22 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013/07/23 00:28:22 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2013/07/23 00:28:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2013/07/23 00:28:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2013/07/23 00:09:38 | 000,000,000 | ---D | C] -- C:\ProgramData\clear.fi
[2013/07/22 23:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/07/22 23:40:16 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013/07/22 23:40:16 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013/07/22 23:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/07/22 23:38:01 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Google
[2013/07/22 23:37:01 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Deployment
[2013/07/22 23:37:01 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Apps
[2013/07/22 23:28:26 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\EgisTec IPS
[2013/07/22 23:27:31 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013/07/22 23:27:30 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/07/22 23:27:30 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/07/22 23:27:24 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/07/22 23:27:24 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/07/22 23:27:24 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013/07/22 23:27:15 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/07/22 23:27:15 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/07/22 23:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2013/07/22 23:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM_E471269A730D
[2013/07/22 23:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Times Reader
[2013/07/22 23:24:57 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\CyberLink
[2013/07/22 23:24:57 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Acer
[2013/07/22 23:24:51 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\PowerCinema
[2013/07/22 23:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
[2013/07/22 23:24:32 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\VirtualStore
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\AppData\Local\Temporary Internet Files
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\Templates
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\Start Menu
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\SendTo
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\Recent
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\PrintHood
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\NetHood
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\Documents\My Videos
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\Documents\My Pictures
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\Documents\My Music
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\My Documents
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\Local Settings
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\AppData\Local\History
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\Cookies
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\Application Data
[2013/07/22 23:24:20 | 000,000,000 | -HSD | C] -- C:\Users\Mars\AppData\Local\Application Data
[2013/07/22 23:24:17 | 000,000,000 | --SD | C] -- C:\Users\Mars\AppData\Roaming\Microsoft
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Videos
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Searches
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Saved Games
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Pictures
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Music
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Links
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Favorites
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Downloads
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Documents
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Desktop
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\Contacts
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/07/22 23:24:17 | 000,000,000 | R--D | C] -- C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/07/22 23:24:17 | 000,000,000 | -H-D | C] -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/07/22 23:24:17 | 000,000,000 | -H-D | C] -- C:\Users\Mars\AppData
[2013/07/22 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Windows Live
[2013/07/22 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Temp
[2013/07/22 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Microsoft
[2013/07/22 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\Macromedia
[2013/07/22 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\Intel Corporation
[2013/07/22 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\InstallShield
[2013/07/22 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\Identities
[2013/07/22 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Downloaded Installations
[2013/07/22 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Roaming\Adobe
[2013/07/22 23:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mars\AppData\Local\Adobe
[2013/07/22 23:24:04 | 000,000,000 | -HSD | C] -- C:\Recovery
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/08/06 01:14:18 | 000,001,037 | ---- | M] () -- C:\Users\Mars\Documents\instruction to finish scan.rtf
[2013/08/06 01:10:03 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 6c3cdca8-ce8e-4736-bd73-56f9e5dcea2c.job
[2013/08/06 01:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/06 00:43:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/05 23:43:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/05 23:21:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/05 20:53:25 | 000,727,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/05 20:53:25 | 000,624,622 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/05 20:53:25 | 000,106,708 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/05 16:50:31 | 000,000,816 | ---- | M] () -- C:\Users\Mars\Desktop\µTorrent.lnk
[2013/08/05 16:50:31 | 000,000,796 | ---- | M] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/08/05 03:26:41 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a8271c96-c82f-4c9e-af98-08c6300f2585.job
[2013/08/03 21:57:08 | 000,000,512 | ---- | M] () -- C:\Users\Mars\Desktop\MBR.dat
[2013/08/03 21:39:47 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Mars\Desktop\aswMBR.exe
[2013/08/03 13:53:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/08/03 13:20:44 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/03 13:20:44 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/03 13:12:37 | 2962,255,872 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/02 14:57:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mars\Desktop\OTL.exe
[2013/08/02 01:09:26 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/08/01 23:09:42 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/08/01 23:09:42 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/08/01 22:47:52 | 000,417,513 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2013/08/01 22:46:52 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2013/08/01 22:35:59 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/08/01 22:35:59 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/08/01 22:35:59 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/08/01 22:35:59 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013/08/01 22:35:59 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013/08/01 22:35:59 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013/08/01 22:35:32 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/08/01 22:35:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/08/01 15:13:52 | 000,000,675 | ---- | M] () -- C:\Users\Mars\Documents\Document.rtf
[2013/07/31 06:21:13 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/30 01:46:25 | 000,000,289 | ---- | M] () -- C:\Users\Mars\Documents\A touch of heaven review.rtf
[2013/07/29 22:05:21 | 000,000,964 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2013/07/29 10:35:04 | 000,002,138 | ---- | M] () -- C:\Users\Mars\Desktop\Facebook.lnk
[2013/07/29 10:35:04 | 000,002,136 | ---- | M] () -- C:\Users\Mars\Desktop\Youtube.lnk
[2013/07/29 10:35:04 | 000,001,335 | ---- | M] () -- C:\Users\Mars\Desktop\Torch.lnk
[2013/07/29 10:34:39 | 000,001,139 | ---- | M] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
[2013/07/28 18:04:36 | 000,001,324 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2013/07/23 15:49:09 | 000,743,534 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/07/23 14:40:36 | 000,002,244 | ---- | M] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 2.0.lnk
[2013/07/23 14:40:36 | 000,002,220 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk
[2013/07/23 02:31:05 | 000,011,453 | ---- | M] () -- C:\Windows\ChangeLang_Done.tag
[2013/07/23 02:20:55 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/07/23 02:20:55 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/07/23 02:11:28 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/23 02:11:28 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/07/23 02:11:28 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/07/23 02:11:28 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/07/23 02:11:28 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/07/23 02:11:28 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/07/23 02:11:28 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/07/23 02:11:28 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/23 02:11:28 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/07/23 02:11:28 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/07/23 02:11:28 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/23 02:11:28 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/07/23 02:11:28 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/23 02:11:28 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/07/23 02:11:28 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/23 02:11:28 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/07/23 02:11:28 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/07/23 02:11:28 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/23 02:11:28 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/07/23 02:11:28 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/07/23 02:11:28 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/07/23 02:11:28 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/07/23 02:11:28 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/07/23 02:11:28 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/07/23 02:11:28 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/07/23 02:11:28 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/07/23 02:11:28 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/07/23 02:11:28 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/07/23 02:11:28 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/07/23 02:11:28 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/07/23 02:11:28 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/07/23 02:11:28 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/07/23 02:11:28 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/07/23 02:11:28 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/07/23 02:11:28 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/23 02:11:28 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/07/23 02:11:28 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/07/23 02:11:28 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/07/23 02:11:28 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/07/23 02:11:28 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/07/23 02:11:28 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/23 02:11:28 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/07/23 02:11:28 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/07/23 02:11:28 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/07/23 02:11:28 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/23 02:11:28 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/07/23 02:11:28 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/07/23 02:11:28 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/07/23 02:11:28 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/07/23 02:11:28 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/07/23 02:11:28 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/23 02:11:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/07/23 02:11:28 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/23 02:11:28 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/07/23 02:11:28 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/07/23 02:11:28 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/23 02:11:28 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/07/23 02:11:28 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/23 02:11:28 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/07/23 02:11:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/07/23 02:11:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/07/23 02:11:28 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/23 02:11:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/23 02:11:28 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/07/23 02:11:28 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/07/23 02:11:28 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/07/23 02:11:28 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/07/23 02:11:28 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/07/23 02:11:28 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/07/23 02:11:28 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/07/23 02:08:14 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/07/23 02:08:14 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/07/23 02:08:14 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/07/23 02:08:14 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/07/23 02:08:14 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/07/23 02:08:14 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/07/23 02:08:14 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/07/23 02:08:14 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/07/23 02:08:14 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/07/23 02:08:14 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/07/23 02:08:14 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/07/23 02:08:14 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/07/23 02:08:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/07/23 02:08:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/07/23 02:08:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/07/23 02:08:14 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/07/23 02:08:14 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/07/23 02:08:13 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/07/23 02:08:13 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/07/23 02:08:13 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/07/23 02:08:13 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/07/23 02:08:13 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/07/23 02:08:13 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/07/23 02:08:13 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/07/23 02:08:13 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/07/23 02:08:13 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/07/23 02:08:13 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/07/23 02:08:13 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/07/23 02:08:13 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/07/23 02:08:13 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/07/23 01:58:40 | 000,001,208 | ---- | M] () -- C:\Users\Public\Desktop\NOOK for PC.lnk
[2013/07/23 01:56:38 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\clear.fi.lnk
[2013/07/23 01:54:16 | 000,282,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/23 01:52:49 | 000,000,017 | ---- | M] () -- C:\Windows\ClearFi.tag
[2013/07/23 01:51:27 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTILiveUpdateV9.dll
[2013/07/23 01:49:53 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTIMMV9REGET.dll
[2013/07/23 01:49:53 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTIMMV9Acer.dll
[2013/07/23 01:47:08 | 000,015,762 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2013/07/23 01:44:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/07/23 01:42:58 | 000,000,184 | ---- | M] () -- C:\Windows\LMv4.UNI
[2013/07/23 00:08:30 | 000,002,283 | ---- | M] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/22 23:29:58 | 000,001,441 | ---- | M] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/07/22 23:26:57 | 000,002,609 | ---- | M] () -- C:\Users\Public\Desktop\eBay.lnk
[2013/07/22 23:26:47 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\Netflix.lnk
[2013/07/22 23:26:34 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\Times Reader.lnk
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/08/06 01:14:03 | 000,001,037 | ---- | C] () -- C:\Users\Mars\Documents\instruction to finish scan.rtf
[2013/08/05 16:50:31 | 000,000,816 | ---- | C] () -- C:\Users\Mars\Desktop\µTorrent.lnk
[2013/08/05 16:50:31 | 000,000,796 | ---- | C] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/08/04 01:37:09 | 005,554,323 | ---- | C] () -- C:\Users\Mars\Desktop\Christ the Healer By FF Bosworth.pdf
[2013/08/04 01:36:05 | 001,692,820 | ---- | C] () -- C:\Users\Mars\Desktop\Cant You Talk Louder God.pdf
[2013/08/04 01:34:46 | 000,929,060 | ---- | C] () -- C:\Users\Mars\Desktop\BIBLICAL_MEDITATIONedited[etowns].pdf
[2013/08/04 01:30:32 | 012,998,003 | ---- | C] () -- C:\Users\Mars\Desktop\54-the_amazing_results_of_positivethinking.pdf
[2013/08/04 01:26:36 | 002,454,607 | ---- | C] () -- C:\Users\Mars\Desktop\THE PROPHET'S DICTIONARY by Paula A Price.pdf
[2013/08/04 01:26:14 | 012,939,786 | ---- | C] () -- C:\Users\Mars\Desktop\SMITH WIGGLESWORTH ON PRAYER, POWER AND MIRACLES.pdf
[2013/08/04 01:25:59 | 000,227,638 | ---- | C] () -- C:\Users\Mars\Desktop\Smith_WigglesworthFaith_That_Prevails.pdf
[2013/08/04 01:25:46 | 009,440,017 | ---- | C] () -- C:\Users\Mars\Desktop\smiths-bible-dictionary.pdf
[2013/08/03 21:57:08 | 000,000,512 | ---- | C] () -- C:\Users\Mars\Desktop\MBR.dat
[2013/08/03 13:53:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/08/02 16:16:20 | 005,286,811 | ---- | C] () -- C:\Users\Mars\Documents\Transforming Grace_ Living Confidently i - Gerald Bridges;Jerry Bridges.pdf
[2013/08/02 16:16:20 | 003,265,589 | ---- | C] () -- C:\Users\Mars\Documents\Understanding bible Mysteries.pdf
[2013/08/02 16:16:20 | 001,289,251 | ---- | C] () -- C:\Users\Mars\Documents\Time to Defeat the Devil_ Strategies to - Pierce, Chuck D_.pdf
[2013/08/02 16:16:20 | 001,268,727 | ---- | C] () -- C:\Users\Mars\Documents\TuneInToTheVoiceOfGod_ebook(2).pdf
[2013/08/02 16:16:20 | 001,127,643 | ---- | C] () -- C:\Users\Mars\Documents\Transform Your Thinking, Transform Your - Winston, Bill.pdf
[2013/08/02 16:16:20 | 001,127,613 | ---- | C] () -- C:\Users\Mars\Documents\Wading.pdf
[2013/08/02 16:16:20 | 000,432,289 | ---- | C] () -- C:\Users\Mars\Documents\Tongues - King, Patricia.pdf
[2013/08/02 16:16:20 | 000,378,451 | ---- | C] () -- C:\Users\Mars\Documents\The_Laws_of_Prosperity-.pdf
[2013/08/02 16:16:20 | 000,378,451 | ---- | C] () -- C:\Users\Mars\Documents\The_Laws_of_Prosperity- - Copy.pdf
[2013/08/02 16:16:20 | 000,111,199 | ---- | C] () -- C:\Users\Mars\Documents\The-Four-Realms-of-Riches.pdf
[2013/08/02 16:16:20 | 000,047,211 | ---- | C] () -- C:\Users\Mars\Documents\TIKE201207freeshots.pdf
[2013/08/02 16:16:19 | 003,043,982 | ---- | C] () -- C:\Users\Mars\Documents\The Future Of Worship.pdf
[2013/08/02 16:16:19 | 002,611,035 | ---- | C] () -- C:\Users\Mars\Documents\The Seer Expanded Edition_ The Prophetic - Goll, James W_.pdf
[2013/08/02 16:16:19 | 002,597,714 | ---- | C] () -- C:\Users\Mars\Documents\The Frontier Boys 9780768488494.pdf
[2013/08/02 16:16:19 | 002,551,829 | ---- | C] () -- C:\Users\Mars\Documents\The Life Giver - Copy.pdf
[2013/08/02 16:16:19 | 002,474,695 | ---- | C] () -- C:\Users\Mars\Documents\The Voice How We Can Participate How We should Respond.pdf
[2013/08/02 16:16:19 | 002,243,280 | ---- | C] () -- C:\Users\Mars\Documents\The New How to Study Your Bible - Arthur, Kay.pdf
[2013/08/02 16:16:19 | 001,795,859 | ---- | C] () -- C:\Users\Mars\Documents\The Power of the Cross_ Epicenter of Glo - Chavda, Mahesh.pdf
[2013/08/02 16:16:18 | 002,800,508 | ---- | C] () -- C:\Users\Mars\Documents\The Daily Prophecy_ Your Future Revealed - Kunneman, Brenda.pdf
[2013/08/02 16:16:18 | 001,890,800 | ---- | C] () -- C:\Users\Mars\Documents\SemGuide.pdf
[2013/08/02 16:16:18 | 001,388,279 | ---- | C] () -- C:\Users\Mars\Documents\Satan, You Can't Have My Miracle_ A spir - Delgado, Iris.pdf
[2013/08/02 16:16:18 | 001,160,875 | ---- | C] () -- C:\Users\Mars\Documents\The Bible Tells Me So, Volume 3 (First S - Loth, Paul J_.pdf
[2013/08/02 16:16:18 | 001,154,699 | ---- | C] () -- C:\Users\Mars\Documents\The Bible Tells Me So, Volume 1 (First S - Loth, Paul J_.pdf
[2013/08/02 16:16:18 | 001,131,360 | ---- | C] () -- C:\Users\Mars\Documents\The Bible Tells Me So, Volume 2 (First S - Loth, Paul J_.pdf
[2013/08/02 16:16:18 | 000,961,077 | ---- | C] () -- C:\Users\Mars\Documents\Spiritual Revolution_ Experience the Sup - King, Patricia.pdf
[2013/08/02 16:16:18 | 000,693,527 | ---- | C] () -- C:\Users\Mars\Documents\RiverGlory.pdf
[2013/08/02 16:16:18 | 000,630,138 | ---- | C] () -- C:\Users\Mars\Documents\Stop The Bully_ Cures for the Bully Epid - King, Patricia.pdf
[2013/08/02 16:16:18 | 000,505,301 | ---- | C] () -- C:\Users\Mars\Documents\revivalglory.pdf
[2013/08/02 16:16:18 | 000,208,896 | ---- | C] () -- C:\Users\Mars\Documents\Rumors Of War.pdf
[2013/08/02 16:16:17 | 012,718,589 | ---- | C] () -- C:\Users\Mars\Documents\receive-prophecy-from-global-community.pdf
[2013/08/02 16:16:17 | 002,022,720 | ---- | C] () -- C:\Users\Mars\Documents\Praying-the-Scriptures-by-Judson-Cornwall.pdf
[2013/08/02 16:16:16 | 014,903,490 | ---- | C] () -- C:\Users\Mars\Documents\Prayers-That-Rout-Demons-John-Eckhardt - Copy.pdf
[2013/08/02 16:16:16 | 007,315,656 | ---- | C] () -- C:\Users\Mars\Documents\Praying the Bible_ Pathway to Spirituali - Wesley Campbell.pdf
[2013/08/02 16:16:16 | 005,634,690 | ---- | C] () -- C:\Users\Mars\Documents\Praying the Bible Book of Prayers_ Prayi - Wesley Campbell;Stacey Campbell.pdf
[2013/08/02 16:16:16 | 000,626,784 | ---- | C] () -- C:\Users\Mars\Documents\Prayers-That-Bring-Healing-John-Eckhardt - Copy.pdf
[2013/08/02 16:16:16 | 000,597,526 | ---- | C] () -- C:\Users\Mars\Documents\Prayers-that-release-heaven-on-earth-John-Eckhardt - Copy.pdf
[2013/08/02 16:16:15 | 001,423,221 | ---- | C] () -- C:\Users\Mars\Documents\Prayers that Move Mountains_ Powerful pr - Eckhardt, John.pdf
[2013/08/02 16:16:15 | 000,962,358 | ---- | C] () -- C:\Users\Mars\Documents\Prayer in Another Dimension_ Discover th - Curran, Sue.pdf
[2013/08/02 16:16:15 | 000,856,732 | ---- | C] () -- C:\Users\Mars\Documents\Prayers That Rout Demons_ Prayers for de - Eckhardt, John.pdf
[2013/08/02 16:16:15 | 000,815,664 | ---- | C] () -- C:\Users\Mars\Documents\Possessing Your Healing_ Taking Authorit - Bridges, Kynan.pdf
[2013/08/02 16:16:15 | 000,671,702 | ---- | C] () -- C:\Users\Mars\Documents\Prayers-That-Bring-Change-by-Kimberly-Daniels - Copy.pdf
[2013/08/02 16:16:15 | 000,623,374 | ---- | C] () -- C:\Users\Mars\Documents\Prayers-that-activate-blessings-John-Eckhardt - Copy.pdf
[2013/08/02 16:16:15 | 000,568,188 | ---- | C] () -- C:\Users\Mars\Documents\Prayers That Break Curses_ Prayers for b - Eckhardt, John.pdf
[2013/08/02 16:16:15 | 000,568,188 | ---- | C] () -- C:\Users\Mars\Documents\Prayers That Break Curses_ Prayers for b - Eckhardt, John - Copy.pdf
[2013/08/02 16:16:15 | 000,321,239 | ---- | C] () -- C:\Users\Mars\Documents\parent-ver-sch-0-6yrsShotRecord.pdf
[2013/08/02 16:16:15 | 000,270,343 | ---- | C] () -- C:\Users\Mars\Documents\No_Fear_Here-Ebook.pdf
[2013/08/02 16:16:15 | 000,129,596 | ---- | C] () -- C:\Users\Mars\Documents\OvercomeBlocks and Hinder.pdf
[2013/08/02 16:16:14 | 026,180,435 | ---- | C] () -- C:\Users\Mars\Documents\NIV Women's Devotional Bible - Zondervan.pdf
[2013/08/02 16:16:13 | 002,532,688 | ---- | C] () -- C:\Users\Mars\Documents\My Time With God New Testament Devotions - Loth, Paul J_.pdf
[2013/08/02 16:16:13 | 002,389,847 | ---- | C] () -- C:\Users\Mars\Documents\May_2012_Newsletter.pdf
[2013/08/02 16:16:13 | 002,284,165 | ---- | C] () -- C:\Users\Mars\Documents\Limitless Love_ A 365-Day Devotional - Copeland, Gloria.pdf
[2013/08/02 16:16:13 | 002,283,780 | ---- | C] () -- C:\Users\Mars\Documents\Light Belongs in the Darkness_ Finding Y - King, Patricia.pdf
[2013/08/02 16:16:13 | 001,854,843 | ---- | C] () -- C:\Users\Mars\Documents\Mar12_news.pdf
[2013/08/02 16:16:13 | 001,709,859 | ---- | C] () -- C:\Users\Mars\Documents\My Time With God Old Testament Devotions - Loth, Paul J_.pdf
[2013/08/02 16:16:13 | 000,659,167 | ---- | C] () -- C:\Users\Mars\Documents\Living_In_Heavens_Blessing_Now.pdf
[2013/08/02 16:16:13 | 000,423,772 | ---- | C] () -- C:\Users\Mars\Documents\lawsofprosperity.pdf
[2013/08/02 16:16:13 | 000,278,805 | ---- | C] () -- C:\Users\Mars\Documents\keys-for-accelerated-change.pdf
[2013/08/02 16:16:13 | 000,173,811 | ---- | C] () -- C:\Users\Mars\Documents\LiveLongFinish_Online_Leaders_Guide.pdf
[2013/08/02 16:16:12 | 002,325,965 | ---- | C] () -- C:\Users\Mars\Documents\Jesus Calling_ 365 Devotions For Kids_ T - Young, Sarah.pdf
[2013/08/02 16:16:12 | 001,809,200 | ---- | C] () -- C:\Users\Mars\Documents\Jesus Calling_ Enjoying Peace in His Pre - Young, Sarah.pdf
[2013/08/02 16:16:12 | 000,743,668 | ---- | C] () -- C:\Users\Mars\Documents\Jerusalem.pdf
[2013/08/02 16:16:11 | 013,500,693 | ---- | C] () -- C:\Users\Mars\Documents\IntheZoneEBOOK.pdf
[2013/08/02 16:16:11 | 013,500,693 | ---- | C] () -- C:\Users\Mars\Documents\IntheZoneEBOOK - Copy.pdf
[2013/08/02 16:16:11 | 001,063,451 | ---- | C] () -- C:\Users\Mars\Documents\how-to-train-your-imagination-youhub.pdf
[2013/08/02 16:16:11 | 000,210,112 | ---- | C] () -- C:\Users\Mars\Documents\How-to-Receive-Revelation-Knowledge.pdf
[2013/08/02 16:16:10 | 013,109,628 | ---- | C] () -- C:\Users\Mars\Documents\how-to-prophesy-in-boldness.pdf
[2013/08/02 16:16:10 | 010,421,154 | ---- | C] () -- C:\Users\Mars\Documents\how-to-go-into-heavely-realms.pdf
[2013/08/02 16:16:10 | 002,620,410 | ---- | C] () -- C:\Users\Mars\Documents\-How-to-Meditate-God-s-Word-Dennis-Burke.pdf
[2013/08/02 16:16:09 | 016,681,705 | ---- | C] () -- C:\Users\Mars\Documents\how-to-be-appointed-as-a-prophet-to-the-nations.pdf
[2013/08/02 16:16:09 | 016,602,410 | ---- | C] () -- C:\Users\Mars\Documents\how-to-encounter-jesus-face-to-face.pdf
[2013/08/02 16:16:08 | 006,056,505 | ---- | C] () -- C:\Users\Mars\Documents\Help_God_Im_Broke_Ebook.pdf
[2013/08/02 16:16:08 | 002,761,154 | ---- | C] () -- C:\Users\Mars\Documents\Holiness Day by Day_ Transformational Th - Jerry Bridges.pdf
[2013/08/02 16:16:08 | 002,536,466 | ---- | C] () -- C:\Users\Mars\Documents\How to Experience God.pdf
[2013/08/02 16:16:08 | 001,245,148 | ---- | C] () -- C:\Users\Mars\Documents\Holy Habits_ A Woman's Guide to Intentio - Wilson, Marilyn.pdf
[2013/08/02 16:16:08 | 001,222,329 | ---- | C] () -- C:\Users\Mars\Documents\How To Walk In The Supernatural Power Of - Maldonado, Guillermo.pdf
[2013/08/02 16:16:08 | 000,246,310 | ---- | C] () -- C:\Users\Mars\Documents\How To Study the Bible.pdf
[2013/08/02 16:16:07 | 006,056,505 | ---- | C] () -- C:\Users\Mars\Documents\Help_God_Im_Broke_Ebook - Copy.pdf
[2013/08/02 16:16:07 | 002,873,392 | ---- | C] () -- C:\Users\Mars\Documents\God's Word in My Heart - Loth, Paul J_.pdf
[2013/08/02 16:16:07 | 001,296,563 | ---- | C] () -- C:\Users\Mars\Documents\Handle with Prayer_ Unwrap the Source of - Stanley, Charles.pdf
[2013/08/02 16:16:07 | 000,882,455 | ---- | C] () -- C:\Users\Mars\Documents\God's Supernatural Power - Conner, Bobby.pdf
[2013/08/02 16:16:07 | 000,877,773 | ---- | C] () -- C:\Users\Mars\Documents\Healing The Whole Man Handbook - Hunter, Joan.pdf
[2013/08/02 16:16:07 | 000,185,300 | ---- | C] () -- C:\Users\Mars\Documents\Healing_Scriptures.pdf
[2013/08/02 16:16:07 | 000,185,300 | ---- | C] () -- C:\Users\Mars\Documents\Healing_Scriptures - Copy.pdf
[2013/08/02 16:16:07 | 000,017,082 | ---- | C] () -- C:\Users\Mars\Documents\Having Ears to Hear Study Notes.pdf
[2013/08/02 16:16:06 | 003,598,351 | ---- | C] () -- C:\Users\Mars\Documents\God Takes Care of Me (First Steps Devoti - Loth, Paul J_.pdf
[2013/08/02 16:16:06 | 003,080,563 | ---- | C] () -- C:\Users\Mars\Documents\Glory.pdf
[2013/08/02 16:16:06 | 002,996,838 | ---- | C] () -- C:\Users\Mars\Documents\God's Plan For Our Success Nehemiah's Way(1).pdf
[2013/08/02 16:16:06 | 001,990,298 | ---- | C] () -- C:\Users\Mars\Documents\Godly Success - Copy.pdf
[2013/08/02 16:16:06 | 001,181,232 | ---- | C] () -- C:\Users\Mars\Documents\God, You've Got Mail_ 15 Keys to Abundan - Crawford, Danette.pdf
[2013/08/02 16:16:06 | 001,110,946 | ---- | C] () -- C:\Users\Mars\Documents\Glory Of God_ Experience a Supernatural - Maldonado, Guillermo.pdf
[2013/08/02 16:16:06 | 000,937,359 | ---- | C] () -- C:\Users\Mars\Documents\God's Promises for Your Every Need_ 25th - Nelson, Thomas.pdf
[2013/08/02 16:16:05 | 003,851,162 | ---- | C] () -- C:\Users\Mars\Documents\Finding Father - Jones, A.J_.pdf
[2013/08/02 16:16:05 | 003,764,624 | ---- | C] () -- C:\Users\Mars\Documents\First Steps Devotions for Families with - Loth, Paul J_.pdf
[2013/08/02 16:16:05 | 000,990,017 | ---- | C] () -- C:\Users\Mars\Documents\Fasting and Prayer_ God's Nuclear Power - Brooks, Steven.pdf
[2013/08/02 16:16:05 | 000,524,374 | ---- | C] () -- C:\Users\Mars\Documents\Faith_and_Patience.pdf
[2013/08/02 16:16:05 | 000,524,374 | ---- | C] () -- C:\Users\Mars\Documents\Faith_and_Patience(1).pdf
[2013/08/02 16:16:05 | 000,176,810 | ---- | C] () -- C:\Users\Mars\Documents\FreedomFromFear.pdf
[2013/08/02 16:16:05 | 000,031,288 | ---- | C] () -- C:\Users\Mars\Documents\fatherloveLett.pdf
[2013/08/02 16:16:04 | 003,204,929 | ---- | C] () -- C:\Users\Mars\Documents\EyesOf Honor9780768488296.pdf
[2013/08/02 16:16:04 | 003,204,929 | ---- | C] () -- C:\Users\Mars\Documents\EyesOf Honor 9780768488296(1).pdf
[2013/08/02 16:16:04 | 003,204,929 | ---- | C] () -- C:\Users\Mars\Documents\Eyes Of Honor Copy.pdf
[2013/08/02 16:16:04 | 001,395,618 | ---- | C] () -- C:\Users\Mars\Documents\faith By faith By Ken and Gloria Copeland.pdf
[2013/08/02 16:16:04 | 001,112,949 | ---- | C] () -- C:\Users\Mars\Documents\Experiencing the Heavenly Realm_ Keys to - Franklin, Judy.pdf
[2013/08/02 16:16:03 | 004,292,336 | ---- | C] () -- C:\Users\Mars\Documents\EbookGreaterThings_Complete.pdf
[2013/08/02 16:16:03 | 004,292,336 | ---- | C] () -- C:\Users\Mars\Documents\EbookGreaterThings_Complete - Copy.pdf
[2013/08/02 16:16:03 | 002,082,866 | ---- | C] () -- C:\Users\Mars\Documents\ebookeyes_thatsee.pdf
[2013/08/02 16:16:03 | 002,082,866 | ---- | C] () -- C:\Users\Mars\Documents\ebookeyes_thatsee - Copy.pdf
[2013/08/02 16:16:03 | 002,029,399 | ---- | C] () -- C:\Users\Mars\Documents\ebookeyes_thatsee1.pdf
[2013/08/02 16:16:02 | 008,326,262 | ---- | C] () -- C:\Users\Mars\Documents\EBOOKDominion-Surges1.pdf
[2013/08/02 16:16:02 | 002,242,526 | ---- | C] () -- C:\Users\Mars\Documents\ebookearsthathear PDF1.pdf
[2013/08/02 16:16:02 | 002,242,526 | ---- | C] () -- C:\Users\Mars\Documents\ebookearsthathear PDF1 - Copy.pdf
[2013/08/02 16:16:02 | 002,180,860 | ---- | C] () -- C:\Users\Mars\Documents\ebookearsthathear PDF.pdf
[2013/08/02 16:16:02 | 002,180,860 | ---- | C] () -- C:\Users\Mars\Documents\ebookearsthathear PDF - Copy.pdf
[2013/08/02 16:16:01 | 008,425,022 | ---- | C] () -- C:\Users\Mars\Documents\EBOOKDominion-Surges.pdf
[2013/08/02 16:16:01 | 008,425,022 | ---- | C] () -- C:\Users\Mars\Documents\EBOOKDominion-Surges - Copy.pdf
[2013/08/02 16:16:01 | 003,100,344 | ---- | C] () -- C:\Users\Mars\Documents\Ebook-CreateYourWorld.pdf
[2013/08/02 16:16:00 | 012,344,536 | ---- | C] () -- C:\Users\Mars\Documents\Ebook-122LoveLetters.pdf
[2013/08/02 16:16:00 | 003,100,344 | ---- | C] () -- C:\Users\Mars\Documents\Ebook-CreateYourWorld(1).pdf
[2013/08/02 16:16:00 | 003,100,344 | ---- | C] () -- C:\Users\Mars\Documents\Ebook-CreateYourWorld - Copy.pdf
[2013/08/02 16:15:59 | 012,344,536 | ---- | C] () -- C:\Users\Mars\Documents\Ebook-122LoveLetters - Copy.pdf
[2013/08/02 16:15:59 | 004,474,754 | ---- | C] () -- C:\Users\Mars\Documents\Ebook-12FACTSaboutTONGES.pdf
[2013/08/02 16:15:59 | 004,474,754 | ---- | C] () -- C:\Users\Mars\Documents\Ebook-12FACTSaboutTONGES(1).pdf
[2013/08/02 16:15:58 | 010,038,457 | ---- | C] () -- C:\Users\Mars\Documents\Ebook_DecreesInspiredByThePsalms.pdf
[2013/08/02 16:15:58 | 005,927,766 | ---- | C] () -- C:\Users\Mars\Documents\Ebook_alignedheaven.pdf
[2013/08/02 16:15:58 | 005,927,766 | ---- | C] () -- C:\Users\Mars\Documents\Ebook_alignedheaven - Copy.pdf
[2013/08/02 16:15:58 | 001,116,084 | ---- | C] () -- C:\Users\Mars\Documents\Developing a Supernatural Lifestyle_ A P - Vallotton, Kris.pdf
[2013/08/02 16:15:58 | 000,540,825 | ---- | C] () -- C:\Users\Mars\Documents\dream_big.pdf
[2013/08/02 16:15:58 | 000,054,644 | ---- | C] () -- C:\Users\Mars\Documents\DHMH K12 Immunz Requirments.pdf
[2013/08/02 16:15:57 | 007,159,992 | ---- | C] () -- C:\Users\Mars\Documents\Decree_EBOOK.pdf
[2013/08/02 16:15:57 | 004,638,161 | ---- | C] () -- C:\Users\Mars\Documents\Designed for Devotion_ A 365-Day Journey - Matthews, Dianne Neal.pdf
[2013/08/02 16:15:57 | 004,313,613 | ---- | C] () -- C:\Users\Mars\Documents\Define Your Destiny Through Prayer - Copy.pdf
[2013/08/02 16:15:57 | 003,653,178 | ---- | C] () -- C:\Users\Mars\Documents\Dare to Believe - Copy.pdf
[2013/08/02 16:15:56 | 002,419,687 | ---- | C] () -- C:\Users\Mars\Documents\Born To Create supernatural in your Destiny 9780768488180.pdf
[2013/08/02 16:15:56 | 002,419,687 | ---- | C] () -- C:\Users\Mars\Documents\Born To Create Copy.pdf
[2013/08/02 16:15:56 | 001,817,050 | ---- | C] () -- C:\Users\Mars\Documents\Dancing with Angels 2_ The Role of the H - Basconi, Kevin.pdf
[2013/08/02 16:15:56 | 001,625,025 | ---- | C] () -- C:\Users\Mars\Documents\Dancing with Angels_ How You Can Work Wi - Basconi, Kevin.pdf
[2013/08/02 16:15:56 | 000,596,704 | ---- | C] () -- C:\Users\Mars\Documents\Daily Scripture Reading and Meditation_ - Coleman, Gloria.pdf
[2013/08/02 16:15:56 | 000,414,901 | ---- | C] () -- C:\Users\Mars\Documents\Build your Financial Fountain.pdf
[2013/08/02 16:15:56 | 000,154,441 | ---- | C] () -- C:\Users\Mars\Documents\blessing_for_your_children.pdf
[2013/08/02 16:15:56 | 000,046,170 | ---- | C] () -- C:\Users\Mars\Documents\Christian-Dream-Interpretation.pdf
[2013/08/02 16:15:55 | 008,775,700 | ---- | C] () -- C:\Users\Mars\Documents\Big Book of All-Time Favorite Bible Stor - Beers, V. Gilbert.pdf
[2013/08/02 16:15:55 | 007,732,188 | ---- | C] () -- C:\Users\Mars\Documents\Becoming a Prayer Warrior_ A Guide to Ef - Beth Alves.pdf
[2013/08/02 16:15:55 | 004,517,247 | ---- | C] () -- C:\Users\Mars\Documents\BibleNewInternationalVersionPDF.pdf
[2013/08/02 16:15:54 | 033,801,943 | ---- | C] () -- C:\Users\Mars\Documents\april 12 d.pdf
[2013/08/02 16:15:53 | 018,326,783 | ---- | C] () -- C:\Users\Mars\Documents\angels-visitations-the-audible-voice-of-the-lord.pdf
[2013/08/02 16:15:53 | 003,120,630 | ---- | C] () -- C:\Users\Mars\Documents\Angels In The Realm Of Heaven.pdf
[2013/08/02 16:15:53 | 001,876,706 | ---- | C] () -- C:\Users\Mars\Documents\Another10DaysofProsperity_GeorgePearsons.pdf
[2013/08/02 16:15:52 | 007,817,312 | ---- | C] () -- C:\Users\Mars\Documents\amp.pdf
[2013/08/02 16:15:52 | 004,313,613 | ---- | C] () -- C:\Users\Mars\Documents\9780768488081(1) Define Your Destiny Through Prayer.pdf
[2013/08/02 16:15:52 | 004,313,613 | ---- | C] () -- C:\Users\Mars\Documents\9780768488081 Define Your Destiny Through Prayer.pdf
[2013/08/02 16:15:52 | 001,619,354 | ---- | C] () -- C:\Users\Mars\Documents\A Book of Prayer - Omartian, Stormie.pdf
[2013/08/02 16:15:52 | 000,903,620 | ---- | C] () -- C:\Users\Mars\Documents\A Divine Revelation of Spiritual Warfare - T. L., Lowery.pdf
[2013/08/02 16:15:51 | 002,922,114 | ---- | C] () -- C:\Users\Mars\Documents\9780768487886 Open Heaven the Secret Power of Door Keeper.pdf
[2013/08/02 16:15:51 | 002,912,477 | ---- | C] () -- C:\Users\Mars\Documents\9780768484991.pdf
[2013/08/02 16:15:51 | 002,912,477 | ---- | C] () -- C:\Users\Mars\Documents\9780768484991 (1).pdf
[2013/08/02 16:15:51 | 002,551,829 | ---- | C] () -- C:\Users\Mars\Documents\9780768441420(1)The Life Giver.pdf
[2013/08/02 16:15:51 | 002,551,829 | ---- | C] () -- C:\Users\Mars\Documents\9780768441420 The Life Giver.pdf
[2013/08/02 16:15:51 | 001,990,298 | ---- | C] () -- C:\Users\Mars\Documents\9780768441260Godly Success.pdf
[2013/08/02 16:15:51 | 001,990,298 | ---- | C] () -- C:\Users\Mars\Documents\9780768441260(1)Godly Success.pdf
[2013/08/02 16:15:50 | 003,682,261 | ---- | C] () -- C:\Users\Mars\Documents\118418399-Healing-Through-Spiritual-Warfare-Peggy-Scarborough.pdf
[2013/08/02 16:15:50 | 003,653,178 | ---- | C] () -- C:\Users\Mars\Documents\9780768440973(1)Dare to Believe.pdf
[2013/08/02 16:15:50 | 001,425,539 | ---- | C] () -- C:\Users\Mars\Documents\114021710-The-Holy-Spirit-and-His-Gifts-by-Kenneth-e-Hagin.pdf
[2013/08/02 16:15:50 | 000,532,515 | ---- | C] () -- C:\Users\Mars\Documents\114224646-You-Shall-Receive-Power-by-Derek-Prince.pdf
[2013/08/02 16:15:49 | 014,903,490 | ---- | C] () -- C:\Users\Mars\Documents\113857365-Prayers-That-Rout-Demons-John-Eckhardt.pdf
[2013/08/02 16:15:49 | 007,931,316 | ---- | C] () -- C:\Users\Mars\Documents\112491828-Commanding-Your-Morning-by-Cindy-Trimm.pdf
[2013/08/02 16:15:49 | 002,211,894 | ---- | C] () -- C:\Users\Mars\Documents\113777499-If-You-Need-Healing-Do-These-Things-by-Oral-Roberts.pdf
[2013/08/02 16:15:49 | 000,671,702 | ---- | C] () -- C:\Users\Mars\Documents\113857348-Prayers-That-Bring-Change-by-Kimberly-Daniels.pdf
[2013/08/02 16:15:48 | 004,016,750 | ---- | C] () -- C:\Users\Mars\Documents\103400447-Catching-the-Initiatives-of-Heaven-Dennis-Walker.pdf
[2013/08/02 16:15:48 | 003,535,743 | ---- | C] () -- C:\Users\Mars\Documents\89445266-Understanding-How-to-Fight-the-Good-Fight-of-Faith-Kenneth-Hagin.pdf
[2013/08/02 16:15:48 | 002,562,512 | ---- | C] () -- C:\Users\Mars\Documents\365 daysofhealing.pdf
[2013/08/02 16:15:48 | 000,862,066 | ---- | C] () -- C:\Users\Mars\Documents\82842139-The-Power-of-the-Blood-H-A-Maxwell-Whyte.pdf
[2013/08/02 16:15:48 | 000,739,457 | ---- | C] () -- C:\Users\Mars\Documents\110926966-How-To-Hear-From-God-Joyce-Meyer.pdf
[2013/08/02 16:15:48 | 000,626,784 | ---- | C] () -- C:\Users\Mars\Documents\95144332-Prayers-That-Bring-Healing-John-Eckhardt.pdf
[2013/08/02 16:15:48 | 000,623,374 | ---- | C] () -- C:\Users\Mars\Documents\102807258-Prayers-that-activate-blessings-John-Eckhardt.pdf
[2013/08/02 16:15:48 | 000,597,526 | ---- | C] () -- C:\Users\Mars\Documents\102807454-Prayers-that-release-heaven-on-earth-John-Eckhardt.pdf
[2013/08/02 16:15:47 | 003,020,340 | ---- | C] () -- C:\Users\Mars\Documents\50 Days of Prosperity Series PG Study Notes PDF.pdf
[2013/08/02 16:15:47 | 003,020,340 | ---- | C] () -- C:\Users\Mars\Documents\50 Days of Prosperity Series PG Study Notes PDF(1).pdf
[2013/08/02 16:15:47 | 003,020,340 | ---- | C] () -- C:\Users\Mars\Documents\50 Days of Prosperity Series PG Study Notes PDF - Copy.pdf
[2013/08/02 16:15:47 | 001,157,263 | ---- | C] () -- C:\Users\Mars\Documents\65 Promises from God for Your Child_ Pow - Shreve, Mike.pdf
[2013/08/02 16:15:47 | 000,490,036 | ---- | C] () -- C:\Users\Mars\Documents\10MoreDaysofProsperity_GeorgePearsons.pdf
[2013/08/02 16:15:47 | 000,477,042 | ---- | C] () -- C:\Users\Mars\Documents\10DaysofProsperity_GeorgePearsons.pdf
[2013/08/02 16:15:47 | 000,412,963 | ---- | C] () -- C:\Users\Mars\Documents\31 Powerful Prayers - Guaranteed To Make - Coleman, Gloria.pdf
[2013/08/02 16:15:47 | 000,316,793 | ---- | C] () -- C:\Users\Mars\Documents\31 Powerful Prayers For Children - Guara - Coleman, Gloria.pdf
[2013/08/02 16:15:46 | 001,878,803 | ---- | C] () -- C:\Users\Mars\Documents\10 Days of True Prosperity Study Notes.pdf
[2013/08/02 16:15:46 | 001,878,803 | ---- | C] () -- C:\Users\Mars\Documents\10 Days of True Prosperity Study Notes - Copy.pdf
[2013/08/02 16:15:46 | 001,369,813 | ---- | C] () -- C:\Users\Mars\Documents\10 Marvelous Days of Prosperity Study Notes.pdf
[2013/08/02 16:15:46 | 001,369,813 | ---- | C] () -- C:\Users\Mars\Documents\10 Marvelous Days of Prosperity Study Notes - Copy.pdf
[2013/08/02 16:15:46 | 001,358,485 | ---- | C] () -- C:\Users\Mars\Documents\10 Awesome Days of Prosperity Study Notes.pdf
[2013/08/02 16:15:46 | 001,358,485 | ---- | C] () -- C:\Users\Mars\Documents\10 Awesome Days of Prosperity Study Notes - Copy.pdf
[2013/08/02 16:15:46 | 000,578,398 | ---- | C] () -- C:\Users\Mars\Documents\10 Glorious Days of Prosperity Series PG Study Notes PDF.pdf
[2013/08/02 16:15:46 | 000,558,701 | ---- | C] () -- C:\Users\Mars\Documents\10 More Extraordinary Days of Prosperity Series PG Study Notes.pdf
[2013/08/02 16:15:46 | 000,555,507 | ---- | C] () -- C:\Users\Mars\Documents\10 Days of Kingdom Prosperity Study Notes.pdf
[2013/08/02 16:15:46 | 000,555,507 | ---- | C] () -- C:\Users\Mars\Documents\10 Days of Kingdom Prosperity Study Notes - Copy.pdf
[2013/08/02 16:15:46 | 000,133,097 | ---- | C] () -- C:\Users\Mars\Documents\4-keys-lesson-5-remove-idols-from-heart.pdf
[2013/08/02 16:15:45 | 006,460,153 | ---- | C] () -- C:\Users\Mars\Documents\4 Keys to Hearing God's Voice - Virkler, Mark.pdf
[2013/08/02 16:15:45 | 003,260,110 | ---- | C] () -- C:\Users\Mars\Documents\1EyesOf Honor9780768488296.pdf
[2013/08/02 16:15:45 | 002,828,289 | ---- | C] () -- C:\Users\Mars\Documents\1God's Plan For Our Success Nehemiah's Way(1).pdf
[2013/08/02 16:15:45 | 002,541,657 | ---- | C] () -- C:\Users\Mars\Documents\1The Life Giver9780768441420.pdf
[2013/08/02 16:15:45 | 002,326,452 | ---- | C] () -- C:\Users\Mars\Documents\1Glory.pdf
[2013/08/02 16:15:45 | 001,823,215 | ---- | C] () -- C:\Users\Mars\Documents\1Godly Success9780768441260.pdf
[2013/08/02 16:15:44 | 007,277,220 | ---- | C] () -- C:\Users\Mars\Documents\1Decree_EBOOK.pdf
[2013/08/02 16:15:44 | 003,358,158 | ---- | C] () -- C:\Users\Mars\Documents\1 Understanding bible Mysteries.pdf
[2013/08/02 16:15:44 | 002,730,104 | ---- | C] () -- C:\Users\Mars\Documents\1 Psalm 91_ Real-Life Stories of God's Shi - Ruth, Peggy Joyce.pdf
[2013/08/02 16:15:44 | 002,714,763 | ---- | C] () -- C:\Users\Mars\Documents\1 The Frontier Boys 9780768488494.pdf
[2013/08/02 16:15:44 | 001,404,688 | ---- | C] () -- C:\Users\Mars\Documents\1 The-Holy-Spirit-and-His-Gifts-by-Kenneth-e-Hagin - Copy.pdf
[2013/08/02 16:15:44 | 000,671,054 | ---- | C] () -- C:\Users\Mars\Documents\1Commanding Your Morning_ Unleashing the - Trimm, Cindy.pdf
[2013/08/02 16:15:44 | 000,319,813 | ---- | C] () -- C:\Users\Mars\Documents\1Decree - Third Edition.pdf
[2013/08/02 16:15:43 | 013,796,053 | ---- | C] () -- C:\Users\Mars\Documents\1 IntheZoneEBOOK.pdf
[2013/08/02 16:15:43 | 001,788,411 | ---- | C] () -- C:\Users\Mars\Documents\1 Jesus Calling_ Enjoying Peace in His Pre - Young, Sarah.pdf
[2013/08/02 16:15:43 | 001,423,221 | ---- | C] () -- C:\Users\Mars\Documents\1 Prayers that Move Mountains_ Powerful pr - Eckhardt, John - Copy.pdf
[2013/08/02 16:15:43 | 000,838,129 | ---- | C] () -- C:\Users\Mars\Documents\1 Prayers That Rout Demons_ Prayers for de - Eckhardt, John.pdf
[2013/08/02 16:15:43 | 000,626,784 | ---- | C] () -- C:\Users\Mars\Documents\1 Prayers-That-Bring-Healing-John-Eckhardt - Copy - Copy.pdf
[2013/08/02 16:15:43 | 000,626,784 | ---- | C] () -- C:\Users\Mars\Documents\1 Prayers-That-Bring-Healing-John-Eckhardt - Copy - Copy - Copy.pdf
[2013/08/02 16:15:42 | 013,796,053 | ---- | C] () -- C:\Users\Mars\Documents\1 IntheZoneEBOOK - Copy.pdf
[2013/08/02 16:15:41 | 013,796,053 | ---- | C] () -- C:\Users\Mars\Documents\1 IntheZoneEBOOK - Copy (2).pdf
[2013/08/02 16:15:41 | 005,929,955 | ---- | C] () -- C:\Users\Mars\Documents\1 Help_God_Im_Broke_Ebook.pdf
[2013/08/02 16:15:41 | 005,929,955 | ---- | C] () -- C:\Users\Mars\Documents\1 Help_God_Im_Broke_Ebook - Copy.pdf
[2013/08/02 16:15:40 | 004,208,918 | ---- | C] () -- C:\Users\Mars\Documents\1 Define Your Destiny Through Prayer 9780768488081.pdf
[2013/08/02 16:15:40 | 002,996,770 | ---- | C] () -- C:\Users\Mars\Documents\1 Ebook-CreateYourWorld.pdf
[2013/08/02 16:15:40 | 002,996,770 | ---- | C] () -- C:\Users\Mars\Documents\1 Ebook-CreateYourWorld - Copy.pdf
[2013/08/02 16:15:40 | 002,423,804 | ---- | C] () -- C:\Users\Mars\Documents\1 The Voice How We Can Participate How We should Respond.pdf
[2013/08/02 16:15:40 | 000,951,027 | ---- | C] () -- C:\Users\Mars\Documents\1 Spiritual Revolution_ Experience the Sup - King, Patricia.pdf
[2013/08/02 16:15:40 | 000,571,803 | ---- | C] () -- C:\Users\Mars\Documents\1 Prayers That Break Curses_ Prayers for b - Eckhardt, John.pdf
[2013/08/02 16:15:39 | 004,163,225 | ---- | C] () -- C:\Users\Mars\Documents\1 BibleNewInternationalVersionPDF.pdf
[2013/08/02 16:15:39 | 004,163,225 | ---- | C] () -- C:\Users\Mars\Documents\1 BibleNewInternationalVersionPDF - Copy.pdf
[2013/08/02 16:15:39 | 004,163,225 | ---- | C] () -- C:\Users\Mars\Documents\1 BibleNewInternationalVersionPDF - Copy (2).pdf
[2013/08/02 16:15:39 | 003,982,256 | ---- | C] () -- C:\Users\Mars\Documents\(2)Dare to Believe1 - Copy.pdf
[2013/08/02 16:15:39 | 000,190,616 | ---- | C] () -- C:\Users\Mars\Documents\0-6yrs-schedule-pr.pdf
[2013/08/02 16:15:38 | 003,982,256 | ---- | C] () -- C:\Users\Mars\Documents\(1)Dare to Believe1.pdf
[2013/08/02 16:15:38 | 003,982,256 | ---- | C] () -- C:\Users\Mars\Documents\(1)Dare to Believe1 - Copy.pdf
[2013/08/02 16:15:38 | 002,870,609 | ---- | C] () -- C:\Users\Mars\Documents\(1)Open Heaven the Secret Power of Door Keeper 9780768487886.pdf
[2013/08/02 16:15:38 | 002,570,714 | ---- | C] () -- C:\Users\Mars\Documents\(1)Born To Create supernatural in your Destiny1.pdf
[2013/08/02 16:15:37 | 005,816,617 | ---- | C] () -- C:\Users\Mars\Documents\(1)4 Keys to Hearing God's Voice - Virkler, Mark.pdf
[2013/08/02 16:15:37 | 000,636,167 | ---- | C] () -- C:\Users\Mars\Documents\(1) 20120709-Calendar-English-FINAL.pdf
[2013/08/02 16:15:37 | 000,409,396 | ---- | C] () -- C:\Users\Mars\Documents\You-Can-Hear-God's-Voice.pdf
[2013/08/02 16:15:37 | 000,176,873 | ---- | C] () -- C:\Users\Mars\Documents\welcomefamily.pdf
[2013/08/02 16:15:37 | 000,095,541 | ---- | C] () -- C:\Users\Mars\Documents\weight petition.pdf
[2013/08/02 01:10:16 | 000,000,508 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a8271c96-c82f-4c9e-af98-08c6300f2585.job
[2013/08/02 01:10:16 | 000,000,508 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 6c3cdca8-ce8e-4736-bd73-56f9e5dcea2c.job
[2013/08/02 01:09:26 | 000,001,812 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/08/01 23:09:45 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/01 22:47:04 | 000,417,513 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2013/08/01 22:46:52 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2013/08/01 22:35:59 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013/08/01 22:35:59 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013/08/01 22:35:59 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013/08/01 22:35:32 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/08/01 22:35:28 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/08/01 22:35:28 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/08/01 22:35:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013/08/01 15:13:52 | 000,000,675 | ---- | C] () -- C:\Users\Mars\Documents\Document.rtf
[2013/07/30 01:46:25 | 000,000,289 | ---- | C] () -- C:\Users\Mars\Documents\A touch of heaven review.rtf
[2013/07/29 22:05:21 | 000,000,964 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2013/07/29 10:34:39 | 000,002,138 | ---- | C] () -- C:\Users\Mars\Desktop\Facebook.lnk
[2013/07/29 10:34:39 | 000,002,136 | ---- | C] () -- C:\Users\Mars\Desktop\Youtube.lnk
[2013/07/29 10:34:37 | 000,001,343 | ---- | C] () -- C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
[2013/07/28 18:58:43 | 000,001,335 | ---- | C] () -- C:\Users\Mars\Desktop\Torch.lnk
[2013/07/28 18:58:43 | 000,001,139 | ---- | C] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
[2013/07/28 18:04:36 | 000,001,324 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2013/07/23 15:49:09 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/07/23 14:40:36 | 000,002,244 | ---- | C] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 2.0.lnk
[2013/07/23 14:40:36 | 000,002,232 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 2.0.lnk
[2013/07/23 14:40:36 | 000,002,220 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk
[2013/07/23 02:32:32 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag
[2013/07/23 02:11:28 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/07/23 02:11:28 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/07/23 02:01:20 | 000,002,490 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2013/07/23 01:58:40 | 000,001,208 | ---- | C] () -- C:\Users\Public\Desktop\NOOK for PC.lnk
[2013/07/23 01:56:38 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\clear.fi.lnk
[2013/07/23 01:52:49 | 000,000,017 | ---- | C] () -- C:\Windows\ClearFi.tag
[2013/07/23 01:51:27 | 000,001,024 | RH-- | C] () -- C:\Users\Public\Documents\NTILiveUpdateV9.dll
[2013/07/23 01:49:53 | 000,001,024 | RH-- | C] () -- C:\Users\Public\Documents\NTIMMV9REGET.dll
[2013/07/23 01:49:53 | 000,001,024 | RH-- | C] () -- C:\Users\Public\Documents\NTIMMV9Acer.dll
[2013/07/23 01:48:55 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2013/07/23 01:47:08 | 000,015,762 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2013/07/23 01:44:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/07/23 01:42:58 | 000,000,184 | ---- | C] () -- C:\Windows\LMv4.UNI
[2013/07/23 01:34:02 | 2962,255,872 | -HS- | C] () -- C:\hiberfil.sys
[2013/07/23 00:57:59 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/07/23 00:45:52 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/07/22 23:44:35 | 000,002,283 | ---- | C] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/22 23:44:35 | 000,002,187 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/22 23:38:12 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/22 23:38:11 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/22 23:29:58 | 000,001,441 | ---- | C] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/07/22 23:26:57 | 000,002,609 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2013/07/22 23:26:47 | 000,002,102 | ---- | C] () -- C:\Users\Public\Desktop\Netflix.lnk
[2013/07/22 23:26:34 | 000,000,927 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Times Reader.lnk
[2013/07/22 23:26:34 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\Times Reader.lnk
[2013/07/22 23:24:18 | 000,000,290 | ---- | C] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/07/22 23:24:18 | 000,000,272 | ---- | C] () -- C:\Users\Mars\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/07/22 23:24:17 | 000,001,417 | ---- | C] () -- C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/01/10 22:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/01/10 22:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/01/10 22:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/01/10 21:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
========== ZeroAccess Check ========== [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ========== [2013/07/31 20:02:24 | 000,000,000 | ---D | M] -- C:\Users\Mars\AppData\Roaming\calibre
[2013/08/02 17:03:47 | 000,000,000 | ---D | M] -- C:\Users\Mars\AppData\Roaming\FFP
[2013/07/28 18:04:14 | 000,000,000 | ---D | M] -- C:\Users\Mars\AppData\Roaming\OpenCandy
[2013/07/28 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\Mars\AppData\Roaming\TFP
[2013/08/03 22:23:04 | 000,000,000 | ---D | M] -- C:\Users\Mars\AppData\Roaming\TP
[2013/08/06 01:23:50 | 000,000,000 | ---D | M] -- C:\Users\Mars\AppData\Roaming\uTorrent
========== Purity Check ========== ========== Custom Scans ========== ========== Base Services ==========SRV:
64bit: - [2009/07/13 21:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:
64bit: - [2013/02/27 01:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:
64bit: - [2009/07/13 21:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:
64bit: - [2010/11/20 23:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:
64bit: - [2010/11/20 23:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:
64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:
64bit: - [2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:
64bit: - [2012/07/04 18:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:
64bit: - [2013/05/13 01:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/05/13 00:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:
64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:
64bit: - [2010/11/20 23:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 23:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:
64bit: - [2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:
64bit: - [2009/07/13 21:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:
64bit: - [2009/07/13 21:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:
64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:
64bit: - [2010/11/20 23:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:
64bit: - [2009/07/13 21:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:
64bit: - [2009/07/13 21:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:
64bit: - [2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:
64bit: - [2009/07/13 21:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:
64bit: - [2012/10/03 13:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:
64bit: - [2009/07/13 21:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:
64bit: - [2011/05/24 07:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:
64bit: - [2012/02/11 02:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:
64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:
64bit: - [2009/07/13 21:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:
64bit: - [2010/11/20 23:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:
64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:
64bit: - [2010/11/20 23:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:
64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:
64bit: - [2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:
64bit: - [2010/11/20 23:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:
64bit: - [2010/11/20 23:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 23:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:
64bit: - [2010/11/20 23:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:
64bit: - [2010/11/20 23:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 23:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:
64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:
64bit: - [2012/05/01 01:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:
64bit: - [2010/11/20 23:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:
64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:
64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:
64bit: - [2010/11/20 23:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:
64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2010/11/20 23:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:
64bit: - [2010/11/20 23:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:
64bit: - [2010/11/20 23:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:
64bit: - [2010/11/20 23:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 23:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:
64bit: - [2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:
64bit: - [2012/06/02 18:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:
64bit: - [2010/11/20 23:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:
64bit: - [2009/07/13 21:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:
64bit: - [2010/11/20 23:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: SERVICES >[2009/06/10 17:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
< MD5 for: SERVICES.EXE >[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SERVICES.EXE.MUI >[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 03:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
< MD5 for: SERVICES.JS >[2010/08/16 15:07:26 | 000,018,674 | ---- | M] () MD5=7209830374F12E59D7802B687A5F0542 -- C:\Program Files (x86)\Barnes & Noble\BNDesktopReader\HTML\js\services.js
< MD5 for: SERVICES.LNK >[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
< MD5 for: SERVICES.MSC >[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 03:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 03:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
< MD5 for: SVCHOST.EXE >[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< dir "%systemdrive%\*" /S /A:L /C > Volume in drive C is Acer
Volume Serial Number is 3850-0A0A
Directory of C:\
07/14/2009 01:08 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 01:08 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 01:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 01:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 01:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 01:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 01:08 AM <SYMLINKD> All Users [C:\ProgramData]
07/14/2009 01:08 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 01:08 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 01:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 01:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 01:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 01:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 01:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 01:08 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009 01:08 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 01:08 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/14/2009 01:08 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 01:08 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 01:08 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 01:08 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 01:08 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 01:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/14/2009 01:08 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 01:08 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 01:08 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/14/2009 01:08 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/14/2009 01:08 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Mars
07/22/2013 11:24 PM <JUNCTION> Application Data [C:\Users\Mars\AppData\Roaming]
07/22/2013 11:24 PM <JUNCTION> Cookies [C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Cookies]
07/22/2013 11:24 PM <JUNCTION> Local Settings [C:\Users\Mars\AppData\Local]
07/22/2013 11:24 PM <JUNCTION> My Documents [C:\Users\Mars\Documents]
07/22/2013 11:24 PM <JUNCTION> NetHood [C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/22/2013 11:24 PM <JUNCTION> PrintHood [C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/22/2013 11:24 PM <JUNCTION> Recent [C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Recent]
07/22/2013 11:24 PM <JUNCTION> SendTo [C:\Users\Mars\AppData\Roaming\Microsoft\Windows\SendTo]
07/22/2013 11:24 PM <JUNCTION> Start Menu [C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Start Menu]
07/22/2013 11:24 PM <JUNCTION> Templates [C:\Users\Mars\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Mars\AppData\Local
07/22/2013 11:24 PM <JUNCTION> Application Data [C:\Users\Mars\AppData\Local]
07/22/2013 11:24 PM <JUNCTION> History [C:\Users\Mars\AppData\Local\Microsoft\Windows\History]
07/22/2013 11:24 PM <JUNCTION> Temporary Internet Files [C:\Users\Mars\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Mars\AppData\LocalLow\Siber Systems\RoboForm
08/01/2013 10:37 PM <SYMLINKD> UserData [C:\Users\Mars\Documents\My Avast EasyPass Data\Default Profile]
0 File(s) 0 bytes
Directory of C:\Users\Mars\Documents
07/22/2013 11:24 PM <JUNCTION> My Music [C:\Users\Mars\Music]
07/22/2013 11:24 PM <JUNCTION> My Pictures [C:\Users\Mars\Pictures]
07/22/2013 11:24 PM <JUNCTION> My Videos [C:\Users\Mars\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 01:08 AM <JUNCTION> My Music [C:\Users\Public\Music]
07/14/2009 01:08 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/14/2009 01:08 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
51 Dir(s) 432,927,424,512 bytes free
========== Drive Information ========== Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: Hitachi HTS545050B9A300
Partitions: 3
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE1 - External hard disk media
Interface type: USB
Media Type: External hard disk media
Model: ST950032 5AS USB Device
Partitions: 3
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 18.00GB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 19328401408
Hidden sectors: 0
DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 448.00GB
Starting Offset: 19433259008
Hidden sectors: 0
DeviceID: Disk #1, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 18.00GB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #1, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 19328401408
Hidden sectors: 0
DeviceID: Disk #1, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 448.00GB
Starting Offset: 19433259008
Hidden sectors: 0
< End of report >
Extras.txt Log
OTL Extras logfile created on: 8/6/2013 1:20:34 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mars\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.68 Gb Total Physical Memory | 2.47 Gb Available Physical Memory | 67.07% Memory free
7.36 Gb Paging File | 5.40 Gb Available in Paging File | 73.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.66 Gb Total Space | 403.33 Gb Free Space | 90.10% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 70.34 Mb Free Space | 70.34% Space Free | Partition Type: NTFS
Drive F: | 447.66 Gb Total Space | 24.59 Gb Free Space | 5.49% Space Free | Partition Type: NTFS
Computer Name: MARS-PC | User Name: Mars | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3905402568-11843471-3572921917-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{018BF93A-8360-456A-9A06-1AF7F22A4FF9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1994096C-CAB0-41FC-AF9B-768421CCBB47}" = rport=10243 | protocol=6 | dir=out | app=system |
"{450AF69E-DC94-4DAE-A724-A1C6AED5FAF5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45DDDBDF-DF25-416A-A20B-D2DED40F50B4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{578E39D6-92FB-4FFB-9FAE-25904C9E8129}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7BBFAB76-CDBD-44B3-BF89-3DF12F98F677}" = lport=10243 | protocol=6 | dir=in | app=system |
"{88EC4423-239D-4F14-8724-CB90A13C9083}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{99EF6830-9870-4E89-80BD-DBD8754CCD36}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AA9C802F-F2BD-4774-9BA9-DFBC5C603644}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C4E1800A-5115-41CF-9049-18294CE25195}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E967346F-7F01-4F9B-9410-8A9E26F18EE2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06B8638B-46DD-411C-8976-19B1DF50BA04}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0A7888FA-EF50-4DA9-A330-E8B4C1DE77A1}" = dir=in | app=c:\users\mars\appdata\local\torch\plugins\hola\hola_plugin.exe |
"{0C7F164E-1A46-4768-A209-4D05C652DFD0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{105D7E03-7D71-4702-B041-81879EC0B7DB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1B0C84E9-6072-4E56-9170-5A5B55143F9F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{22771C85-6F3D-4ABA-9FE1-80861E171BE3}" = dir=in | app=c:\program files (x86)\acer\clear.fi\movie\touchmovieservice.exe |
"{38547F6F-314E-4EB1-9BAA-CA7D6932AD77}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{38AEB062-ED7A-4951-98D9-DF32A4957729}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{4441B1EE-DAA1-4A14-8559-E133129DB283}" = protocol=6 | dir=in | app=c:\users\mars\appdata\roaming\utorrent\utorrent.exe |
"{51624BF8-9FE6-4D45-BFB5-721F70B729A2}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe |
"{555B20C1-DFEE-479D-BF12-A8B235FC9575}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56D6305C-B70D-4CB4-BBF2-7595E0824930}" = protocol=6 | dir=out | app=system |
"{58A03610-3E74-427C-8256-30E616E5FE33}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{58A777A4-0ECE-4D6E-825D-077A6A4606AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{67EF7408-134E-43F6-9FC1-C8D31EC86583}" = dir=in | app=c:\program files (x86)\acer\clear.fi\movie\touchmovie.exe |
"{68261AB4-A17B-4E69-ADA0-2FF2D610FA3B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6922A3A8-BBBB-4FA6-B6E9-8601E5733D75}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6AED1A65-0157-49D8-8CD4-87CB5C266BB0}" = dir=in | app=c:\users\mars\appdata\local\torch\plugins\hola\hola_plugin_x64.exe |
"{742EAE0B-B3C8-4E0F-9821-CD9ADC5D7AA6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7491B564-329B-42BD-AA5E-56BA9DA021DA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7BBC050F-81C0-4735-89C4-BCCFBB676598}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{7E44C0E2-259A-4E4F-BD3B-BB17A6880ECA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9270C686-043E-4669-86D9-684F90529E6B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A9E3E443-98FB-475E-B4A3-78ADE2777606}" = protocol=17 | dir=in | app=c:\users\mars\appdata\roaming\utorrent\utorrent.exe |
"{B52A0F61-6028-4ABE-A4DD-53036C05C4F8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B8C437FE-44D3-4C9C-BF37-90BBA1B946B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB204367-00B4-42EB-8AA8-19A4D915738C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD81D695-FBA6-46D7-BDBC-432B12EB863F}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\clml\clmlsvc.exe |
"{C0DC918D-0524-46D5-A6C2-C7788443675C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D699384E-E48D-472B-A444-11D139ADC056}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DA3B05C8-585E-4ADF-8F6B-798A67A37E7A}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
"{F4D36208-1DA8-4431-AA08-D0ED7F1DC21C}" = dir=in | app=c:\users\mars\appdata\local\torch\plugins\torrent\torchtorrent.exe |
"{F546D0A2-D82A-4C02-A320-A33579E1775C}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}" = MediaEspresso
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{491ADA37-04EE-2ECE-9F86-DDC0106047AC}" = Times Reader
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B652DD9C-F162-4B40-B38F-A1D0F866CAFA}" = calibre
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = clear.fi
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C47B36EC-0639-4462-A9CE-7809CF2F6100}" = ZoneAlarm Security
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4FB136D-2802-4578-A023-E7243BD0D7D5}" = ZoneAlarm Firewall
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AI RoboForm" = avast! EasyPass
"avast" = avast! Free Antivirus
"BN_DesktopReader" = NOOK for PC
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"Freemake Video Converter_is1" = Freemake Video Converter version 4.0.2
"Google Chrome" = Google Chrome
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
"InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"WildTangent acer Master Uninstall" = Acer Games
"WinLiveSuite" = Windows Live Essentials
"WTA-036dc91c-3596-41cf-afb5-8fe9d76b3bfa" = Dora's World Adventure
"WTA-10f999da-3c38-4d87-99a6-08e748bc4ba3" = Zuma's Revenge
"WTA-2426fbc3-e9a4-4c29-a0e0-0e1d4e09dac2" = Chuzzle Deluxe
"WTA-307d684f-8bcc-4503-bd58-e0668db6dcee" = Bejeweled 2 Deluxe
"WTA-33f18576-3d19-4dd3-8aed-e5f1426eec54" = Torchlight
"WTA-3ad4add0-74f7-4427-af1c-b53fd4ae149e" = Poker Superstars III
"WTA-3aec2ce0-a643-49ae-8194-e6c66943a931" = Polar Golfer
"WTA-3fee7dc0-7906-4d83-af4b-9082669c7728" = Penguins!
"WTA-55a36a0e-cdb4-40e8-8991-ea915b04200d" = Virtual Villagers 4 - The Tree of Life
"WTA-5a6d223e-900a-444b-8c22-6305da7969cb" = Agatha Christie - 4:50 from Paddington
"WTA-6416da14-ff05-49d1-b29a-b02e570a0151" = Final Drive: Nitro
"WTA-7b109e19-a2a7-4b5e-89d9-97cd63d3c014" = Polar Bowler
"WTA-925d71b3-6eb9-4e84-832d-7508c57cde5c" = Mystery P.I. - Stolen in San Francisco
"WTA-acf2bd08-527f-443b-9b95-0fe1fe832281" = Build-a-lot 2
"WTA-b66be362-fd3d-4611-b53b-23a494960737" = Plants vs. Zombies - Game of the Year
"WTA-c31c13b2-3d44-43d5-a9d1-8506d541cea9" = Diner Dash 2 Restaurant Rescue
"WTA-dab7998f-5b94-454a-a1c2-5fc158365431" = Jewel Quest Heritage
"WTA-e550e22e-d07b-4a1b-8e1a-7f6d371cf0db" = FATE - The Traitor Soul
"WTA-f226e527-daaa-41cf-bc32-d211e6ba9153" = Namco All-Stars: PAC-MAN
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3905402568-11843471-3572921917-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Torch" = Torch
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 7/23/2013 1:52:26 AM | Computer Name = Mars-PC | Source = Application Error | ID = 1000
Description = Faulting application name: dsiwmis.exe, version: 3.5.0.1938, time
stamp: 0x4d947521 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x73536cdc Faulting process id: 0x5d0 Faulting application
start time: 0x01ce875a2f4b2a9a Faulting application path: C:\Program Files (x86)\Launch
Manager\dsiwmis.exe Faulting module path: unknown Report Id: 0cbf8c3b-f35c-11e2-9a5f-b870f4dd30d3
Error - 7/23/2013 1:52:27 AM | Computer Name = Mars-PC | Source = Application Error | ID = 1000
Description = Faulting application name: GREGsvc.exe, version: 1.0.0.1, time stamp:
0x4afbd2e4 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x73536cdc Faulting process id: 0x63c Faulting application
start time: 0x01ce875a3036d2d5 Faulting application path: C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
Faulting
module path: unknown Report Id: 0ddf92bc-f35c-11e2-9a5f-b870f4dd30d3
Error - 7/23/2013 1:52:29 AM | Computer Name = Mars-PC | Source = Application Error | ID = 1000
Description = Faulting application name: UpdaterService.exe, version: 1.2.3005.0,
time stamp: 0x4d464b65 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x73536cdc Faulting process id:
0x668 Faulting application start time: 0x01ce875a30bc1fe5 Faulting application path:
C:\Program Files\Acer\Acer Updater\UpdaterService.exe Faulting module path: unknown
Report
Id: 0ea06232-f35c-11e2-9a5f-b870f4dd30d3
Error - 7/23/2013 1:52:29 AM | Computer Name = Mars-PC | Source = Application Error | ID = 1000
Description = Faulting application name: LMS.exe, version: 6.0.40.1213, time stamp:
0x4b8ee3ba Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x73536cdc Faulting process id: 0x6a8 Faulting application
start time: 0x01ce875a310d0eae Faulting application path: C:\Program Files (x86)\Intel\Intel®
Management Engine Components\LMS\LMS.exe Faulting module path: unknown Report Id:
0f06bd5e-f35c-11e2-9a5f-b870f4dd30d3
Error - 7/23/2013 1:52:30 AM | Computer Name = Mars-PC | Source = Application Error | ID = 1000
Description = Faulting application name: IScheduleSvc.exe, version: 3.0.0.85, time
stamp: 0x4d59ed0d Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x73536cdc Faulting process id: 0x748 Faulting application
start time: 0x01ce875a3228526e Faulting application path: C:\Program Files (x86)\NTI\Acer
Backup Manager\IScheduleSvc.exe Faulting module path: unknown Report Id: 0f5c6ee8-f35c-11e2-9a5f-b870f4dd30d3
Error - 7/23/2013 1:52:35 AM | Computer Name = Mars-PC | Source = Application Error | ID = 1000
Description = Faulting application name: IAStorDataMgrSvc.exe, version: 9.6.2.1001,
time stamp: 0x4bc4a166 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x73536cdc Faulting process id:
0xe70 Faulting application start time: 0x01ce875a812628fa Faulting application path:
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting
module path: unknown Report Id: 12620e21-f35c-11e2-9a5f-b870f4dd30d3
Error - 7/23/2013 1:52:38 AM | Computer Name = Mars-PC | Source = Application Error | ID = 1000
Description = Faulting application name: UNS.exe, version: 6.0.40.1213, time stamp:
0x4b8ee429 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x73536cdc Faulting process id: 0x10fc Faulting application
start time: 0x01ce875a834e683a Faulting application path: C:\Program Files (x86)\Intel\Intel®
Management Engine Components\UNS\UNS.exe Faulting module path: unknown Report Id:
146698bc-f35c-11e2-9a5f-b870f4dd30d3
Error - 7/23/2013 1:55:10 AM | Computer Name = Mars-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/23/2013 2:22:49 AM | Computer Name = Mars-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/23/2013 9:56:14 AM | Computer Name = Mars-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 8/2/2013 8:23:45 PM | Computer Name = Mars-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{A628AEC7-B29E-4539-B31B-F5752705852B}
because another computer on the network has the same name. The server could not
start.
Error - 8/2/2013 8:23:45 PM | Computer Name = Mars-PC | Source = NetBT | ID = 4321
Description = The name "MARS-PC :0" could not be registered on the interface
with IP address 192.168.1.30. The computer with the IP address 192.168.1.40 did
not allow the name to be claimed by this computer.
Error - 8/2/2013 8:23:45 PM | Computer Name = Mars-PC | Source = NetBT | ID = 4321
Description = The name "MARS-PC :20" could not be registered on the interface
with IP address 192.168.1.30. The computer with the IP address 192.168.1.40 did
not allow the name to be claimed by this computer.
Error - 8/3/2013 1:13:35 PM | Computer Name = Mars-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the ZoneAlarm
Privacy Service service to connect.
Error - 8/3/2013 1:13:35 PM | Computer Name = Mars-PC | Source = Service Control Manager | ID = 7000
Description = The ZoneAlarm Privacy Service service failed to start due to the following
error: %%1053
Error - 8/3/2013 9:47:32 PM | Computer Name = Mars-PC | Source = volsnap | ID = 393245
Description = The shadow copies of volume F: were aborted during detection.
Error - 8/4/2013 12:22:06 AM | Computer Name = Mars-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR7.
Error - 8/4/2013 12:22:07 AM | Computer Name = Mars-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR7.
Error - 8/4/2013 12:22:08 AM | Computer Name = Mars-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR7.
Error - 8/4/2013 12:22:09 AM | Computer Name = Mars-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR7.
< End of report >