Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [code]
- OTS logfile created on: 3/31/2011 5:33:50 PM - Run 1
- OTS by OldTimer - Version 3.1.42.0 Folder = C:\Users\SeeD419\Desktop
- 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
- Internet Explorer (Version = 8.0.6001.19019)
- Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
- 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 75.00% Memory free
- 8.00 Gb Paging File | 7.00 Gb Available in Paging File | 87.00% Paging File free
- Paging file location(s): ?:\pagefile.sys [binary data]
- %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
- Drive C: | 69.25 Gb Total Space | 29.75 Gb Free Space | 42.96% Space Free | Partition Type: NTFS
- Drive D: | 74.53 Gb Total Space | 11.39 Gb Free Space | 15.28% Space Free | Partition Type: NTFS
- E: Drive not present or media not loaded
- F: Drive not present or media not loaded
- G: Drive not present or media not loaded
- H: Drive not present or media not loaded
- I: Drive not present or media not loaded
- Computer Name: SEED419-PC
- Current User Name: SeeD419
- Logged in as Administrator.
- Current Boot Mode: Normal
- Scan Mode: All users
- Include 64bit Scans
- Company Name Whitelist: Off
- Skip Microsoft Files: Off
- File Age = 30 Days
- [Processes - Safe List]
- ots.exe -> C:\Users\SeeD419\Desktop\OTS.exe -> [2011/03/31 17:32:15 | 000,645,632 | ---- | M] (OldTimer Tools)
- avastui.exe -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe -> [2011/02/23 09:04:20 | 003,451,496 | ---- | M] (AVAST Software)
- avastsvc.exe -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2011/02/23 09:04:19 | 000,042,184 | ---- | M] (AVAST Software)
- [Modules - Safe List]
- ots.exe -> C:\Users\SeeD419\Desktop\OTS.exe -> [2011/03/31 17:32:15 | 000,645,632 | ---- | M] (OldTimer Tools)
- snxhk.dll -> C:\Program Files\Alwil Software\Avast5\snxhk.dll -> [2011/02/23 09:04:17 | 000,197,208 | ---- | M] (AVAST Software)
- comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll -> [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation)
- [Win32 Services - Safe List]
- 64bit-(avast! Antivirus) [Auto | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2011/02/23 09:04:19 | 000,042,184 | ---- | M] (AVAST Software)
- 64bit-(WinDefend) [Disabled | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation)
- (FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2011/02/21 20:38:55 | 000,655,624 | ---- | M] (Acresso Software Inc.)
- (Futuremark SystemInfo Service) Futuremark SystemInfo Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -> [2010/11/11 15:39:34 | 000,128,928 | ---- | M] (Futuremark Corporation)
- (clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
- (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2009/04/11 11:23:49 | 000,066,368 | ---- | M] (Microsoft Corporation)
- [Driver Services - Safe List]
- 64bit-(aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\SysNative\drivers\aswMonFlt.sys -> [2011/02/23 08:55:05 | 000,064,344 | ---- | M] (AVAST Software)
- 64bit-(RAMDiskVE) RAMDiskVE [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\RAMDiskVE.sys -> [2010/11/21 10:45:36 | 000,063,696 | ---- | M] ()
- 64bit-(L1C) NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\L1C60x64.sys -> [2010/06/24 21:33:58 | 000,075,888 | ---- | M] (Atheros Communications, Inc.)
- 64bit-(VIAHdAudAddService) VIA High Definition Audio Driver Service [Kernel | On_Demand | Running] -> C:\Windows\SysNative\drivers\viahduaa.sys -> [2010/04/24 03:41:52 | 001,320,048 | ---- | M] (VIA Technologies, Inc.)
- 64bit-(AE1000) Linksys AE1000 Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\ae1000va.sys -> [2010/03/23 01:53:01 | 001,020,192 | ---- | M] (Ralink Technology Corp.)
- 64bit-(rtl819xpn64) Realtek RTL8190\RTL8192E 802.11n Wireless LAN (Mini-)PCI NIC NT Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\rtl819xp.sys -> [2010/01/30 04:33:44 | 000,580,128 | ---- | M] (Realtek Semiconductor Corporation )
- 64bit-(WpdUsb) WpdUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\wpdusb.sys -> [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation)
- 64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -> [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.)
- 64bit-(ATITool) ATITool Overclocking Utility [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\ATITool64.sys -> [2006/11/10 08:08:58 | 000,030,720 | ---- | M] ()
- 64bit-(DELL_A02) Dell TrueMobile 1300 USB2.0 WLAN Card Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\PRISMA02.sys -> [2006/10/26 13:22:00 | 000,460,384 | ---- | M] (Conexant Systems, Inc.)
- 64bit-(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\Rtlh64.sys -> [2006/10/02 21:13:44 | 000,051,200 | ---- | M] (Realtek Corporation)
- 64bit-(Ntfs) Ntfs [File_System | On_Demand | Running] -> C:\Windows\SysNative\Wbem\ntfs.mof -> [2006/09/18 16:36:24 | 000,000,308 | ---- | M] ()
- (etdrv) etdrv [Kernel | On_Demand | Stopped] -> C:\Windows\etdrv.sys -> [2011/01/27 07:42:41 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider)
- (GVTDrv64) GVTDrv64 [Kernel | On_Demand | Stopped] -> C:\Windows\GVTDrv64.sys -> [2011/01/27 07:42:34 | 000,030,528 | ---- | M] ()
- (gdrv) gdrv [Kernel | On_Demand | Stopped] -> C:\Windows\gdrv.sys -> [2011/01/27 07:42:24 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider)
- (speedfan) speedfan [Kernel | Boot | Running] -> C:\Windows\SysWOW64\speedfan.sys -> [2007/02/07 13:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider)
- [Registry - Safe List]
- < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
- < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
- HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\SysWOW64\blank.htm ->
- < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
- HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
- < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
- HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
- < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
- < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
- < Internet Explorer Settings [HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\] > -> ->
- HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: Main\\"Start Page" -> http://www.newgrounds.com/ ->
- HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: Main\\"Start Page Redirect Cache" -> http://www.msn.com/ ->
- HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: Main\\"Start Page Redirect Cache AcceptLangs" -> en-us ->
- HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> 0F FA 23 7D 36 98 CB 01 [binary data] ->
- HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: Main\\"StartPageCache" -> 1 ->
- HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: "ProxyEnable" -> 0 ->
- HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\: "ProxyOverride" -> *.local ->
- < FireFox Settings [Prefs.js] > -> C:\Users\SeeD419\AppData\Roaming\Mozilla\FireFox\Profiles\sj7hknl9.default\prefs.js ->
- browser.startup.homepage -> "chrome://speeddial/content/speeddial.xul" ->
- < FireFox Settings [User.js] > -> C:\Users\SeeD419\AppData\Roaming\Mozilla\FireFox\Profiles\sj7hknl9.default\user.js ->
- < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
- HKLM\software\mozilla\Firefox\Extensions -> ->
- HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO] -> [2011/02/22 13:15:29 | 000,000,000 | ---D | M]
- HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA] -> [2011/02/22 13:15:30 | 000,000,000 | ---D | M]
- HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com -> C:\Program Files\Alwil Software\Avast5\WebRep\FF [C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF] -> [2011/03/31 02:04:58 | 000,000,000 | ---D | M]
- HKLM\software\mozilla\Thunderbird\Extensions -> ->
- HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com -> C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD ->
- < FireFox Extensions [User Folders] > ->
- -> C:\Users\SeeD419\AppData\Roaming\Mozilla\Extensions -> [2010/12/11 01:41:21 | 000,000,000 | ---D | M]
- -> C:\Users\SeeD419\AppData\Roaming\Mozilla\Firefox\Profiles\sj7hknl9.default\extensions -> [2010/12/11 01:49:19 | 000,000,000 | ---D | M]
- < HOSTS File > ([2011/02/03 00:00:42 | 000,000,819 | ---- | M] - 22 lines) -> C:\Windows\SysNative\Drivers\etc\hosts ->
- Reset Hosts
- 127.0.0.1 localhost
- ::1 localhost
- 127.0.0.1 activate.adobe.com
- 127.0.0.1 localhost
- < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
- {326E768D-4182-46FD-9C16-1449A49795F4} [HKLM] -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [DivX Plus Web Player HTML5 <video>] -> [2011/02/07 19:17:52 | 003,118,976 | ---- | M] (DivX, LLC)
- {593DDEC6-7468-4cdd-90E1-42DADAA222E9} [HKLM] -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [DivX HiQ] -> [2011/02/07 19:17:52 | 003,118,976 | ---- | M] (DivX, LLC)
- {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} [HKLM] -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [avast! WebRep] -> [2011/02/23 09:04:16 | 000,814,160 | ---- | M] ()
- < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
- "{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" [HKLM] -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [avast! WebRep] -> [2011/02/23 09:04:16 | 000,814,160 | ---- | M] ()
- < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
- "NvCplDaemon" -> C:\Windows\SysNative\NvCpl.dll [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2010/07/09 17:17:18 | 015,314,024 | ---- | M] (NVIDIA Corporation)
- < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
- "avast5" -> C:\Program Files\Alwil Software\Avast5\avastUI.exe ["C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui] -> [2011/02/23 09:04:20 | 003,451,496 | ---- | M] (AVAST Software)
- < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
- "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 11:22:10 | 001,233,920 | ---- | M] (Microsoft Corporation)
- "WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 11:22:14 | 002,153,472 | ---- | M] (Microsoft Corporation)
- < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
- "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 11:22:10 | 001,233,920 | ---- | M] (Microsoft Corporation)
- "WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 11:22:14 | 002,153,472 | ---- | M] (Microsoft Corporation)
- < Run [HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\] > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
- "AdobeBridge" -> [] -> File not found
- "Prime95" -> C:\Users\SeeD419\Desktop\shit to organize\Prime95\prime95.exe [C:\Users\SeeD419\Desktop\shit to organize\Prime95\prime95.exe] -> [2009/07/13 06:04:16 | 005,173,760 | ---- | M] ()
- "WMPNSCFG" -> [C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe] -> File not found
- < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
- \\"NoActiveDesktop" -> [1] -> File not found
- \\"NoActiveDesktopChanges" -> [1] -> File not found
- < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
- \\"SoftwareSASGeneration" -> [1] -> File not found
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
- < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000] > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
- HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
- \\"NoSMHelp" -> [1] -> File not found
- < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
- "" -> http://
- < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
- "" -> http://
- < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
- < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
- < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
- < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
- < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
- < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
- < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
- < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
- < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
- < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
- < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
- < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
- < Trusted Sites Domains [HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\] > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
- HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
- < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\] > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
- HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
- < 64bit-Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
- {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] ->
- {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] ->
- {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] ->
- < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
- {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
- {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
- {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab [Java Plug-in 1.6.0_24] ->
- < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
- DhcpNameServer -> 68.105.28.16 68.105.29.16 192.168.1.1 ->
- < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
- {1FA2CF30-FA29-442A-9F50-25B42BC0A969}\\DhcpNameServer -> 68.105.28.16 68.105.29.16 192.168.1.1 (Linksys AE1000) ->
- {4197BD54-0B54-423E-828F-5586DB0951FE}\\DhcpNameServer -> 68.105.28.12 68.105.29.12 68.105.28.11 (Linksys AE1000) ->
- {68231ED8-B64C-41C1-BD0A-6D8303E58D7F}\\DhcpNameServer -> 68.105.28.16 68.105.29.16 192.168.1.1 (Linksys AE1000) ->
- {864DC3DA-49A1-48A4-BCBE-B3E281A2FD52}\\DhcpNameServer -> 68.105.28.16 68.105.29.16 192.168.1.1 (Realtek RTL8190 802.11n Wireless LAN (Mini-)PCI NIC) ->
- {AFD4312D-0C00-41EA-BFF1-64B177BEAC9F}\\DhcpNameServer -> 68.105.28.12 68.105.29.12 68.105.28.11 (Linksys AE1000) ->
- < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
- 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
- explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
- *MultiFile Done* -> ->
- < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
- *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
- explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2009/04/11 11:23:09 | 002,926,592 | ---- | M] (Microsoft Corporation)
- *MultiFile Done* -> ->
- < Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications ->
- < Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications ->
- < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
- {172A78C3-BAF9-4A75-9DBD-AC178FE1EBBA} -> lport=rpc-epmap | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss |
- {319B2B3B-ACF2-4FE5-9DF0-4C9D14E41FD0} -> lport=rpc | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler |
- {3AB48163-88E5-489C-AA53-6139B1A12C4F} -> rport=138 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system |
- {52F5992B-CF7A-4DA4-A342-383722F5D053} -> rport=137 | profile=private | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system |
- {53CFAC6A-5339-4193-B387-59AF47F7135F} -> rport=139 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system |
- {68483320-9878-4CFC-A55C-6AD374347E80} -> lport=445 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system |
- {96FBB42A-1850-411D-9954-C2ED4E36F5C9} -> lport=137 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system |
- {AD3C0F33-F284-44DA-B563-B298834BB602} -> lport=139 | profile=private | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system |
- {B2154A5E-4B88-49A5-80BF-3FA1ACE7C671} -> lport=138 | profile=private | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system |
- {CCA012FA-7FFE-4E92-86C0-9FC5F10EB34F} -> rport=445 | profile=private | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system |
- < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules ->
- {0879A018-B296-4D09-81C7-E3F6ECB8A177} -> profile=public | protocol=6 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe |
- {0BA08240-A7F5-4FE0-8E33-489DB90C1BCC} -> profile=private | protocol=6 | dir=in | action=allow | name=bonjour service | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
- {165C854F-A890-49E8-8CE7-A879BD0FDE13} -> profile=public | protocol=6 | dir=in | action=allow | name=tightvnc viewer | app=c:\program files (x86)\tightvnc\vncviewer.exe |
- {19975AD6-BE62-47BA-B8E8-79AC06B94C9E} -> profile=public | protocol=17 | dir=in | action=allow | name=ventrilo.exe | app=c:\program files\ventrilo\ventrilo.exe |
- {1FDC70A7-1A5C-449A-86E6-4ACB679FA5E3} -> profile=public | protocol=17 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
- {26EB85F9-B23A-4742-AAA0-C9719FA81614} -> profile=private | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 |
- {2D4FC4BD-8816-41E2-9962-AD8400A40380} -> profile=public | protocol=6 | dir=in | action=allow | name=bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
- {3A216A41-BE2E-417E-BB01-6FAD48E2324C} -> protocol=17 | dir=in | action=allow | name=bittorrent (udp-in) | app=c:\program files (x86)\bittorrent\bittorrent.exe |
- {6884ED8F-1076-47E8-8ABF-DEEA0848D1D8} -> profile=private | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 |
- {6D1B8419-B056-4F40-A655-1752C01F1107} -> profile=public | protocol=6 | dir=in | action=allow | name=aim | app=c:\program files (x86)\aim\aim.exe |
- {6E088D12-E58D-4540-901E-83C1978FC0AE} -> profile=public | protocol=17 | dir=in | action=allow | name=bonjour | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
- {6F7DD675-72EE-4DBD-A6D3-3E6BA5058A3B} -> profile=private | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 |
- {7D910571-09B9-4017-910E-C9BC2767B5F4} -> profile=private | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 |
- {8029F61F-84A9-496E-AAFE-9D9D0B744E6F} -> profile=public | protocol=17 | dir=in | action=allow | name=tightvnc viewer | app=c:\program files (x86)\tightvnc\vncviewer.exe |
- {8D754066-C890-48A3-B5F0-33520E1D7C5A} -> profile=public | protocol=17 | dir=in | action=allow | name=aim | app=c:\program files (x86)\aim\aim.exe |
- {A1D11300-3CED-4297-B91F-8A466F7E279D} -> profile=public | protocol=17 | dir=in | action=allow | name=itunes | app=c:\program files (x86)\itunes\itunes.exe |
- {A834B10A-3853-40BE-9998-0929664AB4C3} -> profile=public | protocol=6 | dir=in | action=allow | name=tightvnc server | app=c:\program files (x86)\tightvnc\tvnserver.exe |
- {B07B78B1-1770-4E1B-B542-A816D1489E5B} -> profile=private | protocol=17 | dir=in | action=allow | name=bonjour service | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
- {D383BEA4-984C-47B7-A0CC-69F932D575A0} -> profile=public | protocol=6 | dir=in | action=allow | name=avg installer | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
- {E15258E4-F73A-4B70-BB75-FCADB9313824} -> profile=public | protocol=6 | dir=in | action=allow | name=ventrilo.exe | app=c:\program files\ventrilo\ventrilo.exe |
- {F2E0E49D-DD38-429C-9169-5BD9CC8FBE0A} -> profile=public | protocol=17 | dir=in | action=allow | name=tightvnc server | app=c:\program files (x86)\tightvnc\tvnserver.exe |
- {F5949DBE-3E4D-4A68-907A-6BBFCA8EABAC} -> protocol=6 | dir=in | action=allow | name=bittorrent (tcp-in) | app=c:\program files (x86)\bittorrent\bittorrent.exe |
- TCP Query User{205F3554-3754-4D81-9212-2F31D15C6759}C:\users\seed419\desktop\mineserver\bin\mineserver.exe -> profile=public | protocol=6 | dir=in | action=allow | name=mineserver.exe | app=c:\users\seed419\desktop\mineserver\bin\mineserver.exe |
- TCP Query User{4BEB660B-7004-4603-97F8-A39AC6BE5C26}C:\program files\java\jre6\bin\java.exe -> profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\java.exe |
- TCP Query User{8C67EE59-D036-4434-A2E7-F40076788736}C:\windows\system32\java.exe -> profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\windows\system32\java.exe |
- TCP Query User{8F5480D8-2BC8-4BE6-94E4-4D7DCF159E01}C:\program files (x86)\aim\aim.exe -> profile=private | protocol=6 | dir=in | action=allow | name=aol instant messenger | app=c:\program files (x86)\aim\aim.exe |
- TCP Query User{9B4DC715-A9E5-4FF5-9F5F-D26EFD49B0BA}C:\program files\java\jre6\bin\java.exe -> profile=private | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\java.exe |
- TCP Query User{A37541A1-C56C-401E-8AD4-02E83DD1FB29}C:\wamp\bin\apache\apache2.2.17\bin\httpd.exe -> profile=public | protocol=6 | dir=in | action=allow | name=apache http server | app=c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe |
- TCP Query User{BD7FB061-9921-4F1A-8258-C694E22A6898}C:\program files (x86)\palm\hotsync.exe -> profile=public | protocol=6 | dir=in | action=block | name=hotsync® manager application | app=c:\program files (x86)\palm\hotsync.exe |
- TCP Query User{D24E21A8-7115-4F4C-9B12-5D0128F70321}C:\program files\java\jre6\bin\javaw.exe -> profile=public | protocol=6 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\javaw.exe |
- TCP Query User{D63E1997-E06C-4F90-A74B-1AA16E4580F2}C:\program files (x86)\gigabyte\@bios\gwflash.exe -> profile=public | protocol=6 | dir=in | action=allow | name=@bios application | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe |
- UDP Query User{2A75782C-0687-4F4B-8536-DFE2E5692B88}C:\program files (x86)\gigabyte\@bios\gwflash.exe -> profile=public | protocol=17 | dir=in | action=allow | name=@bios application | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe |
- UDP Query User{47767062-9A78-4FCB-B953-79E1D2B4FE8A}C:\program files (x86)\aim\aim.exe -> profile=private | protocol=17 | dir=in | action=allow | name=aol instant messenger | app=c:\program files (x86)\aim\aim.exe |
- UDP Query User{87753B7D-C15C-4E63-8F0C-836F71786310}C:\users\seed419\desktop\mineserver\bin\mineserver.exe -> profile=public | protocol=17 | dir=in | action=allow | name=mineserver.exe | app=c:\users\seed419\desktop\mineserver\bin\mineserver.exe |
- UDP Query User{91B6749E-CBCE-4D38-8528-37C33BB14B3B}C:\windows\system32\java.exe -> profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\windows\system32\java.exe |
- UDP Query User{98A7FE88-BCC0-4B33-BFD7-99EFD904A818}C:\wamp\bin\apache\apache2.2.17\bin\httpd.exe -> profile=public | protocol=17 | dir=in | action=allow | name=apache http server | app=c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe |
- UDP Query User{B84272FC-F4BF-4FA5-B47E-F6BCB98AF0F7}C:\program files\java\jre6\bin\java.exe -> profile=private | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\java.exe |
- UDP Query User{E1960087-EDBC-4247-8415-989A3051FB01}C:\program files\java\jre6\bin\javaw.exe -> profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\javaw.exe |
- UDP Query User{F90A685B-B286-436F-89F8-087548DB84E4}C:\program files\java\jre6\bin\java.exe -> profile=public | protocol=17 | dir=in | action=allow | name=java(tm) platform se binary | app=c:\program files\java\jre6\bin\java.exe |
- UDP Query User{F9ED461A-B59B-4687-815E-0D9519A9970B}C:\program files (x86)\palm\hotsync.exe -> profile=public | protocol=17 | dir=in | action=block | name=hotsync® manager application | app=c:\program files (x86)\palm\hotsync.exe |
- < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
- < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
- "AutoRun" -> 1 ->
- "DisplayName" -> CD-ROM Driver ->
- "ImagePath" -> C:\Windows\SysNative\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2009/04/11 11:22:05 | 000,079,872 | ---- | M] (Microsoft Corporation)
- < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
- \{ed84ddfe-07a6-11e0-b39c-f8e6deb84908}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed84ddfe-07a6-11e0-b39c-f8e6deb84908}\shell\AutoRun\command
- \{ed84ddfe-07a6-11e0-b39c-f8e6deb84908}\shell\AutoRun\command\\"" -> [F:\setupSNK.exe] -> File not found
- < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
- 64bit-comfile [open] -> "%1" %* -> File not found
- 64bit-exefile [open] -> "%1" %* -> File not found
- comfile [open] -> "%1" %* ->
- exefile [open] -> "%1" %* ->
- < Registry Shell Spawning - Select to Repair > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000_Classes\<key>\shell\[command]\command ->
- exefile [open] -> "%1" %* ->
- < 64bit-File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
- .com [@ = comfile] -> "%1" %* ->
- .exe [@ = exefile] -> "%1" %* ->
- < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
- .com [@ = comfile] -> "%1" %* ->
- .exe [@ = exefile] -> "%1" %* ->
- < File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-217955369-1135710861-3102115742-1000\SOFTWARE\Classes\<extension>\ ->
- .exe [@ = exefile] -> "%1" %* ->
- [Registry - Additional Scans - Safe List]
- < 64bit-Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ ->
- C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HotSync Manager.lnk -> C:\Program Files (x86)\Palm\Hotsync.exe -> [2008/01/03 19:28:08 | 001,392,640 | R--- | M] (PalmSource, Inc)
- < 64bit-Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ ->
- Adobe ARM hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe -> [2010/11/10 13:49:34 | 000,932,288 | ---- | M] (Adobe Systems Incorporated)
- Adobe Reader Speed Launcher hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe -> [2011/01/30 10:45:14 | 000,035,736 | ---- | M] (Adobe Systems Incorporated)
- AdobeCS4ServiceManager hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found
- boincmgr hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found
- boinctray hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found
- DivXUpdate hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe -> [2011/01/10 18:25:06 | 001,230,704 | ---- | M] ()
- HDAudDeck hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -> [2010/05/04 07:10:48 | 002,425,456 | R--- | M] (VIA)
- HotSync hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found
- iTunesHelper hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\iTunes\iTunesHelper.exe -> [2011/03/07 15:33:40 | 000,421,160 | ---- | M] (Apple Inc.)
- NvCplDaemon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Windows\SysNative\rundll32.exe -> [2006/11/02 06:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation)
- PWRISOVM.EXE hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -> [2007/08/06 19:05:46 | 000,200,704 | ---- | M] (PowerISO Computing, Inc.)
- QuickTime Task hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\QuickTime\QTTask.exe -> [2010/11/29 17:38:18 | 000,421,888 | ---- | M] (Apple Inc.)
- RAM Monitor hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
- RivaTunerStartupDaemon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
- Sidebar hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Windows Sidebar\sidebar.exe -> [2009/04/11 11:22:16 | 001,555,968 | ---- | M] (Microsoft Corporation)
- SunJavaUpdateSched hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe -> [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.)
- tvncontrol hkey=HKLM key=SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run -> -> File not found
- Windows Defender hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Windows Defender\MSASCui.exe -> [2008/01/20 21:47:32 | 001,584,184 | ---- | M] (Microsoft Corporation)
- WindowsWelcomeCenter hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found
- < 64bit-Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state ->
- "services" -> 2 ->
- "startup" -> 2 ->
- < 64bit-Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
- "msacm.l3acm" -> C:\Windows\SysNative\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2010/01/21 10:37:11 | 000,072,192 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
- "VIDC.FPS1" -> C:\Windows\SysNative\frapsv64.dll [frapsv64.dll] -> [2009/11/21 04:30:04 | 000,084,992 | ---- | M] (Beepa P/L)
- < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
- "msacm.l3acm" -> C:\Windows\SysWOW64\l3codeca.acm [C:\Windows\SysWOW64\l3codeca.acm] -> [2010/01/21 10:05:44 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
- "msacm.vorbis" -> C:\Windows\SysWow64\vorbis.acm [vorbis.acm] -> [2009/08/02 15:09:56 | 001,554,944 | ---- | M] (HMS http://hp.vector.co.jp/authors/VA012897/)
- "vidc.cvid" -> C:\Windows\SysWow64\iccvid.dll [iccvid.dll] -> [2010/05/27 15:08:17 | 000,081,920 | ---- | M] (Radius Inc.)
- "vidc.DIVX" -> C:\Windows\SysWow64\DivX.dll [DivX.dll] -> [2010/02/19 14:27:36 | 000,720,384 | ---- | M] (DivX, Inc.)
- "VIDC.FPS1" -> C:\Windows\SysWow64\frapsvid.dll [frapsvid.dll] -> [2009/11/21 04:30:06 | 000,086,016 | ---- | M] (Beepa P/L)
- "vidc.yv12" -> C:\Windows\SysWow64\DivX.dll [DivX.dll] -> [2010/02/19 14:27:36 | 000,720,384 | ---- | M] (DivX, Inc.)
- < 64bit-SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
- {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
- {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
- {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
- {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
- {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
- {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
- {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
- {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
- {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
- {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
- {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
- {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
- {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
- {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
- {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
- {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
- {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
- AppMgmt -> Service
- Base -> Driver Group
- Boot Bus Extender -> Driver Group
- Boot file system -> Driver Group
- File system -> Driver Group
- Filter -> Driver Group
- HelpSvc -> Service
- NTDS -> 32bit -> File not found
- PCI Configuration -> Driver Group
- PNP Filter -> Driver Group
- Primary disk -> Driver Group
- sacsvr -> Service
- SCSI Class -> Driver Group
- System Bus Extender -> Driver Group
- TrustedInstaller -> 32bit -> File not found
- WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation)
- < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
- {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
- {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
- {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
- {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
- {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
- {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
- {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
- {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
- {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
- {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
- {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
- {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
- {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers
- {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
- {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
- {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices
- {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices
- AppInfo -> 64bit -> File not found
- AppMgmt -> Service
- Base -> Driver Group
- Boot Bus Extender -> Driver Group
- Boot file system -> Driver Group
- DcomLaunch -> 64bit -> File not found
- EventLog -> 64bit -> File not found
- File system -> Driver Group
- Filter -> Driver Group
- HelpSvc -> Service
- KeyIso -> 64bit -> File not found
- Netlogon -> 64bit -> File not found
- NTDS -> 64bit -> File not found
- PCI Configuration -> Driver Group
- PlugPlay -> 64bit -> File not found
- PNP Filter -> Driver Group
- Primary disk -> Driver Group
- ProfSvc -> 64bit -> File not found
- RpcSs -> 64bit -> File not found
- sacsvr -> Service
- SCSI Class -> Driver Group
- sermouse.sys -> 64bit -> File not found
- SWPRV -> 64bit -> File not found
- System Bus Extender -> Driver Group
- TabletInputService -> 64bit -> File not found
- TBS -> 64bit -> File not found
- VDS -> 64bit -> File not found
- vga.sys -> 64bit -> File not found
- vgasave.sys -> 64bit -> File not found
- volmgr.sys -> 64bit -> File not found
- volmgrx.sys -> 64bit -> File not found
- WinDefend -> 64bit -> File not found
- WinMgmt -> 64bit -> File not found
- < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
- 64bit-batfile [open] -> "%1" %* -> File not found
- 64bit-cmdfile [open] -> "%1" %* -> File not found
- 64bit-comfile [open] -> "%1" %* -> File not found
- 64bit-exefile [open] -> "%1" %* -> File not found
- 64bit-htmlfile [print] -> rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" -> File not found
- 64bit-inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2006/11/02 06:15:54 | 000,011,264 | ---- | M] (Microsoft Corporation)
- 64bit-InternetShortcut [open] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l -> [2006/11/02 06:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation)
- 64bit-InternetShortcut [print] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" -> [2006/11/02 06:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation)
- 64bit-piffile [open] -> "%1" %* -> File not found
- 64bit-scrfile [config] -> "%1" -> File not found
- 64bit-scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> File not found
- 64bit-scrfile [open] -> "%1" /S -> File not found
- 64bit-Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> File not found
- 64bit-Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2011/01/30 16:27:10 | 000,107,008 | ---- | M] ()
- 64bit-Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2008/01/20 21:50:37 | 000,363,008 | ---- | M] (Microsoft Corporation)
- 64bit-Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
- 64bit-Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2011/01/30 16:27:10 | 000,107,008 | ---- | M] ()
- 64bit-Folder [open] -> %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
- 64bit-Folder [explore] -> %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
- 64bit-Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
- batfile [open] -> "%1" %* ->
- cmdfile [open] -> "%1" %* ->
- comfile [open] -> "%1" %* ->
- cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2006/11/02 04:44:59 | 000,211,968 | ---- | M] (Microsoft Corporation)
- exefile [open] -> "%1" %* ->
- htmlfile [print] -> rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" ->
- inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2008/01/20 21:49:56 | 000,011,776 | ---- | M] (Microsoft Corporation)
- piffile [open] -> "%1" %* ->
- scrfile [config] -> "%1" ->
- scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l ->
- scrfile [open] -> "%1" /S ->
- Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 ->
- Directory [AddToPlaylistVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" -> [2011/01/30 16:27:10 | 000,107,008 | ---- | M] ()
- Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2008/01/20 21:48:06 | 000,318,976 | ---- | M] (Microsoft Corporation)
- Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
- Directory [PlayWithVLC] -> "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" -> [2011/01/30 16:27:10 | 000,107,008 | ---- | M] ()
- Folder [open] -> %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
- Folder [explore] -> %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
- Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 11:22:50 | 003,079,168 | ---- | M] (Microsoft Corporation)
- < EventViewer Logs - Last 10 Errors > -> Event Information -> Description
- Application [ Error ] 3/21/2011 1:21:53 PM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application MsiExec.exe, version 4.5.6002.18005, time stamp 0x49e01c42, faulting module QuickTime.qts_unloaded, version 0.0.0.0, time stamp 0x4cf4536a, exception code 0xc0000005, fault offset 0x6d5dbb89, process id 0x4e8, application start time 0x01cbe7ec67044b6c.
- Application [ Error ] 3/22/2011 1:45:23 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application Taskmgr.exe, version 6.0.6001.18000, time stamp 0x47919749, faulting module fraps64.dll_unloaded, version 0.0.0.0, time stamp 0x4af24185, exception code 0xc0000005, fault offset 0x000000006357e04a, process id 0xe80, application start time 0x01cbe8544ddc55ff.
- Application [ Error ] 3/22/2011 1:45:23 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application firefox.exe, version 2.0.0.4097, time stamp 0x4d876076, faulting module fraps64.dll_unloaded, version 0.0.0.0, time stamp 0x4af24185, exception code 0xc0000005, fault offset 0x000000006357e04a, process id 0x3e4, application start time 0x01cbe804fe79ec6f.
- Application [ Error ] 3/23/2011 1:14:47 AM Computer Name = SeeD419-PC | Source = Bonjour Service | ID = 100 -> Description = DNS Message from «ZERO ADDRESS»:0 to «ZERO ADDRESS»:0 length 0 too short
- Application [ Error ] 3/23/2011 1:14:47 AM Computer Name = SeeD419-PC | Source = Bonjour Service | ID = 100 -> Description = WSARecvMsg failed (10038)
- Application [ Error ] 3/23/2011 1:14:48 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application mDNSResponder.exe, version 2.0.4.0, time stamp 0x4cae1be1, faulting module mDNSResponder.exe, version 2.0.4.0, time stamp 0x4cae1be1, exception code 0xc0000005, fault offset 0x0000110a, process id 0x830, application start time 0x01cbe91938e43416.
- Application [ Error ] 3/24/2011 7:37:07 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application mDNSResponder.exe, version 2.0.4.0, time stamp 0x4cae1be1, faulting module mDNSResponder.exe, version 2.0.4.0, time stamp 0x4cae1be1, exception code 0xc0000005, fault offset 0x0000110a, process id 0x748, application start time 0x01cbea17cc2d626b.
- Application [ Error ] 3/31/2011 3:17:11 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp 0x4d0c3d4c, faulting module OLEAUT32.dll, version 6.0.6002.18005, time stamp 0x49e037da, exception code 0xc0000005, fault offset 0x000092fb, process id 0x4f8, application start time 0x01cbef73a49ea588.
- Application [ Error ] 3/31/2011 3:17:20 AM Computer Name = SeeD419-PC | Source = Application Error | ID = 1000 -> Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp 0x4d0c3d4c, faulting module OLEAUT32.dll, version 6.0.6002.18005, time stamp 0x49e037da, exception code 0xc0000005, fault offset 0x0004ad8a, process id 0xc40, application start time 0x01cbef73aac3d3e8.
- Application [ Error ] 3/31/2011 4:38:52 AM Computer Name = SeeD419-PC | Source = EventSystem | ID = 4609 -> Description =
- System [ Error ] 3/31/2011 4:38:52 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
- System [ Error ] 3/31/2011 4:38:52 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
- System [ Error ] 3/31/2011 4:38:52 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
- System [ Error ] 3/31/2011 4:38:52 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
- System [ Error ] 3/31/2011 4:39:26 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
- System [ Error ] 3/31/2011 4:39:26 AM Computer Name = SeeD419-PC | Source = DCOM | ID = 10005 -> Description =
- System [ Error ] 3/31/2011 4:42:01 AM Computer Name = SeeD419-PC | Source = Service Control Manager | ID = 7026 -> Description =
- System [ Error ] 3/31/2011 10:14:25 AM Computer Name = SeeD419-PC | Source = Service Control Manager | ID = 7026 -> Description =
- System [ Error ] 3/31/2011 10:49:43 AM Computer Name = SeeD419-PC | Source = Service Control Manager | ID = 7026 -> Description =
- System [ Error ] 3/31/2011 4:58:57 PM Computer Name = SeeD419-PC | Source = Service Control Manager | ID = 7026 -> Description =
- [Files/Folders - Created Within 30 Days]
- OTS.exe -> C:\Users\SeeD419\Desktop\OTS.exe -> [2011/03/31 17:32:13 | 000,645,632 | ---- | C] (OldTimer Tools)
- aswSnx.sys -> C:\Windows\SysNative\drivers\aswSnx.sys -> [2011/03/31 02:04:59 | 000,505,176 | ---- | C] (AVAST Software)
- DWrite.dll -> C:\Windows\SysNative\DWrite.dll -> [2011/03/22 22:24:56 | 001,555,968 | ---- | C] (Microsoft Corporation)
- DWrite.dll -> C:\Windows\SysWow64\DWrite.dll -> [2011/03/22 22:24:56 | 001,068,544 | ---- | C] (Microsoft Corporation)
- XpsGdiConverter.dll -> C:\Windows\SysNative\XpsGdiConverter.dll -> [2011/03/22 22:24:56 | 000,479,744 | ---- | C] (Microsoft Corporation)
- XpsGdiConverter.dll -> C:\Windows\SysWow64\XpsGdiConverter.dll -> [2011/03/22 22:24:56 | 000,288,768 | ---- | C] (Microsoft Corporation)
- iTunes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes -> [2011/03/21 12:26:26 | 000,000,000 | ---D | C]
- GEARAspi64.dll -> C:\Windows\SysNative\GEARAspi64.dll -> [2011/03/21 12:26:23 | 000,126,312 | ---- | C] (GEAR Software Inc.)
- GEARAspi.dll -> C:\Windows\SysWow64\GEARAspi.dll -> [2011/03/21 12:26:23 | 000,107,368 | ---- | C] (GEAR Software Inc.)
- GEARAspiWDM.sys -> C:\Windows\SysNative\drivers\GEARAspiWDM.sys -> [2011/03/21 12:26:23 | 000,034,152 | ---- | C] (GEAR Software Inc.)
- iPod -> C:\Program Files (x86)\iPod -> [2011/03/21 12:26:00 | 000,000,000 | ---D | C]
- iTunes -> C:\Program Files\iTunes -> [2011/03/21 12:25:58 | 000,000,000 | ---D | C]
- iTunes -> C:\Program Files (x86)\iTunes -> [2011/03/21 12:25:58 | 000,000,000 | ---D | C]
- {93E26451-CD9A-43A5-A2FA-C42392EA4001} -> C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} -> [2011/03/21 12:25:58 | 000,000,000 | ---D | C]
- Apple -> C:\Program Files\Common Files\Apple -> [2011/03/21 12:24:12 | 000,000,000 | ---D | C]
- Bonjour -> C:\Program Files\Bonjour -> [2011/03/21 12:24:01 | 000,000,000 | ---D | C]
- Bonjour -> C:\Program Files (x86)\Bonjour -> [2011/03/21 12:24:01 | 000,000,000 | ---D | C]
- QuickTime -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime -> [2011/03/21 12:21:50 | 000,000,000 | ---D | C]
- QuickTime -> C:\Program Files (x86)\QuickTime -> [2011/03/21 12:21:44 | 000,000,000 | ---D | C]
- shit to organize -> C:\Users\SeeD419\Desktop\shit to organize -> [2011/03/19 19:21:53 | 000,000,000 | ---D | C]
- BOINC -> C:\ProgramData\BOINC -> [2011/03/18 06:53:11 | 000,000,000 | ---D | C]
- vdremote.dll -> C:\Windows\System\vdremote.dll -> [2011/03/14 21:15:53 | 000,073,728 | ---- | C] ( )
- vdsvrlnk.dll -> C:\Windows\System\vdsvrlnk.dll -> [2011/03/14 21:15:53 | 000,065,536 | ---- | C] ( )
- CamStudio -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio -> [2011/03/14 08:55:36 | 000,000,000 | ---D | C]
- CamStudio -> C:\Program Files (x86)\CamStudio -> [2011/03/14 08:55:33 | 000,000,000 | ---D | C]
- Sun -> C:\Windows\Sun -> [2011/03/11 06:23:21 | 000,000,000 | ---D | C]
- EncDec.dll -> C:\Windows\SysNative\EncDec.dll -> [2011/03/08 16:36:21 | 000,559,616 | ---- | C] (Microsoft Corporation)
- EncDec.dll -> C:\Windows\SysWow64\EncDec.dll -> [2011/03/08 16:36:21 | 000,429,056 | ---- | C] (Microsoft Corporation)
- sbe.dll -> C:\Windows\SysNative\sbe.dll -> [2011/03/08 16:36:21 | 000,416,768 | ---- | C] (Microsoft Corporation)
- sbe.dll -> C:\Windows\SysWow64\sbe.dll -> [2011/03/08 16:36:21 | 000,322,560 | ---- | C] (Microsoft Corporation)
- mpg2splt.ax -> C:\Windows\SysNative\mpg2splt.ax -> [2011/03/08 16:36:21 | 000,226,816 | ---- | C] (Microsoft Corporation)
- sbeio.dll -> C:\Windows\SysNative\sbeio.dll -> [2011/03/08 16:36:21 | 000,210,944 | ---- | C] (Microsoft Corporation)
- mpg2splt.ax -> C:\Windows\SysWow64\mpg2splt.ax -> [2011/03/08 16:36:21 | 000,177,664 | ---- | C] (Microsoft Corporation)
- sbeio.dll -> C:\Windows\SysWow64\sbeio.dll -> [2011/03/08 16:36:21 | 000,153,088 | ---- | C] (Microsoft Corporation)
- mstscax.dll -> C:\Windows\SysNative\mstscax.dll -> [2011/03/08 16:36:20 | 002,425,344 | ---- | C] (Microsoft Corporation)
- mstscax.dll -> C:\Windows\SysWow64\mstscax.dll -> [2011/03/08 16:36:20 | 002,067,968 | ---- | C] (Microsoft Corporation)
- mstsc.exe -> C:\Windows\SysNative\mstsc.exe -> [2011/03/08 16:36:20 | 000,731,136 | ---- | C] (Microsoft Corporation)
- mstsc.exe -> C:\Windows\SysWow64\mstsc.exe -> [2011/03/08 16:36:19 | 000,677,888 | ---- | C] (Microsoft Corporation)
- [Files/Folders - Modified Within 30 Days]
- OTS.exe -> C:\Users\SeeD419\Desktop\OTS.exe -> [2011/03/31 17:32:15 | 000,645,632 | ---- | M] (OldTimer Tools)
- animatedgif.gif -> C:\Users\SeeD419\Desktop\animatedgif.gif -> [2011/03/31 16:21:01 | 000,138,089 | ---- | M] ()
- 3e41c056_bfc7_bdb6.gif -> C:\Users\SeeD419\Desktop\3e41c056_bfc7_bdb6.gif -> [2011/03/31 16:15:28 | 001,007,461 | ---- | M] ()
- wolf.jpg -> C:\Users\SeeD419\Desktop\wolf.jpg -> [2011/03/31 16:10:17 | 000,146,471 | ---- | M] ()
- PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2011/03/31 16:03:43 | 000,703,388 | ---- | M] ()
- perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2011/03/31 16:03:43 | 000,604,264 | ---- | M] ()
- perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2011/03/31 16:03:43 | 000,103,964 | ---- | M] ()
- nvModes.dat -> C:\ProgramData\nvModes.dat -> [2011/03/31 15:57:29 | 000,164,833 | ---- | M] ()
- nvModes.001 -> C:\ProgramData\nvModes.001 -> [2011/03/31 15:57:29 | 000,164,833 | ---- | M] ()
- 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/03/31 15:57:16 | 000,004,240 | -H-- | M] ()
- 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/03/31 15:57:16 | 000,004,240 | -H-- | M] ()
- bootstat.dat -> C:\Windows\bootstat.dat -> [2011/03/31 15:57:10 | 000,067,584 | --S- | M] ()
- bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2011/03/31 12:46:44 | 000,000,012 | ---- | M] ()
- firefox.exe - Shortcut.lnk -> C:\Users\SeeD419\Application Data\Microsoft\Internet Explorer\Quick Launch\firefox.exe - Shortcut.lnk -> [2011/03/31 12:26:43 | 000,000,804 | ---- | M] ()
- r0t835ni0n1t18aj4n071sa4s7m -> C:\Users\SeeD419\AppData\Local\r0t835ni0n1t18aj4n071sa4s7m -> [2011/03/31 09:13:32 | 000,009,224 | -HS- | M] ()
- r0t835ni0n1t18aj4n071sa4s7m -> C:\ProgramData\r0t835ni0n1t18aj4n071sa4s7m -> [2011/03/31 09:13:32 | 000,009,224 | -HS- | M] ()
- config.nt -> C:\Windows\SysWow64\config.nt -> [2011/03/31 02:04:59 | 000,000,000 | ---- | M] ()
- DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\SeeD419\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/03/30 02:36:55 | 000,036,864 | ---- | M] ()
- MEMORY.DMP -> C:\Windows\MEMORY.DMP -> [2011/03/24 11:52:55 | 411,546,934 | ---- | M] ()
- Minecraft.exe - Shortcut.lnk -> C:\Users\SeeD419\Application Data\Microsoft\Internet Explorer\Quick Launch\Minecraft.exe - Shortcut.lnk -> [2011/03/14 09:42:24 | 000,000,553 | ---- | M] ()
- 17 C:\Users\SeeD419\AppData\Local\Temp\*.tmp files -> C:\Users\SeeD419\AppData\Local\Temp\*.tmp ->
- [Files - No Company Name]
- animatedgif.gif -> C:\Users\SeeD419\Desktop\animatedgif.gif -> [2011/03/31 16:21:00 | 000,138,089 | ---- | C] ()
- 3e41c056_bfc7_bdb6.gif -> C:\Users\SeeD419\Desktop\3e41c056_bfc7_bdb6.gif -> [2011/03/31 16:15:27 | 001,007,461 | ---- | C] ()
- wolf.jpg -> C:\Users\SeeD419\Desktop\wolf.jpg -> [2011/03/31 16:10:17 | 000,146,471 | ---- | C] ()
- firefox.exe - Shortcut.lnk -> C:\Users\SeeD419\Application Data\Microsoft\Internet Explorer\Quick Launch\firefox.exe - Shortcut.lnk -> [2011/03/31 12:26:43 | 000,000,804 | ---- | C] ()
- r0t835ni0n1t18aj4n071sa4s7m -> C:\Users\SeeD419\AppData\Local\r0t835ni0n1t18aj4n071sa4s7m -> [2011/03/31 02:03:00 | 000,009,224 | -HS- | C] ()
- r0t835ni0n1t18aj4n071sa4s7m -> C:\ProgramData\r0t835ni0n1t18aj4n071sa4s7m -> [2011/03/31 02:03:00 | 000,009,224 | -HS- | C] ()
- MEMORY.DMP -> C:\Windows\MEMORY.DMP -> [2011/03/24 05:20:51 | 411,546,934 | ---- | C] ()
- {EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini -> C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini -> [2011/02/16 00:55:44 | 000,000,262 | ---- | C] ()
- bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2010/12/24 15:41:20 | 000,000,012 | ---- | C] ()
- DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\SeeD419\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/12/14 20:35:18 | 000,036,864 | ---- | C] ()
- GSetup.ini -> C:\Windows\GSetup.ini -> [2010/12/14 12:55:29 | 000,000,010 | ---- | C] ()
- d3d9caps64.dat -> C:\Users\SeeD419\AppData\Local\d3d9caps64.dat -> [2010/12/14 12:09:59 | 000,000,732 | ---- | C] ()
- gzip.exe -> C:\Windows\gzip.exe -> [2010/12/14 10:50:06 | 000,098,136 | ---- | C] ()
- GVTDrv64.sys -> C:\Windows\GVTDrv64.sys -> [2010/12/13 11:59:59 | 000,030,528 | ---- | C] ()
- nvModes.001 -> C:\ProgramData\nvModes.001 -> [2010/12/10 01:49:19 | 000,164,833 | ---- | C] ()
- nvModes.dat -> C:\ProgramData\nvModes.dat -> [2010/12/10 01:49:18 | 000,164,833 | ---- | C] ()
- CoPrism.dll -> C:\Windows\SysWow64\CoPrism.dll -> [2010/12/09 22:17:18 | 000,049,152 | ---- | C] ()
- GSetup.exe -> C:\Windows\GSetup.exe -> [2009/08/27 02:04:14 | 000,207,400 | R--- | C] ()
- msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2009/04/11 11:23:17 | 000,368,640 | ---- | C] ()
- StructuredQuerySchemaTrivial.bin -> C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin -> [2009/04/11 11:22:30 | 000,018,904 | ---- | C] ()
- StructuredQuerySchema.bin -> C:\Windows\SysWow64\StructuredQuerySchema.bin -> [2009/04/11 11:22:29 | 000,107,612 | ---- | C] ()
- EhStorAuthn.dll -> C:\Windows\SysWow64\EhStorAuthn.dll -> [2009/04/11 11:22:25 | 000,117,248 | ---- | C] ()
- tcpmon.ini -> C:\Windows\SysWow64\tcpmon.ini -> [2008/01/20 21:50:05 | 000,060,124 | ---- | C] ()
- bootstat.dat -> C:\Windows\bootstat.dat -> [2006/11/02 10:37:05 | 000,067,584 | --S- | C] ()
- dssec.dat -> C:\Windows\SysWow64\dssec.dat -> [2006/11/02 07:37:14 | 000,215,943 | ---- | C] ()
- NOISE.DAT -> C:\Windows\SysWow64\NOISE.DAT -> [2006/11/02 07:24:17 | 000,000,741 | ---- | C] ()
- mlang.dat -> C:\Windows\SysWow64\mlang.dat -> [2006/11/02 07:18:17 | 000,673,088 | ---- | C] ()
- mib.bin -> C:\Windows\mib.bin -> [2006/11/02 04:47:54 | 000,043,131 | ---- | C] ()
- [File - Lop Check]
- .minecraft -> C:\Users\SeeD419\AppData\Roaming\.minecraft -> [2011/03/31 12:42:24 | 000,000,000 | ---D | M]
- acccore -> C:\Users\SeeD419\AppData\Roaming\acccore -> [2010/12/14 22:26:12 | 000,000,000 | ---D | M]
- BitTorrent -> C:\Users\SeeD419\AppData\Roaming\BitTorrent -> [2011/03/30 02:58:56 | 000,000,000 | ---D | M]
- com.adobe.ExMan -> C:\Users\SeeD419\AppData\Roaming\com.adobe.ExMan -> [2010/12/15 09:06:20 | 000,000,000 | ---D | M]
- HotSync -> C:\Users\SeeD419\AppData\Roaming\HotSync -> [2010/12/11 21:32:31 | 000,000,000 | ---D | M]
- Publish Providers -> C:\Users\SeeD419\AppData\Roaming\Publish Providers -> [2011/02/22 12:20:31 | 000,000,000 | ---D | M]
- Sony -> C:\Users\SeeD419\AppData\Roaming\Sony -> [2011/02/22 12:23:02 | 000,000,000 | ---D | M]
- TightVNC -> C:\Users\SeeD419\AppData\Roaming\TightVNC -> [2011/02/15 07:13:08 | 000,000,000 | ---D | M]
- SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2011/03/31 12:46:44 | 000,032,604 | ---- | M] ()
- < End of report >
- [/code]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement