Active C:\users\Appdata\roaming\microsoft\windows\cookies\@ATDMT[1].TXT

Mr PC · 2010/04/22

Fix log

All processes killed
========== OTL ==========
Service Akamai stopped successfully!
Service Akamai deleted successfully!
c:\Program Files (x86)\Common Files\Akamai\rswin_3653.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{011f9246-da13-4555-9998-6e4805bd533f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{011f9246-da13-4555-9998-6e4805bd533f}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{011f9246-da13-4555-9998-6e4805bd533f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{011f9246-da13-4555-9998-6e4805bd533f}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{011f9246-da13-4555-9998-6e4805bd533f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{011f9246-da13-4555-9998-6e4805bd533f}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FAStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LchDrvKey deleted successfully.
Starting removal of ActiveX control {88650482-3892-11D5-8997-00104BD12D94}
C:\Windows\Downloaded Program Files\PCPitstop.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{88650482-3892-11D5-8997-00104BD12D94}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88650482-3892-11D5-8997-00104BD12D94}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{88650482-3892-11D5-8997-00104BD12D94}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88650482-3892-11D5-8997-00104BD12D94}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07401cce-ed69-11de-bfb4-00226866d877}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07401cce-ed69-11de-bfb4-00226866d877}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{07401cce-ed69-11de-bfb4-00226866d877}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07401cce-ed69-11de-bfb4-00226866d877}\ not found.
File move failed. F:\PfundZahnd.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a49471f0-476c-11df-96f6-00226866d877}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a49471f0-476c-11df-96f6-00226866d877}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a49471f0-476c-11df-96f6-00226866d877}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a49471f0-476c-11df-96f6-00226866d877}\ not found.
File move failed. V:\WD SmartWare.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0b6de3d-1d6e-11df-b65c-00226866d877}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0b6de3d-1d6e-11df-b65c-00226866d877}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0b6de3d-1d6e-11df-b65c-00226866d877}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0b6de3d-1d6e-11df-b65c-00226866d877}\ not found.
File J:\setup.exe not found.
C:\Users\Timothy\Desktop\eiuwfcyr.exe moved successfully.
C:\Windows\SysWOW64\66B7EDF2C4.dll moved successfully.
ADS C:\ProgramData\Temp:66BBBB3E deleted successfully.
ADS C:\ProgramData\Temp:24721E3C deleted successfully.
ADS C:\ProgramData\Temp:4BF2F6B5 deleted successfully.
ADS C:\Users\Timothy\Desktop\Sahay release.jpg:3or4kl4x13tuuug3Byamue2s4b deleted successfully.
ADS C:\ProgramData\Temp:0295CBF7 deleted successfully.
ADS C:\ProgramData\Temp:33317D95 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File\Folder c:\Program Files (x86)\Common Files\Akamai\rswin_3653.dll not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Classic .NET AppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 469 bytes
->Flash cache emptied: 41620 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 469 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Desktop

User: Public

User: Roshni

User: Timothy
->Temp folder emptied: 370233702 bytes
->Temporary Internet Files folder emptied: 36454287 bytes
->Java cache emptied: 32291744 bytes
->FireFox cache emptied: 33485379 bytes
->Flash cache emptied: 127381 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 148197741 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15490015 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 389 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50065 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 607.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.2.0 log created on 04222010_225130

Files\Folders moved on Reboot...
File move failed. F:\PfundZahnd.exe scheduled to be moved on reboot.
File move failed. V:\WD SmartWare.exe scheduled to be moved on reboot.
C:\Users\Timothy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Users\Timothy\AppData\Local\Temp\SQL.LOG scheduled to be moved on reboot.

Registry entries deleted on Reboot...

broni · 2010/04/22

How are the issues?

1. Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

2. Go to Kaspersky website and perform an online antivirus scan.

1. Disable your active antivirus program.
2. Read through the requirements and privacy statement and click on Accept button.
3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
4. When the downloads have finished, click on Settings.
5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

Spyware, Adware, Dialers, and other potentially dangerous programs
[*] Archives
[*] Mail databases

6. Click on My Computer under Scan.
7. Once the scan is complete, it will display the results. Click on View Scan Report.
8. You will see a list of infected items there. Click on Save Report As....
9. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.

Post fresh HijackThis log as well.

Mr PC · 2010/04/22

OTL Scan post OTL fix 1

OTL logfile created on: 4/23/2010 12:09:27 AM - Run 2
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\Timothy\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

9.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 72.00% Memory free
27.00 Gb Paging File | 24.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.86 Gb Total Space | 849.35 Gb Free Space | 92.64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 650.70 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 1.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
Drive H: | 1.08 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 474.71 Gb Total Space | 26.99 Gb Free Space | 5.68% Space Free | Partition Type: NTFS
Drive L: | 467.31 Gb Total Space | 376.78 Gb Free Space | 80.63% Space Free | Partition Type: NTFS
Drive M: | 492.14 Gb Total Space | 305.56 Gb Free Space | 62.09% Space Free | Partition Type: NTFS
Drive N: | 202.75 Gb Total Space | 114.29 Gb Free Space | 56.37% Space Free | Partition Type: NTFS
Drive O: | 299.25 Gb Total Space | 179.54 Gb Free Space | 60.00% Space Free | Partition Type: NTFS
Drive R: | 343.25 Gb Total Space | 286.88 Gb Free Space | 83.58% Space Free | Partition Type: NTFS
Drive S: | 175.99 Gb Total Space | 175.90 Gb Free Space | 99.95% Space Free | Partition Type: NTFS
Drive V: | 442.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: TIMOTHY-PC
Current User Name: Timothy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/04/22 19:51:10 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Timothy\Desktop\OTL.exe
PRC - [2010/04/15 08:20:16 | 000,098,304 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Minefield\firefox.exe
PRC - [2010/04/15 08:20:16 | 000,009,216 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Minefield\mozilla-runtime.exe
PRC - [2009/11/23 15:50:24 | 000,270,336 | ---- | M] () -- C:\Program Files (x86)\WhiteSmoke\WSEnrichment.exe
PRC - [2009/11/10 12:20:54 | 000,262,144 | ---- | M] () -- C:\Program Files (x86)\WhiteSmoke Translator\WSTrayDictMode.exe
PRC - [2009/09/30 19:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
PRC - [2009/09/26 08:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
PRC - [2009/09/25 12:51:04 | 000,906,496 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\ApVxdWin.exe
PRC - [2009/09/23 18:10:30 | 002,324,224 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\Iface.exe
PRC - [2009/09/23 16:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/09/23 16:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/09/17 12:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
PRC - [2009/09/09 16:31:34 | 000,090,296 | ---- | M] (PC Pitstop LLC) -- C:\Program Files (x86)\CA\PCPitstopScheduleService.exe
PRC - [2009/09/07 16:40:04 | 000,198,400 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\AVENGINE.EXE
PRC - [2009/08/25 13:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\psksvc.exe
PRC - [2009/08/24 13:47:52 | 000,445,440 | ---- | M] () -- C:\Program Files (x86)\NextWindow\TouchScreenTools.exe
PRC - [2009/08/10 13:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsCtrlS.exe
PRC - [2009/08/10 13:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
PRC - [2009/08/10 13:45:48 | 000,111,872 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavBckPT.exe
PRC - [2009/07/26 16:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/07/13 21:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
PRC - [2009/07/07 13:13:38 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
PRC - [2009/06/25 15:09:32 | 001,942,792 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
PRC - [2009/06/25 15:09:32 | 000,095,496 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
PRC - [2009/06/25 15:09:10 | 002,368,776 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
PRC - [2009/04/23 12:31:16 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\WebProxy.exe
PRC - [2009/04/17 10:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\TPSrvWow.exe
PRC - [2009/04/08 10:56:24 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Program Files (x86)\Panda Security\Panda Global Protection 2010\FIREWALL\PSHost.exe
PRC - [2009/01/07 15:08:18 | 000,319,488 | ---- | M] () -- C:\Program Files (x86)\Northstar\SmartCopy\SmartCopy.exe
PRC - [2008/09/19 17:52:42 | 000,339,968 | ---- | M] (North Star com.) -- C:\Program Files (x86)\Northstar\SmartLauncher\SmartLauncher.exe
PRC - [2008/07/20 20:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/07/20 20:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/06/27 13:23:00 | 000,091,392 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\SrvLoad.exe
PRC - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsImSvc.exe
PRC - [2008/05/30 13:50:28 | 000,581,120 | ---- | M] () -- C:\Windows\mHotkey.exe
PRC - [2008/02/22 07:25:21 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe
PRC - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe
PRC - [2008/02/01 14:04:50 | 000,057,344 | ---- | M] (Chicony) -- C:\Windows\ChiFuncExt.exe

========== Modules (SafeList) ==========

MOD - [2010/04/22 19:51:10 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Timothy\Desktop\OTL.exe
MOD - [2010/02/23 03:56:00 | 000,977,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2009/08/10 13:46:20 | 000,025,344 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\sysHelper32.dll
MOD - [2009/08/10 13:46:00 | 000,148,736 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavTrc.dll
MOD - [2009/08/10 13:45:54 | 000,095,488 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavOEpl.dll
MOD - [2009/07/13 21:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009/07/13 21:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/13 21:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009/06/09 14:34:18 | 000,078,312 | ---- | M] (Deskperience) -- C:\Program Files (x86)\WhiteSmoke Translator\WHook.dll
MOD - [2009/03/30 18:32:26 | 000,545,536 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\PavSHookWow.dll
MOD - [2009/03/30 18:32:26 | 000,087,296 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\PavLspHookWow.dll
MOD - [2007/03/21 22:33:00 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp71.dll
MOD - [2007/03/21 22:33:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/04/10 17:25:46 | 000,342,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV:64bit: - [2010/02/26 08:59:22 | 000,130,048 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2010/02/24 07:10:55 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2010/01/19 17:49:16 | 000,055,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc)
SRV:64bit: - [2009/12/09 20:30:34 | 000,017,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/10/04 17:53:34 | 000,039,424 | ---- | M] (KSE - KorndÃ¶rfer Software Engineering) [Auto | Running] -- C:\Program Files\nHancer\nHancerService.exe -- (nHancer)
SRV:64bit: - [2009/09/26 05:28:30 | 004,924,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV:64bit: - [2009/07/13 21:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/13 21:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 21:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 21:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/13 21:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 21:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/13 21:41:08 | 000,451,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (WAS)
SRV:64bit: - [2009/07/13 21:41:08 | 000,451,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (W3SVC)
SRV:64bit: - [2009/07/13 21:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/13 21:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/13 21:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (DEFRAGSVC)
SRV:64bit: - [2009/07/13 21:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/13 21:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 21:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 21:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:40:01 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV:64bit: - [2009/07/13 21:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/13 21:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WinHttpAutoProxySvc)
SRV:64bit: - [2009/07/13 21:39:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2009/07/13 21:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/13 21:39:20 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:64bit: - [2009/07/13 21:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009/07/13 21:39:13 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009/07/13 21:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV:64bit: - [2009/03/30 17:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2009/03/27 22:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2008/07/16 17:00:00 | 000,024,576 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2010/04/14 01:41:54 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2009/11/06 14:24:54 | 000,282,728 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009/11/06 14:13:20 | 000,276,584 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2009/09/26 08:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2009/09/23 22:59:36 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/09/23 16:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/09/23 16:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/09/17 12:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\pavsrvx86.exe -- (PAVSRV)
SRV - [2009/09/09 16:31:34 | 000,090,296 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files (x86)\CA\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2009/08/25 13:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PskSvc.exe -- (PskSvcRetail)
SRV - [2009/08/10 13:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/08/10 13:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/13 23:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/13 21:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/13 21:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/13 21:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 21:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/07/13 21:14:39 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2009/06/25 15:09:10 | 002,368,776 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/06/10 16:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/17 10:17:28 | 000,173,824 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\TPSrvWow.exe -- (TPSrv)
SRV - [2009/04/08 10:56:24 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\program files (x86)\panda security\panda global protection 2010\firewall\PSHOST.EXE -- (PSHost)
SRV - [2009/02/23 11:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/07/27 14:34:18 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2008/07/27 14:31:19 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2008/07/20 20:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/07/02 14:09:42 | 000,072,448 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\GWMsrv64.dll -- (Gwmsrv)
SRV - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)

Mr PC · 2010/04/22

2

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/04/20 22:56:15 | 000,015,928 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\COMFiltr.sys -- (ComFiltr)
DRV:64bit: - [2010/04/15 02:35:16 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/01/27 16:58:38 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010/01/20 16:53:04 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2010/01/20 16:53:04 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2010/01/18 13:09:27 | 000,167,424 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcHlp.sys -- (archlp)
DRV:64bit: - [2009/11/11 15:11:42 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/10/20 13:22:54 | 000,289,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress) Intel(R)
DRV:64bit: - [2009/09/23 16:04:52 | 000,025,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/09/22 21:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009/09/22 21:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009/09/22 21:32:39 | 000,095,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009/09/22 21:32:35 | 000,016,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2009/09/22 21:32:33 | 000,187,904 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009/09/15 14:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvoclk64.sys -- (nvoclk64)
DRV:64bit: - [2009/08/28 20:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/08/13 15:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AGERESoftModem)
DRV:64bit: - [2009/08/06 12:29:18 | 000,057,352 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM)
DRV:64bit: - [2009/08/05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/29 11:37:08 | 000,024,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NW1950.sys -- (NW1950)
DRV:64bit: - [2009/07/24 14:13:06 | 000,167,920 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\C2SCSI64.SYS -- (c2scsi64)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,153,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/13 21:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 21:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/13 21:45:55 | 000,036,432 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 21:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/13 21:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 21:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/13 21:43:13 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 20:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/07/13 20:17:46 | 000,024,064 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 20:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 20:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/13 20:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 20:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2009/07/13 20:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 20:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 20:07:13 | 000,227,840 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/13 20:07:00 | 000,350,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/07/13 20:07:00 | 000,184,576 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2009/07/13 20:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 20:06:32 | 000,109,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV:64bit: - [2009/07/13 20:06:28 | 000,040,448 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WinUsb.sys -- (WinUsb)
DRV:64bit: - [2009/07/13 20:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 20:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/13 20:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 20:00:34 | 000,038,912 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/13 20:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 19:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/13 19:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/13 19:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 19:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 19:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 19:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/13 19:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/07/13 19:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2009/02/13 11:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/12/02 17:01:42 | 000,068,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTSTOR64.sys -- (RTSTOR)
DRV:64bit: - [2008/09/24 21:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2008/09/23 17:19:04 | 000,034,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gwfilt64.sys -- (gwfilt64)
DRV:64bit: - [2008/07/20 20:44:54 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/02/28 14:37:42 | 000,046,136 | ---- | M] (Panda Security, S.L.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ShldFlt.sys -- (ShldFlt)
DRV - [2010/04/18 07:32:19 | 000,000,000 | ---D | M] [File_System | Boot | Running] -- C:\Windows\FltMgr -- (FltMgr)
DRV - [2010/03/28 21:53:31 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC)
DRV - [2010/01/29 12:40:14 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2010/01/20 16:53:06 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2010/01/20 16:53:04 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/09/23 16:04:42 | 000,261,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -- (sftplay)
DRV - [2009/09/23 16:04:42 | 000,017,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftVollh.sys -- (sftvol)
DRV - [2009/09/23 16:04:38 | 000,712,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftFSlh.sys -- (sftfs)
DRV - [2009/09/01 17:59:44 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/03/11 02:10:50] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winusb.dll -- (WinUsb)
DRV - [2009/07/13 21:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 17:39:34 | 000,021,271 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\http.mib -- (HTTP)
DRV - [2009/06/03 17:14:48 | 000,167,424 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\ArcHlp.sys -- (archlp)
DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/07/16 16:56:06 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
DRV - [2002/02/04 11:29:40 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\MONITOR.AVI -- (monitor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=0709&m=fx6801
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.9.1

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/14 01:40:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Minefield 3.7a4pre\extensions\\Components: C:\Program Files (x86)\Minefield\components [2010/04/18 17:42:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Minefield 3.7a4pre\extensions\\Plugins: C:\Program Files (x86)\Minefield\plugins [2010/04/18 02:17:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3plugin1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/04/18 02:12:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3plugin1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/04/18 02:12:04 | 000,000,000 | ---D | M]

[2010/04/18 02:07:44 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\mozilla\Extensions
[2010/02/24 00:44:07 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\mozilla\Extensions\postbox@postbox-inc.com
[2010/04/22 19:54:44 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\mozilla\Firefox\Profiles\hvmelqah.default\extensions
[2010/04/18 02:13:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Timothy\AppData\Roaming\mozilla\Firefox\Profiles\hvmelqah.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/18 02:05:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/04/22 22:52:12 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2:64bit: - BHO: (PDF-XChange Viewer IE-Plugin) - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF Viewer\PDFXCviewIEPlugin.dll (Tracker Software Products Ltd.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Global Protection 2010\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Activities present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\CommandBar present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Safety present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbar present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCABattery = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.5.0.cab (DLM Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab (VersionControl Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\avldr: DllName - Reg Error: Key error. - File not found
O20 - Winlogon\Notify\FastAccess: DllName - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\WPDShServiceObj.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Timothy\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Timothy\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O27:64bit: - HKLM IFEO\GoogleToolbarNotifier.exe: Debugger - File not found
O27 - HKLM IFEO\GoogleToolbarNotifier.exe: Debugger - rundll32.exe File not found
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/12 19:15:33 | 000,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2005/09/05 10:57:13 | 000,000,110 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/04/18 13:14:53 | 000,000,000 | -H-D | M] - I:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 13:14:54 | 000,000,000 | -H-D | M] - L:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 13:14:54 | 000,000,000 | -H-D | M] - M:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/04/16 17:54:28 | 002,807,454 | ---- | M] () - N:\Autoimmune Endocrine Disorders.Vol.38, Issues 2, 2009.pdf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 13:14:54 | 000,000,000 | -H-D | M] - N:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 13:14:55 | 000,000,000 | -H-D | M] - O:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/04/18 13:14:55 | 000,000,000 | -H-D | M] - R:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/01/28 16:00:27 | 000,000,088 | ---- | M] () - V:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Mr PC · 2010/04/22

3

========== Files/Folders - Created Within 90 Days ==========

[2010/04/22 22:51:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/04/22 22:23:04 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\assembly
[2010/04/22 20:29:52 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-CHT
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-CHS
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tr
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sv
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sk
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ru
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ro
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pl
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\no
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nl
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ko
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ja
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hu
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fi
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\el
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\da
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cs
[2010/04/22 20:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bg
[2010/04/22 20:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Touch Pack for Windows 7
[2010/04/22 20:26:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2010/04/22 20:26:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\IsolatedStorage
[2010/04/22 20:25:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Virtual Earth 3D
[2010/04/22 20:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Applications
[2010/04/22 19:51:01 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\Timothy\Desktop\OTL.exe
[2010/04/21 19:38:27 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Panda Security
[2010/04/20 22:55:59 | 000,082,952 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\dsaflt64.sys
[2010/04/20 22:55:59 | 000,078,856 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\idsflt64.sys
[2010/04/20 22:55:59 | 000,074,760 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\wnmflt64.sys
[2010/04/20 22:55:57 | 000,170,504 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\NETTDI64.SYS
[2010/04/20 22:55:57 | 000,116,744 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\APPFLT64.SYS
[2010/04/20 22:55:57 | 000,031,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\fnetm64.sys
[2010/04/20 22:55:46 | 000,046,640 | ---- | C] (Panda Software) -- C:\Windows\SysNative\pavcpl64.cpl
[2010/04/20 22:55:37 | 000,446,464 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\HHActiveX.dll
[2010/04/20 22:55:34 | 000,325,376 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\TpUtil64.dll
[2010/04/20 22:55:34 | 000,201,984 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\TpUtilWow.dll
[2010/04/20 22:55:34 | 000,116,992 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavLspHook64.dll
[2010/04/20 22:55:34 | 000,092,928 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavIpc64.dll
[2010/04/20 22:55:34 | 000,087,296 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavLspHookWow.dll
[2010/04/20 22:55:34 | 000,066,816 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavIpcWow.dll
[2010/04/20 22:55:34 | 000,025,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\sysHelper64.dll
[2010/04/20 22:55:34 | 000,025,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\sysHelper32.dll
[2010/04/20 22:55:33 | 000,838,400 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavSHook64.dll
[2010/04/20 22:55:33 | 000,545,536 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavSHookWow.dll
[2010/04/20 22:55:29 | 000,057,352 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\amm6460.sys
[2010/04/20 22:55:29 | 000,053,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\avldr64.dll
[2010/04/20 22:55:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\PAV
[2010/04/20 22:55:28 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Panda Security
[2010/04/20 22:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2010/04/20 20:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/04/20 19:07:49 | 000,033,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys
[2010/04/20 19:06:54 | 000,046,136 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\ShldFlt.sys
[2010/04/20 19:06:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Panda Security
[2010/04/20 03:00:37 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\FixItCenter
[2010/04/19 23:02:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/04/19 19:44:06 | 000,000,000 | ---D | C] -- C:\Windows\MATS
[2010/04/19 19:44:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2010/04/19 19:38:14 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Dexpot
[2010/04/19 19:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dexpot
[2010/04/19 19:14:27 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Malwarebytes
[2010/04/19 19:14:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/19 19:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/19 19:14:11 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/19 19:14:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/04/19 10:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Software
[2010/04/18 19:03:34 | 000,000,000 | ---D | C] -- C:\Panda Software
[2010/04/18 07:32:19 | 000,000,000 | ---D | C] -- C:\Windows\FltMgr
[2010/04/18 07:28:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Backup
[2010/04/18 07:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2010/04/18 04:17:50 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\nHancer
[2010/04/18 04:14:40 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Books
[2010/04/18 04:10:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Books
[2010/04/18 03:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\nHancer
[2010/04/18 03:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\nHancer
[2010/04/18 03:51:31 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\KSE
[2010/04/18 03:37:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DjVuZone
[2010/04/18 02:17:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minefield
[2010/04/18 00:27:45 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\PeerNetworking
[2010/04/17 20:57:34 | 000,000,000 | ---D | C] -- C:\Windows\LastGood.Tmp
[2010/04/17 20:57:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010/04/17 20:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/04/17 20:57:14 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010/04/17 20:57:14 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010/04/17 20:57:13 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010/04/17 20:57:13 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010/04/17 20:57:12 | 000,176,640 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010/04/17 20:39:14 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\SB_X-Fi_MB_RC_1.1
[2010/04/17 20:39:00 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\Audio_Realtek_IncludeHDMI_v.6.0.1.5888_7a
[2010/04/17 20:38:54 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\RALK_Lite-on_WN7600R_V1.1.3.9_7a
[2010/04/17 19:20:56 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\FX6800_BIOS_842P181G
[2010/04/17 19:20:56 | 000,000,000 | ---D | C] -- C:\BIOS_842P181G
[2010/04/17 18:38:02 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\Bios Update Files
[2010/04/17 10:16:22 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2010/04/17 10:16:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2010/04/17 10:12:04 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Western DigitalTemp
[2010/04/17 00:16:14 | 000,000,000 | ---D | C] -- C:\Program Files\Update Services
[2010/04/17 00:11:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/04/16 23:18:52 | 000,000,000 | ---D | C] -- C:\cd2adecdf9af07ddbcb95c1e244d
[2010/04/16 23:17:51 | 000,000,000 | ---D | C] -- C:\1418cdbaaaa751c8ec33eff486
[2010/04/16 18:38:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\msmq
[2010/04/16 18:38:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2010/04/16 17:59:53 | 000,000,000 | ---D | C] -- C:\e379b2b184060c0720894681
[2010/04/15 02:55:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010/04/14 22:24:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/04/14 19:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live Safety Center
[2010/04/13 22:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\WD_SmartWareCommon
[2010/04/13 22:34:02 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Western_Digital
[2010/04/13 22:32:19 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Western Digital
[2010/04/13 22:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2010/04/13 22:31:35 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Western Digital
[2010/04/12 22:44:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\inetsrv
[2010/04/12 22:44:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2010/04/12 22:44:06 | 000,000,000 | ---D | C] -- C:\inetpub
[2010/04/11 11:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\AccelerEyes
[2010/04/11 07:39:39 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Pegasys Inc
[2010/04/11 07:37:07 | 000,000,000 | ---D | C] -- C:\Python24
[2010/04/11 04:04:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010/04/11 04:03:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2010/04/11 04:03:00 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Visual Studio 2008
[2010/04/11 04:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2010/04/11 04:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2010/04/11 04:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010/04/11 04:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2010/04/11 01:54:05 | 000,000,000 | ---D | C] -- C:\Python26
[2010/04/11 01:33:51 | 000,000,000 | ---D | C] -- C:\psscor2
[2010/04/11 00:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft KitSetup
[2010/04/11 00:53:46 | 000,000,000 | ---D | C] -- C:\WinDDK
[2010/04/10 19:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\RealHideIP
[2010/04/09 05:00:44 | 000,000,000 | ---D | C] -- C:\Timothy Bambrick Capstone
[2010/04/08 02:45:51 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\nvidia
[2010/04/08 02:40:17 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Agnosco DICOM Viewer
[2010/04/08 02:32:51 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Desktop\Roshni's LSAT Prep
[2010/04/07 18:07:24 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Power2Go
[2010/04/07 08:34:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/04/06 19:22:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Copra DVD
[2010/04/06 18:37:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Documents
[2010/04/05 19:29:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloads
[2010/04/05 19:10:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kiyut
[2010/04/05 13:38:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\DriverCure
[2010/04/05 13:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2010/04/05 13:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ParetoLogic
[2010/04/05 13:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverCure
[2010/04/05 13:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2010/04/03 22:55:32 | 000,064,616 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/04/03 22:55:32 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/04/02 01:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver
[2010/04/02 01:47:59 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\InstallShield
[2010/04/01 23:27:50 | 000,000,000 | R--D | C] -- C:\Users\Timothy\Documents\Notes
[2010/04/01 21:29:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIW
[2010/03/31 18:10:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/03/31 17:23:24 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Weblog Posts
[2010/03/31 17:23:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Windows Live Writer
[2010/03/31 17:23:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Windows Live Writer
[2010/03/31 14:59:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Kindle Content
[2010/03/31 04:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\realserver
[2010/03/31 04:03:52 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\REAL Software
[2010/03/31 04:03:45 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\REAL Studio
[2010/03/31 01:24:24 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\SmartDraw
[2010/03/30 19:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2010/03/30 18:16:57 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool
[2010/03/30 17:21:46 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\DriverGenius
[2010/03/29 23:11:40 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\NVIDIA
[2010/03/29 19:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2010/03/29 19:37:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio .NET
[2010/03/29 19:36:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2010/03/29 19:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2010/03/29 19:35:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS
[2010/03/29 19:18:05 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/03/29 14:14:07 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit PDF Edit Portable
[2010/03/29 13:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/03/29 12:29:21 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\PCPitstop
[2010/03/29 12:28:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CA
[2010/03/28 21:53:31 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010/03/27 21:33:11 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Dup Scout Pro
[2010/03/27 21:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\Dup Scout Pro
[2010/03/27 01:05:33 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Seeing Machines
[2010/03/27 01:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Seeing Machines
[2010/03/27 00:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetSpotter
[2010/03/26 18:22:30 | 000,107,680 | ---- | C] (Bluebeam Software, Inc.) -- C:\Windows\SysNative\BBPdfPortMon.DLL
[2010/03/26 18:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2010/03/26 18:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/03/26 18:16:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2010/03/26 01:03:58 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/03/26 00:46:59 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Opera
[2010/03/26 00:46:59 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Opera
[2010/03/24 19:25:58 | 000,000,000 | R--D | C] -- C:\Users\Timothy\Links
[2010/03/24 18:41:03 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My eBooks
[2010/03/23 02:49:48 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Apple Computer
[2010/03/23 02:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/03/23 02:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
[2010/03/23 02:43:10 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Apple
[2010/03/23 02:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/03/23 02:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/03/23 02:02:47 | 000,000,000 | R--D | C] -- C:\Users\Timothy\Documents\Music
[2010/03/23 00:33:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Scans
[2010/03/23 00:19:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Digital Editions
[2010/03/22 23:22:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NextWindow
[2010/03/21 23:44:28 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Documents
[2010/03/21 20:06:27 | 000,000,000 | ---D | C] -- C:\Users\Timothy\NVIDIA
[2010/03/21 19:26:16 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\NVIDIA NVPerfHUD
[2010/03/21 19:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft DirectX SDK (February 2010)
[2010/03/21 16:14:54 | 000,000,000 | R-SD | C] -- C:\Users\Timothy\Documents\My Stationery
[2010/03/21 15:33:55 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Outlook Files
[2010/03/21 15:29:49 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\My Received Files
[2010/03/21 15:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/03/21 15:01:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2010/03/21 14:49:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/03/21 14:49:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010/03/21 14:46:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010/03/21 11:31:06 | 000,000,000 | R--D | C] -- C:\Users\Timothy\Searches
[2010/03/21 00:08:36 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\IDM
[2010/03/19 02:20:52 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Remote Assistance Logs
[2010/03/18 05:01:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP
[2010/03/17 21:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCPitstop
[2010/03/17 19:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\PCPitstop
[2010/03/17 19:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\CA
[2010/03/17 19:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EASEUS
[2010/03/17 18:56:57 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Protexis
[2010/03/17 18:05:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010/03/17 18:05:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/03/17 15:58:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010/03/16 20:21:55 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Tracing
[2010/03/16 20:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer Platform Preview
[2010/03/16 11:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\PEERNET
[2010/03/14 23:38:11 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010/03/13 22:32:53 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Scanned Documents
[2010/03/13 22:32:53 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Fax
[2010/03/13 22:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010/03/13 22:02:42 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\HP
[2010/03/13 22:02:41 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\HP
[2010/03/13 21:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010/03/13 21:58:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010/03/13 21:58:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010/03/13 21:58:07 | 000,000,000 | ---D | C] -- C:\Windows\hpoj6500e709
[2010/03/13 21:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/03/11 13:43:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haali
[2010/03/11 13:43:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoreCodec
[2010/03/11 05:22:30 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2010/03/11 05:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codec Pack - All In 1
[2010/03/11 05:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2010/03/11 05:09:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Momentum Games
[2010/03/11 03:22:13 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\CyberLink
[2010/03/10 19:19:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Golden Bow Systems
[2010/03/10 19:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Golden Bow
[2010/03/10 19:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pointstone
[2010/03/10 18:24:06 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\ToLTech
[2010/03/09 03:08:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLifeBetaViewer
[2010/03/09 02:34:52 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Bullzip
[2010/03/07 19:45:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Futuremark
[2010/03/06 18:27:00 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\ArcSoft
[2010/03/06 14:59:39 | 000,227,840 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzFlRdr.dll
[2010/03/06 14:59:39 | 000,126,976 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzpdfc.dll
[2010/03/06 14:59:39 | 000,103,424 | ---- | C] (Bullzip) -- C:\Windows\SysWow64\bzDCT.dll
[2010/03/06 14:59:36 | 000,212,480 | ---- | C] (Bullzip) -- C:\Windows\SysNative\bzpdf.dll
[2010/03/06 14:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bullzip
[2010/03/06 14:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Scan2PDF
[2010/03/06 14:58:37 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2010/03/06 14:57:01 | 000,050,688 | ---- | C] (AcroPDF Systems) -- C:\Windows\SysWow64\acropdf.dll
[2010/03/06 14:57:00 | 000,396,288 | ---- | C] (AcroPDF Systems) -- C:\Windows\acroknl.dll
[2010/03/06 14:57:00 | 000,128,000 | ---- | C] (AcroPDF) -- C:\Windows\acrogui.dll
[2010/03/06 14:57:00 | 000,050,688 | ---- | C] (AcroPDF Systems) -- C:\Windows\acropdf.dll
[2010/03/06 14:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AcroPDF
[2010/03/06 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Foxit Software
[2010/03/06 13:44:46 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Foxit
[2010/03/06 12:32:58 | 001,417,216 | ---- | C] (SEDTech (Pty) Ltd.) -- C:\Windows\SysWow64\iSED.dll
[2010/03/06 12:32:58 | 000,046,592 | ---- | C] (Revenger inc.) -- C:\Windows\SysWow64\cmext.dll
[2010/03/06 12:32:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adolix
[2010/03/06 11:20:58 | 000,000,000 | ---D | C] -- C:\Users\Timothy\Documents\Downloads
[2010/03/03 02:49:08 | 000,000,000 | ---D | C] -- C:\Temp
[2010/03/02 07:57:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft DirectX SDK (August 2009)
[2010/03/02 07:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2010/03/02 03:49:48 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\TuneUp Software
[2010/02/28 12:29:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Thinstall
[2010/02/28 12:29:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Thinstall
[2010/02/28 04:35:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\App Launcher Gadget
[2010/02/28 01:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010/02/28 01:24:13 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/02/26 20:19:53 | 000,049,576 | ---- | C] (SafeNet, Inc.) -- C:\Windows\SysNative\drivers\rcudawdm.sys
[2010/02/26 20:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SafeNet Dog
[2010/02/26 14:21:11 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\{20140062-0062-0409-0000-0000000FF1CE}
[2010/02/26 04:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DFX
[2010/02/26 04:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DFX
[2010/02/26 04:00:40 | 000,414,272 | ---- | C] (Hacked with Joy !) -- C:\Windows\SysWow64\DivXc32f.dll
[2010/02/26 04:00:40 | 000,414,272 | ---- | C] (Hacked with Joy !) -- C:\Windows\SysWow64\DivXc32.dll
[2010/02/26 04:00:40 | 000,291,408 | ---- | C] (Hacked With Joy !) -- C:\Windows\SysWow64\DivXa32.acm
[2010/02/26 04:00:40 | 000,240,400 | ---- | C] (Hacked With Joy ! ) -- C:\Windows\SysWow64\DivX_c32.ax
[2010/02/26 04:00:30 | 000,033,280 | ---- | C] (Disappearing Inc.) -- C:\Windows\SysWow64\HUFFYUV.DLL
[2010/02/26 00:19:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\SoftGrid Client
[2010/02/26 00:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2010/02/26 00:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010/02/26 00:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/02/26 00:01:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/02/25 22:48:46 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\WhiteSmokeTranslator
[2010/02/25 22:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke Translator
[2010/02/25 22:43:47 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\WhiteSmoke
[2010/02/24 15:02:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Virtualized Applications
[2010/02/24 14:44:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Azureus
[2010/02/24 14:44:02 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Azureus
[2010/02/24 14:27:24 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\PCF-VLC
[2010/02/24 08:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2010/02/24 07:10:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/02/24 07:10:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/02/24 06:01:07 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\NVD
[2010/02/24 06:01:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\NVD
[2010/02/24 06:01:00 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\SoftGrid Client
[2010/02/24 06:01:00 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\SoftGrid Client
[2010/02/24 05:59:59 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\TP
[2010/02/24 02:21:02 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\IObit
[2010/02/24 01:46:53 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/02/24 01:46:49 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Uniblue
[2010/02/24 00:43:15 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Postbox
[2010/02/24 00:33:04 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Tific
[2010/02/22 16:29:17 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Apps
[2010/02/22 16:24:23 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\CrashDumps
[2010/02/22 06:33:49 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/02/22 06:15:34 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Microsoft Help
[2010/02/22 03:27:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke_Tools
[2010/02/22 02:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke
[2010/02/19 21:49:43 | 000,491,520 | ---- | C] (NCT Company) -- C:\Windows\SysWow64\NCTAudioFile.dll
[2010/02/19 21:49:43 | 000,158,208 | ---- | C] (NCT Company) -- C:\Windows\SysWow64\NCTTextToAudio.dll
[2010/02/19 19:37:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EZB Systems
[2010/02/19 19:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraISO
[2010/02/19 19:36:29 | 000,000,000 | -HSD | C] -- C:\Nsi.pending
[2010/02/19 19:31:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tempdir
[2010/02/19 19:31:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced Word to Pdf Converter
[2010/02/19 19:09:28 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Users\Timothy\AppData\Roaming\MSWINSCK.OCX
[2010/02/19 17:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/02/19 17:52:09 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/02/18 13:33:42 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010/02/16 21:15:07 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\DMCache
[2010/02/15 21:11:38 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Alfa.NetSoft_2007-2009
[2010/02/15 21:05:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Kristanix Software
[2010/02/15 20:46:12 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Sony Corporation
[2010/02/12 23:39:47 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Macrovision
[2010/02/12 23:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\BIAS
[2010/02/12 23:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2010/02/12 23:14:39 | 000,000,000 | ---D | C] -- C:\Binaries
[2010/02/12 23:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BIAS
[2010/02/12 23:14:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\eSellerate
[2010/02/12 23:04:48 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Simple Star
[2010/02/12 23:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoShow Shared Assets
[2010/02/12 22:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2010/02/12 19:15:33 | 000,000,000 | -H-D | C] -- C:\Autorun.inf
[2010/02/12 18:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\GroupPolicy
[2010/02/12 18:20:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yamicsoft
[2010/02/12 16:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/02/12 15:52:54 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\install
[2010/02/12 14:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DeskShare
[2010/02/12 14:38:26 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Xenocode
[2010/02/10 17:54:13 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\OpenCandy
[2010/02/04 00:18:05 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\XemiComputers
[2010/02/04 00:01:06 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Thinking Minds Budiling Bytes
[2010/02/03 18:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/02/02 06:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\WinCHM
[2010/02/02 06:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softany
[2010/01/31 18:12:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010/01/30 03:43:42 | 001,177,600 | ---- | C] (AD) -- C:\Windows\SysWow64\SYNSOEMU.DLL
[2010/01/30 01:18:49 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\SDViewerFREE
[2010/01/30 00:28:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Next Dimension Imaging
[2010/01/30 00:26:33 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\MigWiz
[2010/01/29 22:46:52 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\Microsoft Games
[2010/01/29 20:14:48 | 000,000,000 | R--D | C] -- C:\Users\Timothy\Virtual Machines
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2010/01/29 20:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2010/01/29 19:45:14 | 000,000,000 | -HSD | C] -- C:\Windows\BitLockerDiscoveryVolumeContents
[2010/01/29 19:29:51 | 000,021,888 | ---- | C] (Syncrosoft GmbH) -- C:\Windows\SysWow64\drivers\synUSB64.sys
[2010/01/29 19:05:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2010/01/29 19:02:34 | 000,016,896 | ---- | C] (Syncrosoft GmbH) -- C:\Windows\SysWow64\drivers\SynasUSB.sys
[2010/01/29 18:56:04 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\TH1
[2010/01/29 18:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Overloud
[2010/01/29 00:17:09 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\River Past G5
[2010/01/29 00:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\River Past G5
[2010/01/29 00:01:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Vortex Surround
[2010/01/27 01:24:19 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Template
[2010/01/26 18:56:17 | 000,000,000 | ---D | C] -- C:\ProgramData\QuickTime
[2010/01/26 12:42:50 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Local\MotionDSP
[2010/01/26 12:40:56 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\NVIDIA 3D Vision Video Player
[2010/01/26 12:17:36 | 000,000,000 | ---D | C] -- C:\Users\Timothy\AppData\Roaming\Download Manager
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/04/23 00:09:23 | 016,252,928 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat
[2010/04/22 23:41:37 | 000,018,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/22 23:41:37 | 000,018,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/22 23:39:02 | 000,872,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/04/22 23:39:02 | 000,727,364 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/04/22 23:39:02 | 000,145,344 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/04/22 23:34:39 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/22 23:34:38 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\Windows 7 Manager - Free Memory.job
[2010/04/22 23:34:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/22 23:34:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/22 23:34:02 | 2945,847,295 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/22 22:52:56 | 001,496,926 | -H-- | M] () -- C:\Users\Timothy\AppData\Local\IconCache.db
[2010/04/22 22:52:12 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010/04/22 22:21:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/22 20:26:00 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Bing Maps 3D.lnk
[2010/04/22 20:06:37 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2010/04/22 19:51:10 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Timothy\Desktop\OTL.exe
[2010/04/21 20:10:56 | 000,000,334 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\pfdnnt.act
[2010/04/20 22:56:15 | 000,015,928 | ---- | M] () -- C:\Windows\SysNative\drivers\COMFiltr.sys
[2010/04/20 22:56:04 | 000,000,274 | ---- | M] () -- C:\Windows\SysNative\PavCPL64.dat
[2010/04/20 22:56:03 | 000,237,172 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck
[2010/04/20 22:56:03 | 000,237,172 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT
[2010/04/20 22:56:03 | 000,202,048 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls.bck
[2010/04/20 22:56:03 | 000,202,048 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls
[2010/04/20 22:56:03 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck
[2010/04/20 22:56:03 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG
[2010/04/20 01:01:56 | 290,435,400 | ---- | M] () -- C:\Users\Public\Documents\BackupRegistry(20100420).reg
[2010/04/19 23:02:58 | 000,002,055 | ---- | M] () -- C:\Users\Timothy\Desktop\HijackThis.lnk
[2010/04/19 19:38:08 | 000,000,941 | ---- | M] () -- C:\Users\Timothy\Desktop\Dexpot.lnk
[2010/04/19 19:14:16 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/19 18:34:52 | 000,000,079 | ---- | M] () -- C:\Windows\in_mlp.ini
[2010/04/19 18:31:57 | 299,632,020 | ---- | M] () -- C:\Users\Public\Documents\BackupRegistry(20100419).reg
[2010/04/19 16:00:20 | 000,798,855 | ---- | M] () -- C:\Users\Timothy\Desktop\SvsSingleFarm_SharePointProducts2010.pdf
[2010/04/19 15:56:34 | 001,570,351 | ---- | M] () -- C:\Users\Timothy\Desktop\Office2010BetaResKit.chm
[2010/04/19 15:56:20 | 000,259,360 | ---- | M] () -- C:\Users\Timothy\Desktop\64bitClientInstallation_Office2010.pdf
[2010/04/19 15:56:05 | 000,277,123 | ---- | M] () -- C:\Users\Timothy\Desktop\Topologies_SharePointServer2010.pdf
[2010/04/19 15:55:23 | 000,236,301 | ---- | M] () -- C:\Users\Timothy\Desktop\OutlookVoiceAccess2010QuickStart_en-US.pdf
[2010/04/19 11:09:26 | 000,441,006 | ---- | M] () -- C:\Users\Timothy\Desktop\Sahay release.jpg
[2010/04/19 09:07:58 | 000,003,215 | -H-- | M] () -- C:\Windows\EPMBatch.ept
[2010/04/19 09:00:33 | 000,000,930 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows 7 Manager.lnk
[2010/04/18 13:08:43 | 000,872,000 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/04/18 11:04:50 | 003,090,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/04/18 07:32:25 | 000,000,425 | ---- | M] () -- C:\Windows\WIN.INI
[2010/04/18 05:16:21 | 000,027,648 | ---- | M] () -- C:\Users\Timothy\Desktop\First Day Contact Form.doc
[2010/04/18 05:00:41 | 294,732,428 | ---- | M] () -- C:\Users\Public\Documents\BackupRegistry(20100418).reg
[2010/04/18 04:17:44 | 000,133,376 | ---- | M] () -- C:\Users\Timothy\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/18 01:10:37 | 000,000,632 | RHS- | M] () -- C:\Users\Timothy\ntuser.pol
[2010/04/18 00:50:26 | 000,029,337 | ---- | M] () -- C:\Users\Timothy\AppData\Roaming\UserTile.png
[2010/04/17 22:13:38 | 000,231,258 | ---- | M] () -- C:\Windows\hpwins23.dat
[2010/04/17 21:38:33 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2010/04/17 21:38:27 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/04/17 21:38:27 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010/04/17 21:38:26 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/04/17 21:38:26 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010/04/17 20:35:33 | 000,031,576 | ---- | M] () -- C:\Users\Timothy\Desktop\support.gateway.com - Print.pdf
[2010/04/17 14:23:00 | 001,225,728 | ---- | M] () -- C:\Users\Timothy\Desktop\WSUS30DeploymentGuide.doc
[2010/04/17 00:27:19 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/17 00:27:19 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/17 00:27:19 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TM.blf
[2010/04/16 23:01:48 | 000,000,219 | ---- | M] () -- C:\Windows\iepreview.ini
[2010/04/16 19:12:17 | 289,261,034 | ---- | M] () -- C:\Users\Public\Documents\BackupRegistry(20100416).reg
[2010/04/15 00:31:53 | 000,000,272 | ---- | M] () -- C:\Users\Timothy\Desktop\The Unofficial NVIDIA SLI Technology User Reference Guide - NVIDIA Forums.url
[2010/04/15 00:31:43 | 001,949,066 | ---- | M] () -- C:\Users\Timothy\Desktop\forums.nvidia.com - index.pdf
[2010/04/13 23:33:37 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/13 23:33:37 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/13 23:33:37 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TM.blf
[2010/04/11 00:40:55 | 000,884,224 | ---- | M] () -- C:\Users\Timothy\Desktop\Internet Explorer 8 Performance White Paper - Copy.doc
[2010/04/09 23:11:05 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/09 23:11:05 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/09 23:11:05 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TM.blf
[2010/04/03 22:55:32 | 000,064,616 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/04/03 22:55:32 | 000,056,424 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/04/03 22:55:32 | 000,009,832 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2010/04/03 18:41:38 | 000,276,196 | ---- | M] () -- C:\Windows\SysNative\NvApps.xml
[2010/04/03 18:41:38 | 000,066,714 | ---- | M] () -- C:\Windows\SysNative\NvwsApps.xml
[2010/03/30 18:12:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/03/30 00:45:56 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/03/29 18:42:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010/03/29 18:15:48 | 348,466,330 | ---- | M] () -- C:\Users\Timothy\Documents\BackupRegistry(20100329).reg
[2010/03/28 03:03:27 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/28 03:03:27 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/28 03:03:27 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TM.blf
[2010/03/27 21:33:11 | 000,000,107 | ---- | M] () -- C:\Users\Timothy\AppData\Local\00000104
[2010/03/27 16:19:23 | 000,026,623 | ---- | M] () -- C:\Windows\SysWow64\wow64_wlansvc.ptxml
[2010/03/27 16:19:22 | 000,081,227 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7600.16385_none_1837f556ef065706.manifest
[2010/03/27 16:19:16 | 000,086,382 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_0c9426bbaadd00d8.manifest
[2010/03/27 16:19:07 | 000,013,270 | ---- | M] () -- C:\Windows\SysWow64\wow64_ieframe.ptxml
[2010/03/27 16:18:58 | 000,101,077 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-com-base_31bf3856ad364e35_6.1.7600.16385_none_7437d270749746e5.manifest
[2010/03/27 16:18:34 | 000,123,749 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.1.7600.16385_none_782caecbca6c3448.manifest
[2010/03/27 16:18:14 | 000,143,196 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-msxml30_31bf3856ad364e35_6.1.7600.16385_none_eeb7dc93e4e7eade.manifest
[2010/03/27 16:16:53 | 000,287,788 | ---- | M] () -- C:\Windows\SysNative\Rules.System.Configuration.xml
[2010/03/27 16:16:48 | 000,062,541 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7600.16385_none_1837f556ef065706_samsrv.mof_b7a3f662
[2010/03/27 16:15:32 | 001,054,916 | ---- | M] () -- C:\Windows\SysWow64\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7600.16385_none_d272c6d7600db661.manifest
[2010/03/24 19:26:41 | 000,000,658 | ---- | M] () -- C:\Windows\SysWow64\SYNSOACC.dll - Shortcut.lnk
[2010/03/21 19:20:23 | 000,151,552 | ---- | M] () -- C:\Windows\SysWow64\nvRegDev.dll
[2010/03/21 19:20:23 | 000,053,248 | ---- | M] () -- C:\Windows\SysWow64\nvTextureToolsUtil.dll
[2010/03/21 19:19:33 | 000,001,695 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NVIDIA Driver Instrumentation Tray.lnk
[2010/03/21 19:19:27 | 000,009,728 | ---- | M] () -- C:\Windows\SysWow64\nvPerfSDKUtil.dll
[2010/03/21 19:19:05 | 000,057,344 | ---- | M] () -- C:\Windows\SysWow64\nvPerfHUDUtil.dll
[2010/03/21 14:39:45 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Registry Reviver64-Timothy-Startup.job
[2010/03/17 16:19:04 | 000,002,736 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor
[2010/03/17 15:32:01 | 000,065,536 | -HS- | M] () -- C:\NULL
[2010/03/15 20:22:13 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/15 20:22:13 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/15 20:22:13 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TM.blf
[2010/03/15 10:23:35 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/15 10:23:35 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/15 10:23:35 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TM.blf
[2010/03/13 22:11:16 | 000,081,767 | ---- | M] () -- C:\Windows\hpqins13.dat
[2010/03/11 05:21:05 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2010/03/10 18:32:25 | 000,000,096 | ---- | M] () -- C:\Windows\CL.INI
[2010/03/06 03:22:30 | 000,007,599 | ---- | M] () -- C:\Users\Timothy\AppData\Local\Resmon.ResmonCfg
[2010/03/03 15:30:29 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TM.blf
[2010/03/03 15:30:28 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/03 15:30:28 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/02 02:40:59 | 000,003,546 | ---- | M] () -- C:\Users\Timothy\AppData\Roaming\com.koingosw.LibrarianPro.xml
[2010/02/26 20:20:13 | 000,000,959 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2010/02/26 20:20:02 | 000,049,576 | ---- | M] (SafeNet, Inc.) -- C:\Windows\SysNative\drivers\rcudawdm.sys
[2010/02/26 04:01:39 | 000,196,608 | ---- | M] () -- C:\Windows\SysWow64\avisynth.dll
[2010/02/26 04:00:40 | 000,414,272 | ---- | M] (Hacked with Joy !) -- C:\Windows\SysWow64\DivXc32f.dll
[2010/02/26 04:00:40 | 000,414,272 | ---- | M] (Hacked with Joy !) -- C:\Windows\SysWow64\DivXc32.dll
[2010/02/26 04:00:40 | 000,291,408 | ---- | M] (Hacked With Joy !) -- C:\Windows\SysWow64\DivXa32.acm
[2010/02/26 04:00:40 | 000,240,400 | ---- | M] (Hacked With Joy ! ) -- C:\Windows\SysWow64\DivX_c32.ax
[2010/02/26 04:00:30 | 000,033,280 | ---- | M] (Disappearing Inc.) -- C:\Windows\SysWow64\HUFFYUV.DLL
[2010/02/25 22:47:53 | 000,002,030 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke Translator.lnk
[2010/02/25 22:40:55 | 000,001,901 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke.lnk
[2010/02/23 22:34:06 | 000,053,248 | ---- | M] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2010/02/22 19:33:04 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\Windows 7 Manager - Run File.job
[2010/02/18 13:33:41 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2010/02/17 12:44:05 | 000,000,211 | ---- | M] () -- C:\Windows\IDM.REG
[2010/02/15 21:15:05 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\krx260.dat
[2010/02/13 03:32:06 | 000,000,157 | ---- | M] () -- C:\Users\Timothy\AppData\Roaming\default.rss
[2010/02/13 02:37:32 | 000,000,000 | ---- | M] () -- C:\Users\Timothy\AppData\Local\rx_image32.Cache
[2010/02/12 18:20:52 | 000,034,308 | ---- | M] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010/02/10 17:14:23 | 000,856,441 | ---- | M] () -- C:\Users\Public\Documents\asgt.exe
[2010/02/03 15:03:15 | 000,000,042 | ---- | M] () -- C:\Windows\SysWow64\QAPPKM_UKDFC.pnc
[2010/02/03 14:23:48 | 000,000,042 | ---- | M] () -- C:\Windows\SysWow64\DuplicateFileCleaner.lie
[2010/02/02 09:19:59 | 000,021,592 | ---- | M] () -- C:\Users\Timothy\The insidious betrayal of my declining mind.docx
[2010/01/29 21:14:23 | 000,000,486 | ---- | M] () -- C:\Windows\SysNative\SYNSOACC.dll - Shortcut (2).lnk
[2010/01/28 20:35:44 | 002,077,312 | ---- | M] () -- C:\Windows\SysNative\BootMan.exe
[2010/01/28 20:35:44 | 001,692,288 | ---- | M] () -- C:\Windows\SysWow64\BootMan.exe
[2010/01/26 12:01:03 | 000,006,656 | ---- | M] () -- C:\Users\Timothy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/23 15:43:22 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/01/23 15:43:22 | 000,524,288 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/01/23 15:43:22 | 000,065,536 | -HS- | M] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TM.blf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

Mr PC · 2010/04/22

OLT scan post fix 4

========== Files Created - No Company Name ==========

[2010/04/22 20:26:00 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Bing Maps 3D.lnk
[2010/04/20 22:56:15 | 000,015,928 | ---- | C] () -- C:\Windows\SysNative\drivers\COMFiltr.sys
[2010/04/20 22:56:04 | 000,000,274 | ---- | C] () -- C:\Windows\SysNative\PavCPL64.dat
[2010/04/20 01:01:49 | 290,435,400 | ---- | C] () -- C:\Users\Public\Documents\BackupRegistry(20100420).reg
[2010/04/20 00:14:29 | 001,054,916 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7600.16385_none_d272c6d7600db661.manifest
[2010/04/20 00:14:29 | 000,143,196 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-msxml30_31bf3856ad364e35_6.1.7600.16385_none_eeb7dc93e4e7eade.manifest
[2010/04/20 00:14:29 | 000,123,749 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.1.7600.16385_none_782caecbca6c3448.manifest
[2010/04/20 00:14:29 | 000,101,077 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-com-base_31bf3856ad364e35_6.1.7600.16385_none_7437d270749746e5.manifest
[2010/04/20 00:14:29 | 000,086,382 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_0c9426bbaadd00d8.manifest
[2010/04/20 00:14:29 | 000,081,227 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7600.16385_none_1837f556ef065706.manifest
[2010/04/20 00:14:29 | 000,062,541 | ---- | C] () -- C:\Windows\SysWow64\wow64_microsoft-windows-directory-services-sam_31bf3856ad364e35_6.1.7600.16385_none_1837f556ef065706_samsrv.mof_b7a3f662
[2010/04/20 00:14:29 | 000,026,623 | ---- | C] () -- C:\Windows\SysWow64\wow64_wlansvc.ptxml
[2010/04/20 00:14:29 | 000,013,270 | ---- | C] () -- C:\Windows\SysWow64\wow64_ieframe.ptxml
[2010/04/19 23:54:22 | 000,287,788 | ---- | C] () -- C:\Windows\SysNative\Rules.System.Configuration.xml
[2010/04/19 23:02:58 | 000,002,055 | ---- | C] () -- C:\Users\Timothy\Desktop\HijackThis.lnk
[2010/04/19 19:38:08 | 000,000,941 | ---- | C] () -- C:\Users\Timothy\Desktop\Dexpot.lnk
[2010/04/19 19:14:16 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/19 18:31:35 | 299,632,020 | ---- | C] () -- C:\Users\Public\Documents\BackupRegistry(20100419).reg
[2010/04/19 16:00:20 | 000,798,855 | ---- | C] () -- C:\Users\Timothy\Desktop\SvsSingleFarm_SharePointProducts2010.pdf
[2010/04/19 15:56:32 | 001,570,351 | ---- | C] () -- C:\Users\Timothy\Desktop\Office2010BetaResKit.chm
[2010/04/19 15:56:20 | 000,259,360 | ---- | C] () -- C:\Users\Timothy\Desktop\64bitClientInstallation_Office2010.pdf
[2010/04/19 15:56:05 | 000,277,123 | ---- | C] () -- C:\Users\Timothy\Desktop\Topologies_SharePointServer2010.pdf
[2010/04/19 15:55:23 | 000,236,301 | ---- | C] () -- C:\Users\Timothy\Desktop\OutlookVoiceAccess2010QuickStart_en-US.pdf
[2010/04/19 11:09:44 | 000,441,006 | ---- | C] () -- C:\Users\Timothy\Desktop\Sahay release.jpg
[2010/04/19 10:33:31 | 2945,847,295 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/19 09:00:33 | 000,000,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows 7 Manager.lnk
[2010/04/18 07:42:46 | 000,008,627 | ---- | C] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2010/04/18 07:29:10 | 000,237,172 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck
[2010/04/18 07:29:10 | 000,237,172 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT
[2010/04/18 07:29:10 | 000,001,132 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck
[2010/04/18 07:29:10 | 000,001,132 | ---- | C] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG
[2010/04/18 05:00:28 | 294,732,428 | ---- | C] () -- C:\Users\Public\Documents\BackupRegistry(20100418).reg
[2010/04/18 00:50:26 | 000,029,337 | ---- | C] () -- C:\Users\Timothy\AppData\Roaming\UserTile.png
[2010/04/17 23:20:37 | 000,000,272 | ---- | C] () -- C:\Users\Timothy\Desktop\The Unofficial NVIDIA SLI Technology User Reference Guide - NVIDIA Forums.url
[2010/04/17 21:38:46 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2010/04/17 21:38:46 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2010/04/17 21:33:07 | 000,013,931 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2010/04/17 21:33:03 | 000,013,931 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2010/04/17 20:57:16 | 000,123,780 | ---- | C] () -- C:\Windows\SysNative\drivers\RtConvEQ.DAT
[2010/04/17 20:57:16 | 000,001,496 | ---- | C] () -- C:\Windows\SysNative\drivers\RtkAcerM.dat
[2010/04/17 20:57:16 | 000,000,728 | ---- | C] () -- C:\Windows\SysNative\drivers\RtHdatEx.dat
[2010/04/17 20:57:16 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat
[2010/04/17 20:57:16 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat
[2010/04/17 20:57:16 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat
[2010/04/17 20:57:16 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat
[2010/04/17 20:35:33 | 000,031,576 | ---- | C] () -- C:\Users\Timothy\Desktop\support.gateway.com - Print.pdf
[2010/04/17 14:22:58 | 001,225,728 | ---- | C] () -- C:\Users\Timothy\Desktop\WSUS30DeploymentGuide.doc
[2010/04/17 00:12:02 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/17 00:12:02 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/17 00:12:02 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{38ae7ddf-49d7-11df-a730-00226866d877}.TM.blf
[2010/04/16 23:37:04 | 000,027,648 | ---- | C] () -- C:\Users\Timothy\Desktop\First Day Contact Form.doc
[2010/04/16 23:24:25 | 026,894,050 | ---- | C] () -- C:\Users\Timothy\Desktop\Addison.Wesley.GPU.Gems.3.Aug.2007.chm
[2010/04/16 19:12:06 | 289,261,034 | ---- | C] () -- C:\Users\Public\Documents\BackupRegistry(20100416).reg
[2010/04/15 01:44:27 | 019,539,424 | ---- | C] () -- C:\Users\Timothy\01. Suzanne.flac
[2010/04/15 00:31:35 | 001,949,066 | ---- | C] () -- C:\Users\Timothy\Desktop\forums.nvidia.com - index.pdf
[2010/04/13 22:24:45 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/13 22:24:45 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/13 22:24:45 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{a4947177-476c-11df-96f6-00226866d877}.TM.blf
[2010/04/11 00:40:51 | 000,884,224 | ---- | C] () -- C:\Users\Timothy\Desktop\Internet Explorer 8 Performance White Paper - Copy.doc
[2010/04/09 20:14:11 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/04/09 20:14:11 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/04/09 20:14:11 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e6836b9d-4435-11df-8b85-00226866d877}.TM.blf
[2010/04/03 22:55:32 | 000,009,832 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010/04/03 18:41:38 | 000,276,196 | ---- | C] () -- C:\Windows\SysNative\NvApps.xml
[2010/04/03 18:41:38 | 000,066,714 | ---- | C] () -- C:\Windows\SysNative\NvwsApps.xml
[2010/03/30 18:12:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01005.Wdf
[2010/03/29 18:15:35 | 348,466,330 | ---- | C] () -- C:\Users\Timothy\Documents\BackupRegistry(20100329).reg
[2010/03/29 13:08:53 | 000,003,315 | ---- | C] () -- C:\Windows\SysNative\e1y62x64.din
[2010/03/28 23:40:24 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2010/03/27 21:33:11 | 000,000,107 | ---- | C] () -- C:\Users\Timothy\AppData\Local\00000104
[2010/03/27 21:02:56 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/27 21:02:56 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/27 21:02:56 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{7aad573b-3a05-11df-9cf7-00226866d877}.TM.blf
[2010/03/22 23:13:50 | 000,003,215 | -H-- | C] () -- C:\Windows\EPMBatch.ept
[2010/03/21 19:20:24 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\nvTextureToolsUtil.dll
[2010/03/21 19:19:33 | 000,124,928 | ---- | C] () -- C:\Windows\SysNative\NVDevCPL.cpl
[2010/03/21 19:19:33 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\NVDevTray.dll
[2010/03/21 19:19:33 | 000,001,695 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NVIDIA Driver Instrumentation Tray.lnk
[2010/03/21 19:19:28 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\nvPerfSDKUtil.dll
[2010/03/21 19:19:14 | 001,537,536 | R--- | C] () -- C:\Windows\SysNative\nvpmapi64.dll
[2010/03/21 19:19:14 | 000,001,816 | R--- | C] () -- C:\Windows\SysNative\nvprfctr.ini
[2010/03/21 19:19:14 | 000,000,866 | R--- | C] () -- C:\Windows\SysNative\nvprfsmb.h
[2010/03/21 19:19:14 | 000,000,240 | R--- | C] () -- C:\Windows\SysNative\nvprfctr.reg
[2010/03/21 19:19:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\nvPerfHUDUtil.dll
[2010/03/21 14:53:36 | 000,350,720 | ---- | C] () -- C:\Users\Timothy\Desktop\hjsplit.exe
[2010/03/17 19:00:46 | 002,077,312 | ---- | C] () -- C:\Windows\SysNative\BootMan.exe
[2010/03/17 19:00:46 | 001,692,288 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2010/03/17 19:00:46 | 000,100,232 | ---- | C] () -- C:\Windows\SysNative\setupempdrvx64.exe
[2010/03/17 19:00:46 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2010/03/17 19:00:46 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\EuEpmGdi.dll
[2010/03/17 19:00:46 | 000,009,096 | ---- | C] () -- C:\Windows\SysNative\EuGdiDrv.sys
[2010/03/17 19:00:45 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2010/03/17 19:00:45 | 000,016,776 | ---- | C] () -- C:\Windows\SysNative\epmntdrv.sys
[2010/03/17 19:00:45 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2010/03/17 19:00:45 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2010/03/17 17:57:49 | 000,000,386 | ---- | C] () -- C:\Windows\tasks\Registry Reviver64-Timothy-Startup.job
[2010/03/17 15:46:24 | 000,002,736 | ---- | C] () -- C:\Windows\SysNative\oodbs.lor
[2010/03/17 13:06:29 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/17 13:06:25 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/17 01:04:17 | 000,065,536 | -HS- | C] () -- C:\NULL
[2010/03/16 20:20:03 | 000,000,219 | ---- | C] () -- C:\Windows\iepreview.ini
[2010/03/15 11:18:45 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/15 11:18:45 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/15 11:18:45 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{e16ac65b-3045-11df-b9da-00226866d877}.TM.blf
[2010/03/15 01:48:01 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/15 01:48:01 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/15 01:48:01 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{31fcde59-2ff6-11df-ade2-00226866d877}.TM.blf
[2010/03/13 22:10:30 | 000,081,767 | ---- | C] () -- C:\Windows\hpqins13.dat
[2010/03/13 21:56:41 | 000,231,258 | ---- | C] () -- C:\Windows\hpwins23.dat
[2010/03/13 21:56:41 | 000,019,022 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/03/13 21:56:41 | 000,001,843 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2010/03/10 18:32:25 | 000,000,096 | ---- | C] () -- C:\Windows\CL.INI
[2010/03/07 19:45:51 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2010/03/06 14:57:00 | 000,214,528 | ---- | C] () -- C:\Windows\acroinst.exe
[2010/03/06 14:57:00 | 000,062,597 | ---- | C] () -- C:\Windows\acropdf.chm
[2010/03/06 14:57:00 | 000,000,667 | ---- | C] () -- C:\Windows\acroppd.ppd
[2010/03/03 01:31:22 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/03/03 01:31:21 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/03/03 01:31:21 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{98930d2b-2685-11df-8bfc-00226866d877}.TM.blf
[2010/03/02 01:41:33 | 000,003,546 | ---- | C] () -- C:\Users\Timothy\AppData\Roaming\com.koingosw.LibrarianPro.xml
[2010/02/25 22:47:53 | 000,002,030 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke Translator.lnk
[2010/02/25 22:40:54 | 000,001,901 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch WhiteSmoke.lnk
[2010/02/22 17:23:45 | 000,000,310 | ---- | C] () -- C:\Windows\tasks\Windows 7 Manager - Run File.job
[2010/02/19 21:49:43 | 000,120,832 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2010/02/19 19:31:52 | 001,103,360 | ---- | C] () -- C:\Windows\SysWow64\cidfont.dll
[2010/02/19 19:31:51 | 004,369,408 | ---- | C] () -- C:\Windows\SysWow64\pdftk.exe
[2010/02/19 19:31:51 | 001,503,232 | ---- | C] () -- C:\Windows\SysWow64\ptj.exe
[2010/02/19 19:31:51 | 000,235,008 | ---- | C] () -- C:\Windows\SysWow64\office.exe
[2010/02/16 21:16:38 | 000,000,211 | ---- | C] () -- C:\Windows\IDM.REG
[2010/02/15 21:09:53 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\krx260.dat
[2010/02/13 03:32:06 | 000,000,157 | ---- | C] () -- C:\Users\Timothy\AppData\Roaming\default.rss
[2010/02/13 02:37:32 | 000,000,000 | ---- | C] () -- C:\Users\Timothy\AppData\Local\rx_image32.Cache
[2010/02/12 18:39:33 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\Windows 7 Manager - Free Memory.job
[2010/02/12 16:41:18 | 000,000,194 | ---- | C] () -- C:\ProgramData\DriverTool.log
[2010/02/10 18:13:57 | 000,856,441 | ---- | C] () -- C:\Users\Public\Documents\asgt.exe
[2010/02/03 15:03:15 | 000,000,042 | ---- | C] () -- C:\Windows\SysWow64\QAPPKM_UKDFC.pnc
[2010/02/03 14:23:48 | 000,000,042 | ---- | C] () -- C:\Windows\SysWow64\DuplicateFileCleaner.lie
[2010/01/29 21:14:22 | 000,000,486 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC.dll - Shortcut (2).lnk
[2010/01/29 21:14:08 | 000,000,658 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC.dll - Shortcut.lnk
[2010/01/29 20:06:46 | 000,016,384 | ---- | C] () -- C:\Windows\SysNative\drivers\vpcuxd.sys
[2010/01/29 20:06:46 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\vpchbuspipe.dll
[2010/01/29 20:06:35 | 000,187,904 | ---- | C] () -- C:\Windows\SysNative\drivers\vpchbus.sys
[2010/01/29 20:06:35 | 000,095,232 | ---- | C] () -- C:\Windows\SysNative\drivers\vpcusb.sys
[2010/01/29 19:44:37 | 000,051,867 | ---- | C] () -- C:\Windows\Ultimate.xml
[2010/01/29 03:24:55 | 000,400,384 | ---- | C] () -- C:\Windows\System\SYNSOACC.dll
[2010/01/23 15:43:22 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TMContainer00000000000000000002.regtrans-ms
[2010/01/23 15:43:22 | 000,524,288 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TMContainer00000000000000000001.regtrans-ms
[2010/01/23 15:43:22 | 000,065,536 | -HS- | C] () -- C:\Users\Timothy\ntuser.dat{5ccd1fc7-0857-11df-b981-00226866d877}.TM.blf
[2010/01/21 04:26:26 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010/01/21 04:14:49 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\avisynth.dll
[2010/01/19 20:07:32 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2010/01/18 05:20:58 | 000,084,480 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/01/18 05:12:59 | 000,000,079 | ---- | C] () -- C:\Windows\in_mlp.ini
[2009/11/18 23:03:00 | 000,872,000 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/11/17 23:57:58 | 000,000,036 | ---- | C] () -- C:\Windows\verypdf.ini
[2009/11/17 07:12:55 | 000,106,496 | R--- | C] () -- C:\Windows\SysWow64\vshp1020.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/09 11:03:56 | 000,294,912 | ---- | C] () -- C:\Windows\PIC.dll
[2009/07/09 11:03:56 | 000,000,870 | ---- | C] () -- C:\Windows\mhotkey_reg.ini
[2009/06/25 15:10:08 | 000,089,352 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2009/06/25 15:09:34 | 000,059,144 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2009/06/25 15:08:48 | 000,234,760 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll
[2009/06/03 17:14:48 | 000,167,424 | ---- | C] () -- C:\Windows\SysWow64\drivers\ArcHlp.sys
[2008/07/27 14:32:43 | 000,002,773 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2008/07/27 14:32:43 | 000,001,324 | ---- | C] () -- C:\Windows\FF08_not_Spk_Hp.ini
[2008/07/27 14:32:21 | 000,169,984 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2008/07/27 14:32:21 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2005/10/14 06:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2005/10/14 06:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\VorbisEnc.dll
[2005/10/14 06:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2005/10/14 06:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\xvid.dll
[2005/10/14 06:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2005/10/14 06:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2005/10/14 06:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2005/10/14 06:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2005/10/14 06:56:48 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\MMSwitch.dll
[2004/01/30 16:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\SysWow64\unicows.dll
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\sysres.dll

========== LOP Check ==========

[2010/01/18 04:49:48 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\4Media Software Studio
[2010/04/08 02:40:17 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Agnosco DICOM Viewer
[2009/11/20 00:00:04 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Amazon
[2010/02/28 05:18:52 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\App Launcher Gadget
[2010/03/10 22:37:33 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Azureus
[2010/01/20 23:13:25 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Broad Intelligence
[2010/03/09 02:34:52 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Bullzip
[2010/02/19 17:52:09 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/04/20 03:06:16 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Dexpot
[2010/04/19 08:47:11 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\DMCache
[2010/04/05 13:42:46 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\DriverCure
[2010/01/08 18:17:11 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\EndNote
[2010/03/06 13:44:46 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Foxit
[2010/03/06 14:21:54 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Foxit Software
[2010/04/19 08:47:11 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\IDM
[2010/02/22 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\install
[2010/03/03 04:24:22 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\IObit
[2010/02/15 21:05:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Kristanix Software
[2010/04/18 03:51:31 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\KSE
[2010/04/18 04:17:50 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\nHancer
[2010/02/24 06:01:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\NVD
[2010/02/12 00:00:18 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\OpenCandy
[2010/03/29 11:28:28 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Opera
[2010/04/20 22:55:28 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Panda Security
[2010/02/24 14:34:47 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\PCF-VLC
[2010/03/29 12:29:21 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\PCPitstop
[2010/04/18 00:27:45 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\PeerNetworking
[2010/04/11 07:39:39 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Pegasys Inc
[2010/01/29 00:17:09 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\River Past G5
[2010/03/09 03:10:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\SecondLife
[2010/03/27 01:05:33 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Seeing Machines
[2010/02/12 23:04:48 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Simple Star
[2010/04/14 01:38:48 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\SmartDraw
[2010/04/17 00:15:02 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\SoftGrid Client
[2009/12/16 13:21:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Subversion
[2010/04/14 01:41:13 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\SystemRequirementsLab
[2010/01/27 01:24:19 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Template
[2010/01/29 18:56:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TH1
[2010/02/04 00:01:06 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Thinking Minds Budiling Bytes
[2010/02/28 12:29:23 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Thinstall
[2010/02/24 00:33:04 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Tific
[2010/03/10 18:24:06 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\ToLTech
[2010/04/17 00:14:57 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TP
[2010/03/02 03:49:48 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\TuneUp Software
[2010/03/17 17:59:14 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Uniblue
[2010/01/18 05:20:53 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Vso
[2010/04/13 22:32:19 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Western Digital
[2010/04/17 10:16:42 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Western DigitalTemp
[2010/04/19 10:32:58 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\WhiteSmoke
[2010/04/19 10:32:58 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\WhiteSmokeTranslator
[2010/03/31 17:23:23 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\Windows Live Writer
[2010/02/04 00:18:05 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\XemiComputers
[2010/03/07 18:11:14 | 000,000,000 | ---D | M] -- C:\Users\Timothy\AppData\Roaming\{20140062-0062-0409-0000-0000000FF1CE}
[2010/03/21 14:39:45 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\Registry Reviver64-Timothy-Startup.job
[2010/04/19 09:12:25 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/04/22 23:34:38 | 000,000,300 | ---- | M] () -- C:\Windows\Tasks\Windows 7 Manager - Free Memory.job
[2010/02/22 19:33:04 | 000,000,310 | ---- | M] () -- C:\Windows\Tasks\Windows 7 Manager - Run File.job

========== Purity Check ==========

< End of report >

broni · 2010/04/22

We posted at the same time, so I'm not sure, if you saw my reply #22.

Log in or Sign up

Active C:\users\Appdata\roaming\microsoft\windows\cookies\@ATDMT[1].TXT

Mr PC Inactive Thread Starter

broni Moderator Malware Analyst

Mr PC Inactive Thread Starter

Mr PC Inactive Thread Starter

Mr PC Inactive Thread Starter

Mr PC Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Active C:\users\Appdata\roaming\microsoft\windows\cookies\@ATDMT[1].TXT

Mr PC Inactive Thread Starter

broni Moderator Malware Analyst

Mr PC Inactive Thread Starter

Mr PC Inactive Thread Starter

Mr PC Inactive Thread Starter

Mr PC Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches