Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

A repost with file unzipped...sorry

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

A repost with file unzipped...sorry

Unread postby alwysbtchn » March 26th, 2011, 7:05 am

I started about a month and a half ago getting blue screens randomly when I would play a demanding game , MMORPG, then I could not get into my device manager I had been blocked out by group policy. SO then I ran my tune up utilities and it said there was one error it could not fix, several times, i ignored it, until yesterday and the file said it was a driver I had never seen before, but the issues regarding it were very similiar, so I looked it up online saw it could be malware, so i downloaded malwarebytes and rain in safe mode, it found alas 21 viruses, i i then ran cccleaner to clean up registry files, it seemed to work better, until the next day. Also for 2 weeks now I have had a Microsoft not genuine issue, i am the only one who uses this key unless it has been hijacked, i tried to use my upgrade win 7 i had purchased as a student but it would not let me due to it being an upgrade, and my other disk is OEM clean install. I realize now I have issues, thanks for your time.
Kara

u.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Kara at 13:35:30.33 on Fri 03/25/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1759 [GMT -7:00]
.
AV: Sunbelt VIPRE *Enabled/Updated* {BE5DD172-7F42-7948-1A60-E6A720288F81}
SP: Sunbelt VIPRE *Enabled/Updated* {053C3096-5978-76C6-20D0-DDD55BAFC53C}
FW: Sunbelt VIPRE *Enabled* {86665057-352D-7810-313F-4F92DEFBC8FA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
C:\Windows\System32\msdtc.exe
C:\Windows\system32\mqsvc.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Kara\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = res://C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_BAND_SEARCHBAR_HTML
uWindow Title =
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: N/A: {be89472c-b803-4d1d-9a9a-0a63660e0fe3} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: IEHlprObj Class: {8ca5ed52-f3fb-4414-a105-2e3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: Copernic Agent Results: {6f480f82-c3a6-4d35-96f7-b297ad49fbe8} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll
EB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
mRun: [SBAMTray] "C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: NoInstrumentation = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
IE: Free YouTube to MP3 Converter - C:\Users\Kara\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Search Using Copernic Agent - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
IE: {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~2\COPERN~1\COPERN~1.EXE
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49}
IE: {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~2\COPERN~1\COPERN~1.EXE
IE: {0BCBCDD8-E5D9-417D-A752-C2DA929A21BF} - {4D459C49-EA39-4C99-8BBD-75EFB7D6759D} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
LSP: C:\Windows\system32\iavlsp.dllhxxp://utilities.pcpitstop.com/Nirva ... cmatic.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/So ... b56986.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/Me ... b56907.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
mRun-x64: [MsmqIntCert] regsvr32 /s mqrt.dll
SSODL-X64: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=16794S&l=dis
FF - component: C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npmidas.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Amplify: {8f5ce3f8-1735-4680-b15e-108f2f50e8ba} - %profile%\extensions\{8f5ce3f8-1735-4680-b15e-108f2f50e8ba}
FF - Ext: feedly: feedly@devhd - %profile%\extensions\feedly@devhd
FF - Ext: AddonFox: {ad48108d-92a6-4eb9-87e4-978aca1dbae4} - %profile%\extensions\{ad48108d-92a6-4eb9-87e4-978aca1dbae4}
FF - Ext: FaceTweak: {1519200d-6633-40c9-a9a1-d60d8d1d0479} - %profile%\extensions\{1519200d-6633-40c9-a9a1-d60d8d1d0479}
FF - Ext: DVDVideoSoftTB Community Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: Autofill Forms: autofillForms@blueimp.net - %profile%\extensions\autofillForms@blueimp.net
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: Image Zoom: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} - %profile%\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
FF - Ext: FlashVideoReplacer: flvideoreplacer@lovinglinux.megabyet.net - %profile%\extensions\flvideoreplacer@lovinglinux.megabyet.net
FF - Ext: TweakTube: {15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed} - %profile%\extensions\{15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed}
FF - Ext: Facebook Like: {45e16761-660c-41a4-984f-56986fba2137} - %profile%\extensions\{45e16761-660c-41a4-984f-56986fba2137}
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: iWinGames Plugin: {98e34367-8df7-42b4-837b-20b892ff0849} - C:\ProgramData\iWin Games\firefox
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2010-11-16 23464]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 SbFw;SbFw;C:\Windows\System32\drivers\SbFw.sys [2010-8-23 253528]
R1 SBRE;SBRE;C:\Windows\System32\drivers\sbredrv.sys [2010-8-19 49752]
R1 SbTis;SbTis;C:\Windows\System32\drivers\sbtis.sys [2010-9-7 94296]
R1 vdrv1000;vdrv1000;C:\Windows\System32\drivers\vdrv1000.sys [2010-9-15 220696]
R1 VWiFiFlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/15 01:07:42];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-3-13 146928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203776]
R2 AMP;AMP;C:\Windows\System32\drivers\amp.sys [2010-11-16 161320]
R2 SBAMSvc;VIPRE Antivirus Premium;C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe [2010-8-20 2763080]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2010-6-14 64600]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe [2010-8-20 181584]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-1-27 9085952]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-1-26 299520]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2010-8-23 84056]
R3 SBHIPS;SBHIPS;C:\Windows\System32\drivers\sbhips.sys [2010-9-7 60504]
R3 vcd10bus;Virtual CD v10 Bus Enumerator;C:\Windows\System32\drivers\vcd10bus.sys [2010-9-15 40464]
S2 AMPSE;AMPSE;C:\Windows\System32\drivers\ampse.sys [2010-11-16 1404456]
S2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2010-12-10 724664]
S3 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-6-5 315392]
S3 HH10Help.sys;HH10Help.sys;C:\Windows\System32\drivers\HH10Help.sys [2010-9-15 24088]
S3 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2010-12-10 724664]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-11-10 341856]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-11-10 4162784]
S3 lxbk_device;lxbk_device;C:\Windows\system32\lxbkcoms.exe -service --> C:\Windows\system32\lxbkcoms.exe -service [?]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2009-6-17 17976]
S3 VC10SecS;Virtual CD v10 Management Service;C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [2010-9-15 145224]
S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2010-11-1 16384]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S3 WMSVC;Web Management Service;C:\Windows\System32\inetsrv\WMSvc.exe [2009-7-13 10752]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
S4 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-8-19 90112]
S4 gupdate;Google Update Service (gupdate);"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [?]
S4 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2010-9-27 176408]
S4 LVPrcS64;Process Monitor;C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-5-7 197976]
S4 nosGetPlusHelper;getPlus(R) Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
S4 vseamps;vseamps;C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [2010-1-19 150568]
S4 vsedsps;vsedsps;C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [2010-1-19 150056]
S4 vseqrts;vseqrts;C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [2010-1-19 207400]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-03-25 06:49:17 -------- d-----w- C:\Windows\System32\msmq
2011-03-25 06:49:17 -------- d-----w- C:\Windows\System32\0416
2011-03-25 06:49:17 -------- d-----w- C:\Windows\System32\0415
2011-03-25 06:49:17 -------- d-----w- C:\Windows\System32\0408
2011-03-25 06:49:17 -------- d-----w- C:\Windows\System32\0401
2011-03-25 06:49:15 -------- d-----w- C:\Windows\System32\040B
2011-03-25 01:48:27 -------- d-----w- C:\Program Files (x86)\RegTweaker
2011-03-25 01:06:18 -------- d-----w- C:\Users\Kara\AppData\Roaming\Malwarebytes
2011-03-25 01:06:13 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-25 01:06:12 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-03-25 01:06:09 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-03-25 01:06:09 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-24 01:32:33 -------- d-----w- C:\Windows\System32\SPReview
2011-03-24 01:31:24 -------- d-----w- C:\eb2a1225470fe4c93a0eaf52
2011-03-23 12:09:15 -------- d-----w- C:\Users\Kara\AppData\Local\Secunia PSI
2011-03-23 10:46:40 34632 ----a-w- C:\Windows\System32\TURegOpt.exe
2011-03-23 10:46:38 36168 ----a-w- C:\Windows\System32\uxtuneup.dll
2011-03-23 10:46:38 30024 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2011-03-23 10:46:38 25928 ----a-w- C:\Windows\System32\authuitu.dll
2011-03-23 10:46:38 21320 ----a-w- C:\Windows\SysWow64\authuitu.dll
2011-03-23 10:46:06 -------- d-----w- C:\Users\Kara\AppData\Roaming\TuneUp Software
2011-03-23 10:45:54 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2010
2011-03-23 10:44:48 -------- d-----w- C:\PROGRA~3\TuneUp Software
2011-03-23 10:44:39 -------- d-sh--w- C:\PROGRA~3\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2011-03-23 10:17:14 -------- d-----w- C:\Users\Kara\AppData\Local\DataKeeper
2011-03-23 09:30:31 -------- d--h--w- C:\dvmexp.BAK
2011-03-23 09:28:46 -------- d-----w- C:\Users\Kara\AppData\Roaming\Easeware
2011-03-23 09:21:56 -------- d-----w- C:\Program Files\Easeware
2011-03-23 03:18:09 -------- d-----w- C:\Windows\System32\EventProviders
2011-03-22 19:26:36 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-03-22 19:02:08 -------- d-----w- C:\Users\Kara\AppData\Local\WindowsUpdate
2011-03-18 02:07:44 -------- d-----w- C:\Users\Kara\AppData\Local\2K Games
2011-03-18 02:06:20 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-03-18 02:04:57 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-03-18 01:48:44 -------- d-----w- C:\Program Files (x86)\2K Games
2011-03-13 17:04:52 -------- d-----w- C:\Program Files (x86)\Winamp Detect
2011-03-13 08:22:31 -------- d-----w- C:\Users\Kara\AppData\Roaming\Plane9
2011-03-13 08:22:14 -------- d-----w- C:\Program Files (x86)\Plane9
2011-03-12 22:25:27 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-03-12 22:25:27 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-03-12 19:28:40 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-03-12 19:28:40 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-03-10 21:37:03 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-03-10 21:37:03 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-03-09 18:03:33 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2011-03-09 18:03:32 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-03-09 18:03:29 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-03-09 18:03:28 1097216 ----a-w- C:\Windows\System32\mstsc.exe
2011-03-07 19:49:09 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-03-07 19:49:09 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-03-07 19:49:09 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-03-07 19:48:26 -------- d-----w- C:\Program Files\iPod
2011-03-07 19:48:24 -------- d-----w- C:\Program Files\iTunes
2011-03-07 19:48:24 -------- d-----w- C:\Program Files (x86)\iTunes
2011-03-07 19:43:17 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-03-05 09:11:57 73544 ----a-w- C:\Windows\System32\XAPOFX1_3.dll
2011-03-05 09:10:59 411496 ----a-w- C:\Windows\System32\xactengine2_9.dll
2011-03-05 09:09:57 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll
2011-03-05 09:09:57 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll
2011-03-04 21:20:44 -------- d--h--w- C:\Windows\msdownld.tmp
2011-03-04 21:20:40 -------- d-----w- C:\Windows\SysWow64\directx
2011-02-27 06:23:43 -------- d-----w- C:\Users\Kara\AppData\Local\ClipboardManager
2011-02-27 04:02:39 -------- d-----w- C:\Windows\SysWow64\wbem\Performance
2011-02-27 03:54:32 -------- d-----w- C:\PROGRA~3\GroupPolicy
2011-02-27 02:41:28 -------- d-----w- C:\Windows\System32\catroot2
2011-02-25 20:58:28 57344 ----a-w- C:\Windows\Plane9.scr
.
==================== Find3M ====================
.
2011-03-24 20:36:20 99384 ----a-w- C:\Users\Kara\AppData\Roaming\inst.exe
2011-03-24 20:36:20 82816 ----a-w- C:\Users\Kara\AppData\Roaming\pcouffin.sys
2011-03-24 03:00:52 152064 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-03-24 03:00:49 175104 ----a-w- C:\Windows\System32\msclmd.dll
2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-03 05:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-01-27 07:37:22 9085952 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-01-27 07:22:20 22295040 ----a-w- C:\Windows\System32\atio6axx.dll
2011-01-27 07:00:46 143360 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-01-27 07:00:32 596480 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-01-27 06:59:48 17204736 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-01-27 06:59:12 708608 ----a-w- C:\Windows\System32\aticfx64.dll
2011-01-27 06:56:30 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-01-27 06:56:16 479232 ----a-w- C:\Windows\System32\atieclxx.exe
2011-01-27 06:55:38 203776 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-01-27 06:54:22 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-01-27 06:54:02 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-01-27 06:53:56 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-01-27 06:53:44 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-01-27 06:53:38 16384 ----a-w- C:\Windows\System32\atimuixx.dll
2011-01-27 06:53:34 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-01-27 06:53:28 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-01-27 06:49:46 4105728 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-01-27 06:40:04 4847616 ----a-w- C:\Windows\System32\atidxx64.dll
2011-01-27 06:32:48 1208320 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-01-27 06:32:14 1912832 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-01-27 06:32:02 3222016 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-01-27 06:28:54 4170752 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-01-27 06:27:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-01-27 06:27:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-01-27 06:27:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-01-27 06:27:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-01-27 06:27:32 6982144 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-01-27 06:25:52 5580800 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-01-27 06:24:20 3463680 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-01-27 06:22:00 5316096 ----a-w- C:\Windows\System32\atiumd64.dll
2011-01-27 06:20:46 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-01-27 06:14:16 354304 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-01-27 06:14:10 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-01-27 06:13:58 14848 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-01-27 06:13:54 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-01-27 06:13:54 12800 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-01-27 06:13:52 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-01-27 06:13:44 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-01-27 06:13:34 299520 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-01-27 06:12:48 39936 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-01-27 06:12:42 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-01-27 06:12:34 38400 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-01-27 06:12:26 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-01-27 06:11:48 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-01-27 06:08:48 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2011-01-27 06:08:48 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-01-27 06:08:42 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-01-27 06:08:42 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-01-10 04:26:24 2560 ----a-w- C:\Windows\_MSRSTRT.EXE
2011-01-07 08:07:24 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-07 08:07:24 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 07:31:10 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-07 07:31:10 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 13:38:15.34 =============== :cheers: :cheers: :cheers: :cheers:
alwysbtchn
Regular Member
 
Posts: 47
Joined: October 10th, 2008, 6:42 pm
Location: san diego, CA
Advertisement
Register to Remove

Re: A repost with file unzipped...sorry

Unread postby askey127 » March 28th, 2011, 1:14 pm

The first thing you need to do is FIX your Windows 7 license.
Nothing else will be useful until you do.
You have Windows 7 Ultimate 64-bit installed now.
We may be able to offer suggestions
Where did it come from, what kind of license is it (OEM/RETAIL/UPGRADE?), and where did you get the key?
If it's an upgrade, what was the original Operating System?
http://technet.microsoft.com/en-us/libr ... 10%29.aspx
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: A repost with file unzipped...sorry

Unread postby alwysbtchn » March 31st, 2011, 12:59 pm

IO have an OEM windows 64 bit operating system, I also purchased an upgrade and never used the key , I tried and it told me it was an upgrade cannot use it, I would love to fix this, I believe the malware did this because I cannot open my system device manager either since this happened, what do you suggest I do?
alwysbtchn
Regular Member
 
Posts: 47
Joined: October 10th, 2008, 6:42 pm
Location: san diego, CA

Re: A repost with file unzipped...sorry

Unread postby alwysbtchn » March 31st, 2011, 1:00 pm

The cd I have has never been used as well as the key on my OEM version.
alwysbtchn
Regular Member
 
Posts: 47
Joined: October 10th, 2008, 6:42 pm
Location: san diego, CA

Re: A repost with file unzipped...sorry

Unread postby askey127 » March 31st, 2011, 4:22 pm

alwysbtchn,
An OEM license only allows use on the original machine it came with. It cannot be UPGRADED to a different version, although there is no limit on Service Packs or other updates.
I understand you do have a disk for your OEM version of Win7.
DDS reports the system as Windows 7 Ultimate 64 bit. Is that the OEM system that came with it?
If it's a commercial machine, what make and model is it?
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    (Vista - W7 users: Right-click and select "Run As Administrator")
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
    • If Cure is not offered as an option, choose Skip.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the main directory of C:
    (the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp)
  6. Copy and paste the contents of that file in your next reply.
If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.
---------------------------------------------
Run a Scan with OTL
  1. Please download OTL.exe by OldTimer and save it to your desktop.
  2. Right click on OTL.exe and select Run As Administrator to run it. If Windows UAC prompts you, please allow it.
    If you have a 64-bit version of Windows, check the box at the top, labeled Include 64 bit scans
  3. Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
  4. Click on the Run Scan button at the top left hand corner.
  5. OTL will start running. When done, 2 Notepad files will open; OTL.txt and Extras.txt.
    They will be saved on your desktop.
Please post the contents of these files.
You may use separate replies if you wish.
If any of the files are too large to post, you can split the oversize one(s) into multiple replies
---------------------------------------------------
So, In Your Reply, we will be looking for the following :
  • Log from TDSSKiller
  • contents of OTL.txt
  • contents of Extras.txxt
  • Answers to the questions at the top.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: A repost with file unzipped...sorry

Unread postby alwysbtchn » April 2nd, 2011, 6:53 pm

Ok on thew first part I had no errors
next
otl txtOTL logfile created on: 3/31/2011 2:50:17 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kara\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372.51 Gb Total Space | 108.93 Gb Free Space | 29.24% Space Free | Partition Type: NTFS
Drive F: | 25.96 Mb Total Space | 25.96 Mb Free Space | 100.00% Space Free | Partition Type: FAT

Computer Name: KKE | User Name: Kara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2011/03/31 14:45:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kara\Desktop\OTL.exe
PRC - [2011/01/10 07:24:20 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2011/01/10 07:24:20 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2010/08/20 09:15:54 | 000,181,584 | ---- | M] (Sunbelt Software) -- C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe
PRC - [2009/12/23 14:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


========== Modules (SafeList) ==========

MOD - [2011/03/31 14:45:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kara\Desktop\OTL.exe
MOD - [2010/08/20 22:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/01/26 23:55:38 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/29 10:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/05/07 18:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2010/01/19 19:57:26 | 000,207,400 | ---- | M] (Authentium, Inc) [Disabled | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV:64bit: - [2010/01/19 19:57:24 | 000,150,056 | R--- | M] (Authentium, Inc) [Disabled | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV:64bit: - [2010/01/19 19:57:18 | 000,150,568 | R--- | M] (Authentium, Inc) [Disabled | Stopped] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 18:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 18:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009/07/13 18:39:13 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2008/02/19 09:12:32 | 000,565,928 | ---- | M] ( ) [On_Demand | Stopped] -- C:\Windows\SysNative\lxbkcoms.exe -- (lxbk_device)
SRV - [2011/01/10 07:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/01/10 07:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/12/02 16:17:50 | 000,724,664 | ---- | M] (iolo technologies, LLC) [Auto | Stopped] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2010/12/02 16:17:50 | 000,724,664 | ---- | M] (iolo technologies, LLC) [On_Demand | Stopped] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/09/01 15:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/08/20 09:16:34 | 002,763,080 | ---- | M] (Sunbelt Software) [Auto | Stopped] -- C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe -- (SBAMSvc)
SRV - [2010/08/20 09:15:54 | 000,181,584 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe -- (SBPIMSvc)
SRV - [2009/12/23 14:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/11/12 16:11:46 | 000,145,224 | ---- | M] (H+H Software GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe -- (VC10SecS)
SRV - [2009/07/13 18:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/13 18:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 12:12:44 | 000,315,392 | -H-- | M] (DeviceVM, Inc.) [On_Demand | Stopped] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009/04/01 21:27:28 | 000,090,112 | R--- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/02/19 09:12:18 | 000,537,256 | ---- | M] ( ) [On_Demand | Stopped] -- C:\Windows\SysWow64\lxbkcoms.exe -- (lxbk_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/01/27 00:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/01/27 00:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/01/26 23:13:34 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/01/18 12:16:17 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/11/10 02:45:54 | 004,162,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech QuickCam Pro 9000(UVC)
DRV:64bit: - [2010/11/10 02:44:24 | 000,341,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010/09/03 17:21:00 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/09/01 01:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/07/27 04:48:30 | 000,253,528 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2010/07/27 04:48:30 | 000,060,504 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (SBHIPS)
DRV:64bit: - [2010/07/27 04:48:28 | 000,094,296 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbtis.sys -- (SbTis)
DRV:64bit: - [2010/06/14 14:54:30 | 000,064,600 | ---- | M] (Sunbelt Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/04/15 18:35:00 | 000,084,056 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2010/03/22 12:11:12 | 000,049,752 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbredrv.sys -- (SBRE)
DRV:64bit: - [2010/02/17 11:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 11:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/01/19 20:04:18 | 000,161,320 | R--- | M] (Authentium, Inc) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\amp.sys -- (AMP)
DRV:64bit: - [2010/01/19 20:04:16 | 001,404,456 | R--- | M] (Authentium, Inc) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\ampse.sys -- (AMPSE)
DRV:64bit: - [2009/12/31 03:04:57 | 000,360,712 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009/11/11 20:24:14 | 000,023,464 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2009/11/09 10:55:36 | 000,220,696 | ---- | M] (H+H Software GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vdrv1000.sys -- (vdrv1000)
DRV:64bit: - [2009/09/22 18:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009/09/22 18:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009/09/22 18:32:35 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2009/09/22 18:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009/08/23 05:08:10 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/07/13 17:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2009/07/09 10:24:30 | 000,024,088 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HH10Help.sys -- (HH10Help.sys)
DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/13 18:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2008/06/17 08:22:24 | 000,040,464 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcd10bus.sys -- (vcd10bus)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2010/06/29 19:30:08 | 000,009,341 | ---- | M] (iolo technologies, LLC (based on original work by Bo Brantén)) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\filedisk.sys -- (FileDisk)
DRV - [2010/05/13 07:56:22 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\SBREDrv.sys -- (SBRE)
DRV - [2010/03/13 02:58:52 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/09/15 01:07:42] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2002/09/16 18:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\PQNTDRV.sys -- (PQNTDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 31 75 95 BB 4D D2 CB 01 [binary data]
IE - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\..\URLSearchHook: {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
IE - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o=16794S&l=dis"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.1.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {8f5ce3f8-1735-4680-b15e-108f2f50e8ba}:3.0.0
FF - prefs.js..extensions.enabledItems: feedly@devhd:5.3
FF - prefs.js..extensions.enabledItems: {ad48108d-92a6-4eb9-87e4-978aca1dbae4}:1.1.6
FF - prefs.js..extensions.enabledItems: {1519200d-6633-40c9-a9a1-d60d8d1d0479}:1.0.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1
FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.8.0
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: flvideoreplacer@lovinglinux.megabyet.net:2.0.2
FF - prefs.js..extensions.enabledItems: {15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed}:1.0.4
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe80}:0.7
FF - prefs.js..extensions.enabledItems: {45e16761-660c-41a4-984f-56986fba2137}:1.0
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.2.1


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/16 13:35:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/01/03 03:45:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/01/03 03:45:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/03/25 18:10:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/03/25 18:10:24 | 000,000,000 | ---D | M]

[2010/11/03 12:26:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kara\AppData\Roaming\Mozilla\Extensions
[2010/11/03 12:26:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kara\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/03/31 14:32:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions
[2010/12/28 09:44:09 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2011/01/13 01:10:49 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2011/03/20 23:54:31 | 000,000,000 | ---D | M] (Resurrect Pages) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}
[2011/01/17 13:31:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe80}
[2010/12/28 09:44:00 | 000,000,000 | ---D | M] (FaceTweak) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{1519200d-6633-40c9-a9a1-d60d8d1d0479}
[2011/01/13 01:10:53 | 000,000,000 | ---D | M] (TweakTube) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed}
[2011/01/13 01:10:58 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/01/13 01:10:49 | 000,000,000 | ---D | M] (Facebook Like) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{45e16761-660c-41a4-984f-56986fba2137}
[2011/03/20 23:54:41 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2011/03/20 23:54:16 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/01/13 01:11:02 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2011/03/20 23:54:26 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010/12/28 09:44:09 | 000,000,000 | ---D | M] (Amplify) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{8f5ce3f8-1735-4680-b15e-108f2f50e8ba}
[2010/12/19 03:26:07 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/03/20 23:54:25 | 000,000,000 | ---D | M] (AddonFox) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{ad48108d-92a6-4eb9-87e4-978aca1dbae4}
[2011/03/20 23:54:16 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011/01/13 01:10:50 | 000,000,000 | ---D | M] (LinkExtend) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{cf47767d-5f3a-4e32-9fce-5d79565c9702}
[2011/01/17 13:31:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/05 12:50:26 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/03/20 23:54:48 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/12/28 09:44:12 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/11/05 12:50:26 | 000,000,000 | ---D | M] ("MultirowBookmarksToolbar") -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2011/03/20 23:54:28 | 000,000,000 | ---D | M] (Autofill Forms) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\autofillForms@blueimp.net
[2011/03/20 23:54:49 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\engine@conduit.com
[2011/03/20 23:54:20 | 000,000,000 | ---D | M] (feedly) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\feedly@devhd
[2011/01/13 01:10:58 | 000,000,000 | ---D | M] (FlashVideoReplacer) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\flvideoreplacer@lovinglinux.megabyet.net
[2011/01/17 13:31:38 | 000,000,000 | ---D | M] (Read It Later) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\isreaditlater@ideashower.com
[2011/03/20 23:54:30 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\netvideohunter@netvideohunter.com
[2011/01/17 13:31:39 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\SkipScreen@SkipScreen
[2011/03/20 23:54:32 | 000,000,000 | ---D | M] (VideoSurf Videos at a Glance) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\videosurf_enhanced@videosurf.com
[2011/03/20 23:54:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\feedly@devhd\content\app\extension
[2011/01/23 14:35:11 | 000,002,427 | ---- | M] () -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\searchplugins\askcom.xml
[2010/11/15 22:31:32 | 000,002,311 | ---- | M] () -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\searchplugins\hakia.xml
[2011/03/27 23:50:26 | 000,001,817 | ---- | M] () -- C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\searchplugins\usniff.xml
[2011/03/24 15:55:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/13 12:13:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/04 19:24:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/01/03 03:45:57 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011/01/03 03:45:57 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/02/05 03:02:36 | 000,219,904 | ---- | M] (Midasplayer Ltd) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npmidas.dll
[2010/12/09 03:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2011/02/26 20:51:30 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (QuickNet BHO) - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - File not found
O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O3 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe (Sunbelt Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Activities present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\CommandBar present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Safety present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Toolbar present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Activities present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\CommandBar present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Safety present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Toolbar present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Activities present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\CommandBar present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Safety present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Toolbar present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Activities present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\CommandBar present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Safety present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Toolbar present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\Activities present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\CommandBar present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\Privacy present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\Safety present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\Toolbar present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName =
O7 - HKU\S-1-5-21-1109675280-3812906945-3506606000-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction =
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kara\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Search Using Copernic Agent - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kara\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O9 - Extra 'Tools' menuitem : Track Page Using Copernic Agent - {0BCBCDD8-E5D9-417D-A752-C2DA929A21BF} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\iavlsp.dll (iolo technologies, LLC)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWow64\iavlsp.dll (iolo technologies, LLC)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/produ ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/ ... cmatic.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/So ... b56986.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\WPDShServiceObj.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ac41f8ea-b875-11df-9369-002618aa18bb}\Shell - "" = AutoRun
O33 - MountPoints2\{c2d2ee66-c09d-11df-8afa-002618aa18bb}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2011/03/31 15:03:28 | 000,078,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
[2011/03/31 15:03:28 | 000,050,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
[2011/03/31 15:03:15 | 000,111,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
[2011/03/31 15:03:15 | 000,079,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
[2011/03/31 15:02:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RsFx
[2011/03/31 15:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2011/03/31 15:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2011/03/31 15:01:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2011/03/31 15:01:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2011/03/31 15:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/03/31 14:45:16 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Kara\Desktop\OTL.exe
[2011/03/31 14:44:39 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/03/31 14:36:22 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Kara\Desktop\tdsskiller.exe
[2011/03/29 17:47:44 | 000,000,000 | --SD | C] -- C:\Users\Kara\Documents\My Shapes
[2011/03/28 19:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Systerac Tools for Windows 7
[2011/03/28 19:01:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Systerac Tools for Windows 7
[2011/03/24 23:49:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\msmq
[2011/03/24 23:49:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0416
[2011/03/24 23:49:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0415
[2011/03/24 23:49:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0408
[2011/03/24 23:49:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0401
[2011/03/24 23:49:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040B
[2011/03/24 22:14:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
[2011/03/24 18:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegTweaker
[2011/03/24 18:06:18 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Malwarebytes
[2011/03/24 18:06:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/03/24 18:06:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/24 18:06:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/24 18:06:09 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/03/24 18:06:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/03/24 15:10:02 | 000,000,000 | ---D | C] -- C:\Users\Kara\Desktop\New folder
[2011/03/24 13:41:23 | 000,000,000 | ---D | C] -- C:\Users\Kara\Desktop\Data
[2011/03/24 13:27:42 | 000,000,000 | ---D | C] -- C:\Users\Kara\Documents\PcSetup
[2011/03/23 21:11:18 | 000,097,280 | ---- | C] (KelSat Presents) -- C:\Users\Public\Documents\Mafia_II_V1.001_Plus_5_Trainer_By_KelSat.exe
[2011/03/23 21:11:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\TemporaryProfile
[2011/03/23 21:11:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\76561201696194287
[2011/03/23 21:11:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\76561197971907314
[2011/03/23 21:02:34 | 000,000,000 | ---D | C] -- C:\Users\Kara\Desktop\2K Games
[2011/03/23 18:32:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011/03/23 18:31:24 | 000,000,000 | ---D | C] -- C:\eb2a1225470fe4c93a0eaf52
[2011/03/23 05:09:15 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Local\Secunia PSI
[2011/03/23 03:46:40 | 000,034,632 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011/03/23 03:46:38 | 000,036,168 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011/03/23 03:46:38 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011/03/23 03:46:38 | 000,025,928 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011/03/23 03:46:38 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011/03/23 03:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities
[2011/03/23 03:46:06 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\TuneUp Software
[2011/03/23 03:45:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2010
[2011/03/23 03:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011/03/23 03:44:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011/03/23 03:17:14 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Local\DataKeeper
[2011/03/23 02:30:31 | 000,000,000 | -H-D | C] -- C:\dvmexp.BAK
[2011/03/23 02:28:46 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Easeware
[2011/03/23 02:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverNavigator
[2011/03/23 02:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Easeware
[2011/03/23 01:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerQuest DataKeeper 5.0
[2011/03/22 20:18:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/03/22 12:26:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/03/22 12:02:08 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Local\WindowsUpdate
[2011/03/20 21:40:23 | 000,000,000 | ---D | C] -- C:\Users\Kara\Documents\SightSpeed Recordings
[2011/03/17 19:07:44 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Local\2K Games
[2011/03/17 19:06:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/03/17 19:04:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011/03/17 18:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2011/03/17 18:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2011/03/13 10:04:52 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2011/03/13 10:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2011/03/13 01:37:18 | 000,000,000 | ---D | C] -- C:\Users\Kara\Documents\Downloads
[2011/03/13 01:22:31 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Plane9
[2011/03/13 01:22:31 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plane9
[2011/03/13 01:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plane9
[2011/03/12 15:25:27 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/03/12 15:25:27 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/03/09 11:04:16 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011/03/09 11:04:15 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/03/09 11:04:14 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011/03/09 11:04:14 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011/03/09 11:04:11 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011/03/09 11:04:11 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/03/09 11:04:10 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011/03/09 11:04:09 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/03/09 11:04:08 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011/03/09 11:04:08 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011/03/09 11:04:08 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011/03/09 11:04:07 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/03/09 11:04:03 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/03/09 11:04:03 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/03/09 11:04:03 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/03/09 11:04:03 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/03/09 11:03:33 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011/03/09 11:03:32 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011/03/09 11:03:29 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011/03/09 11:03:28 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011/03/07 12:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/03/07 12:49:09 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011/03/07 12:49:09 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011/03/07 12:49:09 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/03/07 12:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/07 12:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/07 12:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/03/07 12:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/03/05 02:12:21 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2011/03/05 02:12:21 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011/03/05 02:12:19 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2011/03/05 02:12:19 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2011/03/05 02:12:16 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2011/03/05 02:12:12 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2011/03/05 02:12:12 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2011/03/05 02:12:11 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2011/03/05 02:12:11 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2011/03/05 02:12:08 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011/03/05 02:12:08 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011/03/05 02:12:06 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2011/03/05 02:12:03 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2011/03/05 02:12:03 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2011/03/05 02:12:03 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2011/03/05 02:12:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2011/03/05 02:12:00 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2011/03/05 02:12:00 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2011/03/05 02:11:57 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2011/03/05 02:11:57 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2011/03/05 02:11:57 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2011/03/05 02:11:57 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011/03/05 02:11:55 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2011/03/05 02:11:55 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2011/03/05 02:11:53 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2011/03/05 02:11:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2011/03/05 02:11:50 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2011/03/05 02:11:50 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2011/03/05 02:11:50 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2011/03/05 02:11:50 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2011/03/05 02:11:47 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2011/03/05 02:11:47 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2011/03/05 02:11:44 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2011/03/05 02:11:44 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2011/03/05 02:11:44 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2011/03/05 02:11:44 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2011/03/05 02:11:42 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2011/03/05 02:11:42 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2011/03/05 02:11:40 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2011/03/05 02:11:40 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2011/03/05 02:11:38 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2011/03/05 02:11:38 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2011/03/05 02:11:38 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2011/03/05 02:11:38 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2011/03/05 02:11:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2011/03/05 02:11:36 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2011/03/05 02:11:33 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2011/03/05 02:11:33 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2011/03/05 02:11:33 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2011/03/05 02:11:33 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2011/03/05 02:11:30 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2011/03/05 02:11:30 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2011/03/05 02:11:28 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2011/03/05 02:11:28 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2011/03/05 02:11:27 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2011/03/05 02:11:27 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2011/03/05 02:11:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2011/03/05 02:11:26 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2011/03/05 02:11:24 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2011/03/05 02:11:24 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2011/03/05 02:11:21 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2011/03/05 02:11:21 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2011/03/05 02:11:21 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2011/03/05 02:11:21 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2011/03/05 02:11:18 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2011/03/05 02:11:18 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2011/03/05 02:11:16 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2011/03/05 02:11:16 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2011/03/05 02:11:15 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2011/03/05 02:11:15 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2011/03/05 02:11:13 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2011/03/05 02:11:13 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2011/03/05 02:11:11 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2011/03/05 02:11:11 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2011/03/05 02:11:11 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2011/03/05 02:11:11 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2011/03/05 02:11:08 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2011/03/05 02:11:08 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2011/03/05 02:11:07 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2011/03/05 02:11:07 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2011/03/05 02:11:04 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2011/03/05 02:11:04 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2011/03/05 02:11:04 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2011/03/05 02:11:04 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2011/03/05 02:11:01 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2011/03/05 02:11:01 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2011/03/05 02:10:59 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2011/03/05 02:10:59 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2011/03/05 02:10:57 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2011/03/05 02:10:57 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2011/03/05 02:10:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2011/03/05 02:10:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2011/03/05 02:10:54 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2011/03/05 02:10:54 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2011/03/05 02:10:52 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2011/03/05 02:10:52 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2011/03/05 02:10:52 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2011/03/05 02:10:52 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2011/03/05 02:10:50 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2011/03/05 02:10:50 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2011/03/05 02:10:50 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2011/03/05 02:10:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2011/03/05 02:10:48 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2011/03/05 02:10:48 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2011/03/05 02:10:46 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2011/03/05 02:10:46 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2011/03/05 02:10:45 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2011/03/05 02:10:45 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2011/03/05 02:10:43 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2011/03/05 02:10:43 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2011/03/05 02:10:42 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2011/03/05 02:10:42 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2011/03/05 02:10:40 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2011/03/05 02:10:39 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2011/03/05 02:10:39 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2011/03/05 02:10:37 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2011/03/05 02:10:37 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2011/03/05 02:10:36 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2011/03/05 02:10:36 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2011/03/05 02:10:33 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011/03/05 02:10:33 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011/03/05 02:10:32 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2011/03/05 02:10:32 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2011/03/05 02:10:32 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2011/03/05 02:10:32 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2011/03/05 02:10:30 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2011/03/05 02:10:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011/03/05 02:10:28 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2011/03/05 02:10:28 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2011/03/05 02:10:27 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2011/03/05 02:10:27 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2011/03/05 02:10:26 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2011/03/05 02:10:26 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2011/03/05 02:10:25 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2011/03/05 02:10:25 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2011/03/05 02:10:24 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2011/03/05 02:10:24 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2011/03/05 02:10:08 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2011/03/05 02:10:08 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2011/03/05 02:10:06 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2011/03/05 02:10:06 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2011/03/05 02:10:06 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2011/03/05 02:10:06 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2011/03/05 02:10:04 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2011/03/05 02:10:04 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2011/03/05 02:10:02 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2011/03/05 02:10:02 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2011/03/05 02:09:59 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2011/03/05 02:09:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2011/03/05 02:09:57 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2011/03/05 02:09:57 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2011/03/05 02:09:54 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2011/03/05 02:09:54 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2011/03/05 02:09:52 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2011/03/05 02:09:52 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2011/03/04 14:25:19 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2011/03/04 14:25:19 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2011/03/04 14:25:19 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2011/03/04 14:25:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2011/03/04 14:25:17 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2011/03/04 14:25:17 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2011/03/04 14:25:15 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2011/03/04 14:25:15 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2011/03/04 14:25:14 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2011/03/04 14:25:14 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2011/03/04 14:25:13 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2011/03/04 14:25:13 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2011/03/04 14:25:11 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2011/03/04 14:25:11 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2011/03/04 14:25:10 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2011/03/04 14:25:10 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2011/03/04 14:25:07 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2011/03/04 14:25:07 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2011/03/04 14:25:07 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2011/03/04 14:25:07 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2011/03/04 14:25:04 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2011/03/04 14:25:04 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2011/03/04 14:25:03 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2011/03/04 14:25:03 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2011/03/04 14:20:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
alwysbtchn
Regular Member
 
Posts: 47
Joined: October 10th, 2008, 6:42 pm
Location: san diego, CA

Re: A repost with file unzipped...sorry

Unread postby alwysbtchn » April 2nd, 2011, 6:55 pm

part 2
[2011/02/26 23:23:43 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Local\ClipboardManager
[2011/02/26 21:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/02/26 21:37:50 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/02/26 21:37:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/02/26 21:37:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/02/26 20:54:32 | 000,000,000 | ---D | C] -- C:\ProgramData\GroupPolicy
[2011/02/26 19:41:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2011/02/26 19:41:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/02/22 08:22:14 | 000,000,000 | R--D | C] -- C:\Users\Kara\Virtual Machines
[2011/02/18 05:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Shavlik Technologies
[2011/02/18 03:28:27 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2011/02/17 18:05:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Micro Sip Stack
[2011/02/16 00:09:06 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011/02/16 00:09:06 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011/02/16 00:09:02 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011/02/16 00:09:02 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011/02/16 00:09:01 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011/02/16 00:09:01 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011/02/16 00:09:00 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011/02/16 00:09:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011/02/16 00:08:52 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011/02/16 00:08:52 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011/02/16 00:08:48 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2011/02/16 00:08:47 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011/02/16 00:08:46 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011/02/16 00:08:46 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011/02/16 00:08:46 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011/02/16 00:08:45 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011/02/16 00:08:44 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011/02/16 00:08:43 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011/02/16 00:08:39 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/02/14 11:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/02/11 21:46:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/02/11 21:46:34 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/02/11 21:46:33 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/02/11 21:46:32 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/02/11 21:46:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/02/11 21:46:31 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/02/11 21:46:31 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/02/11 21:46:29 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/02/11 21:46:29 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/02/11 21:46:29 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/02/11 21:46:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/02/11 21:44:36 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/02/11 21:44:36 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/02/11 21:44:35 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/02/11 21:44:09 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/02/11 21:44:07 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011/02/11 21:44:05 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/02/11 21:44:04 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/02/11 21:43:44 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/02/11 21:43:43 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/02/11 21:43:43 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/02/11 21:43:43 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/02/08 16:30:10 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/02/07 01:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cherry Red Casino
[2011/02/07 01:19:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cherry Red Casino
[2011/02/03 12:22:58 | 000,040,960 | ---- | C] (GraphicCorp (TM), a division of Corel Corporation) -- C:\Windows\SysWow64\VegaView.dll
[2011/02/03 12:22:58 | 000,036,864 | ---- | C] (GraphicCorp (TM), a division of Corel Corporation) -- C:\Windows\SysWow64\CDDCRes.dll
[2011/02/03 12:22:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlobalStar Software
[2011/02/03 12:22:48 | 001,187,840 | ---- | C] (GraphicCorp (TM), a division of Hemera Technologies) -- C:\Windows\SysWow64\VegaControls.dll
[2011/02/03 12:22:48 | 000,147,456 | ---- | C] (GraphicCorp (TM), a division of Corel Corporation) -- C:\Windows\SysWow64\VegaRes.dll
[2011/02/03 12:22:48 | 000,143,360 | ---- | C] (GraphicCorp (TM), a division of Corel Corporation) -- C:\Windows\SysWow64\CDDC32.dll
[2011/02/03 12:22:48 | 000,114,688 | ---- | C] (GraphicCorp (TM), a division of Corel Corporation) -- C:\Windows\SysWow64\VegaObjRes.dll
[2011/02/03 12:22:48 | 000,073,728 | ---- | C] (GraphicCorp (TM), a division of Corel Corporation) -- C:\Windows\SysWow64\ZDec.dll
[2011/02/03 12:22:47 | 000,724,992 | ---- | C] (GraphicCorp (TM), a division of Corel Corporation) -- C:\Windows\SysWow64\Vega.dll
[2011/02/03 12:22:47 | 000,401,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltkrn80n.dll
[2011/02/03 12:22:47 | 000,087,552 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltimg80n.dll
[2011/02/03 12:22:47 | 000,058,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltfil80n.dll
[2011/02/03 12:22:47 | 000,032,768 | ---- | C] (GraphicCorp (TM), a division of Corel Corporation) -- C:\Windows\SysWow64\GFXAPI32.dll
[2011/02/03 12:22:47 | 000,027,136 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttwn80n.dll
[2011/02/03 12:22:46 | 000,097,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftif80n.dll
[2011/02/03 12:22:46 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfwpg80n.dll
[2011/02/03 12:22:46 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfwfx80n.dll
[2011/02/03 12:22:45 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftga80n.dll
[2011/02/03 12:22:45 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfras80n.dll
[2011/02/03 12:22:44 | 000,111,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpng80n.dll
[2011/02/03 12:22:44 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpct80n.dll
[2011/02/03 12:22:44 | 000,024,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcx80n.dll
[2011/02/03 12:22:44 | 000,022,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpsd80n.dll
[2011/02/03 12:22:43 | 000,025,088 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lflmb80n.dll
[2011/02/03 12:22:43 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcd80n.dll
[2011/02/03 12:22:43 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmsp80n.dll
[2011/02/03 12:22:43 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmac80n.dll
[2011/02/03 12:22:42 | 000,028,672 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lflma80n.dll
[2011/02/03 12:22:41 | 000,218,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfcmp80n.dll
[2011/02/03 12:22:41 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffax80n.dll
[2011/02/03 12:22:41 | 000,035,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffpx80n.dll
[2011/02/03 12:22:41 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfgif80n.dll
[2011/02/03 12:22:41 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfica80n.dll
[2011/02/03 12:22:41 | 000,024,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfeps80n.dll
[2011/02/03 12:22:41 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfimg80n.dll
[2011/02/03 12:22:40 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\Pcdlib32.dll
[2011/02/03 12:22:40 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfbmp80n.dll
[2011/02/03 12:22:40 | 000,022,528 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfawd80n.dll
[2011/02/03 12:22:40 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfcal80n.dll
[2011/02/03 12:22:39 | 000,614,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.003
[2011/02/03 12:22:39 | 000,247,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.005
[2011/02/03 12:22:39 | 000,164,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.004
[2011/02/03 12:22:39 | 000,058,938 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.006
[2011/02/03 12:22:38 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.002
[2011/02/03 12:22:38 | 000,401,462 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.000
[2011/02/03 12:22:38 | 000,295,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.001
[2011/02/03 12:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GlobalStar
[2011/02/03 12:19:20 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StickerPIX
[2011/02/03 12:19:13 | 000,000,000 | ---D | C] -- C:\StickerPIX
[2011/02/03 12:15:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead Photo Express 2.0 SE
[2011/02/03 12:15:19 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVCP50.DLL
[2011/02/03 12:15:19 | 000,027,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CTL3DV2.DLL
[2011/02/03 12:15:19 | 000,016,384 | ---- | C] (Ulead Systems, Inc.) -- C:\Windows\Photo Express 2 SE.scr
[2011/02/03 12:15:18 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFCO40.DLL
[2011/02/03 12:14:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ulead Systems
[2011/02/02 18:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GoldRock
[2011/02/02 16:30:43 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\XRay Engine
[2011/01/31 23:19:11 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Yahoo!
[2011/01/29 18:43:19 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\COWON
[2011/01/29 18:42:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COWON
[2011/01/29 18:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COWON Media Center - jetAudio
[2011/01/29 18:41:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JetAudio
[2011/01/29 02:33:21 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fonts
[2011/01/28 18:59:17 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alcohol.120_2.0.1_Build.2031_Retail + Keymaker
[2011/01/28 18:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
[2011/01/28 18:57:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2011/01/27 00:37:22 | 009,085,952 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2011/01/27 00:22:20 | 022,295,040 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2011/01/27 00:00:46 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2011/01/26 23:59:48 | 017,204,736 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2011/01/26 23:59:12 | 000,708,608 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2011/01/26 23:56:30 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2011/01/26 23:54:22 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2011/01/26 23:54:02 | 000,423,424 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2011/01/26 23:53:56 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2011/01/26 23:53:44 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2011/01/26 23:53:38 | 000,016,384 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2011/01/26 23:53:34 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2011/01/26 23:53:28 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2011/01/26 23:40:04 | 004,847,616 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2011/01/26 23:32:48 | 001,208,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2011/01/26 23:32:14 | 001,912,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2011/01/26 23:32:02 | 003,222,016 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2011/01/26 23:27:54 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2011/01/26 23:27:52 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2011/01/26 23:27:44 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2011/01/26 23:27:42 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2011/01/26 23:27:32 | 006,982,144 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2011/01/26 23:25:52 | 005,580,800 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2011/01/26 23:22:00 | 005,316,096 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2011/01/26 23:14:10 | 000,249,856 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2011/01/26 23:13:58 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2011/01/26 23:13:54 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2011/01/26 23:13:54 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2011/01/26 23:13:52 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2011/01/26 23:13:44 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2011/01/26 23:13:34 | 000,299,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2011/01/26 23:12:48 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2011/01/26 23:12:34 | 000,038,400 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2011/01/26 23:11:48 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2011/01/26 23:08:48 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2011/01/26 23:08:48 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2011/01/26 23:08:42 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2011/01/26 23:08:42 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2011/01/24 09:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
[2011/01/24 09:45:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2011/01/24 09:43:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2011/01/23 19:19:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2011/01/18 17:09:57 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Artisteer
[2011/01/18 17:07:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artisteer 3
[2011/01/18 17:04:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Artisteer 3
[2011/01/18 02:17:42 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\vlc
[2011/01/18 02:17:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/01/14 13:29:01 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\VirtualStore
[2011/01/14 02:08:26 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\TS3Client
[2011/01/13 01:18:18 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011/01/13 01:18:17 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011/01/10 10:32:23 | 140,562,568 | ---- | C] (PortableApps.com) -- C:\Users\Kara\Desktop\PortableApps.com_Suite_Setup_1.6.1_English.exe
[2011/01/08 12:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011/01/07 15:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerQuest PartitionMagic 8.0
[2011/01/07 15:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerQuest
[2011/01/06 15:19:05 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\PhotoScape
[2011/01/06 15:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2011/01/06 15:18:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2011/01/06 15:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixia
[2011/01/06 15:16:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pixia
[2011/01/03 13:43:58 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Windows Live Writer
[2011/01/03 13:43:58 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Local\Windows Live Writer
[2011/01/03 04:50:41 | 000,000,000 | ---D | C] -- C:\Users\Kara\Documents\The Lord of the Rings Online
[2011/01/03 04:50:41 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Local\The Lord of the Rings Online
[2011/01/03 04:48:44 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2011/01/03 04:46:12 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Local\Turbine
[2011/01/03 04:45:20 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Local\ApplicationHistory
[2011/01/03 04:41:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2011/01/03 03:46:04 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Roaming\Local
[2011/01/02 17:04:02 | 000,000,000 | ---D | C] -- C:\Users\Kara\AppData\Local\Microsoft_Corporation
[2010/12/31 17:30:37 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010/12/31 17:30:33 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010/12/31 17:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbine
[2010/12/31 17:11:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine
[2010/10/12 06:27:55 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2010/10/12 06:27:55 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2010/10/12 06:27:55 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2010/10/12 06:27:54 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2010/10/12 06:27:54 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2010/10/12 06:27:54 | 000,180,904 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkppls.exe
[2010/10/12 06:27:54 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2010/10/12 06:27:54 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
[2010/10/12 06:27:53 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2010/10/12 06:27:53 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2010/10/12 06:27:53 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2010/10/12 06:27:53 | 000,537,256 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcoms.exe
[2010/10/12 06:27:53 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2010/10/12 06:27:53 | 000,385,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkih.exe
[2010/10/12 06:27:52 | 000,381,608 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcfg.exe
[2010/09/03 17:21:00 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Kara\AppData\Roaming\pcouffin.sys
[2010/02/04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2011/03/31 15:03:28 | 006,666,932 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/03/31 15:03:28 | 000,880,338 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011/03/31 15:03:28 | 000,872,858 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011/03/31 15:03:28 | 000,840,352 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2011/03/31 15:03:28 | 000,789,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/03/31 15:03:28 | 000,746,580 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2011/03/31 15:03:28 | 000,612,502 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2011/03/31 15:03:28 | 000,608,380 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2011/03/31 15:03:28 | 000,213,030 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011/03/31 15:03:28 | 000,203,974 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011/03/31 15:03:28 | 000,195,682 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2011/03/31 15:03:28 | 000,171,384 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/03/31 15:03:28 | 000,167,784 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2011/03/31 15:03:28 | 000,156,018 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2011/03/31 15:03:28 | 000,143,980 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2011/03/31 14:56:19 | 000,023,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/31 14:56:19 | 000,023,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/31 14:45:17 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kara\Desktop\OTL.exe
[2011/03/31 14:35:18 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Kara\Desktop\tdsskiller.exe
[2011/03/31 14:25:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/29 21:00:28 | 000,012,288 | ---- | M] () -- C:\Users\Kara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/29 20:43:01 | 000,016,712 | ---- | M] () -- C:\Users\Kara\Desktop\tree.png
[2011/03/29 20:22:30 | 000,003,657 | ---- | M] () -- C:\Users\Kara\Desktop\xr_map.gif
[2011/03/29 18:29:32 | 000,592,515 | ---- | M] () -- C:\Users\Kara\Desktop\dfd.pdf
[2011/03/29 17:00:54 | 000,000,162 | ---- | M] () -- C:\Windows\ODBC.INI
[2011/03/29 10:44:10 | 2415,222,784 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/28 19:01:18 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\OneClick Optimization.lnk
[2011/03/28 19:01:18 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Systerac Tools for Windows 7.lnk
[2011/03/28 18:58:27 | 000,001,110 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/03/28 18:40:48 | 000,003,562 | ---- | M] () -- C:\Users\Kara\Desktop\144.gif
[2011/03/28 18:39:37 | 002,944,079 | ---- | M] () -- C:\Users\Kara\Desktop\wide.jpg
[2011/03/28 14:29:21 | 000,103,361 | ---- | M] () -- C:\Users\Kara\Documents\1BFF5430d01.pdf
[2011/03/27 17:00:10 | 004,053,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/03/25 10:35:43 | 523,630,008 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/03/24 22:14:42 | 000,000,987 | ---- | M] () -- C:\Users\Kara\Desktop\DVD Shrink 3.2.lnk
[2011/03/24 21:12:49 | 000,211,128 | ---- | M] () -- C:\Users\Kara\Documents\assess.pdf
[2011/03/24 21:08:03 | 000,406,385 | ---- | M] () -- C:\Users\Kara\Documents\JAD.pdf
[2011/03/24 18:06:13 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/24 17:21:27 | 000,000,519 | ---- | M] () -- C:\Windows\Lexstat.ini
[2011/03/24 15:45:21 | 000,001,142 | ---- | M] () -- C:\Users\Kara\Desktop\launcher - Shortcut (2).lnk
[2011/03/24 15:15:44 | 000,000,355 | ---- | M] () -- C:\Users\Kara\Homegroup - Shortcut.lnk
[2011/03/24 13:36:20 | 000,099,384 | ---- | M] () -- C:\Users\Kara\AppData\Roaming\inst.exe
[2011/03/24 13:36:20 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Kara\AppData\Roaming\pcouffin.sys
[2011/03/24 13:36:20 | 000,007,859 | ---- | M] () -- C:\Users\Kara\AppData\Roaming\pcouffin.cat
[2011/03/24 13:36:20 | 000,001,167 | ---- | M] () -- C:\Users\Kara\AppData\Roaming\pcouffin.inf
[2011/03/24 13:33:19 | 005,345,364 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/24 01:57:21 | 002,815,994 | ---- | M] () -- C:\Users\Kara\Documents\D3152102d01.pdf
[2011/03/23 20:00:52 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2011/03/23 20:00:49 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2011/03/23 12:11:03 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/03/23 12:11:03 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/03/23 05:08:20 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011/03/23 05:07:21 | 000,002,515 | ---- | M] () -- C:\Users\Kara\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/03/23 05:07:21 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/03/23 03:46:34 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2011/03/23 03:46:34 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2011/03/23 03:09:20 | 000,007,607 | ---- | M] () -- C:\Users\Kara\AppData\Local\resmon.resmoncfg
[2011/03/23 02:21:59 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\DriverNavigator.lnk
[2011/03/22 12:29:08 | 000,000,334 | ---- | M] () -- C:\Windows\SysWow64\CountBlockedByFirewall.XML
[2011/03/22 10:40:30 | 000,006,649 | ---- | M] () -- C:\Users\Public\Documents\s.t.a.l.k.e.r.ltx
[2011/03/22 09:43:00 | 000,012,543 | ---- | M] () -- C:\Users\Public\Documents\profile.dat
[2011/03/17 19:11:44 | 000,214,336 | ---- | M] () -- C:\Users\Public\Documents\sav100.dat
[2011/03/14 21:19:30 | 000,123,669 | ---- | M] () -- C:\Users\Kara\Documents\1157144Ad01.pdf
[2011/03/14 21:15:06 | 000,193,356 | ---- | M] () -- C:\Users\Kara\Documents\8784FF72d01.pdf
[2011/03/14 21:14:53 | 000,134,614 | ---- | M] () -- C:\Users\Kara\Documents\2A2A27A7d01.pdf
[2011/03/14 03:19:18 | 000,000,337 | ---- | M] () -- C:\Users\Kara\AppData\Local\Perfmon.PerfmonCfg
[2011/03/13 03:10:13 | 015,706,028 | ---- | M] () -- C:\Users\Kara\Documents\VID-20110313-00005.3GP
[2011/03/13 00:55:47 | 000,054,984 | ---- | M] () -- C:\Users\Kara\Documents\resume.rtf
[2011/03/12 15:24:42 | 000,042,548 | ---- | M] () -- C:\Users\Kara\Documents\cc_20110312_142416.reg
[2011/03/09 20:14:55 | 001,015,848 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/03/07 12:50:14 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/05 15:41:24 | 000,000,024 | ---- | M] () -- C:\Windows\wsd.ini
[2011/03/05 15:37:25 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2011/03/05 04:09:53 | 000,004,177 | ---- | M] () -- C:\Users\Kara\Documents\EAW.speccy
[2011/02/28 21:45:53 | 000,000,104 | ---- | M] () -- C:\Users\Kara\Documents\Control Panel - Shortcut.lnk
[2011/02/27 03:48:28 | 000,001,011 | ---- | M] () -- C:\Users\Kara\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2011/02/27 03:48:00 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/02/27 01:47:51 | 000,001,695 | ---- | M] () -- C:\Users\Kara\Desktop\Play Unreal Tournament.lnk
[2011/02/26 21:34:21 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk
[2011/02/26 21:25:30 | 000,001,126 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/02/26 20:54:23 | 000,024,576 | ---- | M] () -- C:\Users\Kara\Documents\BootgBackup(20110226)
[2011/02/26 20:51:30 | 000,000,761 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/02/26 19:57:37 | 000,024,576 | ---- | M] () -- C:\Users\Kara\Documents\BootBackup(20110226)
[2011/02/26 19:43:49 | 000,000,157 | ---- | M] () -- C:\bookmark.ini.BAK
[2011/02/25 13:58:28 | 000,057,344 | ---- | M] () -- C:\Windows\Plane9.scr
[2011/02/18 23:37:10 | 001,540,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/02/18 23:36:49 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011/02/18 22:32:48 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011/02/18 22:32:35 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011/02/18 03:57:12 | 298,178,228 | ---- | M] () -- C:\Users\Kara\Documents\BackupRegistry(20110218).reg
[2011/02/16 21:53:53 | 000,000,124 | ---- | M] () -- C:\Users\Kara\Documents\ax_files.xml
[2011/02/14 11:36:59 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/02/07 18:51:29 | 000,000,616 | ---- | M] () -- C:\Windows\ULEAD32.INI
[2011/02/03 12:18:18 | 000,002,202 | ---- | M] () -- C:\Users\Kara\Desktop\Ulead Photo Express 2.0 SE.lnk
[2011/02/02 22:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/02/02 22:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/02/02 22:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/02/02 22:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/01/29 18:42:28 | 000,001,849 | ---- | M] () -- C:\Users\Kara\Application Data\Microsoft\Internet Explorer\Quick Launch\COWON Media Center - jetAudio.lnk
[2011/01/29 18:42:28 | 000,001,825 | ---- | M] () -- C:\Users\Public\Desktop\COWON Media Center - jetAudio.lnk
[2011/01/28 18:58:17 | 000,001,078 | ---- | M] () -- C:\Users\Kara\Desktop\Alcohol 120%.lnk
[2011/01/27 18:04:28 | 000,000,293 | ---- | M] () -- C:\Users\Kara\Desktop\YouTube - The Real Stargate - Project Looking Glass (Part 05of 13).flv.url
[2011/01/27 13:10:54 | 000,001,310 | ---- | M] () -- C:\Users\Kara\Desktop\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/01/27 00:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2011/01/27 00:22:20 | 022,295,040 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2011/01/27 00:00:50 | 000,145,280 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2011/01/27 00:00:46 | 000,143,360 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2011/01/27 00:00:32 | 000,596,480 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2011/01/26 23:59:48 | 017,204,736 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2011/01/26 23:59:12 | 000,708,608 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2011/01/26 23:56:30 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2011/01/26 23:56:16 | 000,479,232 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2011/01/26 23:55:38 | 000,203,776 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2011/01/26 23:54:22 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2011/01/26 23:54:02 | 000,423,424 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2011/01/26 23:53:56 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2011/01/26 23:53:44 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2011/01/26 23:53:38 | 000,016,384 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2011/01/26 23:53:34 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2011/01/26 23:53:28 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2011/01/26 23:49:46 | 004,105,728 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2011/01/26 23:40:04 | 004,847,616 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2011/01/26 23:32:48 | 001,208,320 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2011/01/26 23:32:14 | 001,912,832 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2011/01/26 23:32:02 | 003,222,016 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2011/01/26 23:29:40 | 000,756,736 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2011/01/26 23:28:54 | 004,170,752 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2011/01/26 23:27:54 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2011/01/26 23:27:52 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2011/01/26 23:27:44 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2011/01/26 23:27:42 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2011/01/26 23:27:32 | 006,982,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2011/01/26 23:25:52 | 005,580,800 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2011/01/26 23:24:20 | 003,463,680 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2011/01/26 23:23:52 | 000,756,736 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2011/01/26 23:22:00 | 005,316,096 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2011/01/26 23:20:46 | 000,058,880 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst.dll
[2011/01/26 23:14:16 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2011/01/26 23:14:10 | 000,249,856 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2011/01/26 23:13:58 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2011/01/26 23:13:54 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2011/01/26 23:13:54 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2011/01/26 23:13:52 | 000,039,936 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2011/01/26 23:13:44 | 000,032,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2011/01/26 23:13:34 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2011/01/26 23:12:48 | 000,039,936 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2011/01/26 23:12:42 | 000,030,720 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2011/01/26 23:12:34 | 000,038,400 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2011/01/26 23:12:26 | 000,028,672 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2011/01/26 23:11:48 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2011/01/26 23:08:48 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2011/01/26 23:08:48 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2011/01/26 23:08:42 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2011/01/26 23:08:42 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2011/01/25 23:53:10 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011/01/25 23:42:00 | 000,030,707 | ---- | M] () -- C:\Windows\atiogl.xml
[2011/01/25 23:31:20 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011/01/21 22:41:12 | 000,355,949 | ---- | M] () -- C:\Users\Kara\Documents\Assistance_for_Unemployed_Californians.pdf
[2011/01/18 17:07:45 | 000,001,153 | ---- | M] () -- C:\Users\Kara\Application Data\Microsoft\Internet Explorer\Quick Launch\Artisteer 3.lnk
[2011/01/18 17:07:45 | 000,001,129 | ---- | M] () -- C:\Users\Kara\Desktop\Artisteer 3.lnk
[2011/01/18 12:16:17 | 000,503,352 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011/01/16 23:17:00 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/01/16 22:38:38 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/01/14 05:25:18 | 000,000,951 | ---- | M] () -- C:\Users\Kara\Documents\ke.ppk
[2011/01/14 05:24:26 | 000,000,294 | ---- | M] () -- C:\Users\Kara\Documents\kee
[2011/01/09 21:26:24 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011/01/09 17:52:14 | 000,511,124 | ---- | M] () -- C:\Users\Kara\Documents\dl410.pdf
[2011/01/09 12:59:30 | 000,121,668 | ---- | M] () -- C:\Users\Kara\Documents\0470082917-2.pdf
[2011/01/07 18:32:52 | 000,000,421 | ---- | M] () -- C:\Windows\tasks\1 Copernic Intra-Daily ~KKE Kara.job
[2011/01/07 18:32:52 | 000,000,407 | ---- | M] () -- C:\Windows\tasks\4 Copernic Monthly ~KKE Kara.job
[2011/01/07 18:32:52 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\3 Copernic Weekly ~KKE Kara.job
[2011/01/07 18:32:52 | 000,000,397 | ---- | M] () -- C:\Windows\tasks\2 Copernic Daily ~KKE Kara.job
[2011/01/07 01:07:24 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/01/07 01:07:24 | 000,475,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/01/07 01:06:50 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/01/07 00:31:10 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/01/07 00:31:10 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/01/07 00:27:11 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/01/06 22:49:20 | 000,366,080 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/01/06 22:33:11 | 000,294,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/01/06 15:18:47 | 000,001,059 | ---- | M] () -- C:\Users\Kara\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2011/01/06 15:18:47 | 000,001,035 | ---- | M] () -- C:\Users\Kara\Desktop\PhotoScape.lnk
[2011/01/06 02:23:43 | 2997,100,544 | ---- | M] () -- C:\Users\Kara\Documents\7600.16385.090713-1255_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso
[2011/01/05 03:46:21 | 000,000,448 | ---- | M] () -- C:\Windows\SysWow64\iolo.ini
[2011/01/05 03:46:21 | 000,000,448 | ---- | M] () -- C:\Windows\SysNative\iolo.ini
[2011/01/04 23:20:30 | 000,612,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/01/04 23:16:55 | 000,852,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/01/04 22:34:32 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/01/03 04:46:14 | 000,000,092 | ---- | M] () -- C:\Users\Kara\AppData\Local\fusioncache.dat
[2011/01/02 17:35:08 | 000,000,406 | -H-- | M] () -- C:\dvmexp.idx.BAK
[2011/01/02 17:35:08 | 000,000,406 | -H-- | M] () -- C:\dvmexp.idx
[2010/12/31 17:28:43 | 000,002,229 | ---- | M] () -- C:\Users\Kara\Desktop\LOTR.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/29 20:38:08 | 000,016,712 | ---- | C] () -- C:\Users\Kara\Desktop\tree.png
[2011/03/29 20:22:30 | 000,003,657 | ---- | C] () -- C:\Users\Kara\Desktop\xr_map.gif
[2011/03/29 18:29:32 | 000,592,515 | ---- | C] () -- C:\Users\Kara\Desktop\dfd.pdf
[2011/03/29 17:00:54 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/03/28 19:01:18 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\OneClick Optimization.lnk
[2011/03/28 19:01:18 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Systerac Tools for Windows 7.lnk
[2011/03/28 18:58:27 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/03/28 18:45:18 | 000,091,396 | ---- | C] () -- C:\Users\Kara\Desktop\gamaniak_match-foot-manette-xbox360-pes-fifa.jpg
[2011/03/28 18:40:47 | 000,003,562 | ---- | C] () -- C:\Users\Kara\Desktop\144.gif
[2011/03/28 18:39:37 | 002,944,079 | ---- | C] () -- C:\Users\Kara\Desktop\wide.jpg
[2011/03/28 14:29:21 | 000,103,361 | ---- | C] () -- C:\Users\Kara\Documents\1BFF5430d01.pdf
[2011/03/25 10:35:43 | 523,630,008 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/03/24 22:14:42 | 000,000,987 | ---- | C] () -- C:\Users\Kara\Desktop\DVD Shrink 3.2.lnk
[2011/03/24 21:12:49 | 000,211,128 | ---- | C] () -- C:\Users\Kara\Documents\assess.pdf
[2011/03/24 21:08:03 | 000,406,385 | ---- | C] () -- C:\Users\Kara\Documents\JAD.pdf
[2011/03/24 18:06:13 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/24 15:45:21 | 000,001,142 | ---- | C] () -- C:\Users\Kara\Desktop\launcher - Shortcut (2).lnk
[2011/03/24 15:15:44 | 000,000,355 | ---- | C] () -- C:\Users\Kara\Homegroup - Shortcut.lnk
[2011/03/24 15:06:11 | 2415,222,784 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/24 01:57:21 | 002,815,994 | ---- | C] () -- C:\Users\Kara\Documents\D3152102d01.pdf
[2011/03/23 21:11:18 | 000,751,454 | ---- | C] () -- C:\Users\Public\Documents\sav1200.dat
[2011/03/23 21:11:18 | 000,736,118 | ---- | C] () -- C:\Users\Public\Documents\sav700.dat
[2011/03/23 21:11:18 | 000,735,847 | ---- | C] () -- C:\Users\Public\Documents\sav1300.dat
[2011/03/23 21:11:18 | 000,714,091 | ---- | C] () -- C:\Users\Public\Documents\sav1500.dat
[2011/03/23 21:11:18 | 000,680,252 | ---- | C] () -- C:\Users\Public\Documents\sav1100.dat
[2011/03/23 21:11:18 | 000,664,433 | ---- | C] () -- C:\Users\Public\Documents\sav1000.dat
[2011/03/23 21:11:18 | 000,646,592 | ---- | C] () -- C:\Users\Public\Documents\sav1400.dat
[2011/03/23 21:11:18 | 000,642,081 | ---- | C] () -- C:\Users\Public\Documents\sav1.dat
[2011/03/23 21:11:18 | 000,624,445 | ---- | C] () -- C:\Users\Public\Documents\sav300.dat
[2011/03/23 21:11:18 | 000,623,917 | ---- | C] () -- C:\Users\Public\Documents\sav600.dat
[2011/03/23 21:11:18 | 000,622,085 | ---- | C] () -- C:\Users\Public\Documents\sav500.dat
[2011/03/23 21:11:18 | 000,603,029 | ---- | C] () -- C:\Users\Public\Documents\sav400.dat
[2011/03/23 21:11:18 | 000,588,409 | ---- | C] () -- C:\Users\Public\Documents\sav900.dat
[2011/03/23 21:11:18 | 000,576,408 | ---- | C] () -- C:\Users\Public\Documents\sav800.dat
[2011/03/23 21:11:18 | 000,468,623 | ---- | C] () -- C:\Users\Public\Documents\sav200.dat
[2011/03/23 21:11:18 | 000,214,336 | ---- | C] () -- C:\Users\Public\Documents\sav100.dat
[2011/03/23 21:11:18 | 000,012,543 | ---- | C] () -- C:\Users\Public\Documents\profile.dat
[2011/03/23 21:11:18 | 000,000,016 | ---- | C] () -- C:\Users\Public\Documents\last.dat
[2011/03/23 05:09:12 | 000,001,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2011/03/23 04:32:41 | 000,000,044 | ---- | C] () -- C:\Users\Kara\Documents\stopnstare.mp3.cda
[2011/03/23 04:08:59 | 000,001,091 | ---- | C] () -- C:\Users\Kara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secunia CSI.lnk
[2011/03/23 03:46:34 | 000,002,181 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2011/03/23 03:46:34 | 000,002,163 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2011/03/23 03:46:33 | 000,002,175 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities
[2011/03/23 02:30:31 | 000,000,406 | -H-- | C] () -- C:\dvmexp.idx.BAK
[2011/03/23 02:30:31 | 000,000,157 | ---- | C] () -- C:\bookmark.ini.BAK
[2011/03/23 02:21:59 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\DriverNavigator.lnk
[2011/03/22 12:29:08 | 000,000,334 | ---- | C] () -- C:\Windows\SysWow64\CountBlockedByFirewall.XML
[2011/03/14 21:19:30 | 000,123,669 | ---- | C] () -- C:\Users\Kara\Documents\1157144Ad01.pdf
[2011/03/14 21:15:06 | 000,193,356 | ---- | C] () -- C:\Users\Kara\Documents\8784FF72d01.pdf
[2011/03/14 21:14:53 | 000,134,614 | ---- | C] () -- C:\Users\Kara\Documents\2A2A27A7d01.pdf
[2011/03/14 03:19:18 | 000,000,337 | ---- | C] () -- C:\Users\Kara\AppData\Local\Perfmon.PerfmonCfg
[2011/03/13 03:10:13 | 015,706,028 | ---- | C] () -- C:\Users\Kara\Documents\VID-20110313-00005.3GP
[2011/03/13 00:55:47 | 000,054,984 | ---- | C] () -- C:\Users\Kara\Documents\resume.rtf
[2011/03/12 15:24:27 | 000,042,548 | ---- | C] () -- C:\Users\Kara\Documents\cc_20110312_142416.reg
[2011/03/07 12:50:14 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/05 15:41:24 | 000,000,024 | ---- | C] () -- C:\Windows\wsd.ini
[2011/03/05 15:37:25 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/03/05 04:09:53 | 000,004,177 | ---- | C] () -- C:\Users\Kara\Documents\EAW.speccy
[2011/02/28 21:45:53 | 000,000,104 | ---- | C] () -- C:\Users\Kara\Documents\Control Panel - Shortcut.lnk
[2011/02/27 03:48:28 | 000,001,011 | ---- | C] () -- C:\Users\Kara\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2011/02/27 03:48:00 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/02/27 01:47:51 | 000,001,695 | ---- | C] () -- C:\Users\Kara\Desktop\Play Unreal Tournament.lnk
[2011/02/26 21:34:21 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk
[2011/02/26 20:54:22 | 000,024,576 | ---- | C] () -- C:\Users\Kara\Documents\BootgBackup(20110226)
[2011/02/26 19:57:37 | 000,024,576 | ---- | C] () -- C:\Users\Kara\Documents\BootBackup(20110226)
[2011/02/25 13:58:28 | 000,057,344 | ---- | C] () -- C:\Windows\Plane9.scr
[2011/02/18 03:56:54 | 298,178,228 | ---- | C] () -- C:\Users\Kara\Documents\BackupRegistry(20110218).reg
[2011/02/14 11:36:59 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/02/03 12:22:41 | 000,308,224 | ---- | C] () -- C:\Windows\SysWow64\Lffpx7.dll
[2011/02/03 12:22:41 | 000,091,136 | ---- | C] () -- C:\Windows\SysWow64\Lfkodak.dll
[2011/02/03 12:18:18 | 000,002,202 | ---- | C] () -- C:\Users\Kara\Desktop\Ulead Photo Express 2.0 SE.lnk
[2011/02/03 12:15:31 | 000,000,616 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2011/01/31 23:26:40 | 001,015,848 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/01/29 18:42:28 | 000,001,849 | ---- | C] () -- C:\Users\Kara\Application Data\Microsoft\Internet Explorer\Quick Launch\COWON Media Center - jetAudio.lnk
[2011/01/29 18:42:28 | 000,001,825 | ---- | C] () -- C:\Users\Public\Desktop\COWON Media Center - jetAudio.lnk
[2011/01/29 02:41:15 | 000,000,124 | ---- | C] () -- C:\Users\Kara\Documents\ax_files.xml
[2011/01/28 18:58:17 | 000,001,078 | ---- | C] () -- C:\Users\Kara\Desktop\Alcohol 120%.lnk
[2011/01/27 18:04:27 | 000,000,293 | ---- | C] () -- C:\Users\Kara\Desktop\YouTube - The Real Stargate - Project Looking Glass (Part 05of 13).flv.url
[2011/01/27 13:10:54 | 000,001,310 | ---- | C] () -- C:\Users\Kara\Desktop\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/01/27 00:00:50 | 000,145,280 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2011/01/26 23:29:40 | 000,756,736 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2011/01/26 23:23:52 | 000,756,736 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2011/01/25 23:42:00 | 000,030,707 | ---- | C] () -- C:\Windows\atiogl.xml
[2011/01/21 22:41:12 | 000,355,949 | ---- | C] () -- C:\Users\Kara\Documents\Assistance_for_Unemployed_Californians.pdf
[2011/01/18 17:07:45 | 000,001,153 | ---- | C] () -- C:\Users\Kara\Application Data\Microsoft\Internet Explorer\Quick Launch\Artisteer 3.lnk
[2011/01/18 17:07:45 | 000,001,129 | ---- | C] () -- C:\Users\Kara\Desktop\Artisteer 3.lnk
[2011/01/18 12:16:17 | 000,503,352 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011/01/14 05:24:26 | 000,000,294 | ---- | C] () -- C:\Users\Kara\Documents\kee
[2011/01/14 05:24:14 | 000,000,951 | ---- | C] () -- C:\Users\Kara\Documents\ke.ppk
[2011/01/10 10:31:23 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter64.acm
[2011/01/09 21:26:23 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011/01/09 17:50:37 | 000,511,124 | ---- | C] () -- C:\Users\Kara\Documents\dl410.pdf
[2011/01/09 12:59:30 | 000,121,668 | ---- | C] () -- C:\Users\Kara\Documents\0470082917-2.pdf
[2011/01/06 15:18:47 | 000,001,059 | ---- | C] () -- C:\Users\Kara\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2011/01/06 15:18:47 | 000,001,035 | ---- | C] () -- C:\Users\Kara\Desktop\PhotoScape.lnk
[2011/01/05 23:43:13 | 2997,100,544 | ---- | C] () -- C:\Users\Kara\Documents\7600.16385.090713-1255_x64fre_server_eval_en-us-GRMSXEVAL_EN_DVD.iso
[2011/01/05 03:46:21 | 000,000,448 | ---- | C] () -- C:\Windows\SysWow64\iolo.ini
[2011/01/05 03:46:21 | 000,000,448 | ---- | C] () -- C:\Windows\SysNative\iolo.ini
[2011/01/03 04:46:14 | 000,000,092 | ---- | C] () -- C:\Users\Kara\AppData\Local\fusioncache.dat
[2010/12/31 17:28:43 | 000,002,229 | ---- | C] () -- C:\Users\Kara\Desktop\LOTR.lnk
[2010/12/21 03:27:22 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/02 16:55:38 | 000,109,782 | ---- | C] () -- C:\Windows\CopernicAgentUninstall.exe
[2010/11/21 23:55:25 | 000,012,288 | ---- | C] () -- C:\Users\Kara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/16 02:24:50 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2010/11/10 02:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010/11/10 02:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010/11/10 02:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010/11/08 22:34:42 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2010/11/08 10:30:20 | 000,001,126 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/10/30 13:57:02 | 000,095,232 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/10/25 20:24:40 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2010/10/12 06:30:40 | 000,000,519 | ---- | C] () -- C:\Windows\Lexstat.ini
[2010/10/12 06:27:55 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2010/10/12 06:27:55 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2010/10/10 18:03:48 | 000,000,177 | ---- | C] () -- C:\Windows\Clony2.ini
[2010/10/10 13:23:12 | 000,022,576 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010/10/03 16:05:32 | 005,345,364 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/09/06 16:53:41 | 000,007,607 | ---- | C] () -- C:\Users\Kara\AppData\Local\resmon.resmoncfg
[2010/09/03 17:35:44 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/09/03 17:21:00 | 000,099,384 | ---- | C] () -- C:\Users\Kara\AppData\Roaming\inst.exe
[2010/09/03 17:21:00 | 000,007,859 | ---- | C] () -- C:\Users\Kara\AppData\Roaming\pcouffin.cat
[2010/09/03 17:21:00 | 000,001,167 | ---- | C] () -- C:\Users\Kara\AppData\Roaming\pcouffin.inf
[2010/08/19 18:01:58 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010/08/19 18:01:58 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010/08/19 17:59:39 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/08/19 17:59:36 | 000,017,689 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/08/19 13:58:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/06/23 12:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/06/23 12:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/03/15 05:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 05:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008/12/01 18:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2001/08/29 19:57:40 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\addurl41.DLL
[2001/07/10 14:43:16 | 000,018,432 | ---- | C] () -- C:\Windows\SysWow64\winwatch.DLL

========== LOP Check ==========

[2010/10/15 03:11:41 | 000,000,000 | -HSD | M] -- C:\Users\Kara\AppData\Roaming\.#
[2011/01/18 17:09:57 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Artisteer
[2010/12/06 19:32:08 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Auslogics
[2011/03/29 11:42:45 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Copernic
[2011/01/29 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\COWON
[2010/12/19 03:26:06 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/03/23 02:28:46 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Easeware
[2010/11/05 12:50:23 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\GetRightToGo
[2011/01/29 03:11:50 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\IObit
[2010/11/25 10:21:48 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\iolo
[2011/03/04 19:25:10 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\IrfanView
[2010/08/20 12:09:48 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Leadertech
[2011/01/03 03:46:04 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Local
[2010/12/07 21:39:11 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\MAGIX
[2010/11/05 12:50:27 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\OpenCandy
[2011/02/07 12:35:14 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\PhotoScape
[2011/03/21 11:48:28 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Plane9
[2011/01/10 10:31:22 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Shark007
[2010/11/20 00:04:17 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Skinux
[2011/03/23 03:46:06 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\TuneUp Software
[2010/11/05 12:50:27 | 000,000,000 | --SD | M] -- C:\Users\Kara\AppData\Roaming\Virtual CD v10
[2011/01/14 13:29:01 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\VirtualStore
[2011/03/24 13:36:20 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Vso
[2010/12/06 19:43:03 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Win7codecs
[2011/03/13 00:54:21 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\Windows Live Writer
[2011/02/02 16:30:43 | 000,000,000 | ---D | M] -- C:\Users\Kara\AppData\Roaming\XRay Engine
[2011/01/07 18:32:52 | 000,000,421 | ---- | M] () -- C:\Windows\Tasks\1 Copernic Intra-Daily ~KKE Kara.job
[2011/01/07 18:32:52 | 000,000,397 | ---- | M] () -- C:\Windows\Tasks\2 Copernic Daily ~KKE Kara.job
[2011/01/07 18:32:52 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\3 Copernic Weekly ~KKE Kara.job
[2011/01/07 18:32:52 | 000,000,407 | ---- | M] () -- C:\Windows\Tasks\4 Copernic Monthly ~KKE Kara.job
[2011/02/28 18:39:57 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:77D98D08
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:76650B61

< End of report >
alwysbtchn
Regular Member
 
Posts: 47
Joined: October 10th, 2008, 6:42 pm
Location: san diego, CA

Re: A repost with file unzipped...sorry

Unread postby alwysbtchn » April 2nd, 2011, 6:56 pm

the extras.txtOTL Extras logfile created on: 3/31/2011 2:50:17 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kara\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372.51 Gb Total Space | 108.93 Gb Free Space | 29.24% Space Free | Partition Type: NTFS
Drive F: | 25.96 Mb Total Space | 25.96 Mb Free Space | 100.00% Space Free | Partition Type: FAT

Computer Name: KKE | User Name: Kara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /s

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.scr [@ = scrfile] -- "%1" /s

[HKEY_USERS\S-1-5-21-1109675280-3812906945-3506606000-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /s File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{59D3F691-179D-4E52-832C-D22B81541AC5}" = Microsoft SQL Server 2008 Setup Support Files
"{6E740973-8E71-42F9-A910-C18452E60450}" = Microsoft SQL Server Native Client
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E3FABF5-C3B9-7F7E-4AAE-977D77D48C51}" = ATI Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B24A47E5-F196-461E-A7A4-AADB72CB19DD}" = iTunes
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D4A6E342-907C-4CEF-96CC-FC2F4990DC9C}" = AVSDK5
""{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"DriverNavigator_is1" = DriverNavigator 1.5.1
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.1.0
"Lexmark X1100 Series" = Lexmark X1100 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"WinRAR archiver" = WinRAR archiver
"x64 Components_is1" = x64 Components v2.7.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{10C51313-A308-4B40-90E3-B368D5882660}" = Virtual CD v10
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18B99020-0D9B-486A-B640-478531AAF94B}" = Systerac Tools for Windows 7
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2305B203-951F-4D88-B366-6E86F524390D}" = VIPRE Antivirus Premium
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3D6CE6CE-E1C1-47C9-A734-78C53EBA5255}" = Xara Web Designer 6
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02]
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5B0E58BD-1F06-4A17-80FB-7C93C5FD039B}" = Lyrics Plugin for iTunes
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6C7D45F8-050B-4BF6-835A-01D8C5A48F10}" = DataKeeper
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6F9BF02D-3437-4991-A534-E85F11512692}" = HyperLoad - QB Shootout (NabiscoWorld)
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRJSTDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRJSTDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJSTDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PRJSTDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PRJSTDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PRJSTDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{27A9D316-D332-433B-8EB1-1D93EE49F26D}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PRJSTDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PRJSTDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92370c6e-8809-42ad-9f68-86e850a7afbf}" = Cherry Red Casino
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0BCF90F-B4E4-435C-A48D-8FAAE10554F9}" = Pixia
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.3
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{C0EAE1CA-EBF0-4A55-BEA9-EA79FAF40889}" = MAGIX Video easy SE
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C73F2967-062E-48F2-A462-D335B8950183}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Basic VX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F86B6849-38E0-7818-F21E-6DC637932076}" = Catalyst Control Center InstallProxy
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.02.05.8032
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Artisteer 3" = Artisteer 3
"CCleaner" = CCleaner
"Copernic Agent Professional" = Copernic Agent Professional
"Cross Fire_is1" = Cross Fire En
"CyberTweak_is1" = CyberTweak Version 1.3 Final
"Dan Elwell's Broadband Speed Test_is1" = Dan Elwell's Broadband Speed Test
"DivX Setup.divx.com" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.31
"GFX_wa5" = GFX Sound Enhancer
"Granado Espada_is1" = Granado Espada
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{6C7D45F8-050B-4BF6-835A-01D8C5A48F10}" = PowerQuest DataKeeper 5.0
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"IrfanView" = IrfanView (remove only)
"iWinArcade" = iWin Games (remove only)
"Jewel Quest Online Party" = Jewel Quest Online Party (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.6.0 (Full)
"Mafia II_is1" = Mafia II
"MAGIX_MSI_Video_easy_SE" = MAGIX Video easy SE
"MAGIX_MSI_Xara_Web_Designer_6" = Xara Web Designer 6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"PhotoScape" = PhotoScape
"Plane9" = Plane9 v1.7
"PowerISO" = PowerISO
"PRJPRO" = Microsoft Office Project Professional 2007
"Professional CD Label Kit" = Professional CD Label Kit
"ReadPlease 2003_is1" = ReadPlease 2003/ReadPlease PLUS 2003
"RealPlayer 12.0" = RealPlayer
"Secunia CSI" = Secunia CSI (4.1.0.2001)
"Secunia PSI" = Secunia PSI (2.0.0.3001)
"Speccy" = Speccy
"StickerPIX" = StickerPIX
"TuneUp Utilities" = TuneUp Utilities
"Ulead Photo Express 2.0 SE" = Ulead Photo Express 2.0 SE
"Uninstall_is1" = Uninstall 1.0.0.1
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"VISPROR" = Microsoft Office Visio Professional 2007 Trial
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"Wordscape Online Party" = Wordscape Online Party (remove only)
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1109675280-3812906945-3506606000-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
alwysbtchn
Regular Member
 
Posts: 47
Joined: October 10th, 2008, 6:42 pm
Location: san diego, CA

Re: A repost with file unzipped...sorry

Unread postby alwysbtchn » April 2nd, 2011, 7:00 pm

An OEM license only allows use on the original machine it came with. It cannot be UPGRADED to a different version, although there is no limit on Service Packs or other updates.
I understand you do have a disk for your OEM version of Win7.
DDS reports the system as Windows 7 Ultimate 64 bit. Is that the OEM system that came with it?
If it's a commercial machine, what make and model is it?
my answer
I have an upgrade also and tried it , did not realize it was an upgrade. I have the disk here with me and knowone has ever used this. I have had this pc with the OEM version since day 1 over a year ago 64 bit windows ultimate. I hope I have answered all your questions?
alwysbtchn
Regular Member
 
Posts: 47
Joined: October 10th, 2008, 6:42 pm
Location: san diego, CA

Re: A repost with file unzipped...sorry

Unread postby alwysbtchn » April 2nd, 2011, 7:07 pm

btw i used fsecure online scanner and it found 3 more malware, removed them successfully..
alwysbtchn
Regular Member
 
Posts: 47
Joined: October 10th, 2008, 6:42 pm
Location: san diego, CA

Re: A repost with file unzipped...sorry

Unread postby askey127 » April 3rd, 2011, 7:09 am

alwysbtchn,
I understand that you have a machine that came to you with an OEM version of Win7 Ultimate.
  • Was it a used PC?
  • Did you get the machine from a local chop shop, or a commercial manufacturer like HP or Dell?
  • How did you end up with an update CD?
  • Did it come with the machine or did you buy it separately, or ???
  • Is the Update CD also a Win7 Ultimate 64 bit?
-----------------------------------------------------------
I want to see the log from TDSSKiller if possible. It will be in the main directory of the C: drive.
The log file will be named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt
(the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp)
If there is more than one log file, I want to see the earliest log.
-----------------------------------------------------------
Download and Run a Diagnostic Tool (MGADiag.exe) from here and save this to your desktop.
http://go.microsoft.com/fwlink/?linkid=56062
* Double-click on MGADiag.exe
* When the program has finished, click on the Validation tab and then click on Copy to Clipboard.
* Please post the results in your next reply.
---------------------------------------------------
So, In Your Reply, we will be looking for the following :
  • Answers to each of the questions above
  • Log from TDSSKiller
  • Output results from MGADiag

Use separate replies if you wish.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: A repost with file unzipped...sorry

Unread postby alwysbtchn » April 3rd, 2011, 5:35 pm

DDS.txt

u.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Kara at 13:35:30.33 on Fri 03/25/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1759 [GMT -7:00]
.
AV: Sunbelt VIPRE *Enabled/Updated* {BE5DD172-7F42-7948-1A60-E6A720288F81}
SP: Sunbelt VIPRE *Enabled/Updated* {053C3096-5978-76C6-20D0-DDD55BAFC53C}
FW: Sunbelt VIPRE *Enabled* {86665057-352D-7810-313F-4F92DEFBC8FA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
C:\Windows\System32\msdtc.exe
C:\Windows\system32\mqsvc.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Kara\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = res://C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_BAND_SEARCHBAR_HTML
uWindow Title =
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: N/A: {be89472c-b803-4d1d-9a9a-0a63660e0fe3} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: IEHlprObj Class: {8ca5ed52-f3fb-4414-a105-2e3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: QuickNet BHO: {ea5ca8b6-9b9c-4994-a7a1-947b6c631be7} - C:\Program Files (x86)\RegTweaker\key.dll
TB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: Copernic Agent Results: {6f480f82-c3a6-4d35-96f7-b297ad49fbe8} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll
EB: Copernic Agent: {f2e259e8-0fc8-438c-a6e0-342dd80fa53e} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
mRun: [SBAMTray] "C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: NoInstrumentation = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
IE: Free YouTube to MP3 Converter - C:\Users\Kara\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Search Using Copernic Agent - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
IE: {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~2\COPERN~1\COPERN~1.EXE
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49}
IE: {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~2\COPERN~1\COPERN~1.EXE
IE: {0BCBCDD8-E5D9-417D-A752-C2DA929A21BF} - {4D459C49-EA39-4C99-8BBD-75EFB7D6759D} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
LSP: C:\Windows\system32\iavlsp.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/produ ... wsdc32.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/ ... cmatic.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/So ... b56986.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
mRun-x64: [MsmqIntCert] regsvr32 /s mqrt.dll
SSODL-X64: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=16794S&l=dis
FF - component: C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npmidas.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Kara\AppData\Roaming\Mozilla\Firefox\Profiles\fenr3zkh.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Amplify: {8f5ce3f8-1735-4680-b15e-108f2f50e8ba} - %profile%\extensions\{8f5ce3f8-1735-4680-b15e-108f2f50e8ba}
FF - Ext: feedly: feedly@devhd - %profile%\extensions\feedly@devhd
FF - Ext: AddonFox: {ad48108d-92a6-4eb9-87e4-978aca1dbae4} - %profile%\extensions\{ad48108d-92a6-4eb9-87e4-978aca1dbae4}
FF - Ext: FaceTweak: {1519200d-6633-40c9-a9a1-d60d8d1d0479} - %profile%\extensions\{1519200d-6633-40c9-a9a1-d60d8d1d0479}
FF - Ext: DVDVideoSoftTB Community Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: Autofill Forms: autofillForms@blueimp.net - %profile%\extensions\autofillForms@blueimp.net
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: Image Zoom: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} - %profile%\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
FF - Ext: FlashVideoReplacer: flvideoreplacer@lovinglinux.megabyet.net - %profile%\extensions\flvideoreplacer@lovinglinux.megabyet.net
FF - Ext: TweakTube: {15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed} - %profile%\extensions\{15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed}
FF - Ext: Facebook Like: {45e16761-660c-41a4-984f-56986fba2137} - %profile%\extensions\{45e16761-660c-41a4-984f-56986fba2137}
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: iWinGames Plugin: {98e34367-8df7-42b4-837b-20b892ff0849} - C:\ProgramData\iWin Games\firefox
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2010-11-16 23464]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 SbFw;SbFw;C:\Windows\System32\drivers\SbFw.sys [2010-8-23 253528]
R1 SBRE;SBRE;C:\Windows\System32\drivers\sbredrv.sys [2010-8-19 49752]
R1 SbTis;SbTis;C:\Windows\System32\drivers\sbtis.sys [2010-9-7 94296]
R1 vdrv1000;vdrv1000;C:\Windows\System32\drivers\vdrv1000.sys [2010-9-15 220696]
R1 VWiFiFlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/15 01:07:42];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-3-13 146928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203776]
R2 AMP;AMP;C:\Windows\System32\drivers\amp.sys [2010-11-16 161320]
R2 SBAMSvc;VIPRE Antivirus Premium;C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe [2010-8-20 2763080]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2010-6-14 64600]
R2 SBPIMSvc;SB Recovery Service;C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe [2010-8-20 181584]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2011-1-27 9085952]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2011-1-26 299520]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2010-8-23 84056]
R3 SBHIPS;SBHIPS;C:\Windows\System32\drivers\sbhips.sys [2010-9-7 60504]
R3 vcd10bus;Virtual CD v10 Bus Enumerator;C:\Windows\System32\drivers\vcd10bus.sys [2010-9-15 40464]
S2 AMPSE;AMPSE;C:\Windows\System32\drivers\ampse.sys [2010-11-16 1404456]
S2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2010-12-10 724664]
S3 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-6-5 315392]
S3 HH10Help.sys;HH10Help.sys;C:\Windows\System32\drivers\HH10Help.sys [2010-9-15 24088]
S3 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2010-12-10 724664]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2010-5-7 30304]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2010-11-10 341856]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2010-11-10 4162784]
S3 lxbk_device;lxbk_device;C:\Windows\system32\lxbkcoms.exe -service --> C:\Windows\system32\lxbkcoms.exe -service [?]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2009-6-17 17976]
S3 VC10SecS;Virtual CD v10 Management Service;C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [2010-9-15 145224]
S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2010-11-1 16384]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-20 1255736]
S3 WMSVC;Web Management Service;C:\Windows\System32\inetsrv\WMSvc.exe [2009-7-13 10752]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
S4 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-8-19 90112]
S4 gupdate;Google Update Service (gupdate);"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [?]
S4 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2010-9-27 176408]
S4 LVPrcS64;Process Monitor;C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-5-7 197976]
S4 nosGetPlusHelper;getPlus(R) Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
S4 vseamps;vseamps;C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [2010-1-19 150568]
S4 vsedsps;vsedsps;C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [2010-1-19 150056]
S4 vseqrts;vseqrts;C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [2010-1-19 207400]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-03-25 06:49:17 -------- d-----w- C:\Windows\System32\msmq
2011-03-25 06:49:17 -------- d-----w- C:\Windows\System32\0416
2011-03-25 06:49:17 -------- d-----w- C:\Windows\System32\0415
2011-03-25 06:49:17 -------- d-----w- C:\Windows\System32\0408
2011-03-25 06:49:17 -------- d-----w- C:\Windows\System32\0401
2011-03-25 06:49:15 -------- d-----w- C:\Windows\System32\040B
2011-03-25 01:48:27 -------- d-----w- C:\Program Files (x86)\RegTweaker
2011-03-25 01:06:18 -------- d-----w- C:\Users\Kara\AppData\Roaming\Malwarebytes
2011-03-25 01:06:13 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-25 01:06:12 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-03-25 01:06:09 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-03-25 01:06:09 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-24 01:32:33 -------- d-----w- C:\Windows\System32\SPReview
2011-03-24 01:31:24 -------- d-----w- C:\eb2a1225470fe4c93a0eaf52
2011-03-23 12:09:15 -------- d-----w- C:\Users\Kara\AppData\Local\Secunia PSI
2011-03-23 10:46:40 34632 ----a-w- C:\Windows\System32\TURegOpt.exe
2011-03-23 10:46:38 36168 ----a-w- C:\Windows\System32\uxtuneup.dll
2011-03-23 10:46:38 30024 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2011-03-23 10:46:38 25928 ----a-w- C:\Windows\System32\authuitu.dll
2011-03-23 10:46:38 21320 ----a-w- C:\Windows\SysWow64\authuitu.dll
2011-03-23 10:46:06 -------- d-----w- C:\Users\Kara\AppData\Roaming\TuneUp Software
2011-03-23 10:45:54 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2010
2011-03-23 10:44:48 -------- d-----w- C:\PROGRA~3\TuneUp Software
2011-03-23 10:44:39 -------- d-sh--w- C:\PROGRA~3\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2011-03-23 10:17:14 -------- d-----w- C:\Users\Kara\AppData\Local\DataKeeper
2011-03-23 09:30:31 -------- d--h--w- C:\dvmexp.BAK
2011-03-23 09:28:46 -------- d-----w- C:\Users\Kara\AppData\Roaming\Easeware
2011-03-23 09:21:56 -------- d-----w- C:\Program Files\Easeware
2011-03-23 03:18:09 -------- d-----w- C:\Windows\System32\EventProviders
2011-03-22 19:26:36 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-03-22 19:02:08 -------- d-----w- C:\Users\Kara\AppData\Local\WindowsUpdate
2011-03-18 02:07:44 -------- d-----w- C:\Users\Kara\AppData\Local\2K Games
2011-03-18 02:06:20 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-03-18 02:04:57 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-03-18 01:48:44 -------- d-----w- C:\Program Files (x86)\2K Games
2011-03-13 17:04:52 -------- d-----w- C:\Program Files (x86)\Winamp Detect
2011-03-13 08:22:31 -------- d-----w- C:\Users\Kara\AppData\Roaming\Plane9
2011-03-13 08:22:14 -------- d-----w- C:\Program Files (x86)\Plane9
2011-03-12 22:25:27 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-03-12 22:25:27 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-03-12 19:28:40 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-03-12 19:28:40 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-03-10 21:37:03 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-03-10 21:37:03 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-03-09 18:03:33 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2011-03-09 18:03:32 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-03-09 18:03:29 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-03-09 18:03:28 1097216 ----a-w- C:\Windows\System32\mstsc.exe
2011-03-07 19:49:09 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-03-07 19:49:09 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-03-07 19:49:09 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-03-07 19:48:26 -------- d-----w- C:\Program Files\iPod
2011-03-07 19:48:24 -------- d-----w- C:\Program Files\iTunes
2011-03-07 19:48:24 -------- d-----w- C:\Program Files (x86)\iTunes
2011-03-07 19:43:17 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-03-05 09:11:57 73544 ----a-w- C:\Windows\System32\XAPOFX1_3.dll
2011-03-05 09:10:59 411496 ----a-w- C:\Windows\System32\xactengine2_9.dll
2011-03-05 09:09:57 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll
2011-03-05 09:09:57 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll
2011-03-04 21:20:44 -------- d--h--w- C:\Windows\msdownld.tmp
2011-03-04 21:20:40 -------- d-----w- C:\Windows\SysWow64\directx
2011-02-27 06:23:43 -------- d-----w- C:\Users\Kara\AppData\Local\ClipboardManager
2011-02-27 04:02:39 -------- d-----w- C:\Windows\SysWow64\wbem\Performance
2011-02-27 03:54:32 -------- d-----w- C:\PROGRA~3\GroupPolicy
2011-02-27 02:41:28 -------- d-----w- C:\Windows\System32\catroot2
2011-02-25 20:58:28 57344 ----a-w- C:\Windows\Plane9.scr
.
==================== Find3M ====================
.
2011-03-24 20:36:20 99384 ----a-w- C:\Users\Kara\AppData\Roaming\inst.exe
2011-03-24 20:36:20 82816 ----a-w- C:\Users\Kara\AppData\Roaming\pcouffin.sys
2011-03-24 03:00:52 152064 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-03-24 03:00:49 175104 ----a-w- C:\Windows\System32\msclmd.dll
2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-03 05:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-01-27 07:37:22 9085952 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-01-27 07:22:20 22295040 ----a-w- C:\Windows\System32\atio6axx.dll
2011-01-27 07:00:46 143360 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-01-27 07:00:32 596480 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-01-27 06:59:48 17204736 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-01-27 06:59:12 708608 ----a-w- C:\Windows\System32\aticfx64.dll
2011-01-27 06:56:30 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-01-27 06:56:16 479232 ----a-w- C:\Windows\System32\atieclxx.exe
2011-01-27 06:55:38 203776 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-01-27 06:54:22 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-01-27 06:54:02 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-01-27 06:53:56 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-01-27 06:53:44 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-01-27 06:53:38 16384 ----a-w- C:\Windows\System32\atimuixx.dll
2011-01-27 06:53:34 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-01-27 06:53:28 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-01-27 06:49:46 4105728 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-01-27 06:40:04 4847616 ----a-w- C:\Windows\System32\atidxx64.dll
2011-01-27 06:32:48 1208320 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-01-27 06:32:14 1912832 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-01-27 06:32:02 3222016 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-01-27 06:28:54 4170752 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-01-27 06:27:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-01-27 06:27:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-01-27 06:27:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-01-27 06:27:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-01-27 06:27:32 6982144 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-01-27 06:25:52 5580800 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-01-27 06:24:20 3463680 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-01-27 06:22:00 5316096 ----a-w- C:\Windows\System32\atiumd64.dll
2011-01-27 06:20:46 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-01-27 06:14:16 354304 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-01-27 06:14:10 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-01-27 06:13:58 14848 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-01-27 06:13:54 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-01-27 06:13:54 12800 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-01-27 06:13:52 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-01-27 06:13:44 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-01-27 06:13:34 299520 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-01-27 06:12:48 39936 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-01-27 06:12:42 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-01-27 06:12:34 38400 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-01-27 06:12:26 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-01-27 06:11:48 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-01-27 06:08:48 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2011-01-27 06:08:48 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-01-27 06:08:42 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-01-27 06:08:42 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-01-10 04:26:24 2560 ----a-w- C:\Windows\_MSRSTRT.EXE
2011-01-07 08:07:24 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-07 08:07:24 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 07:31:10 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-07 07:31:10 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 13:38:15.34 ===============
No the PC was not used it never was used, it was from dell, but was never used on the pc because I had 2 disks given to me by them. The updated version I bought from school from my student discount, I did not realize it was an upgrade when I bought it, unfortunately...and yes the update cd is also a window ultimate 64 bit, I looked it up and it said I would have to downgrade my system again then upgrade I find that a little ridiculous, I have my xp home key why could I just not give that to them, I have bought many pcs with windows and I have all the codes for them if you need them.
alwysbtchn
Regular Member
 
Posts: 47
Joined: October 10th, 2008, 6:42 pm
Location: san diego, CA

Re: A repost with file unzipped...sorry

Unread postby askey127 » April 3rd, 2011, 6:02 pm

I asked you for the log from TDSSKiller, and the log from MGADiag.
You posted the DDS log.
We can proceed when I can evaluate the two logs I asked for.
Please read my words in the previous post carefully, if you will.

If you bought the PC with Win7 Ultimate already on it from Dell, it should be validated by Microsoft.
What is it about this I don't understand? Are you using the original Dell key code?
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: A repost with file unzipped...sorry

Unread postby askey127 » April 6th, 2011, 6:07 pm

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: ataa92 and 52 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware