Active C:\users\Appdata\roaming\microsoft\windows\cookies\@ATDMT[1].TXT

[Active] C:\users\Appdata\roaming\microsoft\windows\cookies\@ATDMT[1].TXT

Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Motherboard: Gateway TBGM01
Processor: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz | CPU 1 | 3068/133mhz
==== Disk Partitions =========================
A: is FIXED (NTFS) - 229 GiB total, 121.292 GiB free.
B: is FIXED (NTFS) - 318 GiB total, 282.386 GiB free.
C: is FIXED (NTFS) - 917 GiB total, 856.654 GiB free.
D: is CDROM ()
E: is CDROM (UDF)
F: is CDROM (CDFS)
G: is CDROM ()
H: is CDROM (UDF)
I: is FIXED (NTFS) - 475 GiB total, 26.986 GiB free.
J: is CDROM ()
K: is CDROM ()
L: is FIXED (NTFS) - 467 GiB total, 376.283 GiB free.
M: is FIXED (NTFS) - 492 GiB total, 305.06 GiB free.
N: is FIXED (NTFS) - 203 GiB total, 114.288 GiB free.
O: is FIXED (NTFS) - 299 GiB total, 179.036 GiB free.
P: is FIXED (NTFS) - 254 GiB total, 253.571 GiB free.
R: is FIXED (NTFS) - 343 GiB total, 286.552 GiB free.
S: is FIXED (NTFS) - 176 GiB total, 175.897 GiB free.
T: is FIXED (NTFS) - 208 GiB total, 20.279 GiB free.
U: is Removable
V: is CDROM (UDF)
W: is FIXED (NTFS) - 931 GiB total, 254.656 GiB free.
==== Disabled Device Manager Items =============
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Officejet 6500 E
Device ID: WPDBUSENUMROOT\UMD\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_HP&PROD_OFFICEJET_6500_E&REV_1.00#7&1C9A4455&0&MY98R5X2HW05G2&0#
Manufacturer: HP
Name: U:\
PNP Device ID: HPDBUSENUMROOT\UMB2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_HP&PROD_OFFICEJET_6500_E&REV_1.00#7&1C9A4455&0&MY98R5X2HW05G2&0#
Service: WUDFRd
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
Class GUID:
Description: pcouffin device ...
Device ID: ROOT\PCOUFFIN\0000
Manufacturer:
Name: pcouffin device ...
PNP Device ID: ROOT\PCOUFFIN\0000
Service:
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&6730480&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&6730480&0
Service: i8042prt
==== Installed Programs ====
6500_E709_eDocs
6500_E709_Help
6500_E709n
AAC Decoder
AcroPDF 3.00
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3
Adolix Split and Merge PDF v1.5
Advanced Word to Pdf Converter 6.4
Akamai NetSession Interface
Amazon Kindle For PC v1.0
Apple Application Support
Apple Software Update
ArcSoft SimHD Assistant Plugin
ArcSoft TotalMedia Theatre 3
AutoUpdate
BIAS SoundSoap SE 2.2
BoneLab
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
CA PC Tune-Up 2.0.0.8
Codec Pack - All In 1 6.0.3.0
Compatibility Pack for the 2007 Office system
CoreAVC Professional Edition (remove only)
Crystal Reports Basic Runtime for Visual Studio 2008
CyberLink Blu-ray Disc Suite
CyberLink Power2Go
CyberLink PowerDirector
CyberLink PowerDVD 9
Dell Touch Zone
Dell TouchCam
Destinations
DeviceDiscovery
DirectX 9 Runtime
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Plus Media Foundation Components
DivX Plus Web Player
DivX Version Checker
DjVuLibre+DjView
DocMgr
DocProc
Driver Genius Professional Edition
Drum Kit Ace 1.0
Dup Scout Pro 1.5.44
EASEUS Partition Master 5.0.1 Professional
EndNote X3
Exterminate3
FastReader
Fax
ffdshow [rev 2975] [2009-05-28]
FLAC 1.2.1b (remove only)
Gateway Recovery Management
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
GPL Ghostscript Lite 8.70
H.264 Decoder
Haali Media Splitter
HDtracks Download Manager
HP Update
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
ImagXpress
Intel(R) IPP Run-Time Installer 5.2 for Windows* on IA-32
Intel(R) IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32
Internet TV for Windows Media Center
Java Auto Updater
Java(TM) 6 Update 5
JMicron JMB36X Driver
Junk Mail filter update
KB0817 Keyboard Driver
LaserJet 1020 series
MarketResearch
MediaCoder 0.7.2.4582
Microsoft ASP.NET 2.0 AJAX Extensions 1.0
Microsoft ASP.NET MVC 2
Microsoft Choice Guard
Microsoft Money Essentials
Microsoft Money Shared Libraries
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Click-to-Run 2010 (Beta)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Business 2010 (Beta) - English
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.4
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Outlook Hotmail Connector 32-bit (Beta)
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Microsoft WSE 1.0
Microsoft WSE 2.0 SP3 Runtime
Microsoft WSE 3.0
Minefield (3.7a4pre)
MKV Splitter
Mozilla Firefox (3.6.3plugin1)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Cg Toolkit 2.2 February 2010
NVIDIA CUDA Toolkit
NVIDIA Display Driver Instrumentation Add-on
NVIDIA GPU Computing SDK
NVIDIA Media Center Extensions
NVIDIA PerfHUD
NVIDIA Performance
NVIDIA PerfSDK
NVIDIA PhysX
NVIDIA PureVideo Decoder
NVIDIA System Monitor
NVIDIA System Update
NVIDIA Texture Tools 2 - 64 bit
OpenCV SDK
Panda ActiveScan 2.0
Panda Global Protection 2010
PDF-Analyzer 3.5
PDF Password Remover v2.5
ProductContext
QuickTime
Ralink RT2860 Wireless LAN Card
Real Alternative 1.9.0
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
RegCure
ResearchSoft Direct Export Helper
Scan
Scan2PDF 1.6
SecondLife (remove only)
SecondLifeBetaViewer (remove only)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
SIW version 2010.03.10
SmartCopy
SmartLauncher
SmartWebPrinting
SolutionCenter
Sound Blaster X-Fi MB
Status
Sun Village NV 3D Screensaver 1.1
SweetSpotter
System Requirements Lab
Toolbox
TrayApp
UltraISO Premium V9.36
Uniblue RegistryBooster 2010
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB981715)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VobSub v2.23 (Remove Only)
Vopt 9
WebReg
WhiteSmoke
WhiteSmoke Translator
WhiteSmoke_Tools Toolbar
Winamp
Winamp Detector Plug-in
Winamp Toolbar
WinCHM 4.01
Windows 7 Manager
Windows Internet Explorer Platform Preview
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin

==== Event Viewer Messages From Past Week ========
4/19/2010 9:58:50 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.4/19/2010 9:42:32 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
4/19/2010 9:00:58 AM, Error: Service Control Manager [7000] - The ASP.NET State Service service failed to start due to the following error: The system cannot find the file specified.
4/19/2010 3:54:05 PM, Error: Service Control Manager [7000] - The RkPavproc1 service failed to start due to the following error: This driver has been blocked from loading
4/19/2010 3:54:05 PM, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\drivers\RkPavproc1.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
4/19/2010 3:29:19 PM, Error: Service Control Manager [7034] - The Panda TPSrv service terminated unexpectedly. It has done this 1 time(s).
4/19/2010 3:28:54 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/19/2010 3:27:56 PM, Error: SNMP [1500] - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
4/19/2010 2:44:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
4/19/2010 2:43:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Net.Msmq Listener Adapter service to connect.
4/19/2010 2:43:37 PM, Error: Service Control Manager [7000] - The Net.Msmq Listener Adapter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/19/2010 2:42:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CISVC service.
4/19/2010 2:42:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Message Queuing Triggers service to connect.
4/19/2010 2:42:03 PM, Error: Service Control Manager [7000] - The Message Queuing Triggers service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/19/2010 2:40:06 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
4/19/2010 11:08:17 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {10DA4F3C-CC99-4190-BE4D-58330754E882} and APPID {7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost
(Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/19/2010 10:45:12 AM, Error: volsnap [36] -
4/19/2010 10:37:20 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
4/19/2010 10:00:45 AM, Error: Service Control Manager [7038] - The HPSLPSVC service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
4/19/2010 10:00:45 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/19/2010 10:00:45 AM, Error: Service Control Manager [7000] - The Human Interface Device

Access service failed to start due to the following error: A system shutdown is in progress.
4/19/2010 10:00:45 AM, Error: Service Control Manager [7000] - The HP Network Devices Support

service failed to start due to the following error: The service did not start due to a logon

failure.
4/19/2010 10:00:45 AM, Error: Service Control Manager [7000] - The Diagnostic System Host

service failed to start due to the following error: A system shutdown is in progress.
4/19/2010 10:00:44 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

==== End Of File ===========================

See following post for rest...

 

....Continued

============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PskSvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WebProxy.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\CISVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost -k Panda
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Windows\system32\mqsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\nHancer\nHancerService.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsCtrls.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
C:\Program Files (x86)\CA\PCPitstopScheduleService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\program files (x86)\panda security\panda global protection 2010\firewall\PSHOST.EXE
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsImSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\System32\snmp.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\AVENGINE.EXE
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\mqtgsvc.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Yamicsoft\Windows 7 Manager\FreeMemory.exe
C:\Windows\MHotKey.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\RegCure\RegCure.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\WhiteSmoke Translator\WSTrayDictMode.exe
C:\Program Files (x86)\WhiteSmoke\WSEnrichment.exe
C:\Windows\ChiFuncExt.exe
C:\Program Files\NVIDIA Corporation\NVIDIA PerfSDK\NVInstEnabler.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\ApVxdWin.exe
C:\Program Files (x86)\NextWindow\TouchScreenTools.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files (x86)\Yamicsoft\Windows 7 Manager\Windows7Manager.exe
C:\Windows\system32\AMBSpiE.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Windows\ModLedKey.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
C:\Program Files (x86)\Minefield\firefox.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\SRVLOAD.EXE
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavBckPT.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Yamicsoft\Windows 7 Manager\SmartUninstaller.exe
C:\Program Files (x86)\Minefield\mozilla-runtime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\DOWNLO~1\Manager.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Users\Timothy\Desktop\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uSearch Bar = Preserve
uWindow Title =
mURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files (x86)\winamp toolbar\winamptb.dll
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: {011f9246-da13-4555-9998-6e4805bd533f} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files (x86)\winamp toolbar\winamptb.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - c:\program files (x86)\sensible vision\fast access\FAIESSO.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files (x86)\winamp toolbar\winamptb.dll
TB: {011f9246-da13-4555-9998-6e4805bd533f} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRunOnce: [UniblueRegistryBooster] "c:\program files (x86)\uniblue\registrybooster\launcher.exe" delay 20000
mRun: [FATrayAlert] c:\program files (x86)\sensible vision\fast access\FATrayMon.exe
mRun: [LchDrvKey] LchDrvKey.exe
mRun: [FAStartup]
mRun: [SunJavaUpdateSched] "c:\program files (x86)\java\jre1.6.0_05\bin\jusched.exe "
mRun: [VolPanel] "c:\program files (x86)\creative\sb x-fi mb\volume panel\VolPanlu.exe" /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [APVXDWIN] "c:\program files (x86)\panda security\panda global protection 2010\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "c:\program files (x86)\panda security\panda global protection 2010\Inicio.exe "
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\launch~2.lnk - c:\program files (x86)\whitesmoke translator\WSTrayDictMode.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\launch~1.lnk - c:\program files (x86)\whitesmoke\WSEnrichment.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\nvidia~1.lnk - c:\program files\nvidia corporation\nvidia perfsdk\NVInstEnabler.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\scanin~1.lnk - c:\program files (x86)\panda security\panda global protection 2010\Inicio.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\smartc~1.lnk - c:\program files (x86)\northstar\smartcopy\SmartCopy.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\smartl~1.lnk - c:\program files (x86)\northstar\smartlauncher\SmartLauncher.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\touchs~1.lnk - c:\program files (x86)\nextwindow\TouchScreenTools.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files (x86)\western digital\wd smartware\front parlor\WDSmartWare.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\window~1.lnk - c:\program files (x86)\yamicsoft\windows 7 manager\Windows7Manager.exe
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: HideSCABattery = 1 (0x1)
uPolicies-explorer: NoStartMenuMyMusic = 0 (0x0)
uPolicies-system: HideFastUserSwitching = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files (x86)\java\jre1.6.0_05\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {88650482-3892-11D5-8997-00104BD12D94} - hxxp://support.gateway.com/support/profiler/PCPitStop.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab
Notify: FastAccess - c:\program files (x86)\sensible vision\fast access\FALogNot.dll
LSA: Notification Packages = scecli FAPassSync
IFEO: GoogleToolbarNotifier.exe - rundll32.exe
BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO-X64: Windows Live Family Safety Browser Helper - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
BHO-X64: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File
BHO-X64: PDF-XChange Viewer IE-Plugin: {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - c:\program files\tracker software\pdf viewer\PDFXCviewIEPlugin.dll
BHO-X64: PDF-XChange Viewer IE-Plugin - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: Winamp Toolbar: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} -
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [IAAnotif] "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe "
mRun-x64: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe
mRun-x64: [RunDLLEntry] c:\windows\system32\rundll32.exe c:\windows\system32\AmbRunE.dll,RunDLLEntry
AppInit_DLLs-X64: acaptuser64.dll
SSODL-X64: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll
IFEO-X64: GoogleToolbarNotifier.exe - rundll32.exe
=== FIREFOX ====
FF - ProfilePath - c:\users\timothy\appdata\roaming\mozilla\firefox\profiles\hvmelqah.default\
FF - plugin: c:\progra~2\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll
FF - plugin: l:\itunes\mozilla plugins\npitunes.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
==== SERVICES / DRIVERS ====
R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot64.sys [2010-4-18 33800]
R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2009-12-20 55280]
R1 archlp;archlp;c:\windows\system32\drivers\ArcHlp.sys [2010-1-18 167424]
R1 c2scsi64;c2scsi64;c:\windows\system32\drivers\C2SCSI64.SYS [2009-7-24 167920]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-12-2 173984]
R1 ShldFlt;Panda File Shield Driver;c:\windows\system32\drivers\ShldFlt.sys [2010-4-18 46136]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/03/11 02:10:50];c:\program files (x86)\cyberlink\powerdvd9\000.fcl [2009-9-1 146928]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 27136]
R2 AmFSM;AmFSM;c:\windows\system32\drivers\amm6460.sys [2010-4-18 57352]
R2 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [2010-4-18 15928]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2009-9-26 819600]
R2 FAService;FAService;c:\program files (x86)\sensible vision\fast access\FAService.exe [2009-6-25 2368776]
R2 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k panda --> c:\windows\system32\svchost -k Panda [?]
R2 Panda Software Controller;Panda Software Controller;c:\program files (x86)\panda security\panda global protection 2010\PsCtrlS.exe [2010-4-18 173312]
R2 PAVFNSVR;Panda Function Service;c:\program files (x86)\panda security\panda global protection 2010\PavFnSvr.exe [2010-4-18 169216]
R2 PavPrSrv;Panda Process Protection Service;c:\program files (x86)\common files\panda security\pavshld\PavPrSrv.exe [2010-4-18 62768]
R2 PAVSRV;Panda On-Access Anti-Malware Service;c:\program files (x86)\panda security\panda global protection 2010\pavsrvx86.exe [2010-4-18 293120]
R2 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files (x86)\ca\PCPitstopScheduleService.exe [2010-3-29 90296]
R2 PskSvcRetail;Panda PSK service;c:\program files (x86)\panda security\panda global protection 2010\psksvc.exe [2010-4-18 28928]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\microsoft application virtualization client\sftlist.exe [2009-9-23 447848]
R2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2010-2-26 130048]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y62x64.sys [2010-3-30 289496]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\drivers\facap.sys [2008-9-24 238848]
R3 gwfilt64;gwfilt64;c:\windows\system32\drivers\gwfilt64.sys [2010-4-17 34840]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2009-12-2 40832]
R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\drivers\nvoclk64.sys [2009-9-15 42088]
R3 NW1950;NextWindow 1950 Touch Screen;c:\windows\system32\drivers\NW1950.sys [2009-7-29 24568]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-3-30 232480]
R3 sftfs;sftfs;c:\program files (x86)\microsoft application virtualization client\drivers\SftFSlh.sys [2009-9-23 712536]
R3 sftplay;sftplay;c:\program files (x86)\microsoft application virtualization client\drivers\sftplaylh.sys [2009-9-23 261480]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2009-9-23 25944]
R3 sftvol;sftvol;c:\program files (x86)\microsoft application virtualization client\drivers\SftVollh.sys [2009-9-23 17752]
R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\microsoft application virtualization client\sftvsa.exe [2009-9-23 203608]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam64.sys [2009-2-13 14464]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 23040]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-3-17 135664]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\common files\creative labs shared\service\AL6Licensing.exe [2008-7-27 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\common files\creative labs shared\service\CTAELicensing.exe [2008-7-27 79360]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-3-17 16776]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-3-17 9096]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-3-21 61280]
S3 fsssvc;Windows Live Family Safety Service;c:\program files (x86)\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 MsDepSvc;Web Deployment Agent Service;c:\program files\iis\microsoft web deploy\MsDepSvc.exe [2010-1-19 55184]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4924336]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2009-8-28 49152]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-24 1255736]
S4 ETService;Empowering Technology Service;c:\program files\gateway\gateway recovery management\service\ETService.exe [2009-7-9 24576]
==== File Associations ====
JSEFile=c:\progra~2\pandas~1\pandag~1\PavScrip.exe "%1" %*
VBEFile=c:\progra~2\pandas~1\pandag~1\PavScrip.exe "%1" %*
VBSFile=c:\progra~2\pandas~1\pandag~1\PavScrip.exe "%1" %*
===== Created Last 30 ====
2010-04-19 14:00:51 0 d-----w- c:\programdata\Panda Software
2010-04-18 23:03:34 0 d-----w- C:\Panda Software
2010-04-18 21:20:59 6260088----a-w- C:\Silverlight.exe
2010-04-18 11:42:46 8627 ----a-w-c:\windows\syswow64\PAV_FOG.OPC
2010-04-18 11:32:19 0 d-----w- c:\windows\FltMgr
2010-04-18 11:29:51 15928----a-w-c:\windows\system32\drivers\COMFiltr.sys
2010-04-18 11:29:22 274 ----a-w- c:\windows\system32\PavCPL64.dat
2010-04-18 11:29:10 237172 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck
2010-04-18 11:29:10 237172 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT
2010-04-18 11:29:10 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck
2010-04-18 11:29:10 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG
2010-04-18 11:28:57 82952 ----a-w- c:\windows\system32\drivers\dsaflt64.sys
2010-04-18 11:28:57 78856 ----a-w- c:\windows\system32\drivers\idsflt64.sys
2010-04-18 11:28:57 74760 ----a-w- c:\windows\system32\drivers\wnmflt64.sys
2010-04-18 11:28:44 31800 ----a-w- c:\windows\system32\drivers\fnetm64.sys
2010-04-18 11:28:44 170504 ----a-w- c:\windows\system32\drivers\NETTDI64.SYS
2010-04-18 11:28:44 116744 ----a-w- c:\windows\system32\drivers\APPFLT64.SYS
2010-04-18 11:28:36 0 d-----w- c:\programdata\Backup
2010-04-18 11:27:14 46640 ----a-w- c:\windows\system32\pavcpl64.cpl
2010-04-18 11:26:25 446464 ----a-w- c:\windows\syswow64\HHActiveX.dll
2010-04-18 11:26:00 25344 ----a-w- c:\windows\syswow64\sysHelper32.dll
2010-04-18 11:26:00 201984 ----a-w- c:\windows\syswow64\TpUtilWow.dll
2010-04-18 11:25:59 87296 ----a-w- c:\windows\syswow64\PavLspHookWow.dll
2010-04-18 11:25:59 66816 ----a-w- c:\windows\syswow64\PavIpcWow.dll
2010-04-18 11:25:59 325376 ----a-w- c:\windows\system32\TpUtil64.dll
2010-04-18 11:25:59 25344 ----a-w- c:\windows\system32\sysHelper64.dll
2010-04-18 11:25:59 116992 ----a-w- c:\windows\system32\PavLspHook64.dll
2010-04-18 11:25:58 92928 ----a-w- c:\windows\system32\PavIpc64.dll
2010-04-18 11:25:51 838400 ----a-w- c:\windows\system32\PavSHook64.dll
2010-04-18 11:25:51 545536 ----a-w- c:\windows\syswow64\PavSHookWow.dll
2010-04-18 11:25:29 57352 ----a-w- c:\windows\system32\drivers\amm6460.sys
2010-04-18 11:25:29 53552 ----a-w- c:\windows\system32\avldr64.dll
2010-04-18 11:25:29 0 d-----w- c:\windows\syswow64\PAV
2010-04-18 11:25:18 0 d-----w- c:\users\timothy\appdata\roaming\Panda Security
2010-04-18 11:25:18 0 d-----w- c:\programdata\Panda Security
2010-04-18 11:25:18 0 d-----w- c:\program files (x86)\Panda Security
2010-04-18 11:19:31 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys
2010-04-18 11:16:58 46136 ----a-w- c:\windows\system32\drivers\ShldFlt.sys
2010-04-18 11:16:58 0 d-----w- c:\program files (x86)\common files\Panda Security
2010-04-18 08:17:50 0 d-----w- c:\users\timothy\appdata\roaming\nHancer
2010-04-18 07:52:07 0 d-----w- c:\programdata\nHancer
2010-04-18 07:52:07 0 d-----w- c:\program files\nHancer
2010-04-18 07:51:31 0 d-----w- c:\users\timothy\appdata\roaming\KSE
2010-04-18 07:37:51 0 d-----w- c:\program files (x86)\DjVuZone
2010-04-18 06:17:44 0 d-----w- c:\program files (x86)\Minefield
2010-04-18 04:27:45 0 d-----w- c:\users\timothy\appdata\roaming\PeerNetworking
2010-04-18 01:38:47 110080 ----a-w- c:\windows\system32\cttele64.dll
2010-04-18 01:38:47 102400 ----a-w- c:\windows\syswow64\cttele32.dll
2010-04-18 01:38:46 1650 ------w- c:\windows\FF08_Capture.ini
2010-04-18 01:38:46 1540 ------w- c:\windows\FF08_Render.ini
2010-04-18 01:38:45 260608 ------w- c:\windows\system32\AMBSpiE.exe
2010-04-18 01:33:07 13931 ----a-w- c:\windows\system32\RaCoInst.dat
2010-04-18 01:33:03 13931 ----a-w- c:\windows\syswow64\RaCoInst.dat
2010-04-18 00:57:16 0 d-----w- c:\program files\Realtek
2010-04-17 23:20:56 0 d-----w- C:\BIOS_842P181G
2010-04-17 14:51:01 0 d-----w- c:\windows\LastGood.Tmp
2010-04-17 14:16:22 0 d-----w- c:\program files\Western Digital
2010-04-17 14:16:22 0 d-----w- c:\program files (x86)\Western Digital
2010-04-17 14:12:04 0 d-----w- c:\users\timothy\appdata\roaming\Western DigitalTemp
2010-04-17 04:16:14 0 d-----w- c:\program files\Update Services
2010-04-17 04:12:02 65536 --sha-w- c:\users\timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TM.blf
2010-04-17 04:12:02 524288 --sha-w- c:\users\timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TMContainer00000000000000000002.regtrans-ms
2010-04-17 04:12:02 524288 --sha-w- c:\users\timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TMContainer00000000000000000001.regtrans-ms
2010-04-17 03:18:52 0 d-----w- C:\cd2adecdf9af07ddbcb95c1e244d
2010-04-17 03:17:51 0 d-----w- C:\1418cdbaaaa751c8ec33eff486
2010-04-16 22:38:33 0 d-----w- c:\windows\system32\msmq
2010-04-16 22:38:33 0 d-----w- c:\windows\system32\BestPractices
2010-04-16 21:59:53 0 d-----w- C:\e379b2b184060c0720894681
2010-04-15 06:55:16 0 d-----w- c:\program files (x86)\common files\Symantec Shared
2010-04-15 06:35:44 34152 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-04-15 06:35:44 126312 ----a-r- c:\windows\system32\GEARAspi64.dll
2010-04-15 06:35:44 107368 ----a-r- c:\windows\syswow64\GEARAspi.dll
2010-04-15 05:44:27 19539424 ----a-w- c:\users\timothy\01. Suzanne.flac
2010-04-14 02:52:52 5509008 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-14 02:52:52 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-14 02:52:52 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-14 02:52:52 125952 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-14 02:52:51 612352 ----a-w- c:\windows\system32\vbscript.dll
2010-04-14 02:52:51 427520 ----a-w- c:\windows\syswow64\vbscript.dll
2010-04-14 02:52:51 3954568 ----a-w- c:\windows\syswow64\ntkrnlpa.exe
2010-04-14 02:52:51 3899280 ----a-w- c:\windows\syswow64\ntoskrnl.exe
2010-04-14 02:45:08 0 d-----w- c:\programdata\WD_SmartWareCommon
2010-04-14 02:32:19 0 d-----w- c:\users\timothy\appdata\roaming\Western Digital
2010-04-14 02:32:17 0 d-----w- c:\programdata\Western Digital
2010-04-14 02:29:11 220672 ----a-w- c:\windows\system32\wintrust.dll
2010-04-14 02:29:10 172032 ----a-w- c:\windows\syswow64\wintrust.dll
2010-04-14 02:29:10 139264 ----a-w- c:\windows\system32\cabview.dll
2010-04-14 02:29:10 132608 ----a-w- c:\windows\syswow64\cabview.dll
2010-04-14 02:24:45 65536 --sha-w- c:\users\timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TM.blf
2010-04-14 02:24:45 524288 --sha-w- c:\users\timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TMContainer00000000000000000002.regtrans-ms
2010-04-14 02:24:45 524288 --sha-w- c:\users\timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TMContainer00000000000000000001.regtrans-ms
2010-04-13 02:44:30 0 d-----w- c:\windows\syswow64\inetsrv
2010-04-13 02:44:29 0 d-----w- c:\windows\syswow64\BestPractices
2010-04-13 02:44:06 0 d-----w- C:\inetpub
2010-04-11 15:30:06 0 d-----w- c:\program files\AccelerEyes
2010-04-11 11:39:39 0 d-----w- c:\users\timothy\appdata\roaming\Pegasys Inc
2010-04-11 11:37:07 0 d-----w- C:\Python24
2010-04-11 08:04:36 0 d-----w- c:\program files\Microsoft SQL Server
2010-04-11 08:03:26 0 d-----w- c:\program files (x86)\Microsoft SQL Server
2010-04-11 08:01:46 0 d-----w- c:\program files (x86)\common files\Merge Modules
2010-04-11 08:01:29 0 d-----w- c:\program files\Microsoft SDKs
2010-04-11 08:01:24 0 d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-04-11 05:54:05 0 d-----w- C:\Python26
2010-04-11 05:33:51 0 d-----w- C:\psscor2
2010-04-11 04:54:09 0 d-----w- c:\program files (x86)\common files\Microsoft KitSetup
2010-04-11 04:53:46 0 d-----w- C:\WinDDK
2010-04-10 23:54:44 0 d-----w- c:\programdata\RealHideIP
2010-04-10 00:14:11 65536 --sha-w- c:\users\timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TM.blf
2010-04-10 00:14:11 524288 --sha-w- c:\users\timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TMContainer00000000000000000002.regtrans-ms
2010-04-10 00:14:11 524288 --sha-w- c:\users\timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TMContainer00000000000000000001.regtrans-ms
2010-04-09 09:00:44 0 d-----w- C:\Timothy Bambrick Capstone
2010-04-08 06:40:17 0 d-----w- c:\users\timothy\appdata\roaming\Agnosco DICOM Viewer
2010-04-05 23:10:21 0 d-----w- c:\program files (x86)\Kiyut
2010-04-05 17:38:05 0 d-----w- c:\users\timothy\appdata\roaming\DriverCure
2010-04-05 17:38:02 0 d-----w- c:\programdata\ParetoLogic
2010-04-05 17:38:02 0 d-----w- c:\programdata\DriverCure
2010-04-05 17:38:02 0 d-----w- c:\program files (x86)\common files\ParetoLogic
2010-04-05 17:28:19 0 d-----w- c:\programdata\RegCure
2010-04-03 22:42:00 61032 ----a-w- c:\windows\system32\nvshext.dll
2010-04-03 22:42:00 159336 ----a-w- c:\windows\system32\nvvsvc.exe
2010-04-03 22:42:00 1515624 ----a-w- c:\windows\system32\nvsvcr.dll
2010-04-03 22:42:00 14828648 ----a-w- c:\windows\system32\nvcpl.dll
2010-04-03 22:42:00 116328 ----a-w- c:\windows\system32\nvmctray.dll
2010-04-03 22:42:00 1067624 ----a-w- c:\windows\system32\nvsvc64.dll
2010-04-03 22:41:38 66714 ----a-w- c:\windows\system32\NvwsApps.xml
2010-04-03 22:41:38 276196 ----a-w- c:\windows\system32\NvApps.xml
2010-04-02 05:48:18 0 d-----w- c:\programdata\Ralink Driver
2010-04-02 01:29:25 0 d-----w- c:\program files (x86)\SIW
2010-03-31 22:10:09 0 d-----w- c:\program files\Microsoft Sync Framework
2010-03-31 21:23:23 0 d-----w- c:\users\timothy\appdata\roaming\Windows Live Writer
2010-03-31 08:10:10 0 d-----w- c:\programdata\realserver
2010-03-31 08:03:52 0 d-----w- c:\users\timothy\appdata\roaming\REAL Software
2010-03-31 08:03:45 0 d-----w- c:\users\timothy\appdata\roaming\REAL Studio
2010-03-31 05:24:24 0 d-----w- c:\users\timothy\appdata\roaming\SmartDraw
2010-03-30 23:16:47 0 d-----w- c:\program files\LSI SoftModem
2010-03-30 22:58:42 7367200 ----a-w- c:\windows\system32\RTSUSTORicon.dll
2010-03-30 22:17:38 7367200 ----a-w- c:\windows\syswow64\RtsUStoricon.dll
2010-03-30 22:17:38 422432 ----a-w- c:\windows\system32\RtsUStor.dll
2010-03-30 22:17:38 232480 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2010-03-30 22:17:12 315904 ----a-w- c:\windows\syswow64\Difx5ef2.rra
2010-03-30 22:17:08 158320 ----a-w- c:\windows\syswow64\xRaidAPI.dll
2010-03-30 22:17:07 1976944 ----a-w- c:\windows\syswow64\xRaidSetup.exe
2010-03-30 22:16:57 0 d-----w- c:\windows\RaidTool
2010-03-30 22:12:56 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2010-03-30 22:10:04 115312 ----a-w- c:\windows\system32\drivers\jraid.sys
2010-03-30 22:10:00 78016 ----a-w- c:\windows\system32\NicInstY.dll
2010-03-30 22:10:00 289496 ----a-w- c:\windows\system32\drivers\e1y62x64.sys
2010-03-30 22:09:52 1919968 ----a-w- c:\windows\system32\WdfCoinstaller01005.dll
2010-03-30 03:11:40 0 d-----w- c:\users\timothy\appdata\roaming\NVIDIA
2010-03-29 23:37:56 0 d-----w- c:\temp\ext29434
2010-03-29 23:37:42 0 d-----w- c:\program files (x86)\Microsoft WSE
2010-03-29 23:37:42 0 d-----w- c:\program files (x86)\Microsoft Visual Studio .NET
2010-03-29 23:36:25 0 d-----w- c:\program files (x86)\Microsoft ASP.NET
2010-03-29 23:35:53 0 d-----w- c:\program files\IIS
2010-03-29 23:35:53 0 d-----w- c:\program files (x86)\IIS
2010-03-29 23:18:05 0 d-----w- c:\windows\pss
2010-03-29 18:14:07 0 d-----w- c:\program files\Foxit PDF Edit Portable
2010-03-29 17:09:06 0 d-----w- c:\program files\DIFX
2010-03-29 17:08:53 36472 ----a-w- c:\windows\system32\NicCo36.dll
2010-03-29 17:08:53 3315 ----a-w- c:\windows\system32\e1y62x64.din
2010-03-29 17:08:53 121440 ----a-w- c:\windows\system32\e1000msg.dll
2010-03-29 16:29:21 0 d-----w- c:\users\timothy\appdata\roaming\PCPitstop
2010-03-29 16:28:47 0 d-----w- c:\program files (x86)\CA
2010-03-29 03:40:24 7062 ----a-w- c:\windows\syswow64\audiopid.vxd
2010-03-28 01:33:00 0 d-----w- c:\program files\Dup Scout Pro
2010-03-28 01:02:56 65536 --sha-w- c:\users\timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TM.blf
2010-03-28 01:02:56 524288 --sha-w- c:\users\timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TMContainer00000000000000000002.regtrans-ms
2010-03-28 01:02:56 524288 --sha-w- c:\users\timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TMContainer00000000000000000001.regtrans-ms
2010-03-27 05:05:33 0 d-----w- c:\users\timothy\appdata\roaming\Seeing Machines
2010-03-27 05:05:33 0 d-----w- c:\programdata\Seeing Machines
2010-03-27 04:58:54 0 d-----w- c:\program files (x86)\SweetSpotter
2010-03-26 22:22:30 107680 ----a-w- c:\windows\system32\BBPdfPortMon.DLL
2010-03-26 22:18:42 0 d-----w- c:\programdata\Bluebeam Software
2010-03-26 22:16:26 0 d-----w- c:\program files\Microsoft Synchronization Services
2010-03-26 22:16:26 0 d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-03-26 22:16:22 0 d-----w- c:\program files (x86)\Microsoft Synchronization Services
2010-03-24 17:57:16 239208 ----a-w- c:\windows\system32\nvcod1910.dll
2010-03-24 16:46:09 0 d-----w- c:\windows\LMI50ED.tmp
2010-03-23 06:44:47 0 d-----w- c:\program files\iPod
2010-03-23 06:44:44 0 d-----w- c:\programdata\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
2010-03-23 06:42:36 0 d-----w- c:\program files\common files\Apple
2010-03-23 03:13:50 3215 ---ha-w- c:\windows\EPMBatch.ept
2010-03-22 00:06:27 0 d-----w- c:\users\timothy\NVIDIA
2010-03-21 23:25:50 0 d-----w- c:\program files (x86)\Microsoft DirectX SDK (February 2010)
2010-03-21 23:20:24 53248 ----a-w- c:\windows\syswow64\nvTextureToolsUtil.dll
2010-03-21 23:19:33 45056 ----a-w- c:\windows\system32\NVDevTray.dll
2010-03-21 23:19:33 124928 ----a-w- c:\windows\system32\NVDevCPL.cpl
2010-03-21 23:19:28 9728 ----a-w- c:\windows\syswow64\nvPerfSDKUtil.dll
2010-03-21 23:19:14 866 ----a-r- c:\windows\system32\nvprfsmb.h
2010-03-21 23:19:14 240 ----a-r- c:\windows\system32\nvprfctr.reg
2010-03-21 23:19:14 1816 ----a-r- c:\windows\system32\nvprfctr.ini
2010-03-21 23:19:14 1537536 ----a-r- c:\windows\system32\nvpmapi64.dll
2010-03-21 23:19:06 57344 ----a-w- c:\windows\syswow64\nvPerfHUDUtil.dll
2010-03-21 19:02:03 61280 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-03-21 19:02:03 0 d-----w- c:\program files\Windows Live
2010-03-21 18:49:37 0 d-----w- c:\program files (x86)\Windows Live SkyDrive
2010-03-21 18:46:44 0 d-----w- c:\program files (x86)\common files\Windows Live
2010-03-21 04:08:36 0 d-----w- c:\users\timothy\appdata
==== Find3M ===
2010-04-18 02:13:38 231258 ----a-w- c:\windows\hpwins23.dat
2010-04-18 01:38:27 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2010-04-18 01:38:27 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2010-04-18 01:38:26 444952 ----a-w- c:\windows\syswow64\wrap_oal.dll
2010-04-18 01:38:26 109080 ----a-w- c:\windows\syswow64\OpenAL32.dll
2010-04-02 20:54:44 658536 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-03-21 23:20:23 151552 ----a-w- c:\windows\syswow64\nvRegDev.dll
2010-03-14 02:11:16 81767 ----a-w- c:\windows\hpqins13.dat
2010-03-11 09:21:05 737280 ----a-w- c:\windows\iun6002.exe
2010-03-11 07:08:17 29480 ----a-w- c:\windows\syswow64\msxml3a.dll
2010-02-27 00:20:02 49576 ----a-w- c:\windows\system32\drivers\rcudawdm.sys
2010-02-26 08:01:39 196608 ----a-w- c:\windows\syswow64\avisynth.dll
2010-02-26 08:00:40 414272 ----a-w- c:\windows\syswow64\DivXc32f.dll
2010-02-26 08:00:40 414272 ----a-w- c:\windows\syswow64\DivXc32.dll
2010-02-26 08:00:30 33280 ----a-w- c:\windows\syswow64\HUFFYUV.DLL
2010-02-24 14:16:06 212864 ------w- c:\windows\system32\MpSigStub.exe
2010-02-24 02:34:06 53248 ----a-w- c:\windows\syswow64\CSVer.dll
2010-02-23 08:22:50 1192960 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 07:56:00 977920 ----a-w- c:\windows\syswow64\wininet.dll
2010-02-23 07:55:56 1225216 ----a-w- c:\windows\syswow64\urlmon.dll
2010-02-23 07:55:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
2010-02-23 07:55:43 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-02-23 07:55:43 5964800 ----a-w- c:\windows\syswow64\mshtml.dll
2010-02-23 07:55:24 10978816 ----a-w- c:\windows\syswow64\ieframe.dll
2010-02-23 07:55:20 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-02-22 21:23:58 215394 ---ha-w- c:\users\timothy\appdata\roaming\logs.dat
2010-02-22 05:18:39 235624 ----a-w- c:\windows\system32\nvcod196.dll
2010-02-22 02:15:00 4332136 ----a-w- c:\windows\syswow64\NVStWiz.exe
2010-02-12 22:20:52 34308 ----a-w- c:\windows\syswow64\BASSMOD.dll
2010-02-02 08:36:47 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-02 07:45:54 2048 ----a-w- c:\windows\syswow64\tzres.dll
2010-01-29 00:35:44 2077312 ----a-w- c:\windows\system32\BootMan.exe
2010-01-29 00:35:44 1692288 ----a-w- c:\windows\syswow64\BootMan.exe
2010-01-28 22:09:38 225280 ----a-w- c:\windows\system32\Ncs2Setp.dll
2010-01-28 21:53:36 918648 ----a-w- c:\windows\system32\ncs2dmix.dll
2010-01-28 21:53:34 852600 ----a-w- c:\windows\system32\accesor.dll
2010-01-28 21:31:52 202360 ----a-w- c:\windows\system32\ncs2instutility.dll
2010-01-28 21:16:16 2225784 ----a-w- c:\windows\system32\ncscolib.dll
2010-01-27 17:52:26 345800 ----a-w- c:\windows\system32\PROUnstl.exe
2010-01-22 09:50:59 202344 ----a-w- c:\windows\system32\nvcod190.dll
2010-01-20 20:53:06 14216 ----a-w- c:\windows\syswow64\epmntdrv.sys
2010-01-20 20:53:04 9096 ----a-w- c:\windows\system32\EuGdiDrv.sys
2010-01-20 20:53:04 86408 ----a-w- c:\windows\syswow64\setupempdrv03.exe
2010-01-20 20:53:04 8456 ----a-w- c:\windows\syswow64\EuGdiDrv.sys
2010-01-20 20:53:04 16776 ----a-w- c:\windows\system32\epmntdrv.sys
2010-01-20 20:53:04 11264 ----a-w- c:\windows\system32\EuEpmGdi.dll
2010-01-20 20:53:04 100232 ----a-w- c:\windows\system32\setupempdrvx64.exe
2010-01-20 20:52:48 14848 ----a-w- c:\windows\syswow64\EuEpmGdi.dll
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-11-28 07:44:33 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
=== FINISH: 16:55:54.11 ===


Thank you for looking at this....

Tim

 

Oh sorry. My antivirus is repeatedly identifying the following:

C:\users\Appdata\roaming\microsoft\windows\cookies\@ATDMT[1].TXT

Also, my service control manager is buggy.

Thanks.

 

Hijack This

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:04:01 PM, on 4/19/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WebProxy.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\MHotKey.exe
C:\Program Files (x86)\RegCure\RegCure.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\ChiFuncExt.exe
C:\Program Files (x86)\WhiteSmoke Translator\WSTrayDictMode.exe
C:\Program Files (x86)\WhiteSmoke\WSEnrichment.exe
C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
C:\Program Files (x86)\NextWindow\TouchScreenTools.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\ApVxdWin.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Windows\ModLedKey.exe
C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe
C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavBckPT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {011f9246-da13-4555-9998-6e4805bd533f} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FAIESSO Helper Object - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O3 - Toolbar: (no name) - {011f9246-da13-4555-9998-6e4805bd533f} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe "
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\Inicio.exe "
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\RunOnce: [UniblueRegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Launch WhiteSmoke Translator.lnk = C:\Program Files (x86)\WhiteSmoke Translator\WSTrayDictMode.exe
O4 - Global Startup: Launch WhiteSmoke.lnk = C:\Program Files (x86)\WhiteSmoke\WSEnrichment.exe
O4 - Global Startup: NVIDIA Driver Instrumentation Tray.lnk = ?
O4 - Global Startup: SCANINICIO.lnk = ?
O4 - Global Startup: SmartCopy.lnk = C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
O4 - Global Startup: SmartLauncher.lnk = C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
O4 - Global Startup: Touch Screen Tools.lnk = C:\Program Files (x86)\NextWindow\TouchScreenTools.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O4 - Global Startup: Windows 7 Manager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} (VersionControl Class) - http://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {88650482-3892-11D5-8997-00104BD12D94} - http://support.gateway.com/support/profiler/PCPitStop.CAB
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab
O20 - Winlogon Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FAService - Sensible Vision - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
O23 - Service: Fax - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: CNG Key Isolation (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing)
O23 - Service: @mqutil.dll,-6203 (MSMQTriggers) - Unknown owner - C:\Windows\system32\mqtgsvc.exe (file missing)
O23 - Service: nHancer Support (nHancer) - KSE - Korndörfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
O23 - Service: PCPitstop Scheduling - PC Pitstop LLC - C:\Program Files (x86)\CA\PCPitstopScheduleService.exe
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Host Service (PSHost) - Panda Security International - c:\program files (x86)\panda security\panda global protection 2010\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PskSvc.exe
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\TPSrvWow.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Block Level Backup Engine Service (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: WMI Performance Adapter (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14972 bytes

 

Mbam

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4009

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

4/19/2010 7:57:48 PM
mbam-log-2010-04-19 (19-57-48).txt

Scan type: Quick scan
Objects scanned: 131663
Time elapsed: 3 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Users\Timothy\AppData\Roaming\svchost (Backdoor.Agent) -> Quarantined and deleted successfully.

Files Infected:
C:\Users\Timothy\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.

 

Gmer

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-20 01:42:24
Windows 6.1.7600
Running: eiuwfcyr.exe


---- Registry - GMER 1.0.15 ----

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{54AF15D8-47D1-5523-28B5-8D668368A51E}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{54AF15D8-47D1-5523-28B5-8D668368A51E}@jaonehelmbcjnjggganm 0x63 0x61 0x62 0x6D ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{54AF15D8-47D1-5523-28B5-8D668368A51E}@pagpfeeannhjocgcgipeecabnfedannc 0x63 0x61 0x6D 0x6D ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{54AF15D8-47D1-5523-28B5-8D668368A51E}@haonehelmbcjnjgg 0x61 0x61 0x00 0x00
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A3044818-12CA-7D08-2462-74BF500E2D32}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A3044818-12CA-7D08-2462-74BF500E2D32}@hakppfdknedbjhbh 0x61 0x61 0x00 0x00
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A3044818-12CA-7D08-2462-74BF500E2D32}@jakppfdknedbjhbhhlcc 0x63 0x61 0x6C 0x62 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A3044818-12CA-7D08-2462-74BF500E2D32}@pacpnainofhalbbdchcobienpogkbeoh 0x64 0x61 0x70 0x61 ...

---- EOF - GMER 1.0.15 ----
******************************
******************************
The system could not find the file.
C:\Windows\System32\Config
I ran it in safe mode and same problem
******************************
******************************

Thanks again.

 

It happened each time I opened GMER.

By buggy, I was referring the following:

4/19/2010 9:58:50 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.4/19/2010 9:42:32 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
4/19/2010 9:00:58 AM, Error: Service Control Manager [7000] - The ASP.NET State Service service failed to start due to the following error: The system cannot find the file specified.
4/19/2010 3:54:05 PM, Error: Service Control Manager [7000] - The RkPavproc1 service failed to start due to the following error: This driver has been blocked from loading
4/19/2010 3:54:05 PM, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\drivers\RkPavproc1.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
4/19/2010 3:29:19 PM, Error: Service Control Manager [7034] - The Panda TPSrv service terminated unexpectedly. It has done this 1 time(s).
4/19/2010 3:28:54 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/19/2010 3:27:56 PM, Error: SNMP [1500] - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
4/19/2010 2:44:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
4/19/2010 2:43:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Net.Msmq Listener Adapter service to connect.
4/19/2010 2:43:37 PM, Error: Service Control Manager [7000] - The Net.Msmq Listener Adapter service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/19/2010 2:42:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CISVC service.
4/19/2010 2:42:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Message Queuing Triggers service to connect.
4/19/2010 2:42:03 PM, Error: Service Control Manager [7000] - The Message Queuing Triggers service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/19/2010 2:40:06 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
4/19/2010 11:08:17 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {10DA4F3C-CC99-4190-BE4D-58330754E882} and APPID {7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost
(Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/19/2010 10:45:12 AM, Error: volsnap [36] -
4/19/2010 10:37:20 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
4/19/2010 10:00:45 AM, Error: Service Control Manager [7038] - The HPSLPSVC service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
4/19/2010 10:00:45 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/19/2010 10:00:45 AM, Error: Service Control Manager [7000] - The Human Interface Device

Access service failed to start due to the following error: A system shutdown is in progress.
4/19/2010 10:00:45 AM, Error: Service Control Manager [7000] - The HP Network Devices Support

service failed to start due to the following error: The service did not start due to a logon

failure.
4/19/2010 10:00:45 AM, Error: Service Control Manager [7000] - The Diagnostic System Host
service failed to start due to the following error: A system shutdown is in progress.
4/19/2010 10:00:44 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Windows Office Beta will not run or uninstall.

Thanks

 

Root Repeal

Root Repeal won't open on 64-bit OS.

 

OTL.Txt 1

OTL logfile created on: 4/22/2010 7:52:28 PM - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\Timothy\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

9.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 70.00% Memory free
27.00 Gb Paging File | 24.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.86 Gb Total Space | 851.55 Gb Free Space | 92.88% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 650.70 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 1.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
Drive H: | 1.08 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 474.71 Gb Total Space | 26.99 Gb Free Space | 5.68% Space Free | Partition Type: NTFS
Drive L: | 467.31 Gb Total Space | 376.78 Gb Free Space | 80.63% Space Free | Partition Type: NTFS
Drive M: | 492.14 Gb Total Space | 305.56 Gb Free Space | 62.09% Space Free | Partition Type: NTFS
Drive N: | 202.75 Gb Total Space | 114.29 Gb Free Space | 56.37% Space Free | Partition Type: NTFS
Drive O: | 299.25 Gb Total Space | 179.54 Gb Free Space | 60.00% Space Free | Partition Type: NTFS
Drive R: | 343.25 Gb Total Space | 286.88 Gb Free Space | 83.58% Space Free | Partition Type: NTFS
Drive S: | 175.99 Gb Total Space | 175.90 Gb Free Space | 99.95% Space Free | Partition Type: NTFS
Drive V: | 442.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: TIMOTHY-PC
Current User Name: Timothy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/04/22 19:51:10 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Timothy\Downloads\OTL.exe
PRC - [2010/04/15 08:20:16 | 000,098,304 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Minefield\firefox.exe
PRC - [2010/04/15 08:20:16 | 000,009,216 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Minefield\mozilla-runtime.exe
PRC - [2010/02/23 19:20:12 | 012,764,440 | ---- | M] () -- C:\Program Files (x86)\RegCure\RegCure.exe
PRC - [2009/11/23 15:50:24 | 000,270,336 | ---- | M] () -- C:\Program Files (x86)\WhiteSmoke\WSEnrichment.exe
PRC - [2009/11/10 15:25:48 | 000,068,384 | ---- | M] () -- C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe
PRC - [2009/11/10 12:20:54 | 000,262,144 | ---- | M] () -- C:\Program Files (x86)\WhiteSmoke Translator\WSTrayDictMode.exe
PRC - [2009/09/26 08:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
PRC - [2009/09/25 12:51:04 | 000,906,496 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\ApVxdWin.exe
PRC - [2009/09/23 16:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/09/23 16:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/09/17 12:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
PRC - [2009/09/09 16:31:34 | 000,090,296 | ---- | M] (PC Pitstop LLC) -- C:\Program Files (x86)\CA\PCPitstopScheduleService.exe
PRC - [2009/09/07 16:40:04 | 000,198,400 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\AVENGINE.EXE
PRC - [2009/08/25 13:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\psksvc.exe
PRC - [2009/08/24 13:47:52 | 000,445,440 | ---- | M] () -- C:\Program Files (x86)\NextWindow\TouchScreenTools.exe
PRC - [2009/08/10 13:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsCtrlS.exe
PRC - [2009/08/10 13:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
PRC - [2009/08/10 13:45:48 | 000,111,872 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavBckPT.exe
PRC - [2009/07/13 21:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
PRC - [2009/07/07 13:13:38 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
PRC - [2009/06/25 15:09:32 | 001,942,792 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2009/06/25 15:09:32 | 000,095,496 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2009/06/25 15:09:10 | 002,368,776 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2009/04/23 12:31:16 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\WebProxy.exe
PRC - [2009/04/08 10:56:24 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Program Files (x86)\Panda Security\Panda Global Protection 2010\FIREWALL\PSHost.exe
PRC - [2009/01/07 15:08:18 | 000,319,488 | ---- | M] () -- C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
PRC - [2008/09/19 17:52:42 | 000,339,968 | ---- | M] (North Star com.) -- C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
PRC - [2008/07/20 20:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/07/20 20:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/06/27 13:23:00 | 000,091,392 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\SrvLoad.exe
PRC - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsImSvc.exe
PRC - [2008/05/30 13:50:28 | 000,581,120 | ---- | M] () -- C:\Windows\mHotkey.exe
PRC - [2008/02/22 07:25:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe
PRC - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe
PRC - [2008/02/01 14:04:50 | 000,057,344 | ---- | M] (Chicony) -- C:\Windows\ChiFuncExt.exe
PRC - [2007/01/08 17:51:56 | 000,053,248 | ---- | M] (Chicony) -- C:\Windows\ModLEDKey.exe


========== Modules (SafeList) ==========

MOD - [2010/04/22 19:51:10 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Timothy\Downloads\OTL.exe
MOD - [2009/11/23 15:51:00 | 000,147,456 | ---- | M] (WhiteSmoke) -- C:\Program Files (x86)\WhiteSmoke\HookDllOE.dll
MOD - [2009/08/10 13:45:54 | 000,095,488 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavOEpl.dll
MOD - [2009/07/13 21:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009/07/13 21:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009/06/10 17:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
MOD - [2009/06/10 17:23:11 | 000,554,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll
MOD - [2009/06/09 14:34:18 | 000,078,312 | ---- | M] (Deskperience) -- C:\Program Files (x86)\WhiteSmoke Translator\WHook.dll
MOD - [2007/03/21 22:33:00 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp71.dll
MOD - [2007/03/21 22:33:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/04/10 17:25:46 | 000,342,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV:64bit: - [2010/02/26 08:59:22 | 000,130,048 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2010/02/24 07:10:55 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2010/01/19 17:49:16 | 000,055,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc)
SRV:64bit: - [2009/12/09 20:30:34 | 000,017,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/10/04 17:53:34 | 000,039,424 | ---- | M] (KSE - Korndörfer Software Engineering) [Auto | Running] -- C:\Program Files\nHancer\nHancerService.exe -- (nHancer)
SRV:64bit: - [2009/09/26 05:28:30 | 004,924,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV:64bit: - [2009/07/13 21:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/13 21:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 21:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 21:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/13 21:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 21:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/13 21:41:08 | 000,451,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (WAS)
SRV:64bit: - [2009/07/13 21:41:08 | 000,451,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (W3SVC)
SRV:64bit: - [2009/07/13 21:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/13 21:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/13 21:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (DEFRAGSVC)
SRV:64bit: - [2009/07/13 21:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/13 21:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 21:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 21:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:40:01 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV:64bit: - [2009/07/13 21:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/13 21:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (WinHttpAutoProxySvc)
SRV:64bit: - [2009/07/13 21:39:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2009/07/13 21:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/13 21:39:20 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:64bit: - [2009/07/13 21:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009/07/13 21:39:13 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009/07/13 21:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV:64bit: - [2009/03/30 17:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/03/27 22:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2008/07/16 17:00:00 | 000,024,576 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2010/04/14 01:41:54 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2010/04/13 22:24:34 | 002,504,280 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\rswin_3653.dll -- (Akamai)
SRV - [2009/11/06 14:24:54 | 000,282,728 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009/11/06 14:13:20 | 000,276,584 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2009/09/26 08:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2009/09/23 22:59:36 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/09/23 16:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/09/23 16:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/09/17 12:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\pavsrvx86.exe -- (PAVSRV)
SRV - [2009/09/09 16:31:34 | 000,090,296 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files (x86)\CA\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2009/08/25 13:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PskSvc.exe -- (PskSvcRetail)
SRV - [2009/08/10 13:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/08/10 13:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/13 23:20:14 | 000,000,000 | ---D | M] [On_Demand | Running] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/13 21:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/13 21:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 21:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/07/13 21:14:39 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2009/06/25 15:09:10 | 002,368,776 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/06/10 16:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/17 10:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\TPSrvWow.exe -- (TPSrv)
SRV - [2009/04/08 10:56:24 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\program files (x86)\panda security\panda global protection 2010\firewall\PSHOST.EXE -- (PSHost)
SRV - [2009/02/23 11:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/07/27 14:34:18 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2008/07/27 14:31:19 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2008/07/20 20:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/07/02 14:09:42 | 000,072,448 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\GWMsrv64.dll -- (Gwmsrv)
SRV - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/04/20 22:56:15 | 000,015,928 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\COMFiltr.sys -- (ComFiltr)
DRV:64bit: - [2010/04/15 02:35:16 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/01/27 16:58:38 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010/01/20 16:53:04 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2010/01/20 16:53:04 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2010/01/18 13:09:27 | 000,167,424 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcHlp.sys -- (archlp)
DRV:64bit: - [2009/11/11 15:11:42 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/10/20 13:22:54 | 000,289,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress) Intel(R)
DRV:64bit: - [2009/09/23 16:04:52 | 000,025,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/09/22 21:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009/09/22 21:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009/09/22 21:32:39 | 000,095,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009/09/22 21:32:35 | 000,016,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2009/09/22 21:32:33 | 000,187,904 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009/09/15 14:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvoclk64.sys -- (nvoclk64)
DRV:64bit: - [2009/08/28 20:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/08/13 15:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AGERESoftModem)
DRV:64bit: - [2009/08/06 12:29:18 | 000,057,352 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM)
DRV:64bit: - [2009/08/05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/29 11:37:08 | 000,024,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NW1950.sys -- (NW1950)
DRV:64bit: - [2009/07/24 14:13:06 | 000,167,920 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\C2SCSI64.SYS -- (c2scsi64)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,153,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/13 21:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 21:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/13 21:45:55 | 000,036,432 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 21:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/13 21:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 21:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/13 21:43:13 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 20:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/07/13 20:17:46 | 000,024,064 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 20:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 20:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/13 20:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 20:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2009/07/13 20:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 20:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 20:07:13 | 000,227,840 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/13 20:07:00 | 000,350,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/07/13 20:07:00 | 000,184,576 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2009/07/13 20:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 20:06:32 | 000,109,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV:64bit: - [2009/07/13 20:06:28 | 000,040,448 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2009/07/13 20:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 20:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/13 20:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 20:00:34 | 000,038,912 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/13 20:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 19:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/13 19:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/13 19:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 19:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 19:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 19:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/13 19:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/07/13 19:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2009/02/13 11:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/12/02 17:01:42 | 000,068,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2008/09/24 21:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2008/09/23 17:19:04 | 000,034,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gwfilt64.sys -- (gwfilt64)
DRV:64bit: - [2008/07/20 20:44:54 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/02/28 14:37:42 | 000,046,136 | ---- | M] (Panda Security, S.L.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ShldFlt.sys -- (ShldFlt)
DRV - [2010/04/18 07:32:19 | 000,000,000 | ---D | M] [File_System | Boot | Running] -- C:\Windows\FltMgr -- (FltMgr)
DRV - [2010/03/28 21:53:31 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC)
DRV - [2010/01/29 12:40:14 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2010/01/20 16:53:06 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2010/01/20 16:53:04 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/09/23 16:04:42 | 000,261,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -- (sftplay)
DRV - [2009/09/23 16:04:42 | 000,017,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftVollh.sys -- (sftvol)
DRV - [2009/09/23 16:04:38 | 000,712,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftFSlh.sys -- (sftfs)
DRV - [2009/09/01 17:59:44 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/03/11 02:10:50] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winusb.dll -- (WinUsb)
DRV - [2009/07/13 21:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 17:39:34 | 000,021,271 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\http.mib -- (HTTP)
DRV - [2009/06/03 17:14:48 | 000,167,424 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\ArcHlp.sys -- (archlp)
DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/07/16 16:56:06 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
DRV - [2002/02/04 11:29:40 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\MONITOR.AVI -- (monitor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=fx6801
IE - HKLM\..\URLSearchHook: {011f9246-da13-4555-9998-6e4805bd533f} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.9.1

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/14 01:40:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Minefield 3.7a4pre\extensions\\Components: C:\Program Files (x86)\Minefield\components [2010/04/18 17:42:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Minefield 3.7a4pre\extensions\\Plugins: C:\Program Files (x86)\Minefield\plugins [2010/04/18 02:17:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3plugin1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/04/18 02:12:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3plugin1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/04/18 02:12:04 | 000,000,000 | ---D | M]

 

OTL.Txt 2

[2010/04/18 02:07:44 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\mozilla\Extensions
[2010/02/24 00:44:07 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\mozilla\Extensions\postbox@postbox-inc.com
[2010/04/21 19:49:25 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\mozilla\Firefox\Profiles\hvmelqah.default\extensions
[2010/04/18 02:13:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Timothy\AppData\Roaming\mozilla\Firefox\Profiles\hvmelqah.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/18 02:05:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/02/12 22:33:21 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2:64bit: - BHO: (PDF-XChange Viewer IE-Plugin) - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF Viewer\PDFXCviewIEPlugin.dll (Tracker Software Products Ltd.)
O2 - BHO: (no name) - {011f9246-da13-4555-9998-6e4805bd533f} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {011f9246-da13-4555-9998-6e4805bd533f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [LchDrvKey] File not found
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\SysWow64\StikyNot.exe File not found
O4 - HKCU..\RunOnce: [UniblueRegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Activities present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\CommandBar present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Safety present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbar present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCABattery = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.5.0.cab (DLM Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab (VersionControl Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {88650482-3892-11D5-8997-00104BD12D94} http://support.gateway.com/support/profiler/PCPitStop.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\avldr: DllName - Reg Error: Key error. - File not found
O20 - Winlogon\Notify\FastAccess: DllName - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\WPDShServiceObj.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Timothy\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Timothy\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O27:64bit: - HKLM IFEO\GoogleToolbarNotifier.exe: Debugger - File not found
O27 - HKLM IFEO\GoogleToolbarNotifier.exe: Debugger - rundll32.exe File not found
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/12 19:15:33 | 000,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2005/09/05 10:57:13 | 000,000,110 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/04/18 13:14:53 | 000,000,000 | -H-D | M] - I:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 13:14:54 | 000,000,000 | -H-D | M] - L:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 13:14:54 | 000,000,000 | -H-D | M] - M:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/04/16 17:54:28 | 002,807,454 | ---- | M] () - N:\Autoimmune Endocrine Disorders.Vol.38, Issues 2, 2009.pdf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 13:14:54 | 000,000,000 | -H-D | M] - N:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 13:14:55 | 000,000,000 | -H-D | M] - O:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 13:14:55 | 000,000,000 | -H-D | M] - R:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/01/28 16:00:27 | 000,000,088 | ---- | M] () - V:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{07401cce-ed69-11de-bfb4-00226866d877}\Shell - " " = AutoRun
O33 - MountPoints2\{07401cce-ed69-11de-bfb4-00226866d877}\Shell\AutoRun\command - " " = F:\PfundZahnd.exe -- [2005/09/02 12:25:03 | 000,926,568 | R--- | M] (Macromedia, Inc.)
O33 - MountPoints2\{a49471f0-476c-11df-96f6-00226866d877}\Shell - " " = AutoRun
O33 - MountPoints2\{a49471f0-476c-11df-96f6-00226866d877}\Shell\AutoRun\command - " " = V:\WD SmartWare.exe -- [2010/01/21 20:13:40 | 003,330,848 | ---- | M] (Western Digital)
O33 - MountPoints2\{f0b6de3d-1d6e-11df-b65c-00226866d877}\Shell - " " = AutoRun
O33 - MountPoints2\{f0b6de3d-1d6e-11df-b65c-00226866d877}\Shell\AutoRun\command - " " = J:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2010/04/14 01:42:53 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 90 Days ==========

 

OTL.Txt 3

[2010/04/21 19:38:27 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Panda Security
[2010/04/20 22:55:59 | 000,082,952 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\dsaflt64.sys
[2010/04/20 22:55:59 | 000,078,856 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\idsflt64.sys
[2010/04/20 22:55:59 | 000,074,760 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\wnmflt64.sys
[2010/04/20 22:55:57 | 000,170,504 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\NETTDI64.SYS
[2010/04/20 22:55:57 | 000,116,744 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\APPFLT64.SYS
[2010/04/20 22:55:57 | 000,031,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\fnetm64.sys
[2010/04/20 22:55:46 | 000,046,640 | ---- | C] (Panda Software) -- C:\Windows\SysNative\pavcpl64.cpl
[2010/04/20 22:55:37 | 000,446,464 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\HHActiveX.dll
[2010/04/20 22:55:34 | 000,325,376 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\TpUtil64.dll
[2010/04/20 22:55:34 | 000,201,984 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\TpUtilWow.dll
[2010/04/20 22:55:34 | 000,116,992 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavLspHook64.dll
[2010/04/20 22:55:34 | 000,092,928 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavIpc64.dll
[2010/04/20 22:55:34 | 000,087,296 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavLspHookWow.dll
[2010/04/20 22:55:34 | 000,066,816 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavIpcWow.dll
[2010/04/20 22:55:34 | 000,025,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\sysHelper64.dll
[2010/04/20 22:55:34 | 000,025,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\sysHelper32.dll
[2010/04/20 22:55:33 | 000,838,400 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavSHook64.dll
[2010/04/20 22:55:33 | 000,545,536 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavSHookWow.dll
[2010/04/20 22:55:29 | 000,057,352 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\amm6460.sys
[2010/04/20 22:55:29 | 000,053,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\avldr64.dll
[2010/04/20 22:55:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\PAV
[2010/04/20 22:55:28 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Panda Security
[2010/04/20 22:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2010/04/20 20:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/04/20 19:07:49 | 000,033,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys
[2010/04/20 19:06:54 | 000,046,136 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\ShldFlt.sys
[2010/04/20 19:06:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Panda Security
[2010/04/20 03:00:37 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\FixItCenter
[2010/04/19 23:02:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/04/19 19:44:06 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2010/04/19 19:44:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2010/04/19 19:38:14 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Dexpot
[2010/04/19 19:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dexpot
[2010/04/19 19:14:27 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Malwarebytes
[2010/04/19 19:14:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/19 19:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/19 19:14:11 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/19 19:14:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/04/19 15:21:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegCure
[2010/04/19 10:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Software
[2010/04/18 19:03:34 | 000,000,000 | ---D | C] -- C:\Panda Software
[2010/04/18 07:32:19 | 000,000,000 | ---D | C] -- C:\Windows\FltMgr
[2010/04/18 07:28:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Backup
[2010/04/18 07:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2010/04/18 04:17:50 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\nHancer
[2010/04/18 04:14:40 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Books
[2010/04/18 04:10:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Books
[2010/04/18 03:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\nHancer
[2010/04/18 03:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\nHancer
[2010/04/18 03:51:31 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\KSE
[2010/04/18 03:37:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DjVuZone
[2010/04/18 02:17:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minefield
[2010/04/18 00:27:45 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\PeerNetworking
[2010/04/17 20:57:34 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010/04/17 20:57:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010/04/17 20:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/04/17 20:57:14 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010/04/17 20:57:14 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010/04/17 20:57:13 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010/04/17 20:57:13 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010/04/17 20:57:12 | 000,176,640 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010/04/17 20:39:14 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\SB_X-Fi_MB_RC_1.1
[2010/04/17 20:39:00 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\Audio_Realtek_IncludeHDMI_v.6.0.1.5888_7a
[2010/04/17 20:38:54 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\RALK_Lite-on_WN7600R_V1.1.3.9_7a
[2010/04/17 19:20:56 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\FX6800_BIOS_842P181G
[2010/04/17 19:20:56 | 000,000,000 | ---D | C] -- C:\BIOS_842P181G
[2010/04/17 18:38:02 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\Bios Update Files
[2010/04/17 10:51:01 | 000,000,000 | ---D | C] -- C:\Windows\LastGood.Tmp
[2010/04/17 10:16:22 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2010/04/17 10:16:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2010/04/17 10:12:04 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Western DigitalTemp
[2010/04/17 00:16:14 | 000,000,000 | ---D | C] -- C:\Program Files\Update Services
[2010/04/17 00:11:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/04/16 23:18:52 | 000,000,000 | ---D | C] -- C:\cd2adecdf9af07ddbcb95c1e244d
[2010/04/16 23:17:51 | 000,000,000 | ---D | C] -- C:\1418cdbaaaa751c8ec33eff486
[2010/04/16 18:38:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\msmq
[2010/04/16 18:38:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2010/04/16 17:59:53 | 000,000,000 | ---D | C] -- C:\e379b2b184060c0720894681
[2010/04/15 02:55:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010/04/14 22:24:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/04/14 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live Safety Center
[2010/04/13 22:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\WD_SmartWareCommon
[2010/04/13 22:34:02 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Western_Digital
[2010/04/13 22:32:19 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Western Digital
[2010/04/13 22:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2010/04/13 22:31:35 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Western Digital
[2010/04/12 22:44:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\inetsrv
[2010/04/12 22:44:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2010/04/12 22:44:06 | 000,000,000 | ---D | C] -- C:\inetpub
[2010/04/11 11:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\AccelerEyes
[2010/04/11 07:39:39 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Pegasys Inc
[2010/04/11 07:37:07 | 000,000,000 | ---D | C] -- C:\Python24
[2010/04/11 04:04:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010/04/11 04:03:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2010/04/11 04:03:00 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Visual Studio 2008
[2010/04/11 04:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2010/04/11 04:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2010/04/11 04:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010/04/11 04:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2010/04/11 01:54:05 | 000,000,000 | ---D | C] -- C:\Python26
[2010/04/11 01:33:51 | 000,000,000 | ---D | C] -- C:\psscor2
[2010/04/11 00:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft KitSetup
[2010/04/11 00:53:46 | 000,000,000 | ---D | C] -- C:\WinDDK
[2010/04/10 19:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\RealHideIP
[2010/04/09 05:00:44 | 000,000,000 | ---D | C] -- C:\Timothy Bambrick Capstone
[2010/04/08 02:45:51 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\nvidia
[2010/04/08 02:40:17 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Agnosco DICOM Viewer
[2010/04/08 02:32:51 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\Roshni's LSAT Prep
[2010/04/07 18:07:24 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Power2Go
[2010/04/07 08:34:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/04/06 19:22:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Copra DVD
[2010/04/06 18:37:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Documents
[2010/04/05 19:29:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloads
[2010/04/05 19:10:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kiyut
[2010/04/05 13:38:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\DriverCure
[2010/04/05 13:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2010/04/05 13:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ParetoLogic
[2010/04/05 13:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverCure
[2010/04/05 13:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2010/04/03 22:55:32 | 000,064,616 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/04/03 22:55:32 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/04/02 01:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver
[2010/04/02 01:47:59 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\InstallShield
[2010/04/01 23:27:50 | 000,000,000 | R--D | C] -- C:\Users\Timothy\Documents\Notes
[2010/04/01 21:29:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIW
[2010/03/31 18:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/03/31 17:23:24 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Weblog Posts
[2010/03/31 17:23:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Windows Live Writer
[2010/03/31 17:23:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Windows Live Writer
[2010/03/31 14:59:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Kindle Content
[2010/03/31 04:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\realserver
[2010/03/31 04:03:52 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\REAL Software
[2010/03/31 04:03:45 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\REAL Studio
[2010/03/31 01:24:24 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\SmartDraw
[2010/03/30 19:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2010/03/30 18:16:57 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool
[2010/03/30 17:21:46 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\DriverGenius
[2010/03/29 23:11:40 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\NVIDIA
[2010/03/29 19:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2010/03/29 19:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio .NET
[2010/03/29 19:36:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2010/03/29 19:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2010/03/29 19:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS
[2010/03/29 19:18:05 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/03/29 14:14:07 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit PDF Edit Portable
[2010/03/29 13:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/03/29 12:29:21 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\PCPitstop
[2010/03/29 12:28:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CA
[2010/03/28 21:53:31 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010/03/27 21:33:11 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Dup Scout Pro
[2010/03/27 21:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\Dup Scout Pro
[2010/03/27 01:05:33 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Seeing Machines
[2010/03/27 01:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Seeing Machines
[2010/03/27 00:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetSpotter
[2010/03/26 18:22:30 | 000,107,680 | ---- | C] (Bluebeam Software, Inc.) -- C:\Windows\SysNative\BBPdfPortMon.DLL
[2010/03/26 18:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2010/03/26 18:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/03/26 18:16:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2010/03/26 01:03:58 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/03/26 00:46:59 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Opera
[2010/03/26 00:46:59 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Opera
[2010/03/24 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Timothy\Links
[2010/03/24 18:41:03 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My eBooks
[2010/03/24 12:46:09 | 000,000,000 | ---D | C] -- C:\Windows\LMI50ED.tmp
[2010/03/23 02:49:48 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Apple Computer
[2010/03/23 02:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/03/23 02:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
[2010/03/23 02:43:10 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Apple
[2010/03/23 02:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/03/23 02:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/03/23 02:02:47 | 000,000,000 | R--D | C] -- C:\Users\Timothy\Documents\Music
[2010/03/23 00:33:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Scans
[2010/03/23 00:19:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Digital Editions
[2010/03/22 23:22:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NextWindow
[2010/03/21 23:44:28 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Documents
[2010/03/21 20:06:27 | 000,000,000 | ---D | C] -- C:\Users\Timothy\NVIDIA
[2010/03/21 19:26:16 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\NVIDIA NVPerfHUD
[2010/03/21 19:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft DirectX SDK (February 2010)
[2010/03/21 16:14:54 | 000,000,000 | R-SD | C] -- C:\Users\Timothy\Documents\My Stationery
[2010/03/21 15:33:55 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Outlook Files
[2010/03/21 15:29:49 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Received Files
[2010/03/21 15:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/03/21 15:01:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2010/03/21 14:49:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/03/21 14:49:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010/03/21 14:46:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010/03/21 11:31:06 | 000,000,000 | R--D | C] -- C:\Users\Timothy\Searches
[2010/03/21 00:08:36 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\IDM
[2010/03/19 02:20:52 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Remote Assistance Logs
[2010/03/18 05:01:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP
[2010/03/17 23:42:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2010/03/17 21:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCPitstop
[2010/03/17 19:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\PCPitstop
[2010/03/17 19:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\CA
[2010/03/17 19:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EASEUS
[2010/03/17 18:56:57 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Protexis
[2010/03/17 18:05:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010/03/17 18:05:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/03/17 15:58:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010/03/16 20:21:55 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Tracing
[2010/03/16 20:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer Platform Preview
[2010/03/16 11:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\PEERNET
[2010/03/14 23:38:11 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/03/13 22:32:53 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Scanned Documents
[2010/03/13 22:32:53 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Fax
[2010/03/13 22:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010/03/13 22:02:42 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\HP
[2010/03/13 22:02:41 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\HP
[2010/03/13 21:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010/03/13 21:58:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010/03/13 21:58:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010/03/13 21:58:07 | 000,000,000 | ---D | C] -- C:\Windows\hpoj6500e709
[2010/03/13 21:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/03/11 13:43:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haali
[2010/03/11 13:43:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoreCodec
[2010/03/11 05:22:30 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2010/03/11 05:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codec Pack - All In 1
[2010/03/11 05:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2010/03/11 05:09:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Momentum Games
[2010/03/11 03:22:13 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\CyberLink
[2010/03/10 19:19:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Golden Bow Systems
[2010/03/10 19:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Golden Bow
[2010/03/10 19:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pointstone
[2010/03/10 18:24:06 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\ToLTech
[2010/03/09 03:08:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLifeBetaViewer
[2010/03/09 02:34:52 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Bullzip
[2010/03/07 19:45:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Futuremark
[2010/03/06 18:27:00 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\ArcSoft
[2010/03/06 14:59:39 | 000,227,840 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzFlRdr.dll
[2010/03/06 14:59:39 | 000,126,976 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzpdfc.dll
[2010/03/06 14:59:39 | 000,103,424 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzDCT.dll
[2010/03/06 14:59:36 | 000,212,480 | ---- | C] (Bullzip) -- C:\Windows\SysNative\bzpdf.dll
[2010/03/06 14:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bullzip
[2010/03/06 14:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Scan2PDF
[2010/03/06 14:58:37 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2010/03/06 14:57:01 | 000,050,688 | ---- | C] (AcroPDF Systems) -- C:\Windows\SysWow64\acropdf.dll
[2010/03/06 14:57:00 | 000,396,288 | ---- | C] (AcroPDF Systems) -- C:\Windows\acroknl.dll
[2010/03/06 14:57:00 | 000,128,000 | ---- | C] (AcroPDF) -- C:\Windows\acrogui.dll
[2010/03/06 14:57:00 | 000,050,688 | ---- | C] (AcroPDF Systems) -- C:\Windows\acropdf.dll
[2010/03/06 14:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AcroPDF
[2010/03/06 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Foxit Software
[2010/03/06 13:44:46 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Foxit
[2010/03/06 12:32:58 | 001,417,216 | ---- | C] (SEDTech (Pty) Ltd.) -- C:\Windows\SysWow64\iSED.dll
[2010/03/06 12:32:58 | 000,046,592 | ---- | C] (Revenger inc.) -- C:\Windows\SysWow64\cmext.dll
[2010/03/06 12:32:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adolix
[2010/03/06 11:20:58 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Downloads
[2010/03/03 02:49:08 | 000,000,000 | ---D | C] -- C:\Temp
[2010/03/02 07:57:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft DirectX SDK (August 2009)
[2010/03/02 07:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2010/03/02 03:49:48 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\TuneUp Software
[2010/02/28 12:29:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Thinstall
[2010/02/28 12:29:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Thinstall
[2010/02/28 04:35:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\App Launcher Gadget
[2010/02/28 01:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010/02/28 01:24:13 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/02/26 20:19:53 | 000,049,576 | ---- | C] (SafeNet, Inc.) -- C:\Windows\SysNative\drivers\rcudawdm.sys
[2010/02/26 20:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SafeNet Dog
[2010/02/26 14:21:11 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\{20140062-0062-0409-0000-0000000FF1CE}
[2010/02/26 04:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DFX
[2010/02/26 04:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DFX
[2010/02/26 04:00:40 | 000,414,272 | ---- | C] (Hacked with Joy !) -- C:\Windows\SysWow64\DivXc32f.dll
[2010/02/26 04:00:40 | 000,414,272 | ---- | C] (Hacked with Joy !) -- C:\Windows\SysWow64\DivXc32.dll
[2010/02/26 04:00:40 | 000,291,408 | ---- | C] (Hacked With Joy !) -- C:\Windows\SysWow64\DivXa32.acm
[2010/02/26 04:00:40 | 000,240,400 | ---- | C] (Hacked With Joy ! ) -- C:\Windows\SysWow64\DivX_c32.ax
[2010/02/26 04:00:30 | 000,033,280 | ---- | C] (Disappearing Inc.) -- C:\Windows\SysWow64\HUFFYUV.DLL
[2010/02/26 00:19:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\SoftGrid Client
[2010/02/26 00:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2010/02/26 00:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010/02/26 00:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/02/26 00:01:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/02/25 22:48:46 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\WhiteSmokeTranslator
[2010/02/25 22:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke Translator
[2010/02/25 22:43:47 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\WhiteSmoke
[2010/02/24 15:02:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Virtualized Applications
[2010/02/24 14:44:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Azureus
[2010/02/24 14:44:02 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Azureus
[2010/02/24 14:27:24 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\PCF-VLC
[2010/02/24 08:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2010/02/24 07:10:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/02/24 07:10:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/02/24 06:01:07 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\NVD
[2010/02/24 06:01:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\NVD
[2010/02/24 06:01:00 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\SoftGrid Client
[2010/02/24 06:01:00 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\SoftGrid Client
[2010/02/24 05:59:59 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\TP
[2010/02/24 02:21:02 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\IObit
[2010/02/24 01:46:53 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/02/24 01:46:49 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Uniblue
[2010/02/24 00:43:15 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Postbox
[2010/02/24 00:33:04 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Tific
[2010/02/22 16:29:17 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Apps
[2010/02/22 16:24:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\CrashDumps
[2010/02/22 06:33:49 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/02/22 06:15:34 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Microsoft Help
[2010/02/22 03:27:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke_Tools
[2010/02/22 02:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke
[2010/02/19 21:49:43 | 000,491,520 | ---- | C] (NCT Company) -- C:\Windows\SysWow64\NCTAudioFile.dll
[2010/02/19 21:49:43 | 000,158,208 | ---- | C] (NCT Company) -- C:\Windows\SysWow64\NCTTextToAudio.dll
[2010/02/19 19:37:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EZB Systems
[2010/02/19 19:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraISO
[2010/02/19 19:36:29 | 000,000,000 | -HSD | C] -- C:\Nsi.pending
[2010/02/19 19:31:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tempdir
[2010/02/19 19:31:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced Word to Pdf Converter
[2010/02/19 19:09:28 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Users\Timothy\AppData\Roaming\MSWINSCK.OCX
[2010/02/19 17:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/02/19 17:52:09 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/02/18 13:33:42 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010/02/16 21:15:07 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\DMCache
[2010/02/15 21:11:38 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Alfa.NetSoft_2007-2009
[2010/02/15 21:05:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Kristanix Software
[2010/02/15 20:46:12 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Sony Corporation
[2010/02/12 23:39:47 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Macrovision
[2010/02/12 23:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\BIAS
[2010/02/12 23:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2010/02/12 23:14:39 | 000,000,000 | ---D | C] -- C:\Binaries
[2010/02/12 23:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BIAS
[2010/02/12 23:14:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\eSellerate
[2010/02/12 23:04:48 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Simple Star
[2010/02/12 23:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoShow Shared Assets
[2010/02/12 22:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2010/02/12 19:15:33 | 000,000,000 | -H-D | C] -- C:\Autorun.inf
[2010/02/12 18:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\GroupPolicy
[2010/02/12 18:20:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yamicsoft
[2010/02/12 16:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/02/12 15:52:54 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\install
[2010/02/12 14:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DeskShare
[2010/02/12 14:38:26 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Xenocode
[2010/02/10 17:54:13 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\OpenCandy
[2010/02/04 00:18:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\XemiComputers
[2010/02/04 00:01:06 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Thinking Minds Budiling Bytes
[2010/02/03 18:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/02/02 06:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\WinCHM
[2010/02/02 06:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softany
[2010/01/31 18:12:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010/01/30 03:43:42 | 001,177,600 | ---- | C] (AD) -- C:\Windows\SysWow64\SYNSOEMU.DLL
[2010/01/30 01:18:49 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\SDViewerFREE
[2010/01/30 00:28:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Next Dimension Imaging
[2010/01/30 00:26:33 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\MigWiz
[2010/01/29 22:46:52 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Microsoft Games
[2010/01/29 20:14:48 | 000,000,000 | R--D | C] -- C:\Users\Timothy\Virtual Machines
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2010/01/29 19:45:14 | 000,000,000 | -HSD | C] -- C:\Windows\BitLockerDiscoveryVolumeContents
[2010/01/29 19:29:51 | 000,021,888 | ---- | C] (Syncrosoft GmbH) -- C:\Windows\SysWow64\drivers\synUSB64.sys
[2010/01/29 19:05:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2010/01/29 19:02:34 | 000,016,896 | ---- | C] (Syncrosoft GmbH) -- C:\Windows\SysWow64\drivers\SynasUSB.sys
[2010/01/29 18:56:04 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\TH1
[2010/01/29 18:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Overloud
[2010/01/29 00:17:09 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\River Past G5
[2010/01/29 00:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\River Past G5
[2010/01/29 00:01:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Vortex Surround
[2010/01/27 01:24:19 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Template
[2010/01/26 18:56:17 | 000,000,000 | ---D | C] -- C:\ProgramData\QuickTime
[2010/01/26 12:42:50 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\MotionDSP
[2010/01/26 12:40:56 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\NVIDIA 3D Vision Video Player
[2010/01/26 12:17:36 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Download Manager
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

OTL.Txt 4

========== Files - Modified Within 90 Days ==========

[2010/04/22 19:55:18 | 016,252,928 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat
[2010/04/22 19:47:04 | 000,018,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/22 19:47:04 | 000,018,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/22 19:45:48 | 000,872,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/04/22 19:45:48 | 000,727,364 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/04/22 19:45:48 | 000,145,344 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/04/22 19:39:51 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/22 19:39:50 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\RegCure Startup.job
[2010/04/22 19:39:50 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\Windows 7 Manager - Free Memory.job
[2010/04/22 19:39:04 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/22 19:39:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/22 19:38:44 | 2945,847,295 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/21 20:59:44 | 001,490,308 | -H-- | M] () -- C:\Users\Timothy\AppData\Local\IconCache.db
[2010/04/21 20:37:43 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2010/04/21 20:21:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/21 20:10:56 | 000,000,334 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\pfdnnt.act
[2010/04/20 22:56:15 | 000,015,928 | ---- | M] () -- C:\Windows\SysNative\drivers\COMFiltr.sys
[2010/04/20 22:56:04 | 000,000,274 | ---- | M] () -- C:\Windows\SysNative\PavCPL64.dat
[2010/04/20 22:56:03 | 000,237,172 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck
[2010/04/20 22:56:03 | 000,237,172 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT
[2010/04/20 22:56:03 | 000,202,048 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls.bck
[2010/04/20 22:56:03 | 000,202,048 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls
[2010/04/20 22:56:03 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck
[2010/04/20 22:56:03 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG
[2010/04/20 01:01:56 | 290,435,400 | ---- | M] () -- C:\Users\Public\Documents\BackupRegistry(20100420).reg
[2010/04/19 23:02:58 | 000,002,055 | ---- | M] () -- C:\Users\Timothy\Desktop\HijackThis.lnk
[2010/04/19 22:06:12 | 000,293,376 | ---- | M] () -- C:\Users\Timothy\Desktop\eiuwfcyr.exe
[2010/04/19 19:38:08 | 000,000,941 | ---- | M] () -- C:\Users\Timothy\Desktop\Dexpot.lnk
[2010/04/19 19:14:16 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/19 18:34:52 | 000,000,079 | ---- | M] () -- C:\Windows\in_mlp.ini
[2010/04/19 18:31:57 | 299,632,020 | ---- | M] () -- C:\Users\Public\Documents\BackupRegistry(20100419).reg
[2010/04/19 17:00:04 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2010/04/19 16:00:20 | 000,798,855 | ---- | M] () -- C:\Users\Timothy\Desktop\SvsSingleFarm_SharePointProducts2010.pdf
[2010/04/19 15:56:34 | 001,570,351 | ---- | M] () -- C:\Users\Timothy\Desktop\Office2010BetaResKit.chm
[2010/04/19 15:56:20 | 000,259,360 | ---- | M] () -- C:\Users\Timothy\Desktop\64bitClientInstallation_Office2010.pdf
[2010/04/19 15:56:05 | 000,277,123 | ---- | M] () -- C:\Users\Timothy\Desktop\Topologies_SharePointServer2010.pdf
[2010/04/19 15:55:23 | 000,236,301 | ---- | M] () -- C:\Users\Timothy\Desktop\OutlookVoiceAccess2010QuickStart_en-US.pdf
[2010/04/19 15:27:54 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2010/04/19 15:21:59 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\RegCure.lnk
[2010/04/19 11:09:26 | 000,441,006 | ---- | M] () -- C:\Users\Timothy\Desktop\Sahay release.jpg
[2010/04/19 09:07:58 | 000,003,215 | -H-- | M] () -- C:\Windows\EPMBatch.ept
[2010/04/19 09:00:33 | 000,000,930 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows 7 Manager.lnk
[2010/04/18 13:08:43 | 000,872,000 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/04/18 11:04:50 | 003,090,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/04/18 07:32:25 | 000,000,425 | ---- | M] () -- C:\Windows\WIN.INI
[2010/04/18 05:16:21 | 000,027,648 | ---- | M] () -- C:\Users\Timothy\Desktop\First Day Contact Form.doc
[2010/04/18 05:00:41 | 294,732,428 | ---- | M] () -- C:\Users\Public\Documents\BackupRegistry(20100418).reg
[2010/04/18 04:17:44 | 000,133,376 | ---- | M] () -- C:\Users\Timothy\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/18 01:10:37 | 000,000,632 | RHS- | M] () -- C:\Users\Timothy\ntuser.pol
[2010/04/18 00:50:26 | 000,029,337 | ---- | M] () -- C:\Users\Timothy\AppData\Roaming\UserTile.png
[2010/04/17 22:13:38 | 000,231,258 | ---- | M] () -- C:\Windows\hpwins23.dat
[2010/04/17 21:38:33 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2010/04/17 21:38:27 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/04/17 21:38:27 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010/04/17 21:38:26 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/04/17 21:38:26 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010/04/17 20:35:33 | 000,031,576 | ---- | M] () -- C:\Users\Timothy\Desktop\support.gateway.com - Print.pdf
[2010/04/17 14:23:00 | 001,225,728 | ---- | M] () -- C:\Users\Timothy\Desktop\WSUS30DeploymentGuide.doc
[2010/04/17 00:27:19 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/17 00:27:19 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/17 00:27:19 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TM.blf
[2010/04/16 23:01:48 | 000,000,219 | ---- | M] () -- C:\Windows\iepreview.ini
[2010/04/16 19:12:17 | 289,261,034 | ---- | M] () -- C:\Users\Public\Documents\BackupRegistry(20100416).reg
[2010/04/15 00:31:53 | 000,000,272 | ---- | M] () -- C:\Users\Timothy\Desktop\The Unofficial NVIDIA SLI Technology User Reference Guide - NVIDIA Forums.url
[2010/04/15 00:31:43 | 001,949,066 | ---- | M] () -- C:\Users\Timothy\Desktop\forums.nvidia.com - index.pdf
[2010/04/13 23:33:37 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/13 23:33:37 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/13 23:33:37 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TM.blf
[2010/04/11 00:40:55 | 000,884,224 | ---- | M] () -- C:\Users\Timothy\Desktop\Internet Explorer 8 Performance White Paper - Copy.doc
[2010/04/09 23:11:05 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/09 23:11:05 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/09 23:11:05 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TM.blf
[2010/04/03 22:55:32 | 000,064,616 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/04/03 22:55:32 | 000,056,424 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/04/03 22:55:32 | 000,009,832 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2010/04/03 18:41:38 | 000,276,196 | ---- | M] () -- C:\Windows\SysNative\NvApps.xml
[2010/04/03 18:41:38 | 000,066,714 | ---- | M] () -- C:\Windows\SysNative\NvwsApps.xml
[2010/03/30 18:12:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/03/30 00:45:56 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/03/29 18:42:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010/03/29 18:15:48 | 348,466,330 | ---- | M] () -- C:\Users\Timothy\Documents\BackupRegistry(20100329).reg
[2010/03/28 03:03:27 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/28 03:03:27 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/28 03:03:27 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TM.blf
[2010/03/27 21:33:11 | 000,000,107 | ---- | M] () -- C:\Users\Timothy\AppData\Local\00000104
[2010/03/27 16:19:23 | 000,026,623 | ---- | M] () -- C:\Windows\SysWow64\wow64_wlansvc.ptxml
[2010/03/27 16:19:22 | 000,081,227 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7600.16385_none_1837f556ef065706.manifest
[2010/03/27 16:19:16 | 000,086,382 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_0c9426bbaadd00d8.manifest
[2010/03/27 16:19:07 | 000,013,270 | ---- | M] () -- C:\Windows\SysWow64\wow64_ieframe.ptxml
[2010/03/27 16:18:58 | 000,101,077 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-com-base_31bf3856ad364e35_6.1.7600.16385_none_7437d270749746e5.manifest
[2010/03/27 16:18:34 | 000,123,749 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.1.7600.16385_none_782caecbca6c3448.manifest
[2010/03/27 16:18:14 | 000,143,196 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-msxml30_31bf3856ad364e35_6.1.7600.16385_none_eeb7dc93e4e7eade.manifest
[2010/03/27 16:16:53 | 000,287,788 | ---- | M] () -- C:\Windows\SysNative\Rules.System.Configuration.xml
[2010/03/27 16:16:48 | 000,062,541 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7600.16385_none_1837f556ef065706_samsrv.mof_b7a3f662
[2010/03/27 16:15:32 | 001,054,916 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7600.16385_none_d272c6d7600db661.manifest
[2010/03/26 21:02:29 | 000,000,080 | RHS- | M] () -- C:\Windows\SysWow64\66B7EDF2C4.dll
[2010/03/24 19:26:41 | 000,000,658 | ---- | M] () -- C:\Windows\SysWow64\SYNSOACC.dll - Shortcut.lnk
[2010/03/21 19:20:23 | 000,151,552 | ---- | M] () -- C:\Windows\SysWow64\nvRegDev.dll
[2010/03/21 19:20:23 | 000,053,248 | ---- | M] () -- C:\Windows\SysWow64\nvTextureToolsUtil.dll
[2010/03/21 19:19:33 | 000,001,695 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NVIDIA Driver Instrumentation Tray.lnk
[2010/03/21 19:19:27 | 000,009,728 | ---- | M] () -- C:\Windows\SysWow64\nvPerfSDKUtil.dll
[2010/03/21 19:19:05 | 000,057,344 | ---- | M] () -- C:\Windows\SysWow64\nvPerfHUDUtil.dll
[2010/03/21 14:39:45 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Registry Reviver64-Timothy-Startup.job
[2010/03/17 16:19:04 | 000,002,736 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2010/03/17 15:32:01 | 000,065,536 | -HS- | M] () -- C:\NULL
[2010/03/15 20:22:13 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/15 20:22:13 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/15 20:22:13 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TM.blf
[2010/03/15 10:23:35 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/15 10:23:35 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/15 10:23:35 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TM.blf
[2010/03/13 22:11:16 | 000,081,767 | ---- | M] () -- C:\Windows\hpqins13.dat
[2010/03/11 05:21:05 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2010/03/10 18:32:25 | 000,000,096 | ---- | M] () -- C:\Windows\CL.INI
[2010/03/06 03:22:30 | 000,007,599 | ---- | M] () -- C:\Users\Timothy\AppData\Local\Resmon.ResmonCfg
[2010/03/03 15:30:29 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TM.blf
[2010/03/03 15:30:28 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/03 15:30:28 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/02 02:40:59 | 000,003,546 | ---- | M] () -- C:\Users\Timothy\AppData\Roaming\com.koingosw.LibrarianPro.xml
[2010/02/26 20:20:13 | 000,000,959 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2010/02/26 20:20:02 | 000,049,576 | ---- | M] (SafeNet, Inc.) -- C:\Windows\SysNative\drivers\rcudawdm.sys
[2010/02/26 04:01:39 | 000,196,608 | ---- | M] () -- C:\Windows\SysWow64\avisynth.dll
[2010/02/26 04:00:40 | 000,414,272 | ---- | M] (Hacked with Joy !) -- C:\Windows\SysWow64\DivXc32f.dll
[2010/02/26 04:00:40 | 000,414,272 | ---- | M] (Hacked with Joy !) -- C:\Windows\SysWow64\DivXc32.dll
[2010/02/26 04:00:40 | 000,291,408 | ---- | M] (Hacked With Joy !) -- C:\Windows\SysWow64\DivXa32.acm
[2010/02/26 04:00:40 | 000,240,400 | ---- | M] (Hacked With Joy ! ) -- C:\Windows\SysWow64\DivX_c32.ax
[2010/02/26 04:00:30 | 000,033,280 | ---- | M] (Disappearing Inc.) -- C:\Windows\SysWow64\HUFFYUV.DLL
[2010/02/25 22:47:53 | 000,002,030 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke Translator.lnk
[2010/02/25 22:40:55 | 000,001,901 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke.lnk
[2010/02/23 22:34:06 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2010/02/22 19:33:04 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\Windows 7 Manager - Run File.job
[2010/02/18 13:33:41 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010/02/17 12:44:05 | 000,000,211 | ---- | M] () -- C:\Windows\IDM.REG
[2010/02/15 21:15:05 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\krx260.dat
[2010/02/13 03:32:06 | 000,000,157 | ---- | M] () -- C:\Users\Timothy\AppData\Roaming\default.rss
[2010/02/13 02:37:32 | 000,000,000 | ---- | M] () -- C:\Users\Timothy\AppData\Local\rx_image32.Cache
[2010/02/12 22:33:21 | 000,000,761 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/02/12 18:20:52 | 000,034,308 | ---- | M] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010/02/10 17:14:23 | 000,856,441 | ---- | M] () -- C:\Users\Public\Documents\asgt.exe
[2010/02/03 15:03:15 | 000,000,042 | ---- | M] () -- C:\Windows\SysWow64\QAPPKM_UKDFC.pnc
[2010/02/03 14:23:48 | 000,000,042 | ---- | M] () -- C:\Windows\SysWow64\DuplicateFileCleaner.lie
[2010/02/02 09:19:59 | 000,021,592 | ---- | M] () -- C:\Users\Timothy\The insidious betrayal of my declining mind.docx
[2010/01/29 21:14:23 | 000,000,486 | ---- | M] () -- C:\Windows\SysNative\SYNSOACC.dll - Shortcut (2).lnk
[2010/01/28 20:35:44 | 002,077,312 | ---- | M] () -- C:\Windows\SysNative\BootMan.exe
[2010/01/28 20:35:44 | 001,692,288 | ---- | M] () -- C:\Windows\SysWow64\BootMan.exe
[2010/01/26 12:01:03 | 000,006,656 | ---- | M] () -- C:\Users\Timothy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/23 15:43:22 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/01/23 15:43:22 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/01/23 15:43:22 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TM.blf
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/20 22:56:15 | 000,015,928 | ---- | C] () -- C:\Windows\SysNative\drivers\COMFiltr.sys
[2010/04/20 22:56:04 | 000,000,274 | ---- | C] () -- C:\Windows\SysNative\PavCPL64.dat
[2010/04/20 01:01:49 | 290,435,400 | ---- | C] () -- C:\Users\Public\Documents\BackupRegistry(20100420).reg
[2010/04/20 00:14:29 | 001,054,916 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7600.16385_none_d272c6d7600db661.manifest
[2010/04/20 00:14:29 | 000,143,196 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-msxml30_31bf3856ad364e35_6.1.7600.16385_none_eeb7dc93e4e7eade.manifest
[2010/04/20 00:14:29 | 000,123,749 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.1.7600.16385_none_782caecbca6c3448.manifest
[2010/04/20 00:14:29 | 000,101,077 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-com-base_31bf3856ad364e35_6.1.7600.16385_none_7437d270749746e5.manifest
[2010/04/20 00:14:29 | 000,086,382 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_0c9426bbaadd00d8.manifest
[2010/04/20 00:14:29 | 000,081,227 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7600.16385_none_1837f556ef065706.manifest
[2010/04/20 00:14:29 | 000,062,541 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7600.16385_none_1837f556ef065706_samsrv.mof_b7a3f662
[2010/04/20 00:14:29 | 000,026,623 | ---- | C] () -- C:\Windows\SysWow64\wow64_wlansvc.ptxml
[2010/04/20 00:14:29 | 000,013,270 | ---- | C] () -- C:\Windows\SysWow64\wow64_ieframe.ptxml
[2010/04/19 23:54:22 | 000,287,788 | ---- | C] () -- C:\Windows\SysNative\Rules.System.Configuration.xml
[2010/04/19 23:02:58 | 000,002,055 | ---- | C] () -- C:\Users\Timothy\Desktop\HijackThis.lnk
[2010/04/19 22:06:11 | 000,293,376 | ---- | C] () -- C:\Users\Timothy\Desktop\eiuwfcyr.exe
[2010/04/19 19:38:08 | 000,000,941 | ---- | C] () -- C:\Users\Timothy\Desktop\Dexpot.lnk
[2010/04/19 19:14:16 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/19 18:31:35 | 299,632,020 | ---- | C] () -- C:\Users\Public\Documents\BackupRegistry(20100419).reg
[2010/04/19 16:00:20 | 000,798,855 | ---- | C] () -- C:\Users\Timothy\Desktop\SvsSingleFarm_SharePointProducts2010.pdf
[2010/04/19 15:56:32 | 001,570,351 | ---- | C] () -- C:\Users\Timothy\Desktop\Office2010BetaResKit.chm
[2010/04/19 15:56:20 | 000,259,360 | ---- | C] () -- C:\Users\Timothy\Desktop\64bitClientInstallation_Office2010.pdf
[2010/04/19 15:56:05 | 000,277,123 | ---- | C] () -- C:\Users\Timothy\Desktop\Topologies_SharePointServer2010.pdf
[2010/04/19 15:55:23 | 000,236,301 | ---- | C] () -- C:\Users\Timothy\Desktop\OutlookVoiceAccess2010QuickStart_en-US.pdf
[2010/04/19 15:22:05 | 000,000,418 | ---- | C] () -- C:\Windows\tasks\RegCure Program Check.job
[2010/04/19 15:22:05 | 000,000,400 | ---- | C] () -- C:\Windows\tasks\RegCure.job
[2010/04/19 15:22:05 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\RegCure Startup.job
[2010/04/19 15:21:59 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\RegCure.lnk
[2010/04/19 11:09:44 | 000,441,006 | ---- | C] () -- C:\Users\Timothy\Desktop\Sahay release.jpg
[2010/04/19 10:33:31 | 2945,847,295 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/19 09:00:33 | 000,000,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows 7 Manager.lnk
[2010/04/18 07:42:46 | 000,008,627 | ---- | C] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2010/04/18 07:29:10 | 000,237,172 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck
[2010/04/18 07:29:10 | 000,237,172 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT
[2010/04/18 07:29:10 | 000,001,132 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck
[2010/04/18 07:29:10 | 000,001,132 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG
[2010/04/18 05:00:28 | 294,732,428 | ---- | C] () -- C:\Users\Public\Documents\BackupRegistry(20100418).reg
[2010/04/18 00:50:26 | 000,029,337 | ---- | C] () -- C:\Users\Timothy\AppData\Roaming\UserTile.png
[2010/04/17 23:20:37 | 000,000,272 | ---- | C] () -- C:\Users\Timothy\Desktop\The Unofficial NVIDIA SLI Technology User Reference Guide - NVIDIA Forums.url
[2010/04/17 21:38:46 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2010/04/17 21:38:46 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2010/04/17 21:33:07 | 000,013,931 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2010/04/17 21:33:03 | 000,013,931 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2010/04/17 20:57:16 | 000,123,780 | ---- | C] () -- C:\Windows\SysNative\drivers\RtConvEQ.DAT
[2010/04/17 20:57:16 | 000,001,496 | ---- | C] () -- C:\Windows\SysNative\drivers\RtkAcerM.dat
[2010/04/17 20:57:16 | 000,000,728 | ---- | C] () -- C:\Windows\SysNative\drivers\RtHdatEx.dat
[2010/04/17 20:57:16 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat
[2010/04/17 20:57:16 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat
[2010/04/17 20:57:16 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2010/04/17 20:57:16 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat
[2010/04/17 20:35:33 | 000,031,576 | ---- | C] () -- C:\Users\Timothy\Desktop\support.gateway.com - Print.pdf
[2010/04/17 14:22:58 | 001,225,728 | ---- | C] () -- C:\Users\Timothy\Desktop\WSUS30DeploymentGuide.doc
[2010/04/17 00:12:02 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/17 00:12:02 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/17 00:12:02 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TM.blf
[2010/04/16 23:37:04 | 000,027,648 | ---- | C] () -- C:\Users\Timothy\Desktop\First Day Contact Form.doc
[2010/04/16 23:24:25 | 026,894,050 | ---- | C] () -- C:\Users\Timothy\Desktop\Addison.Wesley.GPU.Gems.3.Aug.2007.chm
[2010/04/16 19:12:06 | 289,261,034 | ---- | C] () -- C:\Users\Public\Documents\BackupRegistry(20100416).reg
[2010/04/15 01:44:27 | 019,539,424 | ---- | C] () -- C:\Users\Timothy\01. Suzanne.flac
[2010/04/15 00:31:35 | 001,949,066 | ---- | C] () -- C:\Users\Timothy\Desktop\forums.nvidia.com - index.pdf
[2010/04/13 22:24:45 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/13 22:24:45 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/13 22:24:45 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TM.blf
[2010/04/11 00:40:51 | 000,884,224 | ---- | C] () -- C:\Users\Timothy\Desktop\Internet Explorer 8 Performance White Paper - Copy.doc
[2010/04/09 20:14:11 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/09 20:14:11 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/09 20:14:11 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TM.blf
[2010/04/03 22:55:32 | 000,009,832 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010/04/03 18:41:38 | 000,276,196 | ---- | C] () -- C:\Windows\SysNative\NvApps.xml
[2010/04/03 18:41:38 | 000,066,714 | ---- | C] () -- C:\Windows\SysNative\NvwsApps.xml
[2010/03/30 18:12:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2010/03/29 18:15:35 | 348,466,330 | ---- | C] () -- C:\Users\Timothy\Documents\BackupRegistry(20100329).reg
[2010/03/29 13:08:53 | 000,003,315 | ---- | C] () -- C:\Windows\SysNative\e1y62x64.din
[2010/03/28 23:40:24 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2010/03/27 21:33:11 | 000,000,107 | ---- | C] () -- C:\Users\Timothy\AppData\Local\00000104
[2010/03/27 21:02:56 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/27 21:02:56 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/27 21:02:56 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TM.blf
[2010/03/22 23:13:50 | 000,003,215 | -H-- | C] () -- C:\Windows\EPMBatch.ept
[2010/03/21 19:20:24 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\nvTextureToolsUtil.dll
[2010/03/21 19:19:33 | 000,124,928 | ---- | C] () -- C:\Windows\SysNative\NVDevCPL.cpl
[2010/03/21 19:19:33 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\NVDevTray.dll
[2010/03/21 19:19:33 | 000,001,695 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NVIDIA Driver Instrumentation Tray.lnk
[2010/03/21 19:19:28 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\nvPerfSDKUtil.dll
[2010/03/21 19:19:14 | 001,537,536 | R--- | C] () -- C:\Windows\SysNative\nvpmapi64.dll
[2010/03/21 19:19:14 | 000,001,816 | R--- | C] () -- C:\Windows\SysNative\nvprfctr.ini
[2010/03/21 19:19:14 | 000,000,866 | R--- | C] () -- C:\Windows\SysNative\nvprfsmb.h
[2010/03/21 19:19:14 | 000,000,240 | R--- | C] () -- C:\Windows\SysNative\nvprfctr.reg
[2010/03/21 19:19:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\nvPerfHUDUtil.dll
[2010/03/21 14:53:36 | 000,350,720 | ---- | C] () -- C:\Users\Timothy\Desktop\hjsplit.exe
[2010/03/17 19:00:46 | 002,077,312 | ---- | C] () -- C:\Windows\SysNative\BootMan.exe
[2010/03/17 19:00:46 | 001,692,288 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2010/03/17 19:00:46 | 000,100,232 | ---- | C] () -- C:\Windows\SysNative\setupempdrvx64.exe
[2010/03/17 19:00:46 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2010/03/17 19:00:46 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\EuEpmGdi.dll
[2010/03/17 19:00:46 | 000,009,096 | ---- | C] () -- C:\Windows\SysNative\EuGdiDrv.sys
[2010/03/17 19:00:45 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2010/03/17 19:00:45 | 000,016,776 | ---- | C] () -- C:\Windows\SysNative\epmntdrv.sys
[2010/03/17 19:00:45 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2010/03/17 19:00:45 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2010/03/17 17:57:49 | 000,000,386 | ---- | C] () -- C:\Windows\tasks\Registry Reviver64-Timothy-Startup.job
[2010/03/17 15:46:24 | 000,002,736 | ---- | C] () -- C:\Windows\SysNative\oodbs.lor
[2010/03/17 13:06:29 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/17 13:06:25 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/17 01:04:17 | 000,065,536 | -HS- | C] () -- C:\NULL
[2010/03/16 20:20:03 | 000,000,219 | ---- | C] () -- C:\Windows\iepreview.ini
[2010/03/15 11:18:45 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/15 11:18:45 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/15 11:18:45 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TM.blf
[2010/03/15 01:48:01 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/15 01:48:01 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/15 01:48:01 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TM.blf
[2010/03/13 22:10:30 | 000,081,767 | ---- | C] () -- C:\Windows\hpqins13.dat
[2010/03/13 21:56:41 | 000,231,258 | ---- | C] () -- C:\Windows\hpwins23.dat
[2010/03/13 21:56:41 | 000,019,022 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/03/13 21:56:41 | 000,001,843 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2010/03/11 05:09:59 | 000,000,080 | RHS- | C] () -- C:\Windows\SysWow64\66B7EDF2C4.dll
[2010/03/10 18:32:25 | 000,000,096 | ---- | C] () -- C:\Windows\CL.INI
[2010/03/07 19:45:51 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2010/03/06 14:57:00 | 000,214,528 | ---- | C] () -- C:\Windows\acroinst.exe
[2010/03/06 14:57:00 | 000,062,597 | ---- | C] () -- C:\Windows\acropdf.chm
[2010/03/06 14:57:00 | 000,000,667 | ---- | C] () -- C:\Windows\acroppd.ppd
[2010/03/03 01:31:22 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/03 01:31:21 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/03 01:31:21 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TM.blf
[2010/03/02 01:41:33 | 000,003,546 | ---- | C] () -- C:\Users\Timothy\AppData\Roaming\com.koingosw.LibrarianPro.xml
[2010/02/25 22:47:53 | 000,002,030 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke Translator.lnk
[2010/02/25 22:40:54 | 000,001,901 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke.lnk
[2010/02/22 17:23:45 | 000,000,310 | ---- | C] () -- C:\Windows\tasks\Windows 7 Manager - Run File.job
[2010/02/19 21:49:43 | 000,120,832 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2010/02/19 19:31:52 | 001,103,360 | ---- | C] () -- C:\Windows\SysWow64\cidfont.dll
[2010/02/19 19:31:51 | 004,369,408 | ---- | C] () -- C:\Windows\SysWow64\pdftk.exe
[2010/02/19 19:31:51 | 001,503,232 | ---- | C] () -- C:\Windows\SysWow64\ptj.exe
[2010/02/19 19:31:51 | 000,235,008 | ---- | C] () -- C:\Windows\SysWow64\office.exe
[2010/02/16 21:16:38 | 000,000,211 | ---- | C] () -- C:\Windows\IDM.REG
[2010/02/15 21:09:53 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\krx260.dat
[2010/02/13 03:32:06 | 000,000,157 | ---- | C] () -- C:\Users\Timothy\AppData\Roaming\default.rss
[2010/02/13 02:37:32 | 000,000,000 | ---- | C] () -- C:\Users\Timothy\AppData\Local\rx_image32.Cache
[2010/02/12 18:39:33 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\Windows 7 Manager - Free Memory.job
[2010/02/12 16:41:18 | 000,000,194 | ---- | C] () -- C:\ProgramData\DriverTool.log
[2010/02/10 18:13:57 | 000,856,441 | ---- | C] () -- C:\Users\Public\Documents\asgt.exe
[2010/02/03 15:03:15 | 000,000,042 | ---- | C] () -- C:\Windows\SysWow64\QAPPKM_UKDFC.pnc
[2010/02/03 14:23:48 | 000,000,042 | ---- | C] () -- C:\Windows\SysWow64\DuplicateFileCleaner.lie
[2010/01/29 21:14:22 | 000,000,486 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC.dll - Shortcut (2).lnk
[2010/01/29 21:14:08 | 000,000,658 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC.dll - Shortcut.lnk
[2010/01/29 20:06:46 | 000,016,384 | ---- | C] () -- C:\Windows\SysNative\drivers\vpcuxd.sys
[2010/01/29 20:06:46 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\vpchbuspipe.dll
[2010/01/29 20:06:35 | 000,187,904 | ---- | C] () -- C:\Windows\SysNative\drivers\vpchbus.sys
[2010/01/29 20:06:35 | 000,095,232 | ---- | C] () -- C:\Windows\SysNative\drivers\vpcusb.sys
[2010/01/29 19:44:37 | 000,051,867 | ---- | C] () -- C:\Windows\Ultimate.xml
[2010/01/29 03:24:55 | 000,400,384 | ---- | C] () -- C:\Windows\System\SYNSOACC.dll
[2010/01/23 15:43:22 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/01/23 15:43:22 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/01/23 15:43:22 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TM.blf
[2010/01/21 04:26:26 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010/01/21 04:14:49 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\avisynth.dll
[2010/01/19 20:07:32 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2010/01/18 05:20:58 | 000,084,480 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/01/18 05:12:59 | 000,000,079 | ---- | C] () -- C:\Windows\in_mlp.ini
[2009/11/18 23:03:00 | 000,872,000 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/11/17 23:57:58 | 000,000,036 | ---- | C] () -- C:\Windows\verypdf.ini
[2009/11/17 07:12:55 | 000,106,496 | R--- | C] () -- C:\Windows\SysWow64\vshp1020.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/09 11:03:56 | 000,294,912 | ---- | C] () -- C:\Windows\PIC.dll
[2009/07/09 11:03:56 | 000,000,870 | ---- | C] () -- C:\Windows\mhotkey_reg.ini
[2009/06/25 15:10:08 | 000,089,352 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2009/06/25 15:09:34 | 000,059,144 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2009/06/25 15:08:48 | 000,234,760 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll
[2009/06/03 17:14:48 | 000,167,424 | ---- | C] () -- C:\Windows\SysWow64\drivers\ArcHlp.sys
[2008/07/27 14:32:43 | 000,002,773 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2008/07/27 14:32:43 | 000,001,324 | ---- | C] () -- C:\Windows\FF08_not_Spk_Hp.ini
[2008/07/27 14:32:21 | 000,169,984 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2008/07/27 14:32:21 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2005/10/14 06:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2005/10/14 06:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\VorbisEnc.dll
[2005/10/14 06:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2005/10/14 06:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\xvid.dll
[2005/10/14 06:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2005/10/14 06:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2005/10/14 06:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2005/10/14 06:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2005/10/14 06:56:48 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\MMSwitch.dll
[2004/01/30 16:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\SysWow64\unicows.dll
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\sysres.dll

========== LOP Check ==========

[2010/01/18 04:49:48 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\4Media Software Studio
[2010/04/08 02:40:17 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Agnosco DICOM Viewer
[2009/11/20 00:00:04 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Amazon
[2010/02/28 05:18:52 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\App Launcher Gadget
[2010/03/10 22:37:33 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Azureus
[2010/01/20 23:13:25 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Broad Intelligence
[2010/03/09 02:34:52 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Bullzip
[2010/02/19 17:52:09 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/04/20 03:06:16 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Dexpot
[2010/04/19 08:47:11 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\DMCache
[2010/04/05 13:42:46 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\DriverCure
[2010/01/08 18:17:11 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\EndNote
[2010/03/06 13:44:46 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Foxit
[2010/03/06 14:21:54 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Foxit Software
[2010/04/19 08:47:11 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\IDM
[2010/02/22 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\install
[2010/03/03 04:24:22 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\IObit
[2010/02/15 21:05:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Kristanix Software
[2010/04/18 03:51:31 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\KSE
[2010/04/18 04:17:50 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\nHancer
[2010/02/24 06:01:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\NVD
[2010/02/12 00:00:18 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\OpenCandy
[2010/03/29 11:28:28 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Opera
[2010/04/20 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Panda Security
[2010/02/24 14:34:47 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\PCF-VLC
[2010/03/29 12:29:21 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\PCPitstop
[2010/04/18 00:27:45 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\PeerNetworking
[2010/04/11 07:39:39 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Pegasys Inc
[2010/01/29 00:17:09 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\River Past G5
[2010/03/09 03:10:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\SecondLife
[2010/03/27 01:05:33 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Seeing Machines
[2010/02/12 23:04:48 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Simple Star
[2010/04/14 01:38:48 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\SmartDraw
[2010/04/17 00:15:02 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\SoftGrid Client
[2009/12/16 13:21:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Subversion
[2010/04/14 01:41:13 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\SystemRequirementsLab
[2010/01/27 01:24:19 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Template
[2010/01/29 18:56:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TH1
[2010/02/04 00:01:06 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Thinking Minds Budiling Bytes
[2010/02/28 12:29:23 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Thinstall
[2010/02/24 00:33:04 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Tific
[2010/03/10 18:24:06 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\ToLTech
[2010/04/17 00:14:57 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TP
[2010/03/02 03:49:48 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TuneUp Software
[2010/03/17 17:59:14 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Uniblue
[2010/01/18 05:20:53 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Vso
[2010/04/13 22:32:19 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Western Digital
[2010/04/17 10:16:42 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Western DigitalTemp
[2010/04/19 10:32:58 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\WhiteSmoke
[2010/04/19 10:32:58 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\WhiteSmokeTranslator
[2010/03/31 17:23:23 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Windows Live Writer
[2010/02/04 00:18:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\XemiComputers
[2010/03/07 18:11:14 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\{20140062-0062-0409-0000-0000000FF1CE}
[2010/04/19 17:00:04 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2010/04/22 19:39:50 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\RegCure Startup.job
[2010/04/19 15:27:54 | 000,000,400 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
[2010/03/21 14:39:45 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\Registry Reviver64-Timothy-Startup.job
[2010/04/19 09:12:25 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/04/22 19:39:50 | 000,000,300 | ---- | M] () -- C:\Windows\Tasks\Windows 7 Manager - Free Memory.job
[2010/02/22 19:33:04 | 000,000,310 | ---- | M] () -- C:\Windows\Tasks\Windows 7 Manager - Run File.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2010/04/18 17:21:08 | 006,260,088 | ---- | M] (Microsoft Corporation) -- C:\Silverlight.exe


< MD5 for: AGP440.SYS >
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2007/05/17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

< MD5 for: IASTOR.SYS >
[2008/07/20 20:44:44 | 000,324,120 | ---- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008/07/20 05:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\ACER\Preload\Autorun\DRV\Intel RAID imsm\F6 Install Floppy Create for 32 and 64 bit Windows\IaStor.sys
[2008/07/20 20:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008/07/20 20:44:54 | 000,402,456 | ---- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b713da3dc2c70b47\iaStor.sys

< MD5 for: IASTORV.SYS >
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:66BBBB3E
@Alternate Data Stream - 943 bytes -> C:\ProgramData\Temp:24721E3C
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:4BF2F6B5
@Alternate Data Stream - 176 bytes -> C:\Users\Timothy\Desktop\Sahay release.jpg:3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 169 bytes -> C:\ProgramData\Temp:0295CBF7
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:33317D95
< End of report >

 

Extras.Txt

OTL Extras logfile created on: 4/22/2010 7:52:28 PM - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\Timothy\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

9.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 70.00% Memory free
27.00 Gb Paging File | 24.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.86 Gb Total Space | 851.55 Gb Free Space | 92.88% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 650.70 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 1.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
Drive H: | 1.08 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 474.71 Gb Total Space | 26.99 Gb Free Space | 5.68% Space Free | Partition Type: NTFS
Drive L: | 467.31 Gb Total Space | 376.78 Gb Free Space | 80.63% Space Free | Partition Type: NTFS
Drive M: | 492.14 Gb Total Space | 305.56 Gb Free Space | 62.09% Space Free | Partition Type: NTFS
Drive N: | 202.75 Gb Total Space | 114.29 Gb Free Space | 56.37% Space Free | Partition Type: NTFS
Drive O: | 299.25 Gb Total Space | 179.54 Gb Free Space | 60.00% Space Free | Partition Type: NTFS
Drive R: | 343.25 Gb Total Space | 286.88 Gb Free Space | 83.58% Space Free | Partition Type: NTFS
Drive S: | 175.99 Gb Total Space | 175.90 Gb Free Space | 99.95% Space Free | Partition Type: NTFS
Drive V: | 442.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: TIMOTHY-PC
Current User Name: Timothy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\Iexplore.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.jse[@ = JSEFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.reg [@ = regfile] -- regedit.exe "%1 "
.vbe[@ = VBEFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbs[@ = VBSFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsf[@ = WSFFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsh[@ = WSHFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\Iexplore.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.jse [@ = JSEFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.reg [@ = regfile] -- regedit.exe "%1 "
.vbe [@ = VBEFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.vbs [@ = VBSFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsf [@ = WSFFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)
.wsh [@ = WSHFile] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PAVSCRIP.EXE (Panda Security, S.L.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Minefield\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\Iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll ",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
jsefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
vbsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
wsffile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
wshfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1 ",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\Iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll ",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
jsefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1 "
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
vbsfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
wsffile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
wshfile [open] -- C:\PROGRA~2\PANDAS~1\PANDAG~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V "
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:Windows Firewall Update -- (Mozilla Corporation)
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe:*:Enabled:Windows Firewall Update -- (Mozilla Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0323E2ED-1E66-4EB3-AF95-6CD66FE22719}" = TouchScreenTools
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0BBBA9A9-02E8-467D-BE57-4797A50F7861}" = Intel(R) Network Connections 15.1.29.0
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{20140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{2E1B4B42-069F-4F53-9966-9B9B938D7FE5}" = HP Officejet 6500 E709 Series
"{35C2BB76-B80A-4E3B-A9BE-CF7F23651F33}" = WD SmartWare
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3DA6EB9F-513B-46F3-BAE6-BB4D5398337F}" = FastAccess
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{77846B52-14C9-4FC4-BE63-FE06AF501442}" = Windows Server Update Services 3.0 SP2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{84BC87D4-0480-4E10-B15D-1E7886D55180}" = iTunes
"{8ACE41AA-6262-43F7-B3E6-217C50803BBA}" = nHancer
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{F7513E19-6224-485E-988D-9BF45BE64B53}" = Windows Live Family Safety
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"B631A5D1F66BED73E4281E2CBE0A2B55390EAF3E" = Windows Driver Package - Intel (e1yexpress) Net (06/12/2009 10.0.6.0)
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 6.0.0.865
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft Security Essentials" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PROSetDX" = Intel(R) Network Connections 15.1.29.0
"Shop for HP Supplies" = Shop for HP Supplies
"Windows Server Update Services 3.0 SP2" = Windows Server Update Services 3.0 SP2 Console
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01287DE9-6EEB-488D-99C7-FE3C707A87AC}" = BIAS SoundSoap SE 2.2
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Dell TouchCam
"{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA PureVideo Decoder
"{082BDF7B-4810-4599-BF0D-E3AC44EC8524}" = Microsoft ASP.NET 2.0 AJAX Extensions 1.0
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{20140062-0062-0409-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 (Beta) - English
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25140000-0048-0409-0000-0000000FF1CE}" = Microsoft Outlook Hotmail Connector 32-bit (Beta)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware
"{38F48AED-66D8-464C-993E-C7296C7A199B}" = Intel(R) IPP Run-Time Installer 5.2 for Windows* on IA-32
"{39316EDC-804F-4081-9974-0A13BA77E5EF}" = Windows Internet Explorer Platform Preview
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3B89785B-4E94-400A-8705-5841B14063A7}" = ArcSoft SimHD Assistant Plugin
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41B6EF3E-C5D2-4196-B915-7DDD8842F8C0}" = NVIDIA PerfSDK
"{4268A284-94DD-4124-8D7C-9118848C3233}" = FastReader
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4BE15737-07C5-4705-9DFC-D9D533939942}" = NVIDIA Media Center Extensions
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{548CC5A0-F2E2-11DD-6172-0DC7E1C11916}" = Vopt 9
"{57634571-FD82-4BEC-B822-A1ED7765474F}_is1" = SmartLauncher
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{63B07463-2E1B-4B7F-AF79-4D4D3E98F03B}" = Sound Blaster X-Fi MB
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{65C967FA-29D8-4A5F-99C5-BC9AF1F8F9D2}" = NVIDIA Texture Tools 2 - 64 bit
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70A66934-9248-4B31-A71A-E1E4239F7BC6}" = NVIDIA PerfHUD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{754854DC-2E0A-49D8-A1A1-426C1F9B1459}" = Intel(R) IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7CC83441-3760-456B-893B-5E545DEFA2C9}" = NVIDIA GPU Computing SDK
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{80C77B6E-39EC-4DFB-A5B0-025D221B5EA8}" = NVIDIA Display Driver Instrumentation Add-on
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{81A25967-DB85-4B48-A8A7-D25AC191DEE4}" = Panda Global Protection 2010
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C57C58-FDD7-4d86-BFCC-9D31CC4EFA71}" = 6500_E709n
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86B3F2D6-AC2B-4E88-8AE1-F2F77F781B0C}" = EndNote X3
"{8911A5F5-06A6-4931-B193-E1FB0ECAF372}" = Exterminate3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B7917E0-AF55-4E8A-9473-017F0AA03AC8}" = QuickTime
"{8BD970EF-2149-4775-B0A1-69B06945868D}" = Panda Global Protection 2010
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{9431A631-BFCC-488F-AD74-364A943D4529}" = Microsoft WSE 1.0
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D89EE43-B471-40EC-9550-6BD77C7BE3F4}" = WhiteSmoke
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2010.03.10
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{ACAF8758-8B7C-40C0-AF43-897B3BB7D009}" = Windows 7 Manager
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF68235B-7FA7-4B91-AD10-C22867154174}" = NVIDIA CUDA Toolkit
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B7BD291B-D415-4484-89A4-82077504BE93}_is1" = SmartCopy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C0E96CF4-8D51-4DF4-9AB9-60666AAE4210}" = Ralink RT2860 Wireless LAN Card
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5B24955-649F-48BA-979F-CEF73738919B}" = SweetSpotter
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{D03B4978-E036-47B9-9FBD-CC13FC569B36}" = ArcSoft TotalMedia Theatre 3
"{D0FA2562-DB42-4406-97D0-4B1106A75DBB}" = Dell Touch Zone
"{D16CBD59-07B3-4F98-A404-01B6D87A90F2}" = BoneLab
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DE13432E-F0C1-4842-A5BA-CC997DA72A70}" = 6500_E709_eDocs
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E1DC9B7D-F414-43F5-89A0-7DEE0317C712}" = WhiteSmoke Translator
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{ED5DCA6F-5FEA-47CB-83DB-210A468C298B}" = KB0817 Keyboard Driver
"{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}" = Microsoft WSE 3.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F185B35D-38E5-4D88-B275-15C8C7FC4357}" = 6500_E709_Help
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9448646-B1A1-46F4-82E1-8304AFEABD5F}" = Panda Global Protection 2010
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AcroPDF_is1" = AcroPDF 3.00
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adolix Split and Merge PDF_is1" = Adolix Split and Merge PDF v1.5
"Advanced Word to Pdf Converter_is1" = Advanced Word to Pdf Converter 6.4
"Akamai" = Akamai NetSession Interface
"Amazon Kindle For PC" = Amazon Kindle For PC v1.0
"CA PC Tune-Up_is1" = CA PC Tune-Up 2.0.0.8
"Cg Toolkit_is1" = NVIDIA Cg Toolkit 2.2 February 2010
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"Dexpot" = Dexpot
"Digital Editions" = Adobe Digital Editions
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DjVuLibre+DjView" = DjVuLibre+DjView
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Drum Kit Ace_is1" = Drum Kit Ace 1.0
"Dup Scout Pro" = Dup Scout Pro 1.5.44
"EASEUS Partition Master Professional Edition_is1" = EASEUS Partition Master 5.0.1 Professional
"ffdshow_is1" = ffdshow [rev 2975] [2009-05-28]
"FLAC" = FLAC 1.2.1b (remove only)
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"HaaliMkx" = Haali Media Splitter
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP-LaserJet 1020 series" = LaserJet 1020 series
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Dell TouchCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D03B4978-E036-47B9-9FBD-CC13FC569B36}" = ArcSoft TotalMedia Theatre 3
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.7.2.4582
"Minefield (3.7a4pre)" = Minefield (3.7a4pre)
"Money2007b" = Microsoft Money Essentials
"Mozilla Firefox (3.6.3plugin1)" = Mozilla Firefox (3.6.3plugin1)
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"OpenCV2.0" = OpenCV SDK
"PDF Password Remover v2.5_is1" = PDF Password Remover v2.5
"RealAlt_is1" = Real Alternative 1.9.0
"RegCure" = RegCure
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"Scan2PDF_is1" = Scan2PDF 1.6
"SecondLife" = SecondLife (remove only)
"SecondLifeBetaViewer" = SecondLifeBetaViewer (remove only)
"Sun Village NV 3D Screensaver_is1" = Sun Village NV 3D Screensaver 1.1
"SystemRequirementsLab" = System Requirements Lab
"UltraISO_is1" = UltraISO Premium V9.36
"VobSub" = VobSub v2.23 (Remove Only)
"WhiteSmoke_Tools Toolbar" = WhiteSmoke_Tools Toolbar
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinCHM 4.01 - Help authoring software_is1" = WinCHM 4.01
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HDtracks Download Manager" = HDtracks Download Manager
"PDF-Analyzer 3.5" = PDF-Analyzer 3.5
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

 

Thank you