API tools faq
paste
Advertisement
Guest User

OTSVl

a guest
May 18th, 2011
139
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 61.37 KB | None | 0 0
raw download clone embed print report
  1. [code]
  2. OTS logfile created on: 5/18/2011 16:15:50 - Run 1
  3. OTS by OldTimer - Version 3.1.42.0 Folder = D:\Internet Downloads\Chrome downloads
  4. Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
  5. Internet Explorer (Version = 8.0.6001.18702)
  6. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  7.  
  8. 512.00 Mb Total Physical Memory | 176.00 Mb Available Physical Memory | 34.00% Memory free
  9. 1.00 Gb Paging File | 1.00 Gb Available in Paging File | 65.00% Paging File free
  10. Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
  11.  
  12. %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
  13. Drive C: | 9.77 Gb Total Space | 2.90 Gb Free Space | 29.65% Space Free | Partition Type: NTFS
  14. Drive D: | 66.55 Gb Total Space | 0.95 Gb Free Space | 1.43% Space Free | Partition Type: NTFS
  15. E: Drive not present or media not loaded
  16. F: Drive not present or media not loaded
  17. G: Drive not present or media not loaded
  18. H: Drive not present or media not loaded
  19. I: Drive not present or media not loaded
  20. Drive J: | 15.01 Gb Total Space | 1.87 Gb Free Space | 12.46% Space Free | Partition Type: FAT32
  21.  
  22. Computer Name: HOME-D52B701C35
  23. Current User Name: Administrator
  24. Logged in as Administrator.
  25.  
  26. Current Boot Mode: Normal
  27. Scan Mode: Current user
  28. Company Name Whitelist: Off
  29. Skip Microsoft Files: Off
  30. File Age = 30 Days
  31.  
  32. [Processes - Safe List]
  33. ots.exe -> D:\Internet Downloads\Chrome downloads\OTS.exe -> [2011/05/18 16:09:48 | 000,645,632 | ---- | M] (OldTimer Tools)
  34. chrome.exe -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  35. admunch.exe -> C:\Program Files\Ad Muncher\AdMunch.exe -> [2011/03/25 22:07:33 | 000,535,752 | ---- | M] (Murray Hurps Corp Pty Ltd)
  36. explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/07/03 16:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation)
  37. ieprivacykeeper.exe -> C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe -> [2005/06/29 14:22:46 | 001,015,808 | ---- | M] (UnH Solutions)
  38. syncor.exe -> C:\WINDOWS\SynCor.exe -> [2002/08/30 12:59:54 | 000,380,928 | ---- | M] (Analog Devices, Inc.)
  39.  
  40. [Modules - Safe List]
  41. ots.exe -> D:\Internet Downloads\Chrome downloads\OTS.exe -> [2011/05/18 16:09:48 | 000,645,632 | ---- | M] (OldTimer Tools)
  42. am32-32562.dll -> C:\Program Files\Ad Muncher\AM32-32562.dll -> [2011/03/25 22:07:33 | 000,070,344 | ---- | M] (Murray Hurps Corp Pty Ltd)
  43. comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5705_x-ww_36cfed49\comctl32.dll -> [2008/11/05 11:21:57 | 001,054,208 | ---- | M] (Microsoft Corporation)
  44. msvcr80.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll -> [2008/07/25 12:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation)
  45. scrchpg.dll -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll -> [2008/02/08 19:37:54 | 000,158,224 | ---- | M] (Kaspersky Lab)
  46. miscr3.dll -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll -> [2008/02/08 19:37:48 | 000,088,592 | ---- | M] (Kaspersky Lab)
  47. fssync.dll -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll -> [2008/02/08 19:37:42 | 000,048,656 | ---- | M] (Kaspersky Lab)
  48. adialhk.dll -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll -> [2008/02/08 19:37:30 | 000,084,496 | ---- | M] (Kaspersky Lab)
  49. syncor11.dll -> C:\WINDOWS\system32\Syncor11.dll -> [2002/11/06 20:00:38 | 000,040,820 | ---- | M] (SoundMAX)
  50.  
  51. [Win32 Services - Safe List]
  52. (hpdj00) hpdj00 [Auto | Stopped] -> -> File not found
  53. (HidServ) Human Interface Device Access [Disabled | Stopped] -> -> File not found
  54. (MBAMService) MBAMService [Auto | Stopped] -> C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -> [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation)
  55. (AVP) Kaspersky Internet Security 7.0 [On_Demand | Stopped] -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -> [2008/02/08 19:36:14 | 000,227,856 | ---- | M] (Kaspersky Lab)
  56. (SoundMAX Agent Service (default)) SoundMAX Agent Service [Disabled | Stopped] -> C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -> [2002/09/20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.)
  57.  
  58. [Driver Services - Safe List]
  59. (dtsoftbus01) DAEMON Tools Virtual Bus Driver [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\dtsoftbus01.sys -> [2011/04/30 21:00:43 | 000,218,688 | ---- | M] (DT Soft Ltd)
  60. (MBAMProtector) MBAMProtector [File_System | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mbam.sys -> [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation)
  61. (gameenum) Game Port Enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\gameenum.sys -> [2008/04/14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation)
  62. (SISNIC) SiS PCI Fast Ethernet Adapter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sisnic.sys -> [2008/04/14 00:05:40 | 000,032,768 | ---- | M] (SiS Corporation)
  63. (klif) klif [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\klif.sys -> [2007/12/28 20:51:04 | 000,195,344 | ---- | M] (Kaspersky Lab)
  64. (klim5) Kaspersky Anti-Virus NDIS Filter [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\klim5.sys -> [2007/12/13 14:28:40 | 000,024,592 | ---- | M] (Kaspersky Lab)
  65. (kl1) kl1 [Kernel | Boot | Running] -> C:\WINDOWS\system32\drivers\kl1.sys -> [2007/10/31 14:41:16 | 000,110,096 | ---- | M] (Kaspersky Lab)
  66. (ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ati2mtag.sys -> [2006/05/03 18:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.)
  67. (DSDrv4) DSDrv4 [Kernel | On_Demand | Stopped] -> C:\Program Files\K!TV\Plugins\S_Bt8x8\DSDrv4.sys -> [2005/02/14 02:00:00 | 000,007,168 | ---- | M] ()
  68. (Cap713x) Cap713x Video Capture [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Cap713x.sys -> [2004/10/14 09:19:10 | 000,751,104 | R--- | M] (ASUSTek)
  69. (SISAGP) SiS AGP Filter [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -> [2003/02/20 03:18:36 | 000,036,608 | R--- | M] (Silicon Integrated Systems Corporation)
  70.  
  71. [Registry - Safe List]
  72. < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
  73. HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://start.facemoods.com/?s={searchTerms} ->
  74. < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
  75. HKEY_CURRENT_USER\: Main\\"Secondary Start Pages" -> http://www.google.com/ [binary data] ->
  76. HKEY_CURRENT_USER\: Main\\"Start Page" -> my.daemon-search.com ->
  77. HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache" -> http://www.msn.com/ ->
  78. HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-us ->
  79. HKEY_CURRENT_USER\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 1C 28 7F 29 39 86 CA 01 [binary data] ->
  80. HKEY_CURRENT_USER\: URLSearchHooks\\"{00000000-6E41-4FD3-8538-502F5495E5FC}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
  81. HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
  82. HKEY_CURRENT_USER\: "ProxyServer" -> 127.0.0.1:8118 ->
  83. < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
  84. HKLM\software\mozilla\Firefox\extensions -> ->
  85. HKLM\software\mozilla\Firefox\extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1} -> C:\Program Files\Ad Muncher\FirefoxExtension_2.0 [C:\PROGRAM FILES\AD MUNCHER\FIREFOXEXTENSION_2.0] -> [2011/03/25 22:07:34 | 000,000,000 | ---D | M]
  86. HKLM\software\mozilla\SeaMonkey\Extensions -> ->
  87. HKLM\software\mozilla\SeaMonkey\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1} -> C:\Program Files\Ad Muncher\FirefoxExtension_2.0 [C:\PROGRAM FILES\AD MUNCHER\FIREFOXEXTENSION_2.0] -> [2011/03/25 22:07:34 | 000,000,000 | ---D | M]
  88. < FireFox Extensions [User Folders] > ->
  89. -> C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions -> [2011/04/27 00:13:45 | 000,000,000 | ---D | M]
  90. < HOSTS File > ([2010/04/14 21:30:24 | 000,000,738 | ---- | M] - 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
  91. Reset Hosts
  92. 178.32.95.1 paypal.com
  93. < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
  94. "{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
  95. "{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
  96. "{F053C368-5458-45B2-9B4D-D8914BDDDBFF}" [HKLM] -> C:\Program Files\TextAloud\TAForIE.dll [TextAloud] -> [2009/01/14 13:41:00 | 000,660,992 | ---- | M] ()
  97. < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
  98. WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
  99. < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
  100. "Ad Muncher" -> C:\Program Files\Ad Muncher\AdMunch.exe ["C:\Program Files\Ad Muncher\AdMunch.exe" /bt] -> [2011/03/25 22:07:33 | 000,535,752 | ---- | M] (Murray Hurps Corp Pty Ltd)
  101. < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
  102. "IE Privacy Keeper" -> C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe ["C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup] -> [2005/06/29 14:22:46 | 001,015,808 | ---- | M] (UnH Solutions)
  103. < Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup ->
  104. < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
  105. < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
  106. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
  107. \\"HonorAutoRunSetting" -> [1] -> File not found
  108. < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
  109. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
  110. < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
  111. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
  112. \\"NoDriveTypeAutoRun" -> [145] -> File not found
  113. < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
  114. &Download All using 4shared Desktop -> [C:\Program Files\4shared Desktop\down_all.htm] -> File not found
  115. Block frame with Ad Muncher -> [http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=431398X9&id=menu_ie_frame] -> File not found
  116. Block image with Ad Muncher -> [http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=431398X9&id=menu_ie_image] -> File not found
  117. Block link with Ad Muncher -> [http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=431398X9&id=menu_ie_link] -> File not found
  118. DiaryOne: Save full text -> C:\Program Files\DiaryOne\Script\fullcatcher.htm [C:\Program Files\DiaryOne\Script\fullcatcher.htm] -> [2007/01/21 01:00:00 | 000,000,445 | ---- | M] ()
  119. DiaryOne: Save selected text -> C:\Program Files\DiaryOne\Script\catcher.htm [C:\Program Files\DiaryOne\Script\catcher.htm] -> [2007/01/21 01:00:00 | 000,000,445 | ---- | M] ()
  120. Don't filter page with Ad Muncher -> [http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=431398X9&id=menu_ie_exclude] -> File not found
  121. Report page to the Ad Muncher developers -> [http://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=2.0&pass=431398X9&id=menu_ie_report] -> File not found
  122. < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
  123. {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}:{85E0B171-04FA-11D1-B7DA-00A0C90348D6} [HKLM] -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll [Button: Web Anti-Virus statistics] -> [2008/02/08 19:37:52 | 000,223,760 | ---- | M] (Kaspersky Lab)
  124. < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
  125. < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
  126. "" -> http://
  127. < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
  128. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
  129. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
  130. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
  131. < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
  132. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
  133. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
  134. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
  135. < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
  136. {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
  137. {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
  138. {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
  139. < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
  140. DhcpNameServer -> 192.168.1.1 ->
  141. < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
  142. {898E6A54-D71C-4CEE-9B4F-533FA19B3D80}\\DhcpNameServer -> 192.168.1.1 (SiS 900-Based PCI Fast Ethernet Adapter) ->
  143. < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
  144. *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
  145. C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll -> [2008/02/08 19:37:30 | 000,084,496 | ---- | M] (Kaspersky Lab)
  146. *MultiFile Done* -> ->
  147. < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
  148. *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
  149. Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/07/03 16:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation)
  150. *MultiFile Done* -> ->
  151. < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
  152. AtiExtEvent -> C:\WINDOWS\System32\ati2evxx.dll -> [2006/05/03 18:44:54 | 000,061,440 | ---- | M] (ATI Technologies Inc.)
  153. klogon -> C:\WINDOWS\system32\klogon.dll -> [2008/02/08 19:37:44 | 000,219,664 | ---- | M] (Kaspersky Lab)
  154. WgaLogon -> -> File not found
  155. < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
  156. < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
  157. "C:\Documents and Settings\Administrator\Local Settings\Application Data\IM\Runtime\IncrediMail_Install.exe" -> C:\Documents and Settings\Administrator\Local Settings\Application Data\IM\Runtime\IncrediMail_Install.exe [C:\Documents and Settings\Administrator\Local Settings\Application Data\IM\Runtime\IncrediMail_Install.exe:*:Enabled:IncrediMail Installer] -> [2010/12/17 16:47:39 | 000,448,848 | ---- | M] ()
  158. "C:\Documents and Settings\Administrator\Local Settings\Temp\ImInstaller\IncrediBackup_installer.exe" -> [C:\Documents and Settings\Administrator\Local Settings\Temp\ImInstaller\IncrediBackup_installer.exe:*:Enabled:IncrediMail Installer] -> File not found
  159. "C:\Program Files\IncrediMail\Bin\ImApp.exe" -> C:\Program Files\IncrediMail\Bin\ImApp.exe [C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail] -> [2011/03/06 18:01:02 | 000,255,432 | ---- | M] (IncrediMail, Ltd.)
  160. "C:\Program Files\IncrediMail\Bin\ImpCnt.exe" -> C:\Program Files\IncrediMail\Bin\ImpCnt.exe [C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail] -> [2011/03/06 17:54:46 | 000,112,072 | ---- | M] (IncrediMail, Ltd.)
  161. "C:\Program Files\IncrediMail\Bin\IncMail.exe" -> C:\Program Files\IncrediMail\Bin\IncMail.exe [C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail] -> [2011/03/06 18:01:02 | 000,353,736 | ---- | M] (IncrediMail, Ltd.)
  162. "C:\Program Files\K!TV\K!TV.exe" -> C:\Program Files\K!TV\K!TV.exe [C:\Program Files\K!TV\K!TV.exe:*:Disabled:K!TV] -> [2005/03/09 00:15:22 | 001,400,832 | ---- | M] (K!)
  163. "C:\Program Files\uTorrent\uTorrent.exe" -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [2010/04/29 18:34:03 | 000,289,584 | ---- | M] (BitTorrent, Inc.)
  164. < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
  165. < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
  166. "AutoRun" -> 1 ->
  167. "DisplayName" -> CD-ROM Driver ->
  168. "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
  169. < Drives with AutoRun files > -> ->
  170. C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2009/12/26 16:06:37 | 000,000,000 | ---- | M] ()
  171. < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
  172. < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
  173. comfile [open] -> "%1" %* ->
  174. exefile [open] -> "%1" %* ->
  175. < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
  176. .com [@ = comfile] -> "%1" %* ->
  177. .exe [@ = exefile] -> "%1" %* ->
  178.  
  179. [Registry - Additional Scans - Safe List]
  180. < Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state ->
  181. "bootini" -> 0 ->
  182. "services" -> 0 ->
  183. "startup" -> 2 ->
  184. "system.ini" -> 0 ->
  185. "win.ini" -> 0 ->
  186. < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
  187. "MIDI1" -> C:\WINDOWS\System32\Syncor11.dll [SYNCOR11.DLL] -> [2002/11/06 20:00:38 | 000,040,820 | ---- | M] (SoundMAX)
  188. "msacm.divxa32" -> C:\WINDOWS\System32\msaud32_divx.acm [msaud32_divx.acm] -> [2003/02/03 08:01:02 | 000,186,368 | ---- | M] (Microsoft Corporation)
  189. "msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2008/04/14 17:00:00 | 000,199,680 | ---- | M] (Intel Corporation)
  190. "msacm.l3acm" -> C:\WINDOWS\system32\l3codeca.acm [C:\WINDOWS\system32\l3codeca.acm] -> [2008/04/14 17:00:00 | 000,290,816 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
  191. "msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008/04/14 17:00:00 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.)
  192. "msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2008/04/14 17:00:00 | 000,008,192 | ---- | M] (DSP GROUP, INC.)
  193. "MSVideo8" -> C:\WINDOWS\System32\vfwwdm32.dll [VfWWDM32.dll] -> [2008/04/14 06:42:10 | 000,053,760 | ---- | M] (Microsoft Corporation)
  194. "vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2008/04/14 17:00:00 | 000,080,384 | ---- | M] (Radius Inc.)
  195. "vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2008/04/14 17:00:00 | 000,199,168 | ---- | M] ()
  196. "vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2008/04/14 17:00:00 | 000,199,168 | ---- | M] ()
  197. "vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2008/04/14 17:00:00 | 000,848,384 | ---- | M] (Intel Corporation)
  198. "vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2008/04/14 17:00:00 | 000,755,200 | ---- | M] (Intel Corporation)
  199. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
  200. *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
  201. 6to4 -> -> File not found
  202. HidServ -> -> File not found
  203. Ias -> -> File not found
  204. Iprip -> -> File not found
  205. Irmon -> -> File not found
  206. NWCWorkstation -> -> File not found
  207. Nwsapagent -> -> File not found
  208. WmdmPmSp -> -> File not found
  209. SSHNAS -> -> File not found
  210. *MultiFile Done* -> ->
  211. < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
  212. {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
  213. {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
  214. {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
  215. {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
  216. {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
  217. {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
  218. {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
  219. {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
  220. {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
  221. {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
  222. {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
  223. {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
  224. {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
  225. Base -> Driver Group
  226. Boot Bus Extender -> Driver Group
  227. Boot file system -> Driver Group
  228. File system -> Driver Group
  229. Filter -> Driver Group
  230. PCI Configuration -> Driver Group
  231. PNP Filter -> Driver Group
  232. Primary disk -> Driver Group
  233. SCSI Class -> Driver Group
  234. sermouse.sys -> Driver
  235. System Bus Extender -> Driver Group
  236. vga.sys -> Driver
  237. < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
  238. batfile [open] -> "%1" %* ->
  239. cmdfile [open] -> "%1" %* ->
  240. comfile [open] -> "%1" %* ->
  241. cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* ->
  242. exefile [open] -> "%1" %* ->
  243. piffile [open] -> "%1" %* ->
  244. scrfile [config] -> "%1" ->
  245. scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l ->
  246. scrfile [open] -> "%1" /S ->
  247. Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 ->
  248. Directory [AddToPlaylistVLC] -> "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2010/08/27 01:34:22 | 000,107,008 | ---- | M] ()
  249. Directory [find] -> %SystemRoot%\Explorer.exe -> [2008/07/03 16:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation)
  250. Directory [PlayWithVLC] -> "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2010/08/27 01:34:22 | 000,107,008 | ---- | M] ()
  251. Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> [2008/07/03 16:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation)
  252. Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> [2008/07/03 16:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation)
  253. Drive [find] -> %SystemRoot%\Explorer.exe -> [2008/07/03 16:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation)
  254. < EventViewer Logs - Last 10 Errors > -> Event Information -> Description
  255. Application [ Error ] 4/26/2011 20:00:14 Computer Name = HOME-D52B701C35 | Source = MsiInstaller | ID = 11309 -> Description = Product: AutoImager -- Error 1309. Error reading from file: C:\DOCUME~1\ALLUSE~1\APPLIC~1\{5F7EB~1\OFFLINE\2BD1954B\3452ED62\AutoImager.chm. System error 3. Verify that the file exists and that you can access it.
  256. Application [ Error ] 4/26/2011 20:00:15 Computer Name = HOME-D52B701C35 | Source = MsiInstaller | ID = 11309 -> Description = Product: AutoImager -- Error 1309. Error reading from file: C:\DOCUME~1\ALLUSE~1\APPLIC~1\{5F7EB~1\OFFLINE\34B1ABD7\3452ED62\AutoImager.exe. System error 3. Verify that the file exists and that you can access it.
  257. Application [ Error ] 4/26/2011 20:00:15 Computer Name = HOME-D52B701C35 | Source = MsiInstaller | ID = 11309 -> Description = Product: AutoImager -- Error 1309. Error reading from file: C:\DOCUME~1\ALLUSE~1\APPLIC~1\{5F7EB~1\OFFLINE\F3E7E16F\23D9A40A\gdpdfplug.dll. System error 3. Verify that the file exists and that you can access it.
  258. Application [ Error ] 4/26/2011 20:00:16 Computer Name = HOME-D52B701C35 | Source = MsiInstaller | ID = 11309 -> Description = Product: AutoImager -- Error 1309. Error reading from file: C:\DOCUME~1\ALLUSE~1\APPLIC~1\{5F7EB~1\OFFLINE\C63355D2\23D9A40A\gdimgplug.dll. System error 3. Verify that the file exists and that you can access it.
  259. Application [ Error ] 4/26/2011 20:00:16 Computer Name = HOME-D52B701C35 | Source = MsiInstaller | ID = 11309 -> Description = Product: AutoImager -- Error 1309. Error reading from file: C:\DOCUME~1\ALLUSE~1\APPLIC~1\{5F7EB~1\OFFLINE\1B4A311B\195A321D\GDIPLUS.DLL. System error 3. Verify that the file exists and that you can access it.
  260. Application [ Error ] 4/26/2011 20:00:16 Computer Name = HOME-D52B701C35 | Source = MsiInstaller | ID = 11309 -> Description = Product: AutoImager -- Error 1309. Error reading from file: C:\DOCUME~1\ALLUSE~1\APPLIC~1\{5F7EB~1\OFFLINE\E2307DE4\195A321D\gdpicturepro5.ocx. System error 3. Verify that the file exists and that you can access it.
  261. Application [ Error ] 4/26/2011 20:00:18 Computer Name = HOME-D52B701C35 | Source = MsiInstaller | ID = 11904 -> Description = Product: AutoImager -- Error 1904. Module C:\WINDOWS\system32\gdpicturepro5.ocx failed to register. HRESULT -2147024770. Contact your support personnel.
  262. Application [ Error ] 4/26/2011 20:02:15 Computer Name = HOME-D52B701C35 | Source = MsiInstaller | ID = 11309 -> Description = Product: AutoImager -- Error 1309. Error reading from file: C:\DOCUME~1\ALLUSE~1\APPLIC~1\{5F7EB~1\OFFLINE\2BD1954B\3452ED62\AutoImager.chm. System error 3. Verify that the file exists and that you can access it.
  263. Application [ Error ] 5/9/2011 20:58:43 Computer Name = HOME-D52B701C35 | Source = Application Error | ID = 1000 -> Description = Faulting application mbam.exe, version 1.50.0.0, faulting module mbamcore.dll, version 1.50.0.0, fault address 0x0000de41.
  264. Application [ Error ] 5/9/2011 22:16:33 Computer Name = HOME-D52B701C35 | Source = Application Error | ID = 1000 -> Description = Faulting application mbam.exe, version 1.50.0.0, faulting module mbamcore.dll, version 1.50.0.0, fault address 0x0000de41.
  265. OSession [ Error ] 4/28/2010 19:55:03 Computer Name = HOME-D52B701C35 | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash.
  266. System [ Error ] 1/7/2011 02:54:38 Computer Name = HOME-D52B701C35 | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: TfFsMon TfSysMon
  267. System [ Error ] 1/7/2011 16:29:04 Computer Name = HOME-D52B701C35 | Source = Service Control Manager | ID = 7000 -> Description = The gupdate service failed to start due to the following error: %%2
  268. System [ Error ] 1/7/2011 16:29:04 Computer Name = HOME-D52B701C35 | Source = Service Control Manager | ID = 7000 -> Description = The NetGroup Packet Filter Driver service failed to start due to the following error: %%2
  269. System [ Error ] 1/7/2011 16:29:04 Computer Name = HOME-D52B701C35 | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: TfFsMon TfSysMon
  270. System [ Error ] 1/7/2011 20:47:06 Computer Name = HOME-D52B701C35 | Source = Service Control Manager | ID = 7034 -> Description = The DNS Client service terminated unexpectedly. It has done this 1 time(s).
  271. System [ Error ] 1/7/2011 20:47:25 Computer Name = HOME-D52B701C35 | Source = Service Control Manager | ID = 7034 -> Description = The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).
  272. System [ Error ] 1/7/2011 20:47:25 Computer Name = HOME-D52B701C35 | Source = Service Control Manager | ID = 7031 -> Description = The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
  273. System [ Error ] 1/7/2011 20:47:25 Computer Name = HOME-D52B701C35 | Source = Service Control Manager | ID = 7034 -> Description = The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s).
  274. System [ Error ] 1/7/2011 20:47:38 Computer Name = HOME-D52B701C35 | Source = Service Control Manager | ID = 7031 -> Description = The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
  275. System [ Error ] 1/7/2011 20:49:19 Computer Name = HOME-D52B701C35 | Source = Service Control Manager | ID = 7034 -> Description = The Ralink Registry Writer service terminated unexpectedly. It has done this 1 time(s).
  276.  
  277. [Files/Folders - Created Within 30 Days]
  278. D'Accord Guitar Chord Dictionary 3.0 -> C:\Documents and Settings\All Users\Start Menu\Programs\D'Accord Guitar Chord Dictionary 3.0 -> [2011/05/17 21:18:30 | 000,000,000 | ---D | C]
  279. D'Accord Music Software -> C:\Program Files\D'Accord Music Software -> [2011/05/17 21:18:28 | 000,000,000 | ---D | C]
  280. Recent -> C:\Documents and Settings\Administrator\Recent -> [2011/05/17 20:50:05 | 000,000,000 | RH-D | C]
  281. Malwarebytes -> C:\Documents and Settings\Administrator\Application Data\Malwarebytes -> [2011/05/16 15:16:58 | 000,000,000 | ---D | C]
  282. Malwarebytes' Anti-Malware -> C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware -> [2011/05/16 15:16:53 | 000,000,000 | ---D | C]
  283. mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2011/05/16 15:16:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation)
  284. Malwarebytes' Anti-Malware -> C:\Program Files\Malwarebytes' Anti-Malware -> [2011/05/16 15:16:49 | 000,000,000 | ---D | C]
  285. AllMyMovies -> C:\Documents and Settings\All Users\Application Data\AllMyMovies -> [2011/05/15 12:32:32 | 000,000,000 | ---D | C]
  286. New Folder -> C:\Documents and Settings\Administrator\Desktop\New Folder -> [2011/05/09 00:09:26 | 000,000,000 | ---D | C]
  287. Config.Msi -> C:\Config.Msi -> [2011/05/08 21:56:46 | 000,000,000 | -HSD | C]
  288. DAEMON Tools Lite -> C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite -> [2011/05/08 21:44:40 | 000,000,000 | ---D | C]
  289. TextAloud -> C:\Documents and Settings\All Users\Start Menu\Programs\TextAloud -> [2011/05/08 19:53:37 | 000,000,000 | ---D | C]
  290. TextAloud -> C:\Program Files\TextAloud -> [2011/05/08 19:53:35 | 000,000,000 | ---D | C]
  291. NextUp-ScanSoft -> C:\Program Files\NextUp-ScanSoft -> [2011/05/08 18:31:55 | 000,000,000 | ---D | C]
  292. EurekaLog -> C:\Documents and Settings\Administrator\Application Data\EurekaLog -> [2011/05/08 15:08:26 | 000,000,000 | ---D | C]
  293. NextUp -> C:\Documents and Settings\Administrator\Local Settings\Application Data\NextUp -> [2011/05/08 02:12:28 | 000,000,000 | ---D | C]
  294. Malwarebytes -> C:\Documents and Settings\All Users\Application Data\Malwarebytes -> [2011/05/07 10:30:24 | 000,000,000 | ---D | C]
  295. mp4sds32.ax -> C:\WINDOWS\System32\mp4sds32.ax -> [2011/05/01 21:06:48 | 000,245,760 | ---- | C] (Microsoft Corporation)
  296. MXRestore.exe -> C:\WINDOWS\System32\MXRestore.exe -> [2011/05/01 21:06:23 | 000,430,080 | ---- | C] (MAGIX AG)
  297. DLLRES32.dll -> C:\WINDOWS\System32\DLLRES32.dll -> [2011/05/01 21:06:23 | 000,188,416 | ---- | C] (PoINT Software & Systems GmbH)
  298. DLLTPO32.dll -> C:\WINDOWS\System32\DLLTPO32.dll -> [2011/05/01 21:06:23 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH)
  299. STRING32.dll -> C:\WINDOWS\System32\STRING32.dll -> [2011/05/01 21:06:23 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH)
  300. TTIC32.dll -> C:\WINDOWS\System32\TTIC32.dll -> [2011/05/01 21:06:23 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH)
  301. TTI32.dll -> C:\WINDOWS\System32\TTI32.dll -> [2011/05/01 21:06:23 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH)
  302. DLLDEV32.dll -> C:\WINDOWS\System32\DLLDEV32.dll -> [2011/05/01 21:06:22 | 000,163,840 | ---- | C] (PoINT Software & Systems GmbH)
  303. DLLDRV32.dll -> C:\WINDOWS\System32\DLLDRV32.dll -> [2011/05/01 21:06:22 | 000,151,552 | ---- | C] (PoINT Software & Systems GmbH)
  304. DLLCPY32.dll -> C:\WINDOWS\System32\DLLCPY32.dll -> [2011/05/01 21:06:22 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH)
  305. DLLPTL32.dll -> C:\WINDOWS\System32\DLLPTL32.dll -> [2011/05/01 21:06:22 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH)
  306. DLLCDF32.dll -> C:\WINDOWS\System32\DLLCDF32.dll -> [2011/05/01 21:06:22 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH)
  307. DLLPRJ32.dll -> C:\WINDOWS\System32\DLLPRJ32.dll -> [2011/05/01 21:06:22 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH)
  308. DLLIO32.dll -> C:\WINDOWS\System32\DLLIO32.dll -> [2011/05/01 21:06:22 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH)
  309. DLLPRF32.dll -> C:\WINDOWS\System32\DLLPRF32.dll -> [2011/05/01 21:06:22 | 000,049,152 | ---- | C] (PoINT Software & Systems GmbH)
  310. DLLIMG32.dll -> C:\WINDOWS\System32\DLLIMG32.dll -> [2011/05/01 21:06:22 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH)
  311. DLLRD32.dll -> C:\WINDOWS\System32\DLLRD32.dll -> [2011/05/01 21:06:22 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH)
  312. DLLPNT32.dll -> C:\WINDOWS\System32\DLLPNT32.dll -> [2011/05/01 21:06:22 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH)
  313. DLLMSC32.dll -> C:\WINDOWS\System32\DLLMSC32.dll -> [2011/05/01 21:06:22 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH)
  314. DLLISO32.dll -> C:\WINDOWS\System32\DLLISO32.dll -> [2011/05/01 21:06:22 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH)
  315. DLLDIR32.dll -> C:\WINDOWS\System32\DLLDIR32.dll -> [2011/05/01 21:06:22 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH)
  316. DLLIX.dll -> C:\WINDOWS\System32\DLLIX.dll -> [2011/05/01 21:06:22 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH)
  317. DLLAV32.dll -> C:\WINDOWS\System32\DLLAV32.dll -> [2011/05/01 21:06:21 | 000,487,424 | ---- | C] (PoINT Software & Systems GmbH)
  318. DLLCDA32.dll -> C:\WINDOWS\System32\DLLCDA32.dll -> [2011/05/01 21:06:21 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH)
  319. MAGIX Shared -> C:\Program Files\Common Files\MAGIX Shared -> [2011/05/01 21:06:15 | 000,000,000 | ---D | C]
  320. ROBOEX32.DLL -> C:\WINDOWS\System32\ROBOEX32.DLL -> [2011/05/01 21:05:59 | 001,089,536 | ---- | C] (eHelp Corporation.)
  321. HtmlWH.dll -> C:\WINDOWS\System32\HtmlWH.dll -> [2011/05/01 21:05:59 | 000,085,504 | ---- | C] (Blue Sky Software Corporation.)
  322. INETWH32.dll -> C:\WINDOWS\System32\INETWH32.dll -> [2011/05/01 21:05:59 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.)
  323. mgxoschk.dll -> C:\WINDOWS\System32\mgxoschk.dll -> [2011/05/01 21:05:19 | 000,663,552 | ---- | C] (MAGIX AG)
  324. MAGIX -> C:\WINDOWS\System32\MAGIX -> [2011/05/01 21:05:19 | 000,000,000 | ---D | C]
  325. EuroTalk -> C:\Documents and Settings\Administrator\Application Data\EuroTalk -> [2011/04/30 21:02:23 | 000,000,000 | ---D | C]
  326. EuroTalk Interactive -> C:\Documents and Settings\All Users\Start Menu\Programs\EuroTalk Interactive -> [2011/04/30 21:02:22 | 000,000,000 | ---D | C]
  327. EuroTalk -> C:\Program Files\EuroTalk -> [2011/04/30 21:02:21 | 000,000,000 | ---D | C]
  328. dtsoftbus01.sys -> C:\WINDOWS\System32\drivers\dtsoftbus01.sys -> [2011/04/30 21:00:43 | 000,218,688 | ---- | C] (DT Soft Ltd)
  329. DAEMON Tools Lite -> C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite -> [2011/04/30 21:00:36 | 000,000,000 | ---D | C]
  330. DAEMON Tools Lite -> C:\Program Files\DAEMON Tools Lite -> [2011/04/30 21:00:33 | 000,000,000 | ---D | C]
  331. ftpcache -> C:\WINDOWS\ftpcache -> [2011/04/27 19:02:59 | 000,000,000 | -HSD | C]
  332. DAEMON Tools Lite -> C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite -> [2011/04/27 14:55:36 | 000,000,000 | ---D | C]
  333. Transparent -> C:\Documents and Settings\All Users\Application Data\Transparent -> [2011/04/25 18:50:36 | 000,000,000 | ---D | C]
  334. Transparent Language, Inc -> C:\Documents and Settings\All Users\Start Menu\Programs\Transparent Language, Inc -> [2011/04/25 18:50:35 | 000,000,000 | ---D | C]
  335. Transparent -> C:\Program Files\Transparent -> [2011/04/25 18:50:35 | 000,000,000 | ---D | C]
  336. Platypus -> C:\Documents and Settings\All Users\Start Menu\Programs\Platypus -> [2011/04/23 22:52:01 | 000,000,000 | ---D | C]
  337. Platypus -> C:\Program Files\Platypus -> [2011/04/23 22:51:54 | 000,000,000 | ---D | C]
  338. ReflexiveArcade -> C:\Program Files\ReflexiveArcade -> [2011/04/23 22:51:46 | 000,000,000 | ---D | C]
  339. Google Earth -> C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth -> [2011/04/20 20:02:55 | 000,000,000 | ---D | C]
  340. NSV -> C:\Program Files\Common Files\NSV -> [2011/04/18 19:59:49 | 000,000,000 | ---D | C]
  341.  
  342. [Files/Folders - Modified Within 30 Days]
  343. fidbox.dat -> C:\WINDOWS\System32\drivers\fidbox.dat -> [2011/05/18 16:21:27 | 000,166,688 | -HS- | M] ()
  344. GoogleUpdateTaskUserS-1-5-21-1935655697-813497703-1606980848-500UA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-813497703-1606980848-500UA.job -> [2011/05/18 16:19:00 | 000,001,010 | ---- | M] ()
  345. fidbox.idx -> C:\WINDOWS\System32\drivers\fidbox.idx -> [2011/05/18 16:13:59 | 000,000,032 | -HS- | M] ()
  346. GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2011/05/18 16:10:01 | 000,000,900 | ---- | M] ()
  347. fidbox2.dat -> C:\WINDOWS\System32\drivers\fidbox2.dat -> [2011/05/18 16:09:45 | 003,436,576 | -HS- | M] ()
  348. NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2011/05/18 16:07:31 | 000,000,116 | ---- | M] ()
  349. Scheduled Update for Ask Toolbar.job -> C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job -> [2011/05/18 16:01:00 | 000,000,250 | ---- | M] ()
  350. GoogleUpdateTaskUserS-1-5-21-1935655697-813497703-1606980848-500Core.job -> C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-813497703-1606980848-500Core.job -> [2011/05/17 23:19:00 | 000,000,958 | ---- | M] ()
  351. Guitar Chord Dictionary 3.0.lnk -> C:\Documents and Settings\Administrator\Desktop\Guitar Chord Dictionary 3.0.lnk -> [2011/05/17 22:11:24 | 000,001,171 | ---- | M] ()
  352. GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2011/05/17 21:10:01 | 000,000,896 | ---- | M] ()
  353. perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2011/05/17 14:32:49 | 000,441,260 | ---- | M] ()
  354. perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2011/05/17 14:32:49 | 000,071,196 | ---- | M] ()
  355. bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011/05/17 14:27:46 | 000,002,048 | --S- | M] ()
  356. hiberfil.sys -> C:\hiberfil.sys -> [2011/05/17 14:27:39 | 536,449,024 | -HS- | M] ()
  357. fidbox2.idx -> C:\WINDOWS\System32\drivers\fidbox2.idx -> [2011/05/17 00:12:41 | 000,328,016 | -HS- | M] ()
  358. DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/05/16 18:41:32 | 000,014,848 | ---- | M] ()
  359. Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2011/05/16 15:16:53 | 000,000,696 | ---- | M] ()
  360. An Atlas of Erectile Dysfunction, Second Edition.pdf -> C:\Documents and Settings\Administrator\Desktop\An Atlas of Erectile Dysfunction, Second Edition.pdf -> [2011/05/13 20:37:51 | 005,833,503 | ---- | M] ()
  361. wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011/05/13 15:01:29 | 000,002,206 | ---- | M] ()
  362. Splinting for Radial Nerve Palsy.pdf -> C:\Documents and Settings\Administrator\Desktop\Splinting for Radial Nerve Palsy.pdf -> [2011/05/10 02:14:29 | 000,133,177 | ---- | M] ()
  363. Exercise therapy with the PNF concept.pdf -> C:\Documents and Settings\Administrator\Desktop\Exercise therapy with the PNF concept.pdf -> [2011/05/10 01:26:32 | 000,300,897 | ---- | M] ()
  364. FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2011/05/09 14:22:50 | 000,270,984 | ---- | M] ()
  365. TextAloud.lnk -> C:\Documents and Settings\Administrator\Desktop\TextAloud.lnk -> [2011/05/08 19:53:37 | 000,001,407 | ---- | M] ()
  366. Skype.lnk -> C:\Documents and Settings\All Users\Desktop\Skype.lnk -> [2011/05/06 21:12:27 | 000,002,265 | ---- | M] ()
  367. wttbb.sys -> C:\WINDOWS\System32\drivers\wttbb.sys -> [2011/05/05 23:44:33 | 000,054,016 | ---- | M] ()
  368. mgxoschk.ini -> C:\WINDOWS\mgxoschk.ini -> [2011/05/01 21:06:58 | 000,005,817 | ---- | M] ()
  369. boot.ini -> C:\boot.ini -> [2011/04/30 23:16:43 | 000,000,211 | -HS- | M] ()
  370. Talk Now Plus!.lnk -> C:\Documents and Settings\All Users\Desktop\Talk Now Plus!.lnk -> [2011/04/30 21:02:22 | 000,001,661 | ---- | M] ()
  371. dtsoftbus01.sys -> C:\WINDOWS\System32\drivers\dtsoftbus01.sys -> [2011/04/30 21:00:43 | 000,218,688 | ---- | M] (DT Soft Ltd)
  372. Byki 4 Express.lnk -> C:\Documents and Settings\All Users\Desktop\Byki 4 Express.lnk -> [2011/04/25 18:50:39 | 000,001,800 | ---- | M] ()
  373. VGANGMJYMWSN.SYS -> C:\WINDOWS\System32\VGANGMJYMWSN.SYS -> [2011/04/24 15:28:50 | 000,000,010 | ---- | M] ()
  374. Platypus.lnk -> C:\Documents and Settings\Administrator\Desktop\Platypus.lnk -> [2011/04/23 22:52:01 | 000,001,371 | ---- | M] ()
  375. BASSMOD.dll -> C:\WINDOWS\System32\BASSMOD.dll -> [2011/04/23 18:18:04 | 000,034,308 | ---- | M] ()
  376. ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2011/04/22 23:25:35 | 000,000,028 | ---- | M] ()
  377.  
  378. [Files - No Company Name]
  379. Guitar Chord Dictionary 3.0.lnk -> C:\Documents and Settings\Administrator\Desktop\Guitar Chord Dictionary 3.0.lnk -> [2011/05/17 22:11:24 | 000,001,171 | ---- | C] ()
  380. Malwarebytes' Anti-Malware.lnk -> C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk -> [2011/05/16 15:16:53 | 000,000,696 | ---- | C] ()
  381. An Atlas of Erectile Dysfunction, Second Edition.pdf -> C:\Documents and Settings\Administrator\Desktop\An Atlas of Erectile Dysfunction, Second Edition.pdf -> [2011/05/13 20:37:51 | 005,833,503 | ---- | C] ()
  382. Splinting for Radial Nerve Palsy.pdf -> C:\Documents and Settings\Administrator\Desktop\Splinting for Radial Nerve Palsy.pdf -> [2011/05/10 02:14:34 | 000,133,177 | ---- | C] ()
  383. Exercise therapy with the PNF concept.pdf -> C:\Documents and Settings\Administrator\Desktop\Exercise therapy with the PNF concept.pdf -> [2011/05/10 01:26:54 | 000,300,897 | ---- | C] ()
  384. TextAloud.lnk -> C:\Documents and Settings\Administrator\Desktop\TextAloud.lnk -> [2011/05/08 19:53:37 | 000,001,407 | ---- | C] ()
  385. wttbb.sys -> C:\WINDOWS\System32\drivers\wttbb.sys -> [2011/05/05 23:44:33 | 000,054,016 | ---- | C] ()
  386. DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/05/02 01:12:36 | 000,014,848 | ---- | C] ()
  387. DLLAV32.lib -> C:\WINDOWS\System32\DLLAV32.lib -> [2011/05/01 21:06:21 | 000,014,182 | ---- | C] ()
  388. mgxoschk.ini -> C:\WINDOWS\mgxoschk.ini -> [2011/05/01 21:05:19 | 000,005,817 | ---- | C] ()
  389. unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2011/05/01 15:39:24 | 000,175,616 | ---- | C] ()
  390. Talk Now Plus!.lnk -> C:\Documents and Settings\All Users\Desktop\Talk Now Plus!.lnk -> [2011/04/30 21:02:22 | 000,001,661 | ---- | C] ()
  391. Byki 4 Express.lnk -> C:\Documents and Settings\All Users\Desktop\Byki 4 Express.lnk -> [2011/04/25 18:50:39 | 000,001,800 | ---- | C] ()
  392. Platypus.lnk -> C:\Documents and Settings\Administrator\Desktop\Platypus.lnk -> [2011/04/23 22:52:01 | 000,001,371 | ---- | C] ()
  393. GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2011/04/20 20:00:44 | 000,000,900 | ---- | C] ()
  394. GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2011/04/20 20:00:43 | 000,000,896 | ---- | C] ()
  395. ezsidmv.dat -> C:\WINDOWS\System32\ezsidmv.dat -> [2010/10/17 03:58:11 | 000,000,056 | -H-- | C] ()
  396. AegisI5.exe -> C:\WINDOWS\System32\AegisI5.exe -> [2010/10/10 23:08:18 | 000,311,296 | ---- | C] ()
  397. Install6x.dll -> C:\WINDOWS\System32\Install6x.dll -> [2010/10/10 23:08:18 | 000,081,920 | ---- | C] ()
  398. RT2661.bin -> C:\WINDOWS\System32\drivers\RT2661.bin -> [2010/10/10 23:08:18 | 000,008,192 | ---- | C] ()
  399. RT2561s.bin -> C:\WINDOWS\System32\drivers\RT2561s.bin -> [2010/10/10 23:08:18 | 000,008,192 | ---- | C] ()
  400. RT2561.bin -> C:\WINDOWS\System32\drivers\RT2561.bin -> [2010/10/10 23:08:18 | 000,008,192 | ---- | C] ()
  401. rmc_rtspdl.dll -> C:\WINDOWS\System32\rmc_rtspdl.dll -> [2010/09/26 02:27:13 | 000,237,568 | ---- | C] ()
  402. BSL.INI -> C:\WINDOWS\BSL.INI -> [2010/09/25 17:39:43 | 000,000,029 | ---- | C] ()
  403. BASSMOD.dll -> C:\WINDOWS\System32\BASSMOD.dll -> [2010/09/23 18:50:24 | 000,034,308 | ---- | C] ()
  404. impborl.dll -> C:\WINDOWS\impborl.dll -> [2010/08/31 11:17:30 | 000,012,288 | ---- | C] ()
  405. pdfpage.INI -> C:\WINDOWS\pdfpage.INI -> [2010/06/02 20:52:12 | 000,000,344 | ---- | C] ()
  406. pdfpg.dat -> C:\WINDOWS\System32\pdfpg.dat -> [2010/06/02 20:52:03 | 000,001,024 | ---- | C] ()
  407. ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2010/04/03 03:51:49 | 000,000,028 | ---- | C] ()
  408. apset.ini -> C:\WINDOWS\System32\apset.ini -> [2010/04/03 02:00:36 | 000,000,272 | ---- | C] ()
  409. pdfmonnt.dll -> C:\WINDOWS\System32\pdfmonnt.dll -> [2010/01/27 17:02:24 | 000,116,224 | ---- | C] ()
  410. pdf2word.INI -> C:\WINDOWS\pdf2word.INI -> [2010/01/27 17:01:45 | 000,000,348 | ---- | C] ()
  411. VGANGMJYMWSN.SYS -> C:\WINDOWS\System32\VGANGMJYMWSN.SYS -> [2009/12/31 00:37:44 | 000,000,010 | ---- | C] ()
  412. NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2009/12/29 23:06:00 | 000,000,116 | ---- | C] ()
  413. FontCache3.0.0.0.dat -> C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat -> [2009/12/27 04:42:23 | 000,064,200 | ---- | C] ()
  414. ati2sgag.exe -> C:\WINDOWS\System32\ati2sgag.exe -> [2009/12/27 02:33:47 | 000,520,192 | ---- | C] ()
  415. WININIT.INI -> C:\WINDOWS\WININIT.INI -> [2009/12/27 02:23:45 | 000,000,010 | ---- | C] ()
  416. klin.dat -> C:\WINDOWS\System32\drivers\klin.dat -> [2009/12/26 22:31:20 | 000,115,267 | ---- | C] ()
  417. klick.dat -> C:\WINDOWS\System32\drivers\klick.dat -> [2009/12/26 22:31:20 | 000,097,859 | ---- | C] ()
  418. fidbox2.dat -> C:\WINDOWS\System32\drivers\fidbox2.dat -> [2009/12/26 22:30:48 | 003,436,576 | -HS- | C] ()
  419. fidbox.dat -> C:\WINDOWS\System32\drivers\fidbox.dat -> [2009/12/26 22:30:48 | 000,159,520 | -HS- | C] ()
  420. hpdj3740.ini -> C:\WINDOWS\hpdj3740.ini -> [2009/12/26 21:42:59 | 000,000,266 | ---- | C] ()
  421. ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2009/12/26 16:44:47 | 000,004,161 | ---- | C] ()
  422. FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2009/12/26 16:42:47 | 000,270,984 | ---- | C] ()
  423. nsreg.dat -> C:\WINDOWS\nsreg.dat -> [2009/12/26 16:41:44 | 000,000,000 | ---- | C] ()
  424. msssc.dll -> C:\WINDOWS\System32\msssc.dll -> [2009/12/26 16:28:30 | 000,000,044 | ---- | C] ()
  425. Ascd_tmp.ini -> C:\WINDOWS\Ascd_tmp.ini -> [2009/12/26 16:25:45 | 000,003,471 | ---- | C] ()
  426. ASUSHWIO.SYS -> C:\WINDOWS\System32\drivers\ASUSHWIO.SYS -> [2009/12/26 16:25:43 | 000,005,824 | ---- | C] ()
  427. bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2009/12/26 16:11:00 | 000,002,048 | --S- | C] ()
  428. emptyregdb.dat -> C:\WINDOWS\System32\emptyregdb.dat -> [2009/12/26 15:58:07 | 000,021,640 | ---- | C] ()
  429. secupd.dat -> C:\WINDOWS\System32\secupd.dat -> [2009/04/19 01:41:06 | 000,004,569 | ---- | C] ()
  430. oembios.bin -> C:\WINDOWS\System32\oembios.bin -> [2008/04/14 17:00:00 | 013,107,200 | ---- | C] ()
  431. mlang.dat -> C:\WINDOWS\System32\mlang.dat -> [2008/04/14 17:00:00 | 000,673,088 | ---- | C] ()
  432. perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2008/04/14 17:00:00 | 000,441,260 | ---- | C] ()
  433. perfi009.dat -> C:\WINDOWS\System32\perfi009.dat -> [2008/04/14 17:00:00 | 000,272,128 | ---- | C] ()
  434. dssec.dat -> C:\WINDOWS\System32\dssec.dat -> [2008/04/14 17:00:00 | 000,218,003 | ---- | C] ()
  435. perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2008/04/14 17:00:00 | 000,071,196 | ---- | C] ()
  436. mib.bin -> C:\WINDOWS\System32\mib.bin -> [2008/04/14 17:00:00 | 000,046,258 | ---- | C] ()
  437. perfd009.dat -> C:\WINDOWS\System32\perfd009.dat -> [2008/04/14 17:00:00 | 000,028,626 | ---- | C] ()
  438. oembios.dat -> C:\WINDOWS\System32\oembios.dat -> [2008/04/14 17:00:00 | 000,004,463 | ---- | C] ()
  439. Dcache.bin -> C:\WINDOWS\System32\Dcache.bin -> [2008/04/14 17:00:00 | 000,001,804 | ---- | C] ()
  440. noise.dat -> C:\WINDOWS\System32\noise.dat -> [2008/04/14 17:00:00 | 000,000,741 | ---- | C] ()
  441. klopp.dat -> C:\WINDOWS\System32\drivers\klopp.dat -> [2008/02/08 19:35:42 | 000,023,604 | ---- | C] ()
  442. atiicdxx.dat -> C:\WINDOWS\System32\atiicdxx.dat -> [2006/04/28 22:05:14 | 000,127,614 | ---- | C] ()
  443.  
  444. [File - Lop Check]
  445. DAEMON Tools Lite -> C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite -> [2011/04/27 14:57:11 | 000,000,000 | ---D | M]
  446. EurekaLog -> C:\Documents and Settings\Administrator\Application Data\EurekaLog -> [2011/05/08 15:08:26 | 000,000,000 | ---D | M]
  447. EuroTalk -> C:\Documents and Settings\Administrator\Application Data\EuroTalk -> [2011/04/30 21:02:23 | 000,000,000 | ---D | M]
  448. Obsidium -> C:\Documents and Settings\Administrator\Application Data\Obsidium -> [2011/04/06 19:14:47 | 000,000,000 | ---D | M]
  449. Thinstall -> C:\Documents and Settings\Administrator\Application Data\Thinstall -> [2011/04/01 21:53:16 | 000,000,000 | ---D | M]
  450. UnH Solutions -> C:\Documents and Settings\Administrator\Application Data\UnH Solutions -> [2009/12/26 23:01:01 | 000,000,000 | ---D | M]
  451. URSoft -> C:\Documents and Settings\Administrator\Application Data\URSoft -> [2009/12/26 23:47:44 | 000,000,000 | ---D | M]
  452. uTorrent -> C:\Documents and Settings\Administrator\Application Data\uTorrent -> [2011/05/18 04:40:45 | 000,000,000 | ---D | M]
  453. Windows Desktop Search -> C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search -> [2009/12/26 16:13:49 | 000,000,000 | ---D | M]
  454. Ad Muncher -> C:\Documents and Settings\All Users\Application Data\Ad Muncher -> [2011/02/02 00:24:42 | 000,000,000 | ---D | M]
  455. AllMyMovies -> C:\Documents and Settings\All Users\Application Data\AllMyMovies -> [2011/05/15 12:32:32 | 000,000,000 | ---D | M]
  456. DAEMON Tools Lite -> C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite -> [2011/05/08 21:44:40 | 000,000,000 | ---D | M]
  457. IM -> C:\Documents and Settings\All Users\Application Data\IM -> [2009/12/26 22:05:58 | 000,000,000 | ---D | M]
  458. IncrediMail -> C:\Documents and Settings\All Users\Application Data\IncrediMail -> [2009/12/26 22:05:07 | 000,000,000 | ---D | M]
  459. Screentime -> C:\Documents and Settings\All Users\Application Data\Screentime -> [2010/04/14 03:23:25 | 000,000,000 | ---D | M]
  460. TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2011/05/15 23:32:01 | 000,000,000 | ---D | M]
  461. Transparent -> C:\Documents and Settings\All Users\Application Data\Transparent -> [2011/04/25 18:50:36 | 000,000,000 | ---D | M]
  462. Scheduled Update for Ask Toolbar.job -> C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job -> [2011/05/18 16:01:00 | 000,000,250 | ---- | M] ()
  463. [Custom Scans]
  464. < netsvcs >
  465. < %SYSTEMDRIVE%\*.exe >
  466. < MD5 Scans Start>
  467. < %systemdrive%\EXPLORER.EXE /md5 /s >
  468. explorer.exe : MD5=2BB75B7F548D82A099125D0C5971DE7D -> C:\WINDOWS\explorer.exe -> [2008/07/03 16:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation)
  469. explorer.exe : MD5=2BB75B7F548D82A099125D0C5971DE7D -> C:\WINDOWS\system32\dllcache\explorer.exe -> [2008/07/03 16:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation)
  470. < %systemdrive%\SVCHOST.EXE /md5 /s >
  471. svchost.exe : MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -> C:\WINDOWS\system32\dllcache\svchost.exe -> [2008/04/14 17:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation)
  472. svchost.exe : MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -> C:\WINDOWS\system32\svchost.exe -> [2008/04/14 17:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation)
  473. < %systemdrive%\USERINIT.EXE /md5 /s >
  474. userinit.exe : MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -> C:\WINDOWS\system32\dllcache\userinit.exe -> [2008/04/14 17:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation)
  475. userinit.exe : MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -> C:\WINDOWS\system32\userinit.exe -> [2008/04/14 17:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation)
  476. < %systemdrive%\WINLOGON.EXE /md5 /s >
  477. winlogon.exe : MD5=5DFCBA4E70DA51CF67022F7C207FEAA8 -> C:\WINDOWS\system32\dllcache\winlogon.exe -> [2009/01/07 18:00:58 | 000,509,440 | ---- | M] (Microsoft Corporation)
  478. winlogon.exe : MD5=5DFCBA4E70DA51CF67022F7C207FEAA8 -> C:\WINDOWS\system32\winlogon.exe -> [2009/01/07 18:00:58 | 000,509,440 | ---- | M] (Microsoft Corporation)
  479. < MD5 Scans End>
  480. < %systemroot%\*. /mp /s >
  481. < hklm\software\clients\startmenuinternet|command /rs >
  482. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command -> ->
  483. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\ -> C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE"] -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  484. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo -> ->
  485. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand -> C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS] -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  486. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand -> C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS] -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  487. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand -> C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER] -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  488. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command -> ->
  489. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\ -> C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE"] -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  490. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo -> ->
  491. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL] -> [2010/02/24 11:54:25 | 000,173,056 | ---- | M] (Microsoft Corporation)
  492. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE] -> [2010/02/24 11:54:25 | 000,173,056 | ---- | M] (Microsoft Corporation)
  493. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW] -> [2010/02/24 11:54:25 | 000,173,056 | ---- | M] (Microsoft Corporation)
  494. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command -> ->
  495. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\ -> C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE ["C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF] -> [2009/03/08 18:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
  496. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command -> ->
  497. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\ -> C:\Program Files\Internet Explorer\iexplore.exe [C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE] -> [2009/03/08 18:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
  498. < hklm\software\clients\startmenuinternet|command /64 /rs >
  499. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command -> ->
  500. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\ -> C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE"] -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  501. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo -> ->
  502. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand -> C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS] -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  503. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand -> C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS] -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  504. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand -> C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER] -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  505. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command -> ->
  506. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\ -> C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE ["C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE"] -> [2011/04/28 12:15:17 | 001,010,232 | ---- | M] (Google Inc.)
  507. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo -> ->
  508. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL] -> [2010/02/24 11:54:25 | 000,173,056 | ---- | M] (Microsoft Corporation)
  509. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE] -> [2010/02/24 11:54:25 | 000,173,056 | ---- | M] (Microsoft Corporation)
  510. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand -> C:\WINDOWS\System32\IE4UINIT.EXE ["C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW] -> [2010/02/24 11:54:25 | 000,173,056 | ---- | M] (Microsoft Corporation)
  511. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command -> ->
  512. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\ -> C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE ["C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF] -> [2009/03/08 18:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
  513. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command -> ->
  514. HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\ -> C:\Program Files\Internet Explorer\iexplore.exe [C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE] -> [2009/03/08 18:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
  515. Restore point Set: OTS Restore Point (0)
  516.  
  517. [Alternate Data Streams]
  518. @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
  519. @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
  520. @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5D96771C
  521. @Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:21F11E8D
  522. @Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B7177954
  523. @Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51
  524. < End of report >
  525. [/code]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!