Advertisement
Guest User

otslog

a guest
Mar 31st, 2011
222
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 60.92 KB | None | 0 0
  1. [code]
  2. OTS logfile created on: 3/31/2011 5:33:50 PM - Run 1
  3. OTS by OldTimer - Version 3.1.42.0 Folder = C:\Users\SeeD419\Desktop
  4. 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
  5. Internet Explorer (Version = 8.0.6001.19019)
  6. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  7.  
  8. 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 75.00% Memory free
  9. 8.00 Gb Paging File | 7.00 Gb Available in Paging File | 87.00% Paging File free
  10. Paging file location(s): ?:\pagefile.sys [binary data]
  11.  
  12. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  13. Drive C: | 69.25 Gb Total Space | 29.75 Gb Free Space | 42.96% Space Free | Partition Type: NTFS
  14. Drive D: | 74.53 Gb Total Space | 11.39 Gb Free Space | 15.28% Space Free | Partition Type: NTFS
  15. E: Drive not present or media not loaded
  16. F: Drive not present or media not loaded
  17. G: Drive not present or media not loaded
  18. H: Drive not present or media not loaded
  19. I: Drive not present or media not loaded
  20.  
  21. Computer Name: SEED419-PC
  22. Current User Name: SeeD419
  23. Logged in as Administrator.
  24.  
  25. Current Boot Mode: Normal
  26. Scan Mode: All users
  27. Include 64bit Scans
  28. Company Name Whitelist: Off
  29. Skip Microsoft Files: Off
  30. File Age = 30 Days
  31.  
  32. [Processes - Safe List]
  33. ots.exe -> C:\Users\SeeD419\Desktop\OTS.exe -> [2011/03/31 17:32:15 | 000,645,632 | ---- | M] (OldTimer Tools)
  34. avastui.exe -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe -> [2011/02/23 09:04:20 | 003,451,496 | ---- | M] (AVAST Software)
  35. avastsvc.exe -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2011/02/23 09:04:19 | 000,042,184 | ---- | M] (AVAST Software)
  36.  
  37. [Modules - Safe List]
  38. ots.exe -> C:\Users\SeeD419\Desktop\OTS.exe -> [2011/03/31 17:32:15 | 000,645,632 | ---- | M] (OldTimer Tools)
  39. snxhk.dll -> C:\Program Files\Alwil Software\Avast5\snxhk.dll -> [2011/02/23 09:04:17 | 000,197,208 | ---- | M] (AVAST Software)
  40. comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll -> [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation)
  41.  
  42. [Win32 Services - Safe List]
  43. 64bit-(avast! Antivirus) [Auto | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2011/02/23 09:04:19 | 000,042,184 | ---- | M] (AVAST Software)
  44. 64bit-(WinDefend) [Disabled | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation)
  45. (FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2011/02/21 20:38:55 | 000,655,624 | ---- | M] (Acresso Software Inc.)
  46. (Futuremark SystemInfo Service) Futuremark SystemInfo Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -> [2010/11/11 15:39:34 | 000,128,928 | ---- | M] (Futuremark Corporation)
  47. (clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
  48. (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/04/11 11:23:49 | 000,066,368 | ---- | M] (Microsoft Corporation)
  49.  
  50. [Driver Services - Safe List]
  51. 64bit-(aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\aswMonFlt.sys -> [2011/02/23 08:55:05 | 000,064,344 | ---- | M] (AVAST Software)
  52. 64bit-(RAMDiskVE) RAMDiskVE [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\RAMDiskVE.sys -> [2010/11/21 10:45:36 | 000,063,696 | ---- | M] ()
  53. 64bit-(L1C) NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\L1C60x64.sys -> [2010/06/24 21:33:58 | 000,075,888 | ---- | M] (Atheros Communications, Inc.)
  54. 64bit-(VIAHdAudAddService) VIA High Definition Audio Driver Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\viahduaa.sys -> [2010/04/24 03:41:52 | 001,320,048 | ---- | M] (VIA Technologies, Inc.)
  55. 64bit-(AE1000) Linksys AE1000 Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\ae1000va.sys -> [2010/03/23 01:53:01 | 001,020,192 | ---- | M] (Ralink Technology Corp.)
  56. 64bit-(rtl819xpn64) Realtek RTL8190\RTL8192E 802.11n Wireless LAN (Mini-)PCI NIC NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\rtl819xp.sys -> [2010/01/30 04:33:44 | 000,580,128 | ---- | M] (Realtek Semiconductor Corporation )
  57. 64bit-(WpdUsb) WpdUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\wpdusb.sys -> [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation)
  58. 64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -> [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.)
  59. 64bit-(ATITool) ATITool Overclocking Utility [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\ATITool64.sys -> [2006/11/10 08:08:58 | 000,030,720 | ---- | M] ()
  60. 64bit-(DELL_A02) Dell TrueMobile 1300 USB2.0 WLAN Card Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\PRISMA02.sys -> [2006/10/26 13:22:00 | 000,460,384 | ---- | M] (Conexant Systems, Inc.)
  61. 64bit-(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\Rtlh64.sys -> [2006/10/02 21:13:44 | 000,051,200 | ---- | M] (Realtek Corporation)
  62. 64bit-(Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\SysNative\Wbem\ntfs.mof -> [2006/09/18 16:36:24 | 000,000,308 | ---- | M] ()
  63. (etdrv) etdrv [Kernel | On_Demand | Stopped] -> C:\Windows\etdrv.sys -> [2011/01/27 07:42:41 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider)
  64. (GVTDrv64) GVTDrv64 [Kernel | On_Demand | Stopped] -> C:\Windows\GVTDrv64.sys -> [2011/01/27 07:42:34 | 000,030,528 | ---- | M] ()
  65. (gdrv) gdrv [Kernel | On_Demand | Stopped] -> C:\Windows\gdrv.sys -> [2011/01/27 07:42:24 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider)
  66. (speedfan) speedfan [Kernel | Boot | Running] -> C:\Windows\SysWOW64\speedfan.sys -> [2007/02/07 13:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider)
  67.  
  68. [Registry - Safe List]
  69. < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
  70. < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
  71. HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
  72. < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
  73. HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
  74. < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
  75. HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
  76. < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
  77. < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
  78. < Internet Explorer Settings [HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\] > -> ->
  79. HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: Main\\"Start Page" -> http://www.newgrounds.com/ ->
  80. HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: Main\\"Start Page Redirect Cache" -> http://www.msn.com/ ->
  81. HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-us ->
  82. HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 0F FA 23 7D 36 98 CB 01 [binary data] ->
  83. HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: Main\\"StartPageCache" -> 1 ->
  84. HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: "ProxyEnable" -> 0 ->
  85. HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: "ProxyOverride" -> *.local ->
  86. < FireFox Settings [Prefs.js] > -> C:\Users\SeeD419\AppData\Roaming\Mozilla\FireFox\Profiles\sj7hknl9.default\prefs.js ->
  87. browser.startup.homepage -> "chrome://speeddial/content/speeddial.xul" ->
  88. < FireFox Settings [User.js] > -> C:\Users\SeeD419\AppData\Roaming\Mozilla\FireFox\Profiles\sj7hknl9.default\user.js ->
  89. < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
  90. HKLM\software\mozilla\Firefox\Extensions -> ->
  91. HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO] -> [2011/02/22 13:15:29 | 000,000,000 | ---D | M]
  92. HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA] -> [2011/02/22 13:15:30 | 000,000,000 | ---D | M]
  93. HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com -> C:\Program Files\Alwil Software\Avast5\WebRep\FF [C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF] -> [2011/03/31 02:04:58 | 000,000,000 | ---D | M]
  94. HKLM\software\mozilla\Thunderbird\Extensions -> ->
  95. HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com -> C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD ->
  96. < FireFox Extensions [User Folders] > ->
  97. -> C:\Users\SeeD419\AppData\Roaming\Mozilla\Extensions -> [2010/12/11 01:41:21 | 000,000,000 | ---D | M]
  98. -> C:\Users\SeeD419\AppData\Roaming\Mozilla\Firefox\Profiles\sj7hknl9.default\extensions -> [2010/12/11 01:49:19 | 000,000,000 | ---D | M]
  99. < HOSTS File > ([2011/02/03 00:00:42 | 000,000,819 | ---- | M] - 22 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
  100. Reset Hosts
  101. 127.0.0.1 localhost
  102. ::1 localhost
  103. 127.0.0.1 activate.adobe.com
  104. 127.0.0.1 localhost
  105. < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
  106. {326E768D-4182-46FD-9C16-1449A49795F4} [HKLM] -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [DivX Plus Web Player HTML5 <video>] -> [2011/02/07 19:17:52 | 003,118,976 | ---- | M] (DivX, LLC)
  107. {593DDEC6-7468-4cdd-90E1-42DADAA222E9} [HKLM] -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [DivX HiQ] -> [2011/02/07 19:17:52 | 003,118,976 | ---- | M] (DivX, LLC)
  108. {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [avast! WebRep] -> [2011/02/23 09:04:16 | 000,814,160 | ---- | M] ()
  109. < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
  110. "{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" [HKLM] -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [avast! WebRep] -> [2011/02/23 09:04:16 | 000,814,160 | ---- | M] ()
  111. < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
  112. "NvCplDaemon" -> C:\Windows\SysNative\NvCpl.dll [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2010/07/09 17:17:18 | 015,314,024 | ---- | M] (NVIDIA Corporation)
  113. < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
  114. "avast5" -> C:\Program Files\Alwil Software\Avast5\avastUI.exe ["C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui] -> [2011/02/23 09:04:20 | 003,451,496 | ---- | M] (AVAST Software)
  115. < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
  116. "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 11:22:10 | 001,233,920 | ---- | M] (Microsoft Corporation)
  117. "WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 11:22:14 | 002,153,472 | ---- | M] (Microsoft Corporation)
  118. < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
  119. "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 11:22:10 | 001,233,920 | ---- | M] (Microsoft Corporation)
  120. "WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 11:22:14 | 002,153,472 | ---- | M] (Microsoft Corporation)
  121. < Run [HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\] > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
  122. "AdobeBridge" -> [] -> File not found
  123. "Prime95" -> C:\Users\SeeD419\Desktop\shit to organize\Prime95\prime95.exe [C:\Users\SeeD419\Desktop\shit to organize\Prime95\prime95.exe] -> [2009/07/13 06:04:16 | 005,173,760 | ---- | M] ()
  124. "WMPNSCFG" -> [C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe] -> File not found
  125. < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
  126. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
  127. \\"NoActiveDesktop" -> [1] -> File not found
  128. \\"NoActiveDesktopChanges" -> [1] -> File not found
  129. < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
  130. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
  131. \\"SoftwareSASGeneration" -> [1] -> File not found
  132. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
  133. < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000] > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
  134. HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
  135. \\"NoSMHelp" -> [1] -> File not found
  136. < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
  137. "" -> http://
  138. < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
  139. "" -> http://
  140. < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
  141. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
  142. < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
  143. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
  144. < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
  145. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
  146. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
  147. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
  148. < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
  149. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
  150. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
  151. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
  152. < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
  153. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
  154. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
  155. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
  156. < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
  157. HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
  158. < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
  159. HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
  160. < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
  161. HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
  162. < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
  163. HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
  164. < Trusted Sites Domains [HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\] > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
  165. HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
  166. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\] > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
  167. HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
  168. < 64bit-Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
  169. {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] ->
  170. {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] ->
  171. {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] ->
  172. < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
  173. {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
  174. {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
  175. {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
  176. < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
  177. DhcpNameServer -> 68.105.28.16 68.105.29.16 192.168.1.1 ->
  178. < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
  179. {1FA2CF30-FA29-442A-9F50-25B42BC0A969}\\DhcpNameServer -> 68.105.28.16 68.105.29.16 192.168.1.1 (Linksys AE1000) ->
  180. {4197BD54-0B54-423E-828F-5586DB0951FE}\\DhcpNameServer -> 68.105.28.12 68.105.29.12 68.105.28.11 (Linksys AE1000) ->
  181. {68231ED8-B64C-41C1-BD0A-6D8303E58D7F}\\DhcpNameServer -> 68.105.28.16 68.105.29.16 192.168.1.1 (Linksys AE1000) ->
  182. {864DC3DA-49A1-48A4-BCBE-B3E281A2FD52}\\DhcpNameServer -> 68.105.28.16 68.105.29.16 192.168.1.1 (Realtek RTL8190 802.11n Wireless LAN (Mini-)PCI NIC) ->
  183. {AFD4312D-0C00-41EA-BFF1-64B177BEAC9F}\\DhcpNameServer -> 68.105.28.12 68.105.29.12 68.105.28.11 (Linksys AE1000) ->
  184. < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
  185. 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
  186. explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
  187. *MultiFile Done* -> ->
  188. < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
  189. *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
  190. explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/04/11 11:23:09 | 002,926,592 | ---- | M] (Microsoft Corporation)
  191. *MultiFile Done* -> ->
  192. < Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications ->
  193. < Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications ->
  194. < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
  195. {172A78C3-BAF9-4A75-9DBD-AC178FE1EBBA} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss |
  196. {319B2B3B-ACF2-4FE5-9DF0-4C9D14E41FD0} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |
  197. {3AB48163-88E5-489C-AA53-6139B1A12C4F} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system |
  198. {52F5992B-CF7A-4DA4-A342-383722F5D053} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system |
  199. {53CFAC6A-5339-4193-B387-59AF47F7135F} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system |
  200. {68483320-9878-4CFC-A55C-6AD374347E80} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system |
  201. {96FBB42A-1850-411D-9954-C2ED4E36F5C9} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system |
  202. {AD3C0F33-F284-44DA-B563-B298834BB602} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system |
  203. {B2154A5E-4B88-49A5-80BF-3FA1ACE7C671} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system |
  204. {CCA012FA-7FFE-4E92-86C0-9FC5F10EB34F} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system |
  205. < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
  206. {0879A018-B296-4D09-81C7-E3F6ECB8A177} -> profile=public | protocol=6 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe |
  207. {0BA08240-A7F5-4FE0-8E33-489DB90C1BCC} -> profile=private | protocol=6 | dir=in | action=allow | name=bonjour service | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
  208. {165C854F-A890-49E8-8CE7-A879BD0FDE13} -> profile=public | protocol=6 | dir=in | action=allow | name=tightvnc viewer | app=c:\program files (x86)\tightvnc\vncviewer.exe |
  209. {19975AD6-BE62-47BA-B8E8-79AC06B94C9E} -> profile=public | protocol=17 | dir=in | action=allow | name=ventrilo.exe | app=c:\program files\ventrilo\ventrilo.exe |
  210. {1FDC70A7-1A5C-449A-86E6-4ACB679FA5E3} -> profile=public | protocol=17 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
  211. {26EB85F9-B23A-4742-AAA0-C9719FA81614} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 |
  212. {2D4FC4BD-8816-41E2-9962-AD8400A40380} -> profile=public | protocol=6 | dir=in | action=allow | name=bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
  213. {3A216A41-BE2E-417E-BB01-6FAD48E2324C} -> protocol=17 | dir=in | action=allow | name=bittorrent (udp-in) | app=c:\program files (x86)\bittorrent\bittorrent.exe |
  214. {6884ED8F-1076-47E8-8ABF-DEEA0848D1D8} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 |
  215. {6D1B8419-B056-4F40-A655-1752C01F1107} -> profile=public | protocol=6 | dir=in | action=allow | name=aim | app=c:\program files (x86)\aim\aim.exe |
  216. {6E088D12-E58D-4540-901E-83C1978FC0AE} -> profile=public | protocol=17 | dir=in | action=allow | name=bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
  217. {6F7DD675-72EE-4DBD-A6D3-3E6BA5058A3B} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 |
  218. {7D910571-09B9-4017-910E-C9BC2767B5F4} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 |
  219. {8029F61F-84A9-496E-AAFE-9D9D0B744E6F} -> profile=public | protocol=17 | dir=in | action=allow | name=tightvnc viewer | app=c:\program files (x86)\tightvnc\vncviewer.exe |
  220. {8D754066-C890-48A3-B5F0-33520E1D7C5A} -> profile=public | protocol=17 | dir=in | action=allow | name=aim | app=c:\program files (x86)\aim\aim.exe |
  221. {A1D11300-3CED-4297-B91F-8A466F7E279D} -> profile=public | protocol=17 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe |
  222. {A834B10A-3853-40BE-9998-0929664AB4C3} -> profile=public | protocol=6 | dir=in | action=allow | name=tightvnc server | app=c:\program files (x86)\tightvnc\tvnserver.exe |
  223. {B07B78B1-1770-4E1B-B542-A816D1489E5B} -> profile=private | protocol=17 | dir=in | action=allow | name=bonjour service | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
  224. {D383BEA4-984C-47B7-A0CC-69F932D575A0} -> profile=public | protocol=6 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
  225. {E15258E4-F73A-4B70-BB75-FCADB9313824} -> profile=public | protocol=6 | dir=in | action=allow | name=ventrilo.exe | app=c:\program files\ventrilo\ventrilo.exe |
  226. {F2E0E49D-DD38-429C-9169-5BD9CC8FBE0A} -> profile=public | protocol=17 | dir=in | action=allow | name=tightvnc server | app=c:\program files (x86)\tightvnc\tvnserver.exe |
  227. {F5949DBE-3E4D-4A68-907A-6BBFCA8EABAC} -> protocol=6 | dir=in | action=allow | name=bittorrent (tcp-in) | app=c:\program files (x86)\bittorrent\bittorrent.exe |
  228. TCP Query User{205F3554-3754-4D81-9212-2F31D15C6759}C:\users\seed419\desktop\mineserver\bin\mineserver.exe -> profile=public | protocol=6 | dir=in | action=allow | name=mineserver.exe | app=c:\users\seed419\desktop\mineserver\bin\mineserver.exe |
  229. TCP Query User{4BEB660B-7004-4603-97F8-A39AC6BE5C26}C:\program files\java\jre6\bin\java.exe -> profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\java.exe |
  230. TCP Query User{8C67EE59-D036-4434-A2E7-F40076788736}C:\windows\system32\java.exe -> profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\windows\system32\java.exe |
  231. TCP Query User{8F5480D8-2BC8-4BE6-94E4-4D7DCF159E01}C:\program files (x86)\aim\aim.exe -> profile=private | protocol=6 | dir=in | action=allow | name=aol instant messenger | app=c:\program files (x86)\aim\aim.exe |
  232. TCP Query User{9B4DC715-A9E5-4FF5-9F5F-D26EFD49B0BA}C:\program files\java\jre6\bin\java.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\java.exe |
  233. TCP Query User{A37541A1-C56C-401E-8AD4-02E83DD1FB29}C:\wamp\bin\apache\apache2.2.17\bin\httpd.exe -> profile=public | protocol=6 | dir=in | action=allow | name=apache http server | app=c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe |
  234. TCP Query User{BD7FB061-9921-4F1A-8258-C694E22A6898}C:\program files (x86)\palm\hotsync.exe -> profile=public | protocol=6 | dir=in | action=block | name=hotsync® manager application | app=c:\program files (x86)\palm\hotsync.exe |
  235. TCP Query User{D24E21A8-7115-4F4C-9B12-5D0128F70321}C:\program files\java\jre6\bin\javaw.exe -> profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\javaw.exe |
  236. TCP Query User{D63E1997-E06C-4F90-A74B-1AA16E4580F2}C:\program files (x86)\gigabyte\@bios\gwflash.exe -> profile=public | protocol=6 | dir=in | action=allow | name=@bios application | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe |
  237. UDP Query User{2A75782C-0687-4F4B-8536-DFE2E5692B88}C:\program files (x86)\gigabyte\@bios\gwflash.exe -> profile=public | protocol=17 | dir=in | action=allow | name=@bios application | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe |
  238. UDP Query User{47767062-9A78-4FCB-B953-79E1D2B4FE8A}C:\program files (x86)\aim\aim.exe -> profile=private | protocol=17 | dir=in | action=allow | name=aol instant messenger | app=c:\program files (x86)\aim\aim.exe |
  239. UDP Query User{87753B7D-C15C-4E63-8F0C-836F71786310}C:\users\seed419\desktop\mineserver\bin\mineserver.exe -> profile=public | protocol=17 | dir=in | action=allow | name=mineserver.exe | app=c:\users\seed419\desktop\mineserver\bin\mineserver.exe |
  240. UDP Query User{91B6749E-CBCE-4D38-8528-37C33BB14B3B}C:\windows\system32\java.exe -> profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\windows\system32\java.exe |
  241. UDP Query User{98A7FE88-BCC0-4B33-BFD7-99EFD904A818}C:\wamp\bin\apache\apache2.2.17\bin\httpd.exe -> profile=public | protocol=17 | dir=in | action=allow | name=apache http server | app=c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe |
  242. UDP Query User{B84272FC-F4BF-4FA5-B47E-F6BCB98AF0F7}C:\program files\java\jre6\bin\java.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\java.exe |
  243. UDP Query User{E1960087-EDBC-4247-8415-989A3051FB01}C:\program files\java\jre6\bin\javaw.exe -> profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\javaw.exe |
  244. UDP Query User{F90A685B-B286-436F-89F8-087548DB84E4}C:\program files\java\jre6\bin\java.exe -> profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\java.exe |
  245. UDP Query User{F9ED461A-B59B-4687-815E-0D9519A9970B}C:\program files (x86)\palm\hotsync.exe -> profile=public | protocol=17 | dir=in | action=block | name=hotsync® manager application | app=c:\program files (x86)\palm\hotsync.exe |
  246. < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
  247. < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
  248. "AutoRun" -> 1 ->
  249. "DisplayName" -> CD-ROM Driver ->
  250. "ImagePath" -> C:\Windows\SysNative\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/04/11 11:22:05 | 000,079,872 | ---- | M] (Microsoft Corporation)
  251. < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
  252. \{ed84ddfe-07a6-11e0-b39c-f8e6deb84908}
  253. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed84ddfe-07a6-11e0-b39c-f8e6deb84908}\shell\AutoRun\command
  254. \{ed84ddfe-07a6-11e0-b39c-f8e6deb84908}\shell\AutoRun\command\\"" -> [F:\setupSNK.exe] -> File not found
  255. < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
  256. 64bit-comfile [open] -> "%1" %* -> File not found
  257. 64bit-exefile [open] -> "%1" %* -> File not found
  258. comfile [open] -> "%1" %* ->
  259. exefile [open] -> "%1" %* ->
  260. < Registry Shell Spawning - Select to Repair > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000_Classes\<key>\shell\[command]\command ->
  261. exefile [open] -> "%1" %* ->
  262. < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
  263. .com [@ = comfile] -> "%1" %* ->
  264. .exe [@ = exefile] -> "%1" %* ->
  265. < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
  266. .com [@ = comfile] -> "%1" %* ->
  267. .exe [@ = exefile] -> "%1" %* ->
  268. < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Classes\<extension>\ ->
  269. .exe [@ = exefile] -> "%1" %* ->
  270.  
  271. [Registry - Additional Scans - Safe List]
  272. < 64bit-Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ ->
  273. C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HotSync Manager.lnk -> C:\Program Files (x86)\Palm\Hotsync.exe -> [2008/01/03 19:28:08 | 001,392,640 | R--- | M] (PalmSource, Inc)
  274. < 64bit-Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ ->
  275. Adobe ARM hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe -> [2010/11/10 13:49:34 | 000,932,288 | ---- | M] (Adobe Systems Incorporated)
  276. Adobe Reader Speed Launcher hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe -> [2011/01/30 10:45:14 | 000,035,736 | ---- | M] (Adobe Systems Incorporated)
  277. AdobeCS4ServiceManager hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found
  278. boincmgr hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found
  279. boinctray hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found
  280. DivXUpdate hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe -> [2011/01/10 18:25:06 | 001,230,704 | ---- | M] ()
  281. HDAudDeck hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -> [2010/05/04 07:10:48 | 002,425,456 | R--- | M] (VIA)
  282. HotSync hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found
  283. iTunesHelper hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\iTunes\iTunesHelper.exe -> [2011/03/07 15:33:40 | 000,421,160 | ---- | M] (Apple Inc.)
  284. NvCplDaemon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Windows\SysNative\rundll32.exe -> [2006/11/02 06:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation)
  285. PWRISOVM.EXE hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -> [2007/08/06 19:05:46 | 000,200,704 | ---- | M] (PowerISO Computing, Inc.)
  286. QuickTime Task hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\QuickTime\QTTask.exe -> [2010/11/29 17:38:18 | 000,421,888 | ---- | M] (Apple Inc.)
  287. RAM Monitor hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
  288. RivaTunerStartupDaemon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
  289. Sidebar hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Windows Sidebar\sidebar.exe -> [2009/04/11 11:22:16 | 001,555,968 | ---- | M] (Microsoft Corporation)
  290. SunJavaUpdateSched hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe -> [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.)
  291. tvncontrol hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found
  292. Windows Defender hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Windows Defender\MSASCui.exe -> [2008/01/20 21:47:32 | 001,584,184 | ---- | M] (Microsoft Corporation)
  293. WindowsWelcomeCenter hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
  294. < 64bit-Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state ->
  295. "services" -> 2 ->
  296. "startup" -> 2 ->
  297. < 64bit-Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
  298. "msacm.l3acm" -> C:\Windows\SysNative\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2010/01/21 10:37:11 | 000,072,192 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
  299. "VIDC.FPS1" -> C:\Windows\SysNative\frapsv64.dll [frapsv64.dll] -> [2009/11/21 04:30:04 | 000,084,992 | ---- | M] (Beepa P/L)
  300. < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
  301. "msacm.l3acm" -> C:\Windows\SysWOW64\l3codeca.acm [C:\Windows\SysWOW64\l3codeca.acm] -> [2010/01/21 10:05:44 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
  302. "msacm.vorbis" -> C:\Windows\SysWow64\vorbis.acm [vorbis.acm] -> [2009/08/02 15:09:56 | 001,554,944 | ---- | M] (HMS http://hp.vector.co.jp/authors/VA012897/)
  303. "vidc.cvid" -> C:\Windows\SysWow64\iccvid.dll [iccvid.dll] -> [2010/05/27 15:08:17 | 000,081,920 | ---- | M] (Radius Inc.)
  304. "vidc.DIVX" -> C:\Windows\SysWow64\DivX.dll [DivX.dll] -> [2010/02/19 14:27:36 | 000,720,384 | ---- | M] (DivX, Inc.)
  305. "VIDC.FPS1" -> C:\Windows\SysWow64\frapsvid.dll [frapsvid.dll] -> [2009/11/21 04:30:06 | 000,086,016 | ---- | M] (Beepa P/L)
  306. "vidc.yv12" -> C:\Windows\SysWow64\DivX.dll [DivX.dll] -> [2010/02/19 14:27:36 | 000,720,384 | ---- | M] (DivX, Inc.)
  307. < 64bit-SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
  308. {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
  309. {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
  310. {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
  311. {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
  312. {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
  313. {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
  314. {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
  315. {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
  316. {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
  317. {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
  318. {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
  319. {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
  320. {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
  321. {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
  322. {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
  323. {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
  324. {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
  325. AppMgmt -> Service
  326. Base -> Driver Group
  327. Boot Bus Extender -> Driver Group
  328. Boot file system -> Driver Group
  329. File system -> Driver Group
  330. Filter -> Driver Group
  331. HelpSvc -> Service
  332. NTDS -> 32bit -> File not found
  333. PCI Configuration -> Driver Group
  334. PNP Filter -> Driver Group
  335. Primary disk -> Driver Group
  336. sacsvr -> Service
  337. SCSI Class -> Driver Group
  338. System Bus Extender -> Driver Group
  339. TrustedInstaller -> 32bit -> File not found
  340. WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation)
  341. < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
  342. {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
  343. {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
  344. {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
  345. {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
  346. {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
  347. {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
  348. {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
  349. {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
  350. {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
  351. {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
  352. {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
  353. {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
  354. {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
  355. {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
  356. {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
  357. {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
  358. {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
  359. AppInfo -> 64bit -> File not found
  360. AppMgmt -> Service
  361. Base -> Driver Group
  362. Boot Bus Extender -> Driver Group
  363. Boot file system -> Driver Group
  364. DcomLaunch -> 64bit -> File not found
  365. EventLog -> 64bit -> File not found
  366. File system -> Driver Group
  367. Filter -> Driver Group
  368. HelpSvc -> Service
  369. KeyIso -> 64bit -> File not found
  370. Netlogon -> 64bit -> File not found
  371. NTDS -> 64bit -> File not found
  372. PCI Configuration -> Driver Group
  373. PlugPlay -> 64bit -> File not found
  374. PNP Filter -> Driver Group
  375. Primary disk -> Driver Group
  376. ProfSvc -> 64bit -> File not found
  377. RpcSs -> 64bit -> File not found
  378. sacsvr -> Service
  379. SCSI Class -> Driver Group
  380. sermouse.sys -> 64bit -> File not found
  381. SWPRV -> 64bit -> File not found
  382. System Bus Extender -> Driver Group
  383. TabletInputService -> 64bit -> File not found
  384. TBS -> 64bit -> File not found
  385. VDS -> 64bit -> File not found
  386. vga.sys -> 64bit -> File not found
  387. vgasave.sys -> 64bit -> File not found
  388. volmgr.sys -> 64bit -> File not found
  389. volmgrx.sys -> 64bit -> File not found
  390. WinDefend -> 64bit -> File not found
  391. WinMgmt -> 64bit -> File not found
  392. < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
  393. 64bit-batfile [open] -> "%1" %* -> File not found
  394. 64bit-cmdfile [open] -> "%1" %* -> File not found
  395. 64bit-comfile [open] -> "%1" %* -> File not found
  396. 64bit-exefile [open] -> "%1" %* -> File not found
  397. 64bit-htmlfile [print] -> rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" -> File not found
  398. 64bit-inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2006/11/02 06:15:54 | 000,011,264 | ---- | M] (Microsoft Corporation)
  399. 64bit-InternetShortcut [open] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l -> [2006/11/02 06:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation)
  400. 64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2006/11/02 06:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation)
  401. 64bit-piffile [open] -> "%1" %* -> File not found
  402. 64bit-scrfile [config] -> "%1" -> File not found
  403. 64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> File not found
  404. 64bit-scrfile [open] -> "%1" /S -> File not found
  405. 64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> File not found
  406. 64bit-Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2011/01/30 16:27:10 | 000,107,008 | ---- | M] ()
  407. 64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2008/01/20 21:50:37 | 000,363,008 | ---- | M] (Microsoft Corporation)
  408. 64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
  409. 64bit-Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2011/01/30 16:27:10 | 000,107,008 | ---- | M] ()
  410. 64bit-Folder [open] -> %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
  411. 64bit-Folder [explore] -> %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
  412. 64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
  413. batfile [open] -> "%1" %* ->
  414. cmdfile [open] -> "%1" %* ->
  415. comfile [open] -> "%1" %* ->
  416. cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2006/11/02 04:44:59 | 000,211,968 | ---- | M] (Microsoft Corporation)
  417. exefile [open] -> "%1" %* ->
  418. htmlfile [print] -> rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" ->
  419. inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2008/01/20 21:49:56 | 000,011,776 | ---- | M] (Microsoft Corporation)
  420. piffile [open] -> "%1" %* ->
  421. scrfile [config] -> "%1" ->
  422. scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l ->
  423. scrfile [open] -> "%1" /S ->
  424. Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 ->
  425. Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2011/01/30 16:27:10 | 000,107,008 | ---- | M] ()
  426. Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2008/01/20 21:48:06 | 000,318,976 | ---- | M] (Microsoft Corporation)
  427. Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
  428. Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2011/01/30 16:27:10 | 000,107,008 | ---- | M] ()
  429. Folder [open] -> %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
  430. Folder [explore] -> %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
  431. Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
  432. < EventViewer Logs - Last 10 Errors > -> Event Information -> Description
  433. Application [ Error ] 3/21/2011 1:21:53 PM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application MsiExec.exe, version 4.5.6002.18005, time stamp 0x49e01c42, faulting module QuickTime.qts_unloaded, version 0.0.0.0, time stamp 0x4cf4536a, exception code 0xc0000005, fault offset 0x6d5dbb89, process id 0x4e8, application start time 0x01cbe7ec67044b6c.
  434. Application [ Error ] 3/22/2011 1:45:23 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application Taskmgr.exe, version 6.0.6001.18000, time stamp 0x47919749, faulting module fraps64.dll_unloaded, version 0.0.0.0, time stamp 0x4af24185, exception code 0xc0000005, fault offset 0x000000006357e04a, process id 0xe80, application start time 0x01cbe8544ddc55ff.
  435. Application [ Error ] 3/22/2011 1:45:23 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application firefox.exe, version 2.0.0.4097, time stamp 0x4d876076, faulting module fraps64.dll_unloaded, version 0.0.0.0, time stamp 0x4af24185, exception code 0xc0000005, fault offset 0x000000006357e04a, process id 0x3e4, application start time 0x01cbe804fe79ec6f.
  436. Application [ Error ] 3/23/2011 1:14:47 AM Computer Name = SeeD419-PC | Source = Bonjour Service | ID = 100 -> Description = DNS Message from «ZERO ADDRESS»:0 to «ZERO ADDRESS»:0 length 0 too short
  437. Application [ Error ] 3/23/2011 1:14:47 AM Computer Name = SeeD419-PC | Source = Bonjour Service | ID = 100 -> Description = WSARecvMsg failed (10038)
  438. Application [ Error ] 3/23/2011 1:14:48 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application mDNSResponder.exe, version 2.0.4.0, time stamp 0x4cae1be1, faulting module mDNSResponder.exe, version 2.0.4.0, time stamp 0x4cae1be1, exception code 0xc0000005, fault offset 0x0000110a, process id 0x830, application start time 0x01cbe91938e43416.
  439. Application [ Error ] 3/24/2011 7:37:07 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application mDNSResponder.exe, version 2.0.4.0, time stamp 0x4cae1be1, faulting module mDNSResponder.exe, version 2.0.4.0, time stamp 0x4cae1be1, exception code 0xc0000005, fault offset 0x0000110a, process id 0x748, application start time 0x01cbea17cc2d626b.
  440. Application [ Error ] 3/31/2011 3:17:11 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp 0x4d0c3d4c, faulting module OLEAUT32.dll, version 6.0.6002.18005, time stamp 0x49e037da, exception code 0xc0000005, fault offset 0x000092fb, process id 0x4f8, application start time 0x01cbef73a49ea588.
  441. Application [ Error ] 3/31/2011 3:17:20 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp 0x4d0c3d4c, faulting module OLEAUT32.dll, version 6.0.6002.18005, time stamp 0x49e037da, exception code 0xc0000005, fault offset 0x0004ad8a, process id 0xc40, application start time 0x01cbef73aac3d3e8.
  442. Application [ Error ] 3/31/2011 4:38:52 AM Computer Name = SeeD419-PC | Source = EventSystem | ID = 4609 -> Description =
  443. System [ Error ] 3/31/2011 4:38:52 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
  444. System [ Error ] 3/31/2011 4:38:52 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
  445. System [ Error ] 3/31/2011 4:38:52 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
  446. System [ Error ] 3/31/2011 4:38:52 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
  447. System [ Error ] 3/31/2011 4:39:26 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
  448. System [ Error ] 3/31/2011 4:39:26 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
  449. System [ Error ] 3/31/2011 4:42:01 AM Computer Name = SeeD419-PC | Source = Service Control Manager | ID = 7026 -> Description =
  450. System [ Error ] 3/31/2011 10:14:25 AM Computer Name = SeeD419-PC | Source = Service Control Manager | ID = 7026 -> Description =
  451. System [ Error ] 3/31/2011 10:49:43 AM Computer Name = SeeD419-PC | Source = Service Control Manager | ID = 7026 -> Description =
  452. System [ Error ] 3/31/2011 4:58:57 PM Computer Name = SeeD419-PC | Source = Service Control Manager | ID = 7026 -> Description =
  453.  
  454. [Files/Folders - Created Within 30 Days]
  455. OTS.exe -> C:\Users\SeeD419\Desktop\OTS.exe -> [2011/03/31 17:32:13 | 000,645,632 | ---- | C] (OldTimer Tools)
  456. aswSnx.sys -> C:\Windows\SysNative\drivers\aswSnx.sys -> [2011/03/31 02:04:59 | 000,505,176 | ---- | C] (AVAST Software)
  457. DWrite.dll -> C:\Windows\SysNative\DWrite.dll -> [2011/03/22 22:24:56 | 001,555,968 | ---- | C] (Microsoft Corporation)
  458. DWrite.dll -> C:\Windows\SysWow64\DWrite.dll -> [2011/03/22 22:24:56 | 001,068,544 | ---- | C] (Microsoft Corporation)
  459. XpsGdiConverter.dll -> C:\Windows\SysNative\XpsGdiConverter.dll -> [2011/03/22 22:24:56 | 000,479,744 | ---- | C] (Microsoft Corporation)
  460. XpsGdiConverter.dll -> C:\Windows\SysWow64\XpsGdiConverter.dll -> [2011/03/22 22:24:56 | 000,288,768 | ---- | C] (Microsoft Corporation)
  461. iTunes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes -> [2011/03/21 12:26:26 | 000,000,000 | ---D | C]
  462. GEARAspi64.dll -> C:\Windows\SysNative\GEARAspi64.dll -> [2011/03/21 12:26:23 | 000,126,312 | ---- | C] (GEAR Software Inc.)
  463. GEARAspi.dll -> C:\Windows\SysWow64\GEARAspi.dll -> [2011/03/21 12:26:23 | 000,107,368 | ---- | C] (GEAR Software Inc.)
  464. GEARAspiWDM.sys -> C:\Windows\SysNative\drivers\GEARAspiWDM.sys -> [2011/03/21 12:26:23 | 000,034,152 | ---- | C] (GEAR Software Inc.)
  465. iPod -> C:\Program Files (x86)\iPod -> [2011/03/21 12:26:00 | 000,000,000 | ---D | C]
  466. iTunes -> C:\Program Files\iTunes -> [2011/03/21 12:25:58 | 000,000,000 | ---D | C]
  467. iTunes -> C:\Program Files (x86)\iTunes -> [2011/03/21 12:25:58 | 000,000,000 | ---D | C]
  468. {93E26451-CD9A-43A5-A2FA-C42392EA4001} -> C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} -> [2011/03/21 12:25:58 | 000,000,000 | ---D | C]
  469. Apple -> C:\Program Files\Common Files\Apple -> [2011/03/21 12:24:12 | 000,000,000 | ---D | C]
  470. Bonjour -> C:\Program Files\Bonjour -> [2011/03/21 12:24:01 | 000,000,000 | ---D | C]
  471. Bonjour -> C:\Program Files (x86)\Bonjour -> [2011/03/21 12:24:01 | 000,000,000 | ---D | C]
  472. QuickTime -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime -> [2011/03/21 12:21:50 | 000,000,000 | ---D | C]
  473. QuickTime -> C:\Program Files (x86)\QuickTime -> [2011/03/21 12:21:44 | 000,000,000 | ---D | C]
  474. shit to organize -> C:\Users\SeeD419\Desktop\shit to organize -> [2011/03/19 19:21:53 | 000,000,000 | ---D | C]
  475. BOINC -> C:\ProgramData\BOINC -> [2011/03/18 06:53:11 | 000,000,000 | ---D | C]
  476. vdremote.dll -> C:\Windows\System\vdremote.dll -> [2011/03/14 21:15:53 | 000,073,728 | ---- | C] ( )
  477. vdsvrlnk.dll -> C:\Windows\System\vdsvrlnk.dll -> [2011/03/14 21:15:53 | 000,065,536 | ---- | C] ( )
  478. CamStudio -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio -> [2011/03/14 08:55:36 | 000,000,000 | ---D | C]
  479. CamStudio -> C:\Program Files (x86)\CamStudio -> [2011/03/14 08:55:33 | 000,000,000 | ---D | C]
  480. Sun -> C:\Windows\Sun -> [2011/03/11 06:23:21 | 000,000,000 | ---D | C]
  481. EncDec.dll -> C:\Windows\SysNative\EncDec.dll -> [2011/03/08 16:36:21 | 000,559,616 | ---- | C] (Microsoft Corporation)
  482. EncDec.dll -> C:\Windows\SysWow64\EncDec.dll -> [2011/03/08 16:36:21 | 000,429,056 | ---- | C] (Microsoft Corporation)
  483. sbe.dll -> C:\Windows\SysNative\sbe.dll -> [2011/03/08 16:36:21 | 000,416,768 | ---- | C] (Microsoft Corporation)
  484. sbe.dll -> C:\Windows\SysWow64\sbe.dll -> [2011/03/08 16:36:21 | 000,322,560 | ---- | C] (Microsoft Corporation)
  485. mpg2splt.ax -> C:\Windows\SysNative\mpg2splt.ax -> [2011/03/08 16:36:21 | 000,226,816 | ---- | C] (Microsoft Corporation)
  486. sbeio.dll -> C:\Windows\SysNative\sbeio.dll -> [2011/03/08 16:36:21 | 000,210,944 | ---- | C] (Microsoft Corporation)
  487. mpg2splt.ax -> C:\Windows\SysWow64\mpg2splt.ax -> [2011/03/08 16:36:21 | 000,177,664 | ---- | C] (Microsoft Corporation)
  488. sbeio.dll -> C:\Windows\SysWow64\sbeio.dll -> [2011/03/08 16:36:21 | 000,153,088 | ---- | C] (Microsoft Corporation)
  489. mstscax.dll -> C:\Windows\SysNative\mstscax.dll -> [2011/03/08 16:36:20 | 002,425,344 | ---- | C] (Microsoft Corporation)
  490. mstscax.dll -> C:\Windows\SysWow64\mstscax.dll -> [2011/03/08 16:36:20 | 002,067,968 | ---- | C] (Microsoft Corporation)
  491. mstsc.exe -> C:\Windows\SysNative\mstsc.exe -> [2011/03/08 16:36:20 | 000,731,136 | ---- | C] (Microsoft Corporation)
  492. mstsc.exe -> C:\Windows\SysWow64\mstsc.exe -> [2011/03/08 16:36:19 | 000,677,888 | ---- | C] (Microsoft Corporation)
  493.  
  494. [Files/Folders - Modified Within 30 Days]
  495. OTS.exe -> C:\Users\SeeD419\Desktop\OTS.exe -> [2011/03/31 17:32:15 | 000,645,632 | ---- | M] (OldTimer Tools)
  496. animatedgif.gif -> C:\Users\SeeD419\Desktop\animatedgif.gif -> [2011/03/31 16:21:01 | 000,138,089 | ---- | M] ()
  497. 3e41c056_bfc7_bdb6.gif -> C:\Users\SeeD419\Desktop\3e41c056_bfc7_bdb6.gif -> [2011/03/31 16:15:28 | 001,007,461 | ---- | M] ()
  498. wolf.jpg -> C:\Users\SeeD419\Desktop\wolf.jpg -> [2011/03/31 16:10:17 | 000,146,471 | ---- | M] ()
  499. PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2011/03/31 16:03:43 | 000,703,388 | ---- | M] ()
  500. perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2011/03/31 16:03:43 | 000,604,264 | ---- | M] ()
  501. perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2011/03/31 16:03:43 | 000,103,964 | ---- | M] ()
  502. nvModes.dat -> C:\ProgramData\nvModes.dat -> [2011/03/31 15:57:29 | 000,164,833 | ---- | M] ()
  503. nvModes.001 -> C:\ProgramData\nvModes.001 -> [2011/03/31 15:57:29 | 000,164,833 | ---- | M] ()
  504. 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/03/31 15:57:16 | 000,004,240 | -H-- | M] ()
  505. 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/03/31 15:57:16 | 000,004,240 | -H-- | M] ()
  506. bootstat.dat -> C:\Windows\bootstat.dat -> [2011/03/31 15:57:10 | 000,067,584 | --S- | M] ()
  507. bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2011/03/31 12:46:44 | 000,000,012 | ---- | M] ()
  508. firefox.exe - Shortcut.lnk -> C:\Users\SeeD419\Application Data\Microsoft\Internet Explorer\Quick Launch\firefox.exe - Shortcut.lnk -> [2011/03/31 12:26:43 | 000,000,804 | ---- | M] ()
  509. r0t835ni0n1t18aj4n071sa4s7m -> C:\Users\SeeD419\AppData\Local\r0t835ni0n1t18aj4n071sa4s7m -> [2011/03/31 09:13:32 | 000,009,224 | -HS- | M] ()
  510. r0t835ni0n1t18aj4n071sa4s7m -> C:\ProgramData\r0t835ni0n1t18aj4n071sa4s7m -> [2011/03/31 09:13:32 | 000,009,224 | -HS- | M] ()
  511. config.nt -> C:\Windows\SysWow64\config.nt -> [2011/03/31 02:04:59 | 000,000,000 | ---- | M] ()
  512. DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\SeeD419\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/03/30 02:36:55 | 000,036,864 | ---- | M] ()
  513. MEMORY.DMP -> C:\Windows\MEMORY.DMP -> [2011/03/24 11:52:55 | 411,546,934 | ---- | M] ()
  514. Minecraft.exe - Shortcut.lnk -> C:\Users\SeeD419\Application Data\Microsoft\Internet Explorer\Quick Launch\Minecraft.exe - Shortcut.lnk -> [2011/03/14 09:42:24 | 000,000,553 | ---- | M] ()
  515. 17 C:\Users\SeeD419\AppData\Local\Temp\*.tmp files -> C:\Users\SeeD419\AppData\Local\Temp\*.tmp ->
  516.  
  517. [Files - No Company Name]
  518. animatedgif.gif -> C:\Users\SeeD419\Desktop\animatedgif.gif -> [2011/03/31 16:21:00 | 000,138,089 | ---- | C] ()
  519. 3e41c056_bfc7_bdb6.gif -> C:\Users\SeeD419\Desktop\3e41c056_bfc7_bdb6.gif -> [2011/03/31 16:15:27 | 001,007,461 | ---- | C] ()
  520. wolf.jpg -> C:\Users\SeeD419\Desktop\wolf.jpg -> [2011/03/31 16:10:17 | 000,146,471 | ---- | C] ()
  521. firefox.exe - Shortcut.lnk -> C:\Users\SeeD419\Application Data\Microsoft\Internet Explorer\Quick Launch\firefox.exe - Shortcut.lnk -> [2011/03/31 12:26:43 | 000,000,804 | ---- | C] ()
  522. r0t835ni0n1t18aj4n071sa4s7m -> C:\Users\SeeD419\AppData\Local\r0t835ni0n1t18aj4n071sa4s7m -> [2011/03/31 02:03:00 | 000,009,224 | -HS- | C] ()
  523. r0t835ni0n1t18aj4n071sa4s7m -> C:\ProgramData\r0t835ni0n1t18aj4n071sa4s7m -> [2011/03/31 02:03:00 | 000,009,224 | -HS- | C] ()
  524. MEMORY.DMP -> C:\Windows\MEMORY.DMP -> [2011/03/24 05:20:51 | 411,546,934 | ---- | C] ()
  525. {EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini -> C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini -> [2011/02/16 00:55:44 | 000,000,262 | ---- | C] ()
  526. bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2010/12/24 15:41:20 | 000,000,012 | ---- | C] ()
  527. DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\SeeD419\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/12/14 20:35:18 | 000,036,864 | ---- | C] ()
  528. GSetup.ini -> C:\Windows\GSetup.ini -> [2010/12/14 12:55:29 | 000,000,010 | ---- | C] ()
  529. d3d9caps64.dat -> C:\Users\SeeD419\AppData\Local\d3d9caps64.dat -> [2010/12/14 12:09:59 | 000,000,732 | ---- | C] ()
  530. gzip.exe -> C:\Windows\gzip.exe -> [2010/12/14 10:50:06 | 000,098,136 | ---- | C] ()
  531. GVTDrv64.sys -> C:\Windows\GVTDrv64.sys -> [2010/12/13 11:59:59 | 000,030,528 | ---- | C] ()
  532. nvModes.001 -> C:\ProgramData\nvModes.001 -> [2010/12/10 01:49:19 | 000,164,833 | ---- | C] ()
  533. nvModes.dat -> C:\ProgramData\nvModes.dat -> [2010/12/10 01:49:18 | 000,164,833 | ---- | C] ()
  534. CoPrism.dll -> C:\Windows\SysWow64\CoPrism.dll -> [2010/12/09 22:17:18 | 000,049,152 | ---- | C] ()
  535. GSetup.exe -> C:\Windows\GSetup.exe -> [2009/08/27 02:04:14 | 000,207,400 | R--- | C] ()
  536. msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/04/11 11:23:17 | 000,368,640 | ---- | C] ()
  537. StructuredQuerySchemaTrivial.bin -> C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin -> [2009/04/11 11:22:30 | 000,018,904 | ---- | C] ()
  538. StructuredQuerySchema.bin -> C:\Windows\SysWow64\StructuredQuerySchema.bin -> [2009/04/11 11:22:29 | 000,107,612 | ---- | C] ()
  539. EhStorAuthn.dll -> C:\Windows\SysWow64\EhStorAuthn.dll -> [2009/04/11 11:22:25 | 000,117,248 | ---- | C] ()
  540. tcpmon.ini -> C:\Windows\SysWow64\tcpmon.ini -> [2008/01/20 21:50:05 | 000,060,124 | ---- | C] ()
  541. bootstat.dat -> C:\Windows\bootstat.dat -> [2006/11/02 10:37:05 | 000,067,584 | --S- | C] ()
  542. dssec.dat -> C:\Windows\SysWow64\dssec.dat -> [2006/11/02 07:37:14 | 000,215,943 | ---- | C] ()
  543. NOISE.DAT -> C:\Windows\SysWow64\NOISE.DAT -> [2006/11/02 07:24:17 | 000,000,741 | ---- | C] ()
  544. mlang.dat -> C:\Windows\SysWow64\mlang.dat -> [2006/11/02 07:18:17 | 000,673,088 | ---- | C] ()
  545. mib.bin -> C:\Windows\mib.bin -> [2006/11/02 04:47:54 | 000,043,131 | ---- | C] ()
  546.  
  547. [File - Lop Check]
  548. .minecraft -> C:\Users\SeeD419\AppData\Roaming\.minecraft -> [2011/03/31 12:42:24 | 000,000,000 | ---D | M]
  549. acccore -> C:\Users\SeeD419\AppData\Roaming\acccore -> [2010/12/14 22:26:12 | 000,000,000 | ---D | M]
  550. BitTorrent -> C:\Users\SeeD419\AppData\Roaming\BitTorrent -> [2011/03/30 02:58:56 | 000,000,000 | ---D | M]
  551. com.adobe.ExMan -> C:\Users\SeeD419\AppData\Roaming\com.adobe.ExMan -> [2010/12/15 09:06:20 | 000,000,000 | ---D | M]
  552. HotSync -> C:\Users\SeeD419\AppData\Roaming\HotSync -> [2010/12/11 21:32:31 | 000,000,000 | ---D | M]
  553. Publish Providers -> C:\Users\SeeD419\AppData\Roaming\Publish Providers -> [2011/02/22 12:20:31 | 000,000,000 | ---D | M]
  554. Sony -> C:\Users\SeeD419\AppData\Roaming\Sony -> [2011/02/22 12:23:02 | 000,000,000 | ---D | M]
  555. TightVNC -> C:\Users\SeeD419\AppData\Roaming\TightVNC -> [2011/02/15 07:13:08 | 000,000,000 | ---D | M]
  556. SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2011/03/31 12:46:44 | 000,032,604 | ---- | M] ()
  557. < End of report >
  558. [/code]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement