Не мога да отварям facebook

Night_Raven · Май 14, 2012

Също добре.

Нека за всеки случай да направим още една проверка...

- разархивирай архива на удобно място;

- стартирай TDSSKiller.exe;

- кликни Change paramteres, в долната секция Additional options постави отметки на Verify driver digital signatures и Detect TDLFS file system и потвърди с OK;

- кликни бутон Start scan и изчакай да се извърши сканирането;

- ако не бъдат открити заплахи, просто кликни Close;

- ако бъдат открити подозрителни обекти, кликни Continue и след това Close;

- ако бъдат открити зловредни обекти, се увери, че от падащите менюта е избрана опцята Cure, кликни Continue и след това Reboot computer;

- в дял C: ще се създаде текстов файл дневник от сканирането (името му започва с TDSSKiller), копирай му съдържанието в следващия си коментар.

Viksi95 · Май 15, 2012

14:14:31.0343 3148 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18

14:14:31.0640 3148 ============================================================

14:14:31.0640 3148 Current date / time: 2012/05/15 14:14:31.0640

14:14:31.0640 3148 SystemInfo:

14:14:31.0640 3148

14:14:31.0640 3148 OS Version: 5.1.2600 ServicePack: 3.0

14:14:31.0640 3148 Product type: Workstation

14:14:31.0640 3148 ComputerName: VASKO

14:14:31.0640 3148 UserName: Vasko1

14:14:31.0640 3148 Windows directory: C:\WINDOWS

14:14:31.0640 3148 System windows directory: C:\WINDOWS

14:14:31.0640 3148 Processor architecture: Intel x86

14:14:31.0640 3148 Number of processors: 4

14:14:31.0640 3148 Page size: 0x1000

14:14:31.0640 3148 Boot type: Normal boot

14:14:31.0640 3148 ============================================================

14:14:33.0781 3148 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

14:14:33.0781 3148 ============================================================

14:14:33.0781 3148 \Device\Harddisk0\DR0:

14:14:33.0781 3148 MBR partitions:

14:14:33.0781 3148 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2711637

14:14:33.0796 3148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x71FF044B

14:14:33.0796 3148 ============================================================

14:14:33.0812 3148 C: <-> \Device\Harddisk0\DR0\Partition0

14:14:33.0843 3148 D: <-> \Device\Harddisk0\DR0\Partition1

14:14:33.0859 3148 ============================================================

14:14:33.0859 3148 Initialize success

14:14:33.0859 3148 ============================================================

14:14:39.0156 2736 ============================================================

14:14:39.0156 2736 Scan started

14:14:39.0156 2736 Mode: Manual;

14:14:39.0156 2736 ============================================================

14:14:40.0250 2736 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) D:\Programs\SUPERAntiSpyware\SASCORE.EXE

14:14:40.0250 2736 !SASCORE - ok

14:14:40.0453 2736 Abiosdsk - ok

14:14:40.0453 2736 abp480n5 - ok

14:14:40.0484 2736 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

14:14:40.0484 2736 ACPI - ok

14:14:40.0515 2736 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

14:14:40.0515 2736 ACPIEC - ok

14:14:40.0578 2736 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

14:14:40.0578 2736 AdobeFlashPlayerUpdateSvc - ok

14:14:40.0718 2736 adpu160m - ok

14:14:40.0765 2736 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

14:14:40.0781 2736 aec - ok

14:14:40.0812 2736 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

14:14:40.0812 2736 AFD - ok

14:14:40.0968 2736 Aha154x - ok

14:14:40.0984 2736 aic78u2 - ok

14:14:40.0984 2736 aic78xx - ok

14:14:41.0015 2736 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

14:14:41.0015 2736 Alerter - ok

14:14:41.0031 2736 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

14:14:41.0031 2736 ALG - ok

14:14:41.0031 2736 AliIde - ok

14:14:41.0140 2736 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys

14:14:41.0171 2736 Ambfilt - ok

14:14:41.0281 2736 amsint - ok

14:14:41.0312 2736 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

14:14:41.0328 2736 AppMgmt - ok

14:14:41.0328 2736 asc - ok

14:14:41.0328 2736 asc3350p - ok

14:14:41.0328 2736 asc3550 - ok

14:14:41.0515 2736 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

14:14:41.0515 2736 aspnet_state - ok

14:14:41.0546 2736 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

14:14:41.0562 2736 AsyncMac - ok

14:14:41.0578 2736 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

14:14:41.0578 2736 atapi - ok

14:14:41.0593 2736 Atdisk - ok

14:14:41.0593 2736 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

14:14:41.0609 2736 Atmarpc - ok

14:14:41.0796 2736 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

14:14:41.0796 2736 AudioSrv - ok

14:14:41.0812 2736 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

14:14:41.0828 2736 audstub - ok

14:14:41.0875 2736 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

14:14:41.0890 2736 Beep - ok

14:14:42.0031 2736 BIOS (be5d50529799b9bab6be879ec768b6cf) C:\WINDOWS\system32\drivers\BIOS.sys

14:14:42.0062 2736 BIOS - ok

14:14:42.0093 2736 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

14:14:42.0187 2736 BITS - ok

14:14:42.0312 2736 BlueletAudio (5ff9a3f3476d726ae62da82d5da94c36) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys

14:14:42.0328 2736 BlueletAudio - ok

14:14:42.0343 2736 BlueletSCOAudio (bd91afc523fd59f881e1763c38fb772f) C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys

14:14:42.0375 2736 BlueletSCOAudio - ok

14:14:42.0578 2736 BlueSoleil Hid Service (e460dbc78b9162a569c6ce3b7d31216d) C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

14:14:42.0578 2736 BlueSoleil Hid Service - ok

14:14:42.0625 2736 Bonjour Service (73686fe0b2e0469f89fd2075be724704) C:\Program Files\Bonjour\mDNSResponder.exe

14:14:42.0625 2736 Bonjour Service - ok

14:14:42.0812 2736 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

14:14:42.0812 2736 Browser - ok

14:14:42.0828 2736 BT (c5cce2b26f73f8cf7f3c82159e79aa08) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys

14:14:42.0828 2736 BT - ok

14:14:42.0875 2736 Btcsrusb (fb2abc6d08d9f8d5ed8e02cbd18b39bb) C:\WINDOWS\system32\Drivers\btcusb.sys

14:14:42.0875 2736 Btcsrusb - ok

14:14:42.0890 2736 BTHidEnum (ce643d0918123d76a5caab008fca9663) C:\WINDOWS\system32\Drivers\vbtenum.sys

14:14:42.0906 2736 BTHidEnum - ok

14:14:43.0078 2736 BTHidMgr (dfca4fe4c8aec786b4d0f432eb730f48) C:\WINDOWS\system32\Drivers\BTHidMgr.sys

14:14:43.0093 2736 BTHidMgr - ok

14:14:43.0125 2736 CA561 (50ded7c73e0fb40693edab8cad7c46e7) C:\WINDOWS\system32\Drivers\SPCA561.SYS

14:14:43.0140 2736 CA561 - ok

14:14:43.0312 2736 catchme - ok

14:14:43.0343 2736 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

14:14:43.0359 2736 cbidf2k - ok

14:14:43.0375 2736 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

14:14:43.0375 2736 CCDECODE - ok

14:14:43.0390 2736 cd20xrnt - ok

14:14:43.0406 2736 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

14:14:43.0421 2736 Cdaudio - ok

14:14:43.0593 2736 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

14:14:43.0609 2736 Cdfs - ok

14:14:43.0625 2736 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

14:14:43.0640 2736 Cdrom - ok

14:14:43.0640 2736 Changer - ok

14:14:43.0656 2736 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

14:14:43.0656 2736 CiSvc - ok

14:14:43.0671 2736 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

14:14:43.0671 2736 ClipSrv - ok

14:14:43.0921 2736 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:14:43.0953 2736 clr_optimization_v2.0.50727_32 - ok

14:14:44.0125 2736 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:14:44.0203 2736 clr_optimization_v4.0.30319_32 - ok

14:14:44.0359 2736 CmdIde - ok

14:14:44.0359 2736 COMSysApp - ok

14:14:44.0375 2736 Cpqarray - ok

14:14:44.0421 2736 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

14:14:44.0421 2736 CryptSvc - ok

14:14:44.0421 2736 dac2w2k - ok

14:14:44.0421 2736 dac960nt - ok

14:14:44.0468 2736 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

14:14:44.0468 2736 DcomLaunch - ok

14:14:44.0625 2736 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

14:14:44.0625 2736 Dhcp - ok

14:14:44.0640 2736 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

14:14:44.0656 2736 Disk - ok

14:14:44.0656 2736 dmadmin - ok

14:14:44.0718 2736 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

14:14:44.0734 2736 dmboot - ok

14:14:44.0906 2736 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

14:14:44.0921 2736 dmio - ok

14:14:44.0937 2736 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

14:14:44.0953 2736 dmload - ok

14:14:44.0968 2736 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

14:14:44.0968 2736 dmserver - ok

14:14:45.0187 2736 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

14:14:45.0187 2736 DMusic - ok

14:14:45.0203 2736 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

14:14:45.0218 2736 Dnscache - ok

14:14:45.0234 2736 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

14:14:45.0234 2736 Dot3svc - ok

14:14:45.0390 2736 dpti2o - ok

14:14:45.0406 2736 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

14:14:45.0421 2736 drmkaud - ok

14:14:45.0453 2736 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys

14:14:45.0453 2736 dtsoftbus01 - ok

14:14:45.0484 2736 eamon (4438a150e60bd43889e4229f3fb65911) C:\WINDOWS\system32\DRIVERS\eamon.sys

14:14:45.0484 2736 eamon - ok

14:14:45.0671 2736 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

14:14:45.0671 2736 EapHost - ok

14:14:45.0703 2736 ehdrv (1707cc0bde273efe767a91ef509b3052) C:\WINDOWS\system32\DRIVERS\ehdrv.sys

14:14:45.0718 2736 ehdrv - ok

14:14:45.0750 2736 EhttpSrv (89f1e33b016355cfd091d5d3fbd0364c) C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

14:14:45.0750 2736 EhttpSrv - ok

14:14:45.0984 2736 ekrn (3dd38540e4a368184f85e3ea98bf5595) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

14:14:45.0984 2736 ekrn - ok

14:14:46.0000 2736 epfwtdir (1709caa9199d9a2aaa09c3d72cc71a82) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys

14:14:46.0031 2736 epfwtdir - ok

14:14:46.0187 2736 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

14:14:46.0187 2736 ERSvc - ok

14:14:46.0203 2736 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

14:14:46.0218 2736 Eventlog - ok

14:14:46.0250 2736 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

14:14:46.0250 2736 EventSystem - ok

14:14:46.0421 2736 EverestDriver - ok

14:14:46.0468 2736 ezGOSvc (da7ed3a484a2a03fd8aec1b3a0db401c) C:\WINDOWS\system32\ezGOSvc.dll

14:14:46.0484 2736 ezGOSvc - ok

14:14:46.0500 2736 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

14:14:46.0515 2736 Fastfat - ok

14:14:46.0734 2736 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

14:14:46.0765 2736 FastUserSwitchingCompatibility - ok

14:14:46.0781 2736 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

14:14:46.0796 2736 Fdc - ok

14:14:46.0953 2736 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

14:14:46.0968 2736 Fips - ok

14:14:47.0078 2736 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

14:14:47.0078 2736 FLEXnet Licensing Service - ok

14:14:47.0203 2736 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

14:14:47.0218 2736 Flpydisk - ok

14:14:47.0250 2736 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

14:14:47.0265 2736 FltMgr - ok

14:14:47.0515 2736 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

14:14:47.0515 2736 FontCache3.0.0.0 - ok

14:14:47.0531 2736 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

14:14:47.0546 2736 Fs_Rec - ok

14:14:47.0546 2736 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

14:14:47.0562 2736 Ftdisk - ok

14:14:47.0578 2736 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

14:14:47.0593 2736 Gpc - ok

14:14:47.0796 2736 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

14:14:47.0796 2736 gupdate - ok

14:14:47.0796 2736 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

14:14:47.0796 2736 gupdatem - ok

14:14:47.0812 2736 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys

14:14:47.0828 2736 hamachi - ok

14:14:47.0890 2736 Hamachi2Svc (fa89c0429821c7c429eec7a0ce1c02d3) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

14:14:47.0906 2736 Hamachi2Svc - ok

14:14:48.0046 2736 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

14:14:48.0046 2736 HDAudBus - ok

14:14:48.0125 2736 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

14:14:48.0125 2736 helpsvc - ok

14:14:48.0296 2736 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

14:14:48.0296 2736 HidServ - ok

14:14:48.0312 2736 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

14:14:48.0328 2736 hidusb - ok

14:14:48.0343 2736 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

14:14:48.0359 2736 hkmsvc - ok

14:14:48.0359 2736 hpn - ok

14:14:48.0390 2736 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

14:14:48.0406 2736 HTTP - ok

14:14:48.0546 2736 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

14:14:48.0562 2736 HTTPFilter - ok

14:14:48.0593 2736 hwpsgt (a439ebd90afdb1f516c875b9b317832f) C:\WINDOWS\system32\DRIVERS\hwpsgt.sys

14:14:48.0609 2736 hwpsgt - ok

14:14:48.0609 2736 i2omgmt - ok

14:14:48.0625 2736 i2omp - ok

14:14:48.0640 2736 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

14:14:48.0656 2736 i8042prt - ok

14:14:48.0937 2736 ialm (891e8c110304a878ead86bcf1f7e66d5) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

14:14:48.0968 2736 ialm - ok

14:14:49.0156 2736 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

14:14:49.0156 2736 IDriverT - ok

14:14:49.0484 2736 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

14:14:49.0500 2736 idsvc - ok

14:14:49.0640 2736 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

14:14:49.0656 2736 Imapi - ok

14:14:49.0687 2736 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

14:14:49.0687 2736 ImapiService - ok

14:14:49.0843 2736 ini910u - ok

14:14:50.0203 2736 IntcAzAudAddService (7a9299f48d6f2e802e5b0e0dc508842a) C:\WINDOWS\system32\drivers\RtkHDAud.sys

14:14:50.0234 2736 IntcAzAudAddService - ok

14:14:50.0375 2736 Scan interrupted by user!

14:14:50.0375 2736 ============================================================

14:14:50.0375 2736 Scan finished

14:14:50.0375 2736 ============================================================

14:14:50.0390 1672 Detected object count: 0

Night_Raven · Май 15, 2012

Това не е пълното съдържание на дневника.

Viksi95 · Май 15, 2012

Поправих го

и пак ти благодаря..

Night_Raven · Май 15, 2012

Според дневника сканирането е прекъснато от теб. Остави го да се извърши напълно.

Viksi95 · Май 15, 2012

15:58:49.0484 5120 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18

15:58:51.0484 5120 ============================================================

15:58:51.0484 5120 Current date / time: 2012/05/15 15:58:51.0484

15:58:51.0484 5120 SystemInfo:

15:58:51.0484 5120

15:58:51.0484 5120 OS Version: 5.1.2600 ServicePack: 3.0

15:58:51.0484 5120 Product type: Workstation

15:58:51.0484 5120 ComputerName: VASKO

15:58:51.0484 5120 UserName: Vasko1

15:58:51.0484 5120 Windows directory: C:\WINDOWS

15:58:51.0484 5120 System windows directory: C:\WINDOWS

15:58:51.0484 5120 Processor architecture: Intel x86

15:58:51.0484 5120 Number of processors: 4

15:58:51.0484 5120 Page size: 0x1000

15:58:51.0484 5120 Boot type: Normal boot

15:58:51.0484 5120 ============================================================

15:58:52.0515 5120 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

15:58:52.0515 5120 ============================================================

15:58:52.0515 5120 \Device\Harddisk0\DR0:

15:58:52.0531 5120 MBR partitions:

15:58:52.0531 5120 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2711637

15:58:52.0562 5120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x71FF044B

15:58:52.0562 5120 ============================================================

15:58:52.0593 5120 C: <-> \Device\Harddisk0\DR0\Partition0

15:58:52.0625 5120 D: <-> \Device\Harddisk0\DR0\Partition1

15:58:52.0625 5120 ============================================================

15:58:52.0625 5120 Initialize success

15:58:52.0625 5120 ============================================================

15:59:00.0593 4732 ============================================================

15:59:00.0593 4732 Scan started

15:59:00.0593 4732 Mode: Manual; SigCheck; TDLFS;

15:59:00.0593 4732 ============================================================

15:59:01.0562 4732 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) D:\Programs\SUPERAntiSpyware\SASCORE.EXE

15:59:01.0640 4732 !SASCORE - ok

15:59:01.0718 4732 Abiosdsk - ok

15:59:01.0718 4732 abp480n5 - ok

15:59:01.0750 4732 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

15:59:01.0984 4732 ACPI - ok

15:59:02.0000 4732 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

15:59:02.0093 4732 ACPIEC - ok

15:59:02.0140 4732 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

15:59:02.0156 4732 AdobeFlashPlayerUpdateSvc - ok

15:59:02.0156 4732 adpu160m - ok

15:59:02.0187 4732 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

15:59:02.0265 4732 aec - ok

15:59:02.0296 4732 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

15:59:02.0312 4732 AFD - ok

15:59:02.0312 4732 Aha154x - ok

15:59:02.0312 4732 aic78u2 - ok

15:59:02.0312 4732 aic78xx - ok

15:59:02.0343 4732 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

15:59:02.0406 4732 Alerter - ok

15:59:02.0421 4732 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

15:59:02.0468 4732 ALG - ok

15:59:02.0468 4732 AliIde - ok

15:59:02.0625 4732 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys

15:59:02.0687 4732 Ambfilt - ok

15:59:02.0750 4732 amsint - ok

15:59:02.0796 4732 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

15:59:02.0828 4732 AppMgmt - ok

15:59:02.0828 4732 asc - ok

15:59:02.0843 4732 asc3350p - ok

15:59:02.0843 4732 asc3550 - ok

15:59:02.0921 4732 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

15:59:02.0937 4732 aspnet_state - ok

15:59:02.0953 4732 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

15:59:03.0031 4732 AsyncMac - ok

15:59:03.0046 4732 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

15:59:03.0109 4732 atapi - ok

15:59:03.0109 4732 Atdisk - ok

15:59:03.0125 4732 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

15:59:03.0187 4732 Atmarpc - ok

15:59:03.0203 4732 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

15:59:03.0234 4732 AudioSrv - ok

15:59:03.0265 4732 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

15:59:03.0328 4732 audstub - ok

15:59:03.0343 4732 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

15:59:03.0421 4732 Beep - ok

15:59:03.0437 4732 BIOS (be5d50529799b9bab6be879ec768b6cf) C:\WINDOWS\system32\drivers\BIOS.sys

15:59:03.0453 4732 BIOS ( UnsignedFile.Multi.Generic ) - warning

15:59:03.0453 4732 BIOS - detected UnsignedFile.Multi.Generic (1)

15:59:03.0500 4732 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

15:59:03.0578 4732 BITS - ok

15:59:03.0593 4732 BlueletAudio (5ff9a3f3476d726ae62da82d5da94c36) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys

15:59:03.0625 4732 BlueletAudio - ok

15:59:03.0625 4732 BlueletSCOAudio (bd91afc523fd59f881e1763c38fb772f) C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys

15:59:03.0671 4732 BlueletSCOAudio - ok

15:59:03.0734 4732 BlueSoleil Hid Service (e460dbc78b9162a569c6ce3b7d31216d) C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

15:59:03.0781 4732 BlueSoleil Hid Service - ok

15:59:03.0796 4732 Bonjour Service (73686fe0b2e0469f89fd2075be724704) C:\Program Files\Bonjour\mDNSResponder.exe

15:59:03.0812 4732 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning

15:59:03.0812 4732 Bonjour Service - detected UnsignedFile.Multi.Generic (1)

15:59:03.0828 4732 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

15:59:03.0890 4732 Browser - ok

15:59:03.0906 4732 BT (c5cce2b26f73f8cf7f3c82159e79aa08) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys

15:59:03.0906 4732 BT - ok

15:59:03.0937 4732 Btcsrusb (fb2abc6d08d9f8d5ed8e02cbd18b39bb) C:\WINDOWS\system32\Drivers\btcusb.sys

15:59:03.0937 4732 Btcsrusb - ok

15:59:03.0953 4732 BTHidEnum (ce643d0918123d76a5caab008fca9663) C:\WINDOWS\system32\Drivers\vbtenum.sys

15:59:03.0984 4732 BTHidEnum - ok

15:59:03.0984 4732 BTHidMgr (dfca4fe4c8aec786b4d0f432eb730f48) C:\WINDOWS\system32\Drivers\BTHidMgr.sys

15:59:04.0015 4732 BTHidMgr - ok

15:59:04.0031 4732 CA561 (50ded7c73e0fb40693edab8cad7c46e7) C:\WINDOWS\system32\Drivers\SPCA561.SYS

15:59:04.0078 4732 CA561 - ok

15:59:04.0140 4732 catchme - ok

15:59:04.0156 4732 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

15:59:04.0234 4732 cbidf2k - ok

15:59:04.0250 4732 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

15:59:04.0281 4732 CCDECODE - ok

15:59:04.0281 4732 cd20xrnt - ok

15:59:04.0296 4732 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

15:59:04.0359 4732 Cdaudio - ok

15:59:04.0390 4732 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

15:59:04.0453 4732 Cdfs - ok

15:59:04.0484 4732 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

15:59:04.0562 4732 Cdrom - ok

15:59:04.0562 4732 Changer - ok

15:59:04.0578 4732 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

15:59:04.0640 4732 CiSvc - ok

15:59:04.0656 4732 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

15:59:04.0718 4732 ClipSrv - ok

15:59:04.0765 4732 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:59:04.0781 4732 clr_optimization_v2.0.50727_32 - ok

15:59:04.0828 4732 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:59:04.0843 4732 clr_optimization_v4.0.30319_32 - ok

15:59:04.0843 4732 CmdIde - ok

15:59:04.0843 4732 COMSysApp - ok

15:59:04.0859 4732 Cpqarray - ok

15:59:04.0859 4732 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

15:59:04.0937 4732 CryptSvc - ok

15:59:04.0937 4732 dac2w2k - ok

15:59:04.0937 4732 dac960nt - ok

15:59:05.0031 4732 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

15:59:05.0062 4732 DcomLaunch - ok

15:59:05.0078 4732 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

15:59:05.0140 4732 Dhcp - ok

15:59:05.0156 4732 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

15:59:05.0234 4732 Disk - ok

15:59:05.0234 4732 dmadmin - ok

15:59:05.0312 4732 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

15:59:05.0390 4732 dmboot - ok

15:59:05.0453 4732 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

15:59:05.0515 4732 dmio - ok

15:59:05.0546 4732 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

15:59:05.0609 4732 dmload - ok

15:59:05.0625 4732 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

15:59:05.0703 4732 dmserver - ok

15:59:05.0734 4732 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

15:59:05.0796 4732 DMusic - ok

15:59:05.0828 4732 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

15:59:05.0843 4732 Dnscache - ok

15:59:05.0859 4732 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

15:59:05.0937 4732 Dot3svc - ok

15:59:05.0937 4732 dpti2o - ok

15:59:05.0937 4732 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

15:59:06.0015 4732 drmkaud - ok

15:59:06.0046 4732 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys

15:59:06.0078 4732 dtsoftbus01 - ok

15:59:06.0109 4732 eamon (4438a150e60bd43889e4229f3fb65911) C:\WINDOWS\system32\DRIVERS\eamon.sys

15:59:06.0109 4732 eamon - ok

15:59:06.0140 4732 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

15:59:06.0203 4732 EapHost - ok

15:59:06.0218 4732 ehdrv (1707cc0bde273efe767a91ef509b3052) C:\WINDOWS\system32\DRIVERS\ehdrv.sys

15:59:06.0250 4732 ehdrv - ok

15:59:06.0281 4732 EhttpSrv (89f1e33b016355cfd091d5d3fbd0364c) C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

15:59:06.0296 4732 EhttpSrv - ok

15:59:06.0343 4732 ekrn (3dd38540e4a368184f85e3ea98bf5595) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

15:59:06.0359 4732 ekrn - ok

15:59:06.0390 4732 epfwtdir (1709caa9199d9a2aaa09c3d72cc71a82) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys

15:59:06.0421 4732 epfwtdir - ok

15:59:06.0437 4732 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

15:59:06.0500 4732 ERSvc - ok

15:59:06.0531 4732 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

15:59:06.0562 4732 Eventlog - ok

15:59:06.0593 4732 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

15:59:06.0609 4732 EventSystem - ok

15:59:06.0656 4732 EverestDriver - ok

15:59:06.0687 4732 ezGOSvc (da7ed3a484a2a03fd8aec1b3a0db401c) C:\WINDOWS\system32\ezGOSvc.dll

15:59:06.0687 4732 ezGOSvc - ok

15:59:06.0734 4732 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

15:59:06.0828 4732 Fastfat - ok

15:59:06.0859 4732 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

15:59:06.0890 4732 FastUserSwitchingCompatibility - ok

15:59:06.0906 4732 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

15:59:06.0984 4732 Fdc - ok

15:59:07.0000 4732 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

15:59:07.0062 4732 Fips - ok

15:59:07.0156 4732 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

15:59:07.0187 4732 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning

15:59:07.0187 4732 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)

15:59:07.0203 4732 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

15:59:07.0281 4732 Flpydisk - ok

15:59:07.0328 4732 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

15:59:07.0406 4732 FltMgr - ok

15:59:07.0453 4732 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

15:59:07.0468 4732 FontCache3.0.0.0 - ok

15:59:07.0484 4732 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

15:59:07.0562 4732 Fs_Rec - ok

15:59:07.0562 4732 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

15:59:07.0640 4732 Ftdisk - ok

15:59:07.0640 4732 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

15:59:07.0718 4732 Gpc - ok

15:59:07.0781 4732 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

15:59:07.0796 4732 gupdate - ok

15:59:07.0796 4732 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

15:59:07.0796 4732 gupdatem - ok

15:59:07.0812 4732 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys

15:59:07.0812 4732 hamachi - ok

15:59:07.0906 4732 Hamachi2Svc (fa89c0429821c7c429eec7a0ce1c02d3) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

15:59:07.0937 4732 Hamachi2Svc - ok

15:59:07.0953 4732 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

15:59:08.0031 4732 HDAudBus - ok

15:59:08.0062 4732 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

15:59:08.0125 4732 helpsvc - ok

15:59:08.0140 4732 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

15:59:08.0203 4732 HidServ - ok

15:59:08.0234 4732 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

15:59:08.0296 4732 hidusb - ok

15:59:08.0312 4732 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

15:59:08.0390 4732 hkmsvc - ok

15:59:08.0390 4732 hpn - ok

15:59:08.0437 4732 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

15:59:08.0468 4732 HTTP - ok

15:59:08.0484 4732 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

15:59:08.0562 4732 HTTPFilter - ok

15:59:08.0593 4732 hwpsgt (a439ebd90afdb1f516c875b9b317832f) C:\WINDOWS\system32\DRIVERS\hwpsgt.sys

15:59:08.0625 4732 hwpsgt ( UnsignedFile.Multi.Generic ) - warning

15:59:08.0625 4732 hwpsgt - detected UnsignedFile.Multi.Generic (1)

15:59:08.0625 4732 i2omgmt - ok

15:59:08.0625 4732 i2omp - ok

15:59:08.0640 4732 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

15:59:08.0718 4732 i8042prt - ok

15:59:08.0859 4732 ialm (891e8c110304a878ead86bcf1f7e66d5) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

15:59:08.0921 4732 ialm - ok

15:59:09.0000 4732 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

15:59:09.0015 4732 IDriverT ( UnsignedFile.Multi.Generic ) - warning

15:59:09.0015 4732 IDriverT - detected UnsignedFile.Multi.Generic (1)

15:59:09.0140 4732 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

15:59:09.0171 4732 idsvc - ok

15:59:09.0234 4732 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

15:59:09.0312 4732 Imapi - ok

15:59:09.0343 4732 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

15:59:09.0421 4732 ImapiService - ok

15:59:09.0421 4732 ini910u - ok

15:59:09.0750 4732 IntcAzAudAddService (7a9299f48d6f2e802e5b0e0dc508842a) C:\WINDOWS\system32\drivers\RtkHDAud.sys

15:59:09.0875 4732 IntcAzAudAddService - ok

15:59:10.0015 4732 IntcDAud (a58a567b601866bee62d8dda78e6e101) C:\WINDOWS\system32\DRIVERS\IntcDAud.sys

15:59:10.0046 4732 IntcDAud - ok

15:59:10.0046 4732 IntelIde - ok

15:59:10.0062 4732 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

15:59:10.0140 4732 intelppm - ok

15:59:10.0156 4732 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

15:59:10.0234 4732 Ip6Fw - ok

15:59:10.0250 4732 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

15:59:10.0343 4732 IpFilterDriver - ok

15:59:10.0359 4732 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

15:59:10.0421 4732 IpInIp - ok

15:59:10.0453 4732 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

15:59:10.0515 4732 IpNat - ok

15:59:10.0531 4732 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

15:59:10.0609 4732 IPSec - ok

15:59:10.0625 4732 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

15:59:10.0671 4732 IRENUM - ok

15:59:10.0734 4732 IS360service (f5cf53d41f5a6b9d66b8c49c2de43064) C:\Program Files\IObit\IObit Security 360\IS360srv.exe

15:59:10.0750 4732 IS360service - ok

15:59:10.0781 4732 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

15:59:10.0859 4732 isapnp - ok

15:59:10.0968 4732 JavaQuickStarterService (0a5709543986843d37a92290b7838340) D:\Programs\fwfef\bin\jqs.exe

15:59:10.0984 4732 JavaQuickStarterService - ok

15:59:11.0000 4732 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

15:59:11.0078 4732 Kbdclass - ok

15:59:11.0093 4732 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

15:59:11.0171 4732 kbdhid - ok

15:59:11.0203 4732 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

15:59:11.0265 4732 kmixer - ok

15:59:11.0312 4732 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

15:59:11.0343 4732 KSecDD - ok

15:59:11.0375 4732 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

15:59:11.0390 4732 LanmanServer - ok

15:59:11.0421 4732 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

15:59:11.0437 4732 lanmanworkstation - ok

15:59:11.0453 4732 lbrtfdc - ok

15:59:11.0468 4732 lemsgt (057da656166893842dd401c25a058c4e) C:\WINDOWS\system32\DRIVERS\lemsgt.sys

15:59:11.0484 4732 lemsgt ( UnsignedFile.Multi.Generic ) - warning

15:59:11.0484 4732 lemsgt - detected UnsignedFile.Multi.Generic (1)

15:59:11.0500 4732 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

15:59:11.0593 4732 LmHosts - ok

15:59:11.0609 4732 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

15:59:11.0671 4732 Messenger - ok

15:59:11.0734 4732 Microsoft SharePoint Workspace Audit Service - ok

15:59:11.0750 4732 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

15:59:11.0843 4732 mnmdd - ok

15:59:11.0875 4732 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

15:59:11.0937 4732 mnmsrvc - ok

15:59:11.0953 4732 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

15:59:12.0031 4732 Modem - ok

15:59:12.0109 4732 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys

15:59:12.0156 4732 Monfilt - ok

15:59:12.0156 4732 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

15:59:12.0234 4732 Mouclass - ok

15:59:12.0250 4732 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

15:59:12.0312 4732 mouhid - ok

15:59:12.0328 4732 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

15:59:12.0406 4732 MountMgr - ok

15:59:12.0437 4732 MozillaMaintenance - ok

15:59:12.0437 4732 mraid35x - ok

15:59:12.0453 4732 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

15:59:12.0546 4732 MRxDAV - ok

15:59:12.0578 4732 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

15:59:12.0609 4732 MRxSmb - ok

15:59:12.0656 4732 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

15:59:12.0734 4732 MSDTC - ok

15:59:12.0765 4732 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

15:59:12.0812 4732 Msfs - ok

15:59:12.0812 4732 MSIServer - ok

15:59:12.0843 4732 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

15:59:12.0906 4732 MSKSSRV - ok

15:59:12.0937 4732 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

15:59:13.0015 4732 MSPCLOCK - ok

15:59:13.0031 4732 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

15:59:13.0093 4732 MSPQM - ok

15:59:13.0125 4732 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

15:59:13.0187 4732 mssmbios - ok

15:59:13.0203 4732 MSTEE (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys

15:59:13.0265 4732 MSTEE - ok

15:59:13.0296 4732 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

15:59:13.0312 4732 Mup - ok

15:59:13.0343 4732 NABTSFEC (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

15:59:13.0375 4732 NABTSFEC - ok

15:59:13.0468 4732 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

15:59:13.0546 4732 napagent - ok

15:59:13.0625 4732 NAUpdate (1bbbf640bc0e0b750537baece8d66c18) C:\Program Files\Nero\Update\NASvc.exe

15:59:13.0640 4732 NAUpdate - ok

15:59:13.0671 4732 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

15:59:13.0734 4732 NDIS - ok

15:59:13.0750 4732 NdisIP (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

15:59:13.0781 4732 NdisIP - ok

15:59:13.0812 4732 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

15:59:13.0828 4732 NdisTapi - ok

15:59:13.0859 4732 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

15:59:13.0921 4732 Ndisuio - ok

15:59:13.0937 4732 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

15:59:14.0015 4732 NdisWan - ok

15:59:14.0031 4732 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

15:59:14.0046 4732 NDProxy - ok

15:59:14.0078 4732 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

15:59:14.0156 4732 NetBIOS - ok

15:59:14.0171 4732 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

15:59:14.0234 4732 NetBT - ok

15:59:14.0250 4732 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

15:59:14.0312 4732 NetDDE - ok

15:59:14.0312 4732 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

15:59:14.0375 4732 NetDDEdsdm - ok

15:59:14.0421 4732 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:59:14.0484 4732 Netlogon - ok

15:59:14.0515 4732 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

15:59:14.0593 4732 Netman - ok

15:59:14.0656 4732 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

15:59:14.0671 4732 NetTcpPortSharing - ok

15:59:14.0703 4732 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

15:59:14.0718 4732 Nla - ok

15:59:14.0750 4732 nmwcd (b0a67de1a128389aea4d42c5a56215fd) C:\WINDOWS\system32\drivers\ccdcmb.sys

15:59:14.0843 4732 nmwcd - ok

15:59:14.0859 4732 nmwcdc (025c54f9f8c8bc1894ea38529c742c54) C:\WINDOWS\system32\drivers\ccdcmbo.sys

15:59:14.0906 4732 nmwcdc - ok

15:59:14.0937 4732 nmwcdnsu (4f0de685a96dc843ccc8a861b3fac12d) C:\WINDOWS\system32\drivers\nmwcdnsu.sys

15:59:14.0984 4732 nmwcdnsu - ok

15:59:15.0000 4732 nmwcdnsuc (578117c0c0cf10d99c8853e83c4bc63c) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys

15:59:15.0031 4732 nmwcdnsuc - ok

15:59:15.0046 4732 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

15:59:15.0109 4732 Npfs - ok

15:59:15.0156 4732 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

15:59:15.0218 4732 Ntfs - ok

15:59:15.0234 4732 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:59:15.0296 4732 NtLmSsp - ok

15:59:15.0328 4732 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

15:59:15.0406 4732 NtmsSvc - ok

15:59:15.0437 4732 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

15:59:15.0531 4732 Null - ok

15:59:15.0546 4732 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

15:59:15.0609 4732 NwlnkFlt - ok

15:59:15.0625 4732 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

15:59:15.0687 4732 NwlnkFwd - ok

15:59:15.0781 4732 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:59:15.0781 4732 ose - ok

15:59:16.0078 4732 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

15:59:16.0171 4732 osppsvc - ok

15:59:16.0296 4732 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

15:59:16.0359 4732 Parport - ok

15:59:16.0375 4732 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

15:59:16.0453 4732 PartMgr - ok

15:59:16.0453 4732 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

15:59:16.0531 4732 ParVdm - ok

15:59:16.0546 4732 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

15:59:16.0578 4732 pccsmcfd - ok

15:59:16.0593 4732 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

15:59:16.0671 4732 PCI - ok

15:59:16.0671 4732 PCIDump - ok

15:59:16.0671 4732 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

15:59:16.0750 4732 PCIIde - ok

15:59:16.0781 4732 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

15:59:16.0890 4732 Pcmcia - ok

15:59:16.0890 4732 PDCOMP - ok

15:59:16.0890 4732 PDFRAME - ok

15:59:16.0890 4732 PDRELI - ok

15:59:16.0890 4732 PDRFRAME - ok

15:59:16.0890 4732 perc2 - ok

15:59:16.0890 4732 perc2hib - ok

15:59:16.0921 4732 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

15:59:16.0937 4732 PlugPlay - ok

15:59:16.0968 4732 PnkBstrA (a1dd33d16f277ce34124ee52ab2c0f14) C:\WINDOWS\system32\PnkBstrA.exe

15:59:16.0984 4732 PnkBstrA - ok

15:59:17.0000 4732 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:59:17.0062 4732 PolicyAgent - ok

15:59:17.0078 4732 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

15:59:17.0156 4732 PptpMiniport - ok

15:59:17.0156 4732 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:59:17.0218 4732 ProtectedStorage - ok

15:59:17.0234 4732 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

15:59:17.0312 4732 PSched - ok

15:59:17.0328 4732 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

15:59:17.0390 4732 Ptilink - ok

15:59:17.0437 4732 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

15:59:17.0453 4732 PxHelp20 - ok

15:59:17.0453 4732 ql1080 - ok

15:59:17.0453 4732 Ql10wnt - ok

15:59:17.0453 4732 ql12160 - ok

15:59:17.0453 4732 ql1240 - ok

15:59:17.0468 4732 ql1280 - ok

15:59:17.0468 4732 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

15:59:17.0531 4732 RasAcd - ok

15:59:17.0546 4732 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

15:59:17.0609 4732 RasAuto - ok

15:59:17.0625 4732 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

15:59:17.0703 4732 Rasl2tp - ok

15:59:17.0734 4732 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

15:59:17.0796 4732 RasMan - ok

15:59:17.0796 4732 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

15:59:17.0859 4732 RasPppoe - ok

15:59:17.0859 4732 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

15:59:17.0937 4732 Raspti - ok

15:59:17.0984 4732 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

15:59:18.0093 4732 Rdbss - ok

15:59:18.0109 4732 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

15:59:18.0187 4732 RDPCDD - ok

15:59:18.0203 4732 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

15:59:18.0281 4732 rdpdr - ok

15:59:18.0312 4732 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

15:59:18.0328 4732 RDPWD - ok

15:59:18.0343 4732 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

15:59:18.0406 4732 RDSessMgr - ok

15:59:18.0421 4732 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

15:59:18.0500 4732 redbook - ok

15:59:18.0515 4732 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

15:59:18.0593 4732 RemoteAccess - ok

15:59:18.0609 4732 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

15:59:18.0687 4732 RemoteRegistry - ok

15:59:18.0718 4732 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys

15:59:18.0781 4732 ROOTMODEM - ok

15:59:18.0812 4732 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

15:59:18.0875 4732 RpcLocator - ok

15:59:18.0921 4732 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll

15:59:18.0937 4732 RpcSs - ok

15:59:18.0968 4732 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

15:59:19.0046 4732 RSVP - ok

15:59:19.0078 4732 RTLE8023xp (c48e7bbc6a17a0676079e11a13e82549) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

15:59:19.0093 4732 RTLE8023xp - ok

15:59:19.0109 4732 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:59:19.0171 4732 SamSs - ok

15:59:19.0203 4732 SASDIFSV (39763504067962108505bff25f024345) D:\Programs\SUPERAntiSpyware\SASDIFSV.SYS

15:59:19.0218 4732 SASDIFSV - ok

15:59:19.0250 4732 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) D:\Programs\SUPERAntiSpyware\SASKUTIL.SYS

15:59:19.0265 4732 SASKUTIL - ok

15:59:19.0296 4732 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

15:59:19.0375 4732 SCardSvr - ok

15:59:19.0406 4732 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

15:59:19.0484 4732 Schedule - ok

15:59:19.0500 4732 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

15:59:19.0531 4732 Secdrv - ok

15:59:19.0562 4732 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

15:59:19.0625 4732 seclogon - ok

15:59:19.0640 4732 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

15:59:19.0703 4732 SENS - ok

15:59:19.0734 4732 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

15:59:19.0812 4732 serenum - ok

15:59:19.0812 4732 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

15:59:19.0906 4732 Serial - ok

15:59:19.0984 4732 ServiceLayer (668043f192ab9659761a349a4703600d) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

15:59:20.0015 4732 ServiceLayer - ok

15:59:20.0046 4732 sfdrv01 (56250672235bbe54ba8a4963b1ac997c) C:\WINDOWS\system32\drivers\sfdrv01.sys

15:59:20.0046 4732 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning

15:59:20.0046 4732 sfdrv01 - detected UnsignedFile.Multi.Generic (1)

15:59:20.0078 4732 sfhlp02 (3ad2b15ccc03febfbaf5ff057822aa75) C:\WINDOWS\system32\drivers\sfhlp02.sys

15:59:20.0109 4732 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning

15:59:20.0109 4732 sfhlp02 - detected UnsignedFile.Multi.Generic (1)

15:59:20.0125 4732 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

15:59:20.0203 4732 Sfloppy - ok

15:59:20.0203 4732 sfsync02 (798d918d8f20380008277ce3ce5319d1) C:\WINDOWS\system32\drivers\sfsync02.sys

15:59:20.0218 4732 sfsync02 ( UnsignedFile.Multi.Generic ) - warning

15:59:20.0218 4732 sfsync02 - detected UnsignedFile.Multi.Generic (1)

15:59:20.0265 4732 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

15:59:20.0343 4732 SharedAccess - ok

15:59:20.0375 4732 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

15:59:20.0390 4732 ShellHWDetection - ok

15:59:20.0390 4732 Simbad - ok

15:59:20.0484 4732 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe

15:59:20.0500 4732 SkypeUpdate - ok

15:59:20.0531 4732 SLIP (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys

15:59:20.0562 4732 SLIP - ok

15:59:20.0562 4732 Sparrow - ok

15:59:20.0578 4732 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

15:59:20.0656 4732 splitter - ok

15:59:20.0687 4732 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

15:59:20.0703 4732 Spooler - ok

15:59:20.0750 4732 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

15:59:20.0781 4732 sr - ok

15:59:20.0812 4732 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

15:59:20.0843 4732 srservice - ok

15:59:20.0890 4732 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

15:59:20.0921 4732 Srv - ok

15:59:20.0937 4732 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

15:59:21.0000 4732 SSDPSRV - ok

15:59:21.0031 4732 Start BT in service (9d1a8732718438dc8c472d4d7762de5f) C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe

15:59:21.0046 4732 Start BT in service - ok

15:59:21.0078 4732 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

15:59:21.0156 4732 stisvc - ok

15:59:21.0187 4732 streamip (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

15:59:21.0203 4732 streamip - ok

15:59:21.0218 4732 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

15:59:21.0296 4732 swenum - ok

15:59:21.0312 4732 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

15:59:21.0390 4732 swmidi - ok

15:59:21.0390 4732 SwPrv - ok

15:59:21.0390 4732 symc810 - ok

15:59:21.0406 4732 symc8xx - ok

15:59:21.0406 4732 sym_hi - ok

15:59:21.0406 4732 sym_u3 - ok

15:59:21.0406 4732 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

15:59:21.0468 4732 sysaudio - ok

15:59:21.0500 4732 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

15:59:21.0578 4732 SysmonLog - ok

15:59:21.0609 4732 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32 apisrv.dll

15:59:21.0671 4732 TapiSrv - ok

15:59:21.0765 4732 Tcpip (d24ea301e2b36c4e975fd216ca85d8e7) C:\WINDOWS\system32\DRIVERS cpip.sys

15:59:21.0781 4732 Tcpip ( UnsignedFile.Multi.Generic ) - warning

15:59:21.0781 4732 Tcpip - detected UnsignedFile.Multi.Generic (1)

15:59:21.0812 4732 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

15:59:21.0921 4732 TDPIPE - ok

15:59:21.0937 4732 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

15:59:22.0000 4732 TDTCP - ok

15:59:22.0015 4732 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS ermdd.sys

15:59:22.0093 4732 TermDD - ok

15:59:22.0125 4732 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32 ermsrv.dll

15:59:22.0203 4732 TermService - ok

15:59:22.0281 4732 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

15:59:22.0296 4732 Themes - ok

15:59:22.0312 4732 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32 lntsvr.exe

15:59:22.0359 4732 TlntSvr - ok

15:59:22.0359 4732 TosIde - ok

15:59:22.0390 4732 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32 rkwks.dll

15:59:22.0468 4732 TrkWks - ok

15:59:22.0484 4732 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

15:59:22.0562 4732 Udfs - ok

15:59:22.0562 4732 ultra - ok

15:59:22.0593 4732 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

15:59:22.0687 4732 Update - ok

15:59:22.0703 4732 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

15:59:22.0750 4732 upnphost - ok

15:59:22.0781 4732 upperdev (78b74af8727a28c128e164e9b53a5413) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

15:59:22.0812 4732 upperdev - ok

15:59:22.0843 4732 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

15:59:22.0906 4732 UPS - ok

15:59:22.0921 4732 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

15:59:23.0000 4732 usbccgp - ok

15:59:23.0031 4732 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

15:59:23.0125 4732 usbehci - ok

15:59:23.0140 4732 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

15:59:23.0203 4732 usbhub - ok

15:59:23.0218 4732 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

15:59:23.0296 4732 usbscan - ok

15:59:23.0312 4732 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys

15:59:23.0375 4732 usbser - ok

15:59:23.0390 4732 UsbserFilt (4f8fbc51a1c0a17310846b417a447f91) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

15:59:23.0421 4732 UsbserFilt - ok

15:59:23.0453 4732 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

15:59:23.0531 4732 USBSTOR - ok

15:59:23.0562 4732 VComm (51750b0539986186c6931fc40d171521) C:\WINDOWS\system32\DRIVERS\VComm.sys

15:59:23.0578 4732 VComm - ok

15:59:23.0593 4732 VcommMgr (6d9c891c0a761afed1f3609c2e56f2b9) C:\WINDOWS\system32\Drivers\VcommMgr.sys

15:59:23.0593 4732 VcommMgr - ok

15:59:23.0625 4732 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

15:59:23.0703 4732 VgaSave - ok

15:59:23.0703 4732 ViaIde - ok

15:59:23.0718 4732 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

15:59:23.0796 4732 VolSnap - ok

15:59:23.0828 4732 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

15:59:23.0890 4732 VSS - ok

15:59:23.0921 4732 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

15:59:23.0984 4732 W32Time - ok

15:59:24.0000 4732 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

15:59:24.0078 4732 Wanarp - ok

15:59:24.0125 4732 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

15:59:24.0140 4732 Wdf01000 - ok

15:59:24.0140 4732 WDICA - ok

15:59:24.0156 4732 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

15:59:24.0234 4732 wdmaud - ok

15:59:24.0265 4732 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

15:59:24.0359 4732 WebClient - ok

15:59:24.0375 4732 WinFLdrv (7575ab6902c3f321d62a8e5a7e4f55a9) C:\WINDOWS\system32\WinFLdrv.sys

15:59:24.0390 4732 Suspicious file (Hidden): C:\WINDOWS\system32\WinFLdrv.sys. md5: 7575ab6902c3f321d62a8e5a7e4f55a9

15:59:24.0390 4732 WinFLdrv ( HiddenFile.Multi.Generic ) - warning

15:59:24.0390 4732 WinFLdrv - detected HiddenFile.Multi.Generic (1)

15:59:24.0437 4732 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

15:59:24.0500 4732 winmgmt - ok

15:59:24.0593 4732 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll

15:59:24.0640 4732 WinRM - ok

15:59:24.0687 4732 WinVd32 (58997182304759f46902a62128d44d5c) C:\WINDOWS\system32\WinVd32.sys

15:59:24.0734 4732 WinVd32 ( UnsignedFile.Multi.Generic ) - warning

15:59:24.0734 4732 WinVd32 - detected UnsignedFile.Multi.Generic (1)

15:59:24.0765 4732 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

15:59:24.0781 4732 WmdmPmSN - ok

15:59:24.0843 4732 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

15:59:24.0859 4732 Wmi - ok

15:59:24.0968 4732 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

15:59:25.0031 4732 WmiApSrv - ok

15:59:25.0078 4732 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

15:59:25.0093 4732 WpdUsb - ok

15:59:25.0187 4732 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

15:59:25.0203 4732 WPFFontCache_v0400 - ok

15:59:25.0250 4732 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

15:59:25.0312 4732 WS2IFSL - ok

15:59:25.0343 4732 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

15:59:25.0421 4732 wscsvc - ok

15:59:25.0437 4732 WSTCODEC (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

15:59:25.0468 4732 WSTCODEC - ok

15:59:25.0484 4732 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

15:59:25.0562 4732 wuauserv - ok

15:59:25.0578 4732 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

15:59:25.0609 4732 WudfPf - ok

15:59:25.0625 4732 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

15:59:25.0640 4732 WudfRd - ok

15:59:25.0656 4732 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

15:59:25.0671 4732 WudfSvc - ok

15:59:25.0718 4732 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

15:59:25.0812 4732 WZCSVC - ok

15:59:25.0828 4732 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

15:59:25.0906 4732 xmlprov - ok

15:59:25.0921 4732 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

15:59:26.0250 4732 \Device\Harddisk0\DR0 - ok

15:59:26.0250 4732 Boot (0x1200) (6420de16265c70cbb39790d6e19f2ad5) \Device\Harddisk0\DR0\Partition0

15:59:26.0250 4732 \Device\Harddisk0\DR0\Partition0 - ok

15:59:26.0250 4732 Boot (0x1200) (f8c94aaa35936d457751edeafd79883f) \Device\Harddisk0\DR0\Partition1

15:59:26.0250 4732 \Device\Harddisk0\DR0\Partition1 - ok

15:59:26.0250 4732 ============================================================

15:59:26.0250 4732 Scan finished

15:59:26.0250 4732 ============================================================

15:59:26.0359 6124 Detected object count: 12

15:59:26.0359 6124 Actual detected object count: 12

15:59:58.0968 6124 BIOS ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 BIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 hwpsgt ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 hwpsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 lemsgt ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 lemsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 WinFLdrv ( HiddenFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 WinFLdrv ( HiddenFile.Multi.Generic ) - User select action: Skip

15:59:58.0968 6124 WinVd32 ( UnsignedFile.Multi.Generic ) - skipped by user

15:59:58.0968 6124 WinVd32 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Night_Raven · Май 15, 2012

При това положение можем да приемем, че системата е чиста, освен ако нямаш други оплаквания.

Отвори Start -> Run. В полето пейстни следния текст и кликни OK:

"%userprofile%\Desktop\ComboFix.exe" /uninstall

Това ще деинсталира ComboFix.

Можеш да премахнеш останалите приложения, които са били използвани.

Viksi95 · Май 16, 2012

Добре

Много ти благодаря !

mord · Май 18, 2012

имам следния проблем фейсбук не ми се отваря .опитах с някой от съветите за антивирусни програми които видях тук,но не помогна.чакам нови идеи ,благодаря!

OTL logfile created on: 2/26/2010 7:30:16 AM - Run 1

OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\user1\My Documents\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000402 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.23 Mb Total Physical Memory | 279.25 Mb Available Physical Memory | 27.29% Memory free

2.41 Gb Paging File | 1.77 Gb Available in Paging File | 73.68% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 48.83 Gb Total Space | 7.72 Gb Free Space | 15.81% Space Free | Partition Type: NTFS

Drive E: | 416.92 Gb Total Space | 23.29 Gb Free Space | 5.59% Space Free | Partition Type: NTFS

Computer Name: USER1-3281142A4 | User Name: user1 | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2012/05/11 09:36:38 | 003,940,264 | ---- | M] () -- C:\Program Files\Perfect Uninstaller\PU.exe

PRC - [2012/05/03 20:19:13 | 000,879,984 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe

PRC - [2012/04/25 01:02:26 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2012/04/16 17:49:06 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.382.0\SeaPort.EXE

PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2010/02/26 07:29:13 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user1\My Documents\Downloads\OTL.exe

PRC - [2008/11/10 01:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

PRC - [2008/04/14 12:30:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/11 09:36:38 | 003,940,264 | ---- | M] () -- C:\Program Files\Perfect Uninstaller\PU.exe

MOD - [2012/04/25 02:40:54 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components\RadioWMPCoreGecko12.dll

MOD - [2012/04/25 01:02:26 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2012/02/22 20:49:56 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll

MOD - [2011/06/09 20:42:57 | 006,271,136 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

MOD - [2010/04/29 16:12:04 | 000,621,888 | ---- | M] () -- C:\Program Files\Perfect Uninstaller\RegBrowser.dll

MOD - [2009/02/27 19:36:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.BGR

MOD - [2004/01/22 18:36:28 | 000,120,832 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\system32\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)

SRV - File not found [Disabled | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)

SRV - File not found [Disabled | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)

SRV - [2012/05/09 23:28:58 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012/04/25 01:02:27 | 000,129,976 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/04/18 22:17:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/04/16 17:49:06 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.382.0\SeaPort.EXE -- (BBUpdate)

SRV - [2012/04/16 17:49:06 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.382.0\BBSvc.EXE -- (BBSvc)

SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Disabled | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012/01/31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2011/10/24 20:29:34 | 002,398,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled | Stopped] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)

SRV - [2011/08/17 18:07:12 | 000,276,992 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Ticno\Multibar\SearchService.exe -- (TicnoSearch)

SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)

SRV - [2011/04/21 08:01:11 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011/01/28 13:22:50 | 000,632,792 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)

SRV - [2008/11/10 01:18:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\AsrCDDrv.sys -- (AsrCDDrv)

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (agifavfk)

DRV - [2012/05/09 23:28:59 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2012/05/09 23:28:59 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2012/04/19 05:23:20 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)

DRV - [2011/09/04 12:07:50 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)

DRV - [2011/09/04 12:07:49 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2011/07/29 02:50:10 | 007,084,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2010/07/21 16:00:32 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)

DRV - [2010/06/24 13:46:12 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliandMP)

DRV - [2010/06/24 13:46:12 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliand)

DRV - [2010/06/17 15:29:37 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010/06/17 15:29:27 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)

DRV - [2009/11/25 17:27:28 | 001,617,408 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)

DRV - [2009/07/28 13:25:00 | 000,143,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2009/06/26 11:59:34 | 001,656,960 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (AMBFilt)

DRV - [2008/12/02 11:26:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (MonFilt)

DRV - [2008/04/14 12:30:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2008/04/14 12:30:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2008/04/14 12:30:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

DRV - [2008/04/14 12:30:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)

DRV - [2005/05/27 09:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)

DRV - [2005/01/31 11:20:04 | 000,211,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)

DRV - [2004/01/26 20:06:35 | 000,095,552 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)

DRV - [2004/01/26 19:31:28 | 000,052,224 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)

DRV - [2003/12/01 19:50:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)

DRV - [2003/09/06 16:52:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm Stopped]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=119&systemid=2&q={searchTerms}

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}

IE - HKLM\..\SearchScopes\Yandex: "URL" = http://yandex.ru/yandsearch?clid=47356&text={searchTerms}

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=iear=iesearch

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=iepver=6ar=msnhome

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}

IE - HKU\.DEFAULT\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp

IE - HKU\.DEFAULT\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.com/route/?d=4cee02c8&v=6.103.18.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=iear=iesearch

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=iepver=6ar=msnhome

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}

IE - HKU\S-1-5-18\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp

IE - HKU\S-1-5-18\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.com/route/?d=4cee02c8&v=6.103.18.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=iear=iesearch

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=iepver=6ar=msnhome

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}

IE - HKU\S-1-5-19\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://webalta.ru

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=iear=iesearch

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=iepver=6ar=msnhome

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}

IE - HKU\S-1-5-20\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=B8DF

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://webalta.ru/poisk

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=iear=iesearch

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=111434&tt=100512_4_&babsrc=HP_ss&mntrId=6c34df410000000000000025224c4143

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - SOFTWARE\Classes\CLSID\{51a86bb3-6602-4c85-92a5-130ee4864f13}\InprocServer32 File not found

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111434&tt=100512_4_&babsrc=SP_ss&mntrId=6c34df410000000000000025224c4143

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = http://www.bing.com/search?FORM=NP01DF&PC=NP01&q={searchTerms}&src=IE-SearchBox

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=UTR&o=15467&src=crm&q={searchTerms}&locale=en_US

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7_____en

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={17F0735F-91DB-4471-AF4C-7973773C7518}&mid=Unknown&lang=en&ds=AVG&pr=fr&d=2011-10-12 09:08:53&v=8.0.0.40&sap=dsp&q={searchTerms}

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=119&systemid=2&q={searchTerms}

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-search.com/search?q={searchTerms}

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.com/route/?d=4cee02c8&v=6.103.18.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\{E88E0043-C9D4-4e33-8555-FEE4F5B63060}: "URL" = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\SearchScopes\Yandex: "URL" = http://yandex.ru/yandsearch?clid=47356&text={searchTerms}

IE - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT2776682.browser.search.defaultthis.engineName: true

FF - prefs.js..browser.search.defaultengine: "ask.com"

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"

FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=mkg030&p="

FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"

FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.search.usedbfororder: true

FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=111434&tt=100512_4_&babsrc=HP_ss&mntrId=6c34df410000000000000025224c4143"

FF - prefs.js..extensions.enabledItems: dttoolbar@toolbarnet.com:1.1.7.0190

FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.13.99999

FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001

FF - prefs.js..extensions.enabledItems: yasearch@yandex.ru:5.2.3

FF - prefs.js..extensions.enabledItems: {1fd91a9c-410c-4090-bbcc-55d3450ef433}:1.0

FF - prefs.js..extensions.enabledItems: {28387537-e3f9-4ed7-860c-11e69af4a8a0}:4.1.0.00

FF - prefs.js..extensions.enabledItems: adapter@babylontc.com:1.0.0.1

FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3

FF - prefs.js..extensions.enabledItems: {1e73965b-8b48-48be-9c8d-68b920abc1c4}:10.0.0.1319

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16

FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "avg secure search"

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"

FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "BrotherSoft Extreme Customized Web Search"

FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?SSPV=FFSB3&ctid=CT2776682&SearchSource=13"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll File not found

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\user1\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/10/08 06:18:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/11/10 08:31:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/24 21:49:00 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/24 00:02:38 | 000,000,000 | ---D | M]

[2011/11/26 06:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Extensions

[2010/09/18 05:17:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2010/02/25 07:28:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions

[2011/02/04 11:26:57 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}

[2012/03/27 05:19:36 | 000,000,000 | ---D | M] (РЎРїСѓС‚РЅРёРє @Mail.Ru) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}

[2010/02/24 21:55:41 | 000,000,000 | ---D | M] (BrotherSoft Extreme) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}

[2010/02/24 21:53:03 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010/02/24 21:55:07 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}

[2012/03/19 05:29:58 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions\bbrs_002@blabbers.com

[2010/02/25 07:28:52 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions\ffxtlbr@babylon.com

[2010/12/25 23:09:26 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions oolbar@ask.com

[2011/12/13 20:29:35 | 000,000,000 | ---D | M] (РЇРЅРґРµРєСЃ.Р‘Р°СЂ) -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\extensions\yasearch@yandex.ru

[2010/12/27 10:14:54 | 000,002,426 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\searchplugins\askcom.xml

[2011/11/10 08:31:53 | 000,003,700 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\searchplugins\avg-secure-search.xml

[2012/03/20 06:26:53 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\searchplugins\conduit.xml

[2010/09/18 20:08:39 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\searchplugins\daemon-search.xml

[2010/09/02 12:39:28 | 000,002,486 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\searchplugins\iMeshWebSearch.xml

[2012/03/27 05:19:50 | 000,001,533 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\searchplugins\mailru---.xml

[2011/10/28 21:06:10 | 000,002,520 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\searchplugins\SearchResults.xml

[2012/03/19 21:19:24 | 000,003,935 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\searchplugins\sweetim.xml

[2010/12/14 22:22:31 | 000,000,390 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\searchplugins\webalta-search.xml

[2012/02/10 06:52:47 | 000,002,166 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\wd0sjpae.default\searchplugins\ybqs-yandex.xml

[2012/03/19 22:27:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/03/19 22:27:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2012/04/25 01:02:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2012/04/25 01:02:27 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/11/03 11:29:20 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll

[2006/10/26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL

[2012/04/04 10:23:56 | 000,182,160 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

[2011/09/30 10:23:03 | 000,001,083 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\911bg.xml

[2011/09/30 10:23:03 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml

[2010/02/25 07:10:10 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2011/09/30 10:23:03 | 000,002,442 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\diribg.xml

[2012/04/25 01:02:24 | 000,003,413 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml

[2010/09/02 12:39:28 | 000,002,486 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\iMeshWebSearch.xml

[2011/09/30 10:23:03 | 000,001,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pe-bg.xml

[2011/09/30 10:23:03 | 000,001,857 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\portalbgdict.xml

[2011/10/28 21:06:10 | 000,002,520 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

[2011/09/30 10:23:03 | 000,001,220 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-bg.xml

========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)

CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3072253

CHR - default_search_provider: suggest_url = http://search.conduit.com/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.168\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\18.0.1025.168\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\plugins/avgnpss.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\user1\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

CHR - Extension: YouTube = C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\

CHR - Extension: Google Search = C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\

CHR - Extension: AVG Safe Search = C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\

CHR - Extension: Gmail = C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

O1 HOSTS File: ([2010/02/25 21:00:51 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll File not found

O2 - BHO: (MovieBario Toolbar) - {58beca16-cae6-4b7a-a0e8-153d0cbba63a} - C:\Program Files\Utubebario bUtu1.dll File not found

O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found

O2 - BHO: (no name) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No CLSID value found.

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.382.0\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll File not found

O3 - HKLM\..\Toolbar: (MovieBario Toolbar) - {58beca16-cae6-4b7a-a0e8-153d0cbba63a} - C:\Program Files\Utubebario bUtu1.dll File not found

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.382.0\BingExt.dll (Microsoft Corporation.)

O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll File not found

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\..\Toolbar\WebBrowser: (MovieBario Toolbar) - {58BECA16-CAE6-4B7A-A0E8-153D0CBBA63A} - C:\Program Files\Utubebario bUtu1.dll File not found

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1390067357-842925246-1177238915-1003..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1390067357-842925246-1177238915-1003..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O4 - HKU\S-1-5-21-1390067357-842925246-1177238915-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found

O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found

O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found

O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1390067357-842925246-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found

O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found

O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found

O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found

O9 - Extra Button: Преведи - {60237576-b24c-4ba9-9740-c9f3ec9db557} - C:\Program Files\SkyCode\WebTrance30\wt2ie.dll ()

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - Reg Error: Value error. File not found

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.87.194.4 95.87.255.190

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B47AF233-F7EB-45B7-907C-954FEEBC2194}: DhcpNameServer = 95.87.194.4 95.87.255.190

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBF4B826-8ABE-47E5-A6DD-04C33D5E861E}: NameServer = 95.87.194.4,95.87.255.190

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler v {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter ext/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify ermsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\user1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\user1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/09/18 04:18:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (MACHINE BootExecut)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "TicnoSearch"

MsConfig - Services: "Steam Client Service"

MsConfig - Services: "SkypeUpdate"

MsConfig - Services: "PLFlash DeviceIoControl Service"

MsConfig - Services: "PCToolsSSDMonitorSvc"

MsConfig - Services: "MozillaMaintenance"

MsConfig - Services: "McComponentHostService"

MsConfig - Services: "McAfee SiteAdvisor Service"

MsConfig - Services: "iPod Service"

MsConfig - Services: "IDriverT"

MsConfig - Services: "gupdatem"

MsConfig - Services: "gupdate"

MsConfig - Services: "BBUpdate"

MsConfig - Services: "BBSvc"

MsConfig - Services: "avgwd"

MsConfig - Services: "AVGIDSAgent"

MsConfig - Services: "avgfws"

MsConfig - Services: "Apple Mobile Device"

MsConfig - Services: "AdobeFlashPlayerUpdateSvc"

MsConfig - Services: "Adobe LM Service"

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^user1^Start Menu^Programs^Startup^Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig - StartUpReg: Alcmtr - hkey= - key= - File not found

MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)

MsConfig - StartUpReg: Asrsetup - hkey= - key= - File not found

MsConfig - StartUpReg: AVG_TRAY - hkey= - key= - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)

MsConfig - StartUpReg: Browser companion helper - hkey= - key= - C:\Program Files\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD)

MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\programi 1\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

MsConfig - StartUpReg: HDAudDeck - hkey= - key= - C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.)

MsConfig - StartUpReg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - File not found

MsConfig - StartUpReg: iTunesHelper - hkey= - key= - File not found

MsConfig - StartUpReg: LogitechSoftwareUpdate - hkey= - key= - C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)

MsConfig - StartUpReg: LogitechVideoRepair - hkey= - key= - C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)

MsConfig - StartUpReg: LogitechVideoTray - hkey= - key= - C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)

MsConfig - StartUpReg: LVCOMSX - hkey= - key= - File not found

MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

MsConfig - StartUpReg: multibar.exe - hkey= - key= - C:\Program Files\Ticno\Multibar\multibar.exe ()

MsConfig - StartUpReg: NBKeyScan - hkey= - key= - File not found

MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)

MsConfig - StartUpReg: SkyTel - hkey= - key= - File not found

MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

MsConfig - StartUpReg: SweetIM - hkey= - key= - File not found

MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\Winampa.exe ()

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 2

MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: nm - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

SafeBootNet: nm.sys - C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

========== Files/Folders - Created Within 90 Days ==========

[2012/05/07 23:39:41 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2012/05/07 23:39:40 | 000,138,192 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2012/05/07 23:39:40 | 000,066,616 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2012/05/07 23:39:40 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys

[2012/05/07 23:39:40 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys

[2012/05/07 23:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2012/05/07 23:22:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2012/05/03 20:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\CRE

[2012/04/25 03:40:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\Witcher 2

[2012/04/25 01:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla

[2012/04/24 06:26:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee

[2012/04/23 00:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar

[2012/04/20 03:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\Astroburn Lite

[2012/04/20 03:52:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Astroburn Lite

[2012/04/19 05:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Registry Mechanic

[2012/04/19 05:23:44 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox210.ocx

[2012/04/19 05:23:44 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBoxVB12.ocx

[2012/04/19 05:23:43 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\System32\UniBox10.ocx

[2012/04/19 05:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Mechanic

[2012/04/19 05:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools

[2012/04/19 01:43:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\DAEMON Tools Pro

[2012/04/19 01:43:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2012/04/18 22:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\AVG

[2012/04/17 23:40:11 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012/04/15 05:51:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee

[2012/03/19 22:27:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2012/03/19 22:27:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype

[2012/03/19 21:19:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\systweak

[2012/03/19 21:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\hpmon

[2012/03/19 21:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET

[2012/03/19 21:19:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Paint.NET

[2012/03/19 21:18:34 | 000,000,000 | ---D | C] -- C:\Program Files\Photo Editor

[2012/03/19 21:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

[2012/03/19 21:00:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\~0

[2012/03/19 20:50:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\Adobe Scripts

[2012/03/19 08:53:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\Updater

[2012/03/19 08:44:12 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe

[2012/03/19 08:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems

[2012/03/19 07:53:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Adobe

[2012/03/19 07:48:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF

[2012/03/19 07:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe Systems Shared

[2012/03/19 07:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\BrotherSoft_Extreme

[2012/03/19 07:02:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\GetRightToGo

[2012/03/19 06:16:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe

[2012/03/19 05:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\BrowserCompanion

[2012/03/19 05:13:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe

[2012/03/10 02:18:42 | 000,000,000 | ---D | C] -- C:\Program Files\Nero

[2012/03/08 05:19:36 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2012/03/08 03:33:21 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ei_temp

[2012/03/08 02:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\BioWare

[2012/03/08 00:01:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\DAEMON Tools Lite

[2012/03/08 00:01:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2012/03/06 21:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit

[2012/03/06 04:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\BitComet

[2012/03/01 23:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\Native

[2012/03/01 23:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual

[2012/02/13 07:03:22 | 000,000,000 | ---D | C] -- C:\Downloads

[2012/02/13 07:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\BitComet

[2012/02/10 06:53:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\Yandex

[2012/02/10 03:12:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\PerformerSoft

[2012/02/10 03:12:25 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe

[2012/02/10 03:12:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Performer

[2012/02/10 03:12:21 | 000,000,000 | ---D | C] -- C:\Program Files\PC Performer

[2012/02/10 03:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Babylon

[2012/02/10 03:12:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon

[2012/02/10 03:12:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Babylon

[2012/02/10 03:12:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\bProtector

[2012/02/10 03:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\InstallBrainService

[2012/02/09 07:24:11 | 001,414,440 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\ShellManager310E2D762.dll

[2012/02/08 08:43:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Facebook

[2012/02/08 08:43:41 | 000,493,520 | ---- | C] (Facebook Inc.) -- C:\Program Files\FacebookVideoCallSetup_v1.2.203.0.exe

[2012/02/05 02:55:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\BigHugeEngine

[2012/02/04 08:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Ahead

[2012/02/04 08:15:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Nero

[2012/02/04 08:12:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero

[2012/02/04 08:12:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero

[2012/02/04 08:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\AskTBar

[2012/01/19 02:40:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment

[2012/01/16 04:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\New Folder

[2012/01/15 07:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM

[2012/01/15 07:09:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\MediaGet2

[2012/01/09 05:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\sound

[2011/12/26 06:15:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZZima

[2011/12/26 06:15:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\ZZima

[2011/12/17 23:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\EurekaLog

[2011/12/05 23:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office

[2011/12/05 23:14:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works

[2011/12/05 23:13:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio

[2011/12/05 23:13:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER

[2011/12/05 23:13:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2011/12/05 23:10:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW

[2011/12/05 23:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2011/12/05 23:08:45 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2011/12/05 21:46:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Thinstall

[2011/12/05 21:46:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Thinstall

[2011/12/03 07:18:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Skyrim

[2011/12/03 07:05:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TES V - Skyrim

[2011/12/01 21:42:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\NeroVision

[2011/12/01 21:36:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ahead

[2011/12/01 21:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead

[2011/12/01 02:21:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\WB Games

[2011/12/01 02:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RELOADED

[2011/11/26 06:33:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\URSoft

[2011/11/26 06:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\VS Revo Group

[2011/11/24 01:57:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Oblivion

[2011/11/24 01:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\R.G. Catalyst

[2011/11/17 21:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\Moozy

[2011/11/16 10:30:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Ashampoo AudioCD MP3 Studio 3

[2011/11/10 09:48:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2011/11/10 08:46:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\AVG2012

[2011/10/28 22:17:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\searchquband

[2011/10/28 21:06:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar

[2011/10/28 21:06:09 | 000,000,000 | ---D | C] -- C:\Program Files\SearchCore for Browsers

[2011/10/17 09:54:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Might & Magic Heroes VI

[2011/10/15 06:34:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\Unused Desktop Shortcuts

[2011/10/13 21:14:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Geckofx

[2011/10/12 09:16:43 | 000,000,000 | ---D | C] -- C:\Program Files\UTUBEBARIO

[2011/10/12 09:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012

[2011/10/09 23:52:42 | 000,000,000 | ---D | C] -- C:\Program Files\Xenocode

[2011/10/08 10:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\AppData

[2011/10/05 08:38:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData

[2011/09/20 23:15:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Battle.net

[2011/09/11 11:36:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Rockstar Games

[2011/09/08 08:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2011/09/03 13:21:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Risen

[2011/08/28 10:08:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

[2011/08/28 06:35:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data icno

[2011/08/28 06:34:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Ticno

[2011/08/28 06:34:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Breakpad

[2011/08/28 06:34:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ticno

[2011/08/28 06:34:04 | 000,000,000 | ---D | C] -- C:\Program Files\Ticno

[2011/08/28 06:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\TicnoTemp

[2011/08/28 02:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI

[2011/08/28 01:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP

[2011/08/28 01:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center

[2011/08/28 01:52:21 | 000,956,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvamv.dll

[2011/08/28 01:49:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\11-8_xp32_dd_ccc_ocl

[2011/08/25 03:48:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Two Worlds II

[2011/08/21 00:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\SkyCode

[2011/08/15 13:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Xfire

[2011/08/15 13:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Unity

[2011/08/15 12:42:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Unity

[2011/08/15 12:22:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\NWN2 Toolset

[2011/08/15 12:15:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\New Folder

[2011/08/06 23:48:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\bsbandmltbpi

[2011/08/06 03:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\The Witcher

[2011/07/31 13:08:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess

[2011/07/31 13:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\My Received Files

[2011/07/31 13:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\BearShare

[2011/07/31 13:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\BearShare

[2011/07/31 13:06:59 | 000,000,000 | ---D | C] -- C:\Program Files\BearShare Applications

[2011/07/28 17:48:54 | 000,043,520 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll

[2011/07/28 17:48:36 | 013,555,712 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\amdocl.dll

[2011/07/25 23:24:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\PackageAware

[2011/06/28 23:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2011/06/16 03:34:06 | 002,117,632 | ---- | C] (Multicore Ware) -- C:\WINDOWS\System32\SlotMaximizerBe.dll

[2011/06/16 03:34:06 | 000,079,872 | ---- | C] (Multicore Ware) -- C:\WINDOWS\System32\SlotMaximizerAg.dll

[2011/06/13 04:56:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam

[2011/06/08 04:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\ALI213

[2011/06/02 03:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX

[2011/05/26 20:24:52 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2011/05/16 00:25:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\Downloads

[2011/05/13 04:13:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\The First Templar

[2011/04/13 21:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe

[2011/03/29 22:26:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\Koral Dictionary

[2011/03/29 22:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\Koral English Dictionary

[2011/03/29 06:27:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Ectaco

[2011/03/17 05:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Ubisoft Game Launcher

[2011/03/17 05:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Ubisoft

[2011/03/17 05:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ubisoft

[2011/03/09 09:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2011/03/09 09:35:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight

[2011/03/09 09:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2011/03/08 07:50:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Microsoft Games

[2011/03/08 07:13:33 | 000,266,240 | ---- | C] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx

[2011/03/08 07:13:32 | 001,761,280 | ---- | C] (Evoluxion) -- C:\WINDOWS\System32\Camiseta.ocx

[2011/03/08 07:13:32 | 001,496,064 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\Cc3250mt.dll

[2011/03/08 07:13:32 | 000,025,600 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\Borlndmm.dll

[2011/03/08 07:13:31 | 000,939,224 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\Flash.ocx

[2011/03/08 07:13:31 | 000,188,416 | ---- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\eax.dll

[2011/03/08 07:13:27 | 000,778,240 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\rtl70.bpl

[2011/03/08 07:13:27 | 000,749,568 | ---- | C] (Creative Labs Inc.) -- C:\WINDOWS\System32\OpenALwEAX.exe

[2011/03/08 07:13:26 | 002,023,424 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vcl50.bpl

[2011/03/08 07:13:26 | 001,381,376 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vcl70.bpl

[2011/03/08 07:13:26 | 001,326,080 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vcl60.bpl

[2011/03/08 07:13:26 | 000,557,568 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vcldb50.bpl

[2011/03/08 07:13:26 | 000,398,336 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vclmid50.bpl

[2011/03/08 07:13:26 | 000,374,272 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vclib50.bpl

[2011/03/08 07:13:26 | 000,327,680 | ---- | C] (On2.com Inc.) -- C:\WINDOWS\System32\vp6dec.ax

[2011/03/08 07:13:26 | 000,300,032 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vclbde50.bpl

[2011/03/08 07:13:26 | 000,276,480 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vclactnband70.bpl

[2011/03/08 07:13:26 | 000,264,704 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vcldb70.bpl

[2011/03/08 07:13:26 | 000,262,656 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vcldb60.bpl

[2011/03/08 07:13:26 | 000,248,832 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vclx50.bpl

[2011/03/08 07:13:26 | 000,241,664 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vclie50.bpl

[2011/03/08 07:13:26 | 000,227,328 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vclie70.bpl

[2011/03/08 07:13:26 | 000,224,256 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vclado50.bpl

[2011/03/08 07:13:26 | 000,215,040 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vclx70.bpl

[2011/03/08 07:13:26 | 000,213,504 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vclx60.bpl

[2011/03/08 07:13:26 | 000,101,888 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vcljpg50.bpl

[2011/03/08 07:13:26 | 000,097,792 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vcljpg70.bpl

[2011/03/08 07:13:26 | 000,090,624 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vclshlctrls70.bpl

[2011/03/08 07:13:26 | 000,085,504 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vcldbx50.bpl

[2011/03/08 07:13:26 | 000,078,336 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vcldbx70.bpl

[2011/03/08 07:13:26 | 000,066,048 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\System32\vclsmp50.bpl

[2011/03/08 07:13:26 | 000,064,512 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\vclsmp70.bpl

[2011/03/07 03:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Chart Controls

[2011/02/26 01:50:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop -sshd2f

[2011/02/25 20:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\dvdcss

[2011/02/25 05:17:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Painkiller Redemption

[2011/02/24 01:08:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\My Games

[2011/02/22 05:44:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\Ubisoft

[2011/02/17 05:32:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Christofer_Persson

[2011/02/17 05:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\vlc

[2011/02/17 05:23:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Kantaris

[2011/02/17 05:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\OpenCandy

[2011/02/17 05:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\OpenCandy

[2011/02/17 05:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\Kantaris

[2011/02/17 05:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN

[2011/02/14 21:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software

[2011/02/14 09:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\gepixApp

[2011/02/14 09:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR

[2011/02/07 21:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Andrej_Koch

[2011/02/07 21:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\Virtual Keyboard

[2011/02/07 21:34:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\TuneUp Software

[2011/02/07 21:33:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software

[2011/02/07 21:32:55 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

[2011/02/02 01:42:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\mediabarim

[2011/02/02 01:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\iMesh

[2011/02/02 01:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\iMesh

[2011/02/02 01:41:49 | 000,000,000 | ---D | C] -- C:\Program Files\iMesh Applications

[2011/02/02 01:41:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iMesh

[2011/02/02 01:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{DE0AF019-D61B-423F-9C3B-D49ECD51D8A1}

[2011/01/30 02:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\EA Games

[2011/01/21 01:06:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\XRay Engine

[2011/01/21 00:34:51 | 000,000,000 | ---D | C] -- C:\users

[2011/01/12 01:01:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Yandex

[2011/01/12 01:01:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Yandex

[2011/01/04 23:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/01/04 02:52:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\SecuROM

[2010/12/28 07:42:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\XSxS

[2010/12/27 10:09:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2010/12/22 01:08:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump

[2010/12/17 09:06:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\imptable.hit.bg_files

[2010/12/17 04:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\BSplayer PRO

[2010/12/17 04:36:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\BSplayerPro

[2010/12/15 00:58:00 | 013,945,838 | ---- | C] (Favorite-Games 2001-2010 © ) -- C:\Documents and Settings\user1\Desktop\favorite-games_bg.exe

[2010/12/14 22:22:29 | 000,000,000 | ---D | C] -- C:\pchd

[2010/12/14 22:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\OneNote Notebooks

[2010/12/10 06:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\Disney Interactive Studios

[2010/11/30 02:59:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\PriceGong

[2010/11/25 11:01:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2010/11/25 10:53:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2010/11/20 02:59:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HL 2 Episode 2 & Portal

[2010/11/04 09:43:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe

[2010/11/04 09:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2010/11/04 09:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2010/11/04 09:36:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Adobe

[2010/11/02 06:31:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Media Player Classic

[2010/10/26 23:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Utubebario

[2010/10/26 23:07:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple

[2010/10/25 03:56:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\DSS

[2010/10/24 23:33:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip

[2010/10/24 18:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Utubebario

[2010/10/24 18:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Conduit

[2010/10/23 20:49:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations

[2010/10/20 07:04:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\speech

[2010/10/18 19:08:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Apple Computer

[2010/10/18 19:06:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2010/10/18 19:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer

[2010/10/18 19:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Apple

[2010/10/18 19:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2010/10/18 19:05:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple

[2010/10/18 19:04:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Apple Computer

[2010/10/18 04:53:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\Polyglot 7

[2010/10/18 04:29:49 | 000,000,000 | ---D | C] -- C:\TEMP

[2010/10/14 07:37:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Darksiders

[2010/10/13 07:57:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\LangOver.com

[2010/10/13 03:39:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\mdnslib

[2010/10/13 03:29:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\My Streaming Media

[2010/10/13 03:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Jaksta_Pty_Ltd

[2010/10/13 03:26:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Replay Media Catcher 4

[2010/10/12 06:28:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\SKIDROW

[2010/10/08 06:15:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE

[2010/10/06 07:01:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\PCHealth

[2010/10/06 05:54:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Microsoft Help

[2010/10/06 05:54:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help

[2010/10/05 09:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Skype

[2010/10/05 09:45:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google

[2010/10/01 14:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\ASRock Utility

[2010/10/01 14:32:22 | 000,008,704 | R--- | C] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\viahdcpl.cpl

[2010/10/01 14:32:16 | 001,656,960 | R--- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys

[2010/10/01 14:32:16 | 001,617,408 | R--- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\viahduaa.sys

[2010/10/01 14:32:16 | 001,389,056 | R--- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys

[2010/10/01 14:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\VIA

[2010/10/01 14:27:55 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll

[2010/10/01 14:27:54 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2010/09/28 13:26:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\CAPCOM

[2010/09/28 13:26:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\CAPCOM

[2010/09/27 14:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DirectX

[2010/09/27 14:44:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Divinity 2

[2010/09/27 14:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Divinity 2

[2010/09/26 13:01:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Fallout3

[2010/09/26 12:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild

[2010/09/26 12:46:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer

[2010/09/26 12:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies

[2010/09/26 12:44:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive

[2010/09/24 17:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Ascaron Entertainment

[2010/09/24 16:35:43 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user1\Application Data\SecuROM

[2010/09/24 16:35:42 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll

[2010/09/24 10:28:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\My Documents\Mount&Blade Warband Savegames

[2010/09/24 10:26:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Mount&Blade Warband

[2010/09/22 11:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Wheelman

[2010/09/22 11:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\PC

[2010/09/20 12:06:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Logitech-LS

[2010/09/19 18:32:41 | 000,000,000 | -H-D | C] -- C:\$AVG

[2010/09/19 17:57:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Identities

[2010/09/19 16:43:27 | 002,180,096 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\lvsvf2.sys

[2010/09/19 16:40:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech

[2010/09/19 16:40:15 | 000,372,736 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LVUI2RC.dll

[2010/09/19 16:40:15 | 000,211,712 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\LV561AV.SYS

[2010/09/19 16:40:15 | 000,204,800 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LVUI2.dll

[2010/09/19 16:40:15 | 000,204,800 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\lvcodec2.dll

[2010/09/19 16:40:15 | 000,106,496 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\lvcoinst.dll

[2010/09/19 16:40:15 | 000,022,016 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\LVUSBSta.sys

[2010/09/19 16:40:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech

[2010/09/19 16:40:04 | 000,628,736 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltocx12n.ocx

[2010/09/19 16:40:04 | 000,462,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LCamCpl.dll

[2010/09/19 16:40:04 | 000,282,624 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\camcpl.cpl

[2010/09/19 16:40:04 | 000,215,552 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lvkrn12n.dll

[2010/09/19 16:40:04 | 000,192,512 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltscr12n.ocx

[2010/09/19 16:40:04 | 000,029,795 | ---- | C] (Ingenient Technologies, Inc.) -- C:\WINDOWS\System32\ITIG726.acm

[2010/09/19 16:40:02 | 000,856,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltwvc12n.dll

[2010/09/19 16:40:02 | 000,466,944 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\QCUI2.dll

[2010/09/19 16:40:02 | 000,406,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn12n.dll

[2010/09/19 16:40:02 | 000,328,704 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP12n.DLL

[2010/09/19 16:40:02 | 000,259,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTDIS12n.dll

[2010/09/19 16:40:02 | 000,207,872 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltefx12n.dll

[2010/09/19 16:40:02 | 000,164,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltimg12n.dll

[2010/09/19 16:40:02 | 000,141,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftif12n.dll

[2010/09/19 16:40:02 | 000,131,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil12n.DLL

[2010/09/19 16:40:02 | 000,086,016 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\vatee.ax

[2010/09/19 16:40:02 | 000,078,336 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax12n.dll

[2010/09/19 16:40:01 | 000,030,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp12n.dll

[2010/09/19 16:40:00 | 000,090,112 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LQCUI2.dll

[2010/09/19 16:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech

[2010/09/19 15:54:35 | 000,000,000 | ---D | C] -- C:\Program Files\SA Dictionary 2005 T2

[2010/09/19 15:54:17 | 000,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe

[2010/09/19 15:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\Dictionary

[2010/09/19 15:20:25 | 000,000,000 | R--D | C] -- C:\Program Files\Skype

[2010/09/19 14:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Yahoo!

[2010/09/19 14:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Yahoo

[2010/09/19 14:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!

[2010/09/19 14:00:37 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!

[2010/09/19 13:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Google

[2010/09/19 13:30:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Temp

[2010/09/19 13:30:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google

[2010/09/19 13:29:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt

[2010/09/19 13:25:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\skypePM

[2010/09/19 13:25:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google

[2010/09/19 13:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Google

[2010/09/19 13:24:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2010/09/19 13:24:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype

[2010/09/18 21:26:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard

[2010/09/18 21:24:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs

[2010/09/18 21:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare

[2010/09/18 20:09:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\AskToolbar

[2010/09/18 20:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\AskToolbar

[2010/09/18 20:06:27 | 000,477,240 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys

[2010/09/18 20:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\DAEMON Tools

[2010/09/18 19:29:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\WinRAR

[2010/09/18 19:26:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop\subtitri

[2010/09/18 19:17:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com

[2010/09/18 19:16:04 | 000,000,000 | ---D | C] -- C:\programi 1

[2010/09/18 19:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\uTorrent

[2010/09/18 05:18:45 | 000,000,000 | ---D | C] -- C:\Program Files\Datecs

[2010/09/18 05:18:23 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/09/18 05:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\The KMPlayer

[2010/09/18 05:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer1431

[2010/09/18 05:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Mozilla

[2010/09/18 05:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Mozilla

[2010/09/18 05:17:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2010/09/18 05:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Opera

[2010/09/18 05:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Opera

[2010/09/18 05:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\Opera

[2010/09/18 05:16:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\Winamp

[2010/09/18 05:16:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mjuice Media Player

[2010/09/18 05:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp

[2010/09/18 05:15:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Ahead

[2010/09/18 05:15:01 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead

[2010/09/18 05:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack

[2010/09/18 05:14:36 | 000,630,784 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll

[2010/09/18 05:14:36 | 000,446,464 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp31vfw.dll

[2010/09/18 05:14:36 | 000,438,272 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll

[2010/09/18 05:14:36 | 000,360,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\mp3fhg.acm

[2010/09/18 05:14:36 | 000,286,720 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivxVfWCodec.dll

[2010/09/18 05:14:36 | 000,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm

[2010/09/18 05:14:35 | 001,044,480 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libdivx.dll

[2010/09/18 05:14:35 | 001,024,000 | ---- | C] (3ivx.com) -- C:\WINDOWS\System32\3ivx.dll

[2010/09/18 05:14:35 | 000,593,920 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpuGUI11.dll

[2010/09/18 05:14:35 | 000,339,968 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpus11.dll

[2010/09/18 05:14:35 | 000,200,704 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\ssldivx.dll

[2010/09/18 05:14:35 | 000,200,704 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dtu100.dll

[2010/09/18 05:14:35 | 000,057,344 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpv11.dll

[2010/09/18 05:14:34 | 000,574,976 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll

[2010/09/18 05:14:34 | 000,294,912 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpu11.dll

[2010/09/18 05:14:34 | 000,086,016 | ---- | C] (DivXNetworks) -- C:\WINDOWS\System32\dpl100.dll

[2010/09/18 05:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack

[2010/09/18 05:14:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\Webteh

[2010/09/18 05:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\Webteh

[2010/09/18 04:49:09 | 000,101,904 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\drivers\AtihdXP3.sys

[2010/09/18 04:47:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang

[2010/09/18 04:44:29 | 018,440,192 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atioglxx.dll

[2010/09/18 04:44:29 | 007,084,544 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys

[2010/09/18 04:44:29 | 007,084,544 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys

[2010/09/18 04:44:29 | 005,697,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticaldd.dll

[2010/09/18 04:44:29 | 003,973,696 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ati3duag.dll

[2010/09/18 04:44:29 | 003,927,936 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll

[2010/09/18 04:44:29 | 003,166,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll

[2010/09/18 04:44:29 | 002,603,520 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll

[2010/09/18 04:44:29 | 000,876,544 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll

[2010/09/18 04:44:29 | 000,704,512 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll

[2010/09/18 04:44:29 | 000,688,128 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll

[2010/09/18 04:44:29 | 000,507,904 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiok3x2.dll

[2010/09/18 04:44:29 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll

[2010/09/18 04:44:29 | 000,311,296 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll

[2010/09/18 04:44:29 | 000,303,104 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll

[2010/09/18 04:44:29 | 000,300,544 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll

[2010/09/18 04:44:29 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIODE.exe

[2010/09/18 04:44:29 | 000,212,992 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll

[2010/09/18 04:44:29 | 000,208,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll

[2010/09/18 04:44:29 | 000,188,416 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll

[2010/09/18 04:44:29 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll

[2010/09/18 04:44:29 | 000,151,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe

[2010/09/18 04:44:29 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibtmon.exe

[2010/09/18 04:44:29 | 000,064,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll

[2010/09/18 04:44:29 | 000,064,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll

[2010/09/18 04:44:29 | 000,057,344 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalrt.dll

[2010/09/18 04:44:29 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll

[2010/09/18 04:44:29 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalcl.dll

[2010/09/18 04:44:29 | 000,053,248 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL

[2010/09/18 04:44:29 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIODCLI.exe

[2010/09/18 04:44:29 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll

[2010/09/18 04:44:29 | 000,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe

[2010/09/18 04:44:29 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll

[2010/09/18 04:44:29 | 000,017,408 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll

[2010/09/18 04:44:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE

[2010/09/18 04:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies

[2010/09/18 04:44:05 | 000,000,000 | ---D | C] -- C:\Program Files\ATI

[2010/09/18 04:43:17 | 000,000,000 | ---D | C] -- C:\ATI

[2010/09/18 04:37:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM

[2010/09/18 04:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

[2010/09/18 04:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Realtek

[2010/09/18 04:30:31 | 000,143,360 | R--- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys

[2010/09/18 04:30:23 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information

[2010/09/18 04:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2010/09/18 04:30:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS

[2010/09/18 04:30:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\InstallShield

[2010/09/18 04:23:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Identities

[2010/09/18 04:23:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user1\My Documents\My Pictures

[2010/09/18 04:23:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user1\My Documents\My Music

[2010/09/18 04:23:40 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information

[2010/09/18 04:23:26 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\Microsoft

[2010/09/18 04:23:26 | 000,000,000 | --SD | C] -- C:\Documents and Settings\user1\Application Data\Microsoft

[2010/09/18 04:23:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user1\SendTo

[2010/09/18 04:23:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user1\Recent

[2010/09/18 04:23:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user1\Application Data

[2010/09/18 04:23:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\Startup

[2010/09/18 04:23:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user1\Start Menu

[2010/09/18 04:23:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user1\My Documents

[2010/09/18 04:23:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user1\Favorites

[2010/09/18 04:23:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\Accessories

[2010/09/18 04:23:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user1\Cookies

[2010/09/18 04:23:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user1\Templates

[2010/09/18 04:23:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user1\PrintHood

[2010/09/18 04:23:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user1\NetHood

[2010/09/18 04:23:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user1\Local Settings

[2010/09/18 04:23:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Desktop

[2010/09/18 04:22:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2010/09/18 04:22:48 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft

[2010/09/18 04:22:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2010/09/18 04:22:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft

[2010/09/18 04:22:47 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft

[2010/09/18 04:22:34 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft

[2010/09/18 04:22:34 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft

[2010/09/18 04:21:07 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll

[2010/09/18 04:21:07 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll

[2010/09/18 04:21:07 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll

[2010/09/18 04:20:24 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll

[2010/09/18 04:20:24 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll

[2010/09/18 04:20:24 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll

[2010/09/18 04:20:16 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys

[2010/09/18 04:19:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom

[2010/09/18 04:19:56 | 000,000,000 | ---D | C] -- C:\Program Files\xerox

[2010/09/18 04:19:56 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage

[2010/09/18 04:19:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall

[2010/09/18 04:19:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$

[2010/09/18 04:18:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM

[2010/09/18 04:17:46 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate

[2010/09/18 04:17:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX

[2010/09/18 04:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services

[2010/09/18 04:17:09 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks

[2010/09/18 04:17:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap

[2010/09/18 04:17:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst

[2010/09/18 04:17:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed

[2010/09/18 04:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker

[2010/09/18 04:16:38 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll

[2010/09/18 04:16:38 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll

[2010/09/18 04:16:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore

[2010/09/18 04:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting

[2010/09/18 04:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express

[2010/09/18 04:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System

[2010/09/18 04:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer

[2010/09/18 04:16:25 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures

[2010/09/18 04:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications

[2010/09/18 04:15:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools

[2010/09/18 04:15:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration

[2010/09/18 04:15:35 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services

[2010/09/18 04:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2

[2010/09/18 04:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player

[2010/09/18 04:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger

[2010/09/18 04:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone

[2010/09/18 04:15:11 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll

[2010/09/18 04:15:11 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll

[2010/09/18 04:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\MSN

[2010/09/18 04:14:49 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe

[2010/09/18 04:14:48 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll

[2010/09/18 04:14:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT

[2010/09/18 04:14:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc

[2010/09/18 04:14:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com

[2010/09/18 04:14:30 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos

[2010/09/18 04:14:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories

[2010/09/17 20:08:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music

[2010/09/17 20:07:46 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer

[2010/09/17 20:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC

[2010/09/17 20:07:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines

[2010/09/17 20:07:42 | 000,000,000 | R--D | C] -- C:\Program Files

[2010/09/17 20:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared

[2010/09/17 20:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files

[2010/09/17 20:07:25 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll

[2010/09/17 20:07:25 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll

[2010/09/17 20:07:25 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll

[2010/09/17 20:07:25 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll

[2010/09/17 20:07:25 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll

[2010/09/17 20:07:25 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll

[2010/09/17 20:07:25 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll

[2010/09/17 20:07:25 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll

[2010/09/17 20:07:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup

[2010/09/17 20:07:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu

[2010/09/17 20:07:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents

[2010/09/17 20:07:14 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates

[2010/09/17 20:07:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites

[2010/09/17 20:07:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop

[2010/09/17 20:05:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2

[2010/09/17 20:05:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot

[2010/09/17 20:05:17 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft

[2010/09/17 20:05:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data

[2010/09/17 20:05:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2010/09/17 20:05:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings

[2010/09/17 20:00:12 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files

[2010/09/17 20:00:12 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts

[2010/09/17 20:00:12 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache

[2010/09/17 20:00:12 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web

[2010/09/17 20:00:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS wain_32

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\system

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\security

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Offline Web Pages

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\java

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028

[2010/09/17 20:00:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

[2010/09/17 17:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\ATI

[2010/09/17 17:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\ATI

[2010/09/17 17:20:41 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly

[2010/09/17 17:20:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET

[2010/09/17 17:19:03 | 000,000,000 | ---D | C] -- C:\1

[2010/09/17 17:15:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups

[2010/09/17 17:11:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Macromedia

[2010/09/17 16:51:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9

[2010/09/17 16:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\AVG

[2010/06/24 13:46:12 | 000,028,256 | ---- | C] (Applian Technologies Inc.) -- C:\WINDOWS\System32\drivers\appliand.sys

[2010/02/26 07:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Perfect Uninstaller

[2010/02/26 07:21:27 | 000,000,000 | ---D | C] -- C:\Program Files\Perfect Uninstaller

[2010/02/26 06:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/02/25 20:30:06 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys

[2010/02/25 20:30:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro

[2010/02/25 20:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group

[2010/02/25 07:28:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution

[2010/02/25 06:59:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\SUPERAntiSpyware.com

[2010/02/25 06:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

[2010/02/25 06:39:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Application Data\Malwarebytes

[2010/02/25 06:39:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2010/02/25 06:13:49 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user1\PrivacIE

[2010/02/25 06:11:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\user1\IETldCache

[2010/02/25 06:07:39 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8

[2010/02/24 21:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

[2010/02/24 21:59:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira

[2010/02/24 21:59:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira

[2010/02/24 21:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger

[2010/02/24 21:59:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\BrowserPlus

[2010/02/24 21:59:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Rage of Titans

[2010/02/24 21:55:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Start Menu\Programs\WinRAR

[2010/02/24 21:55:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR

[2010/02/24 21:55:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user1\Local Settings\Application Data\The Witcher 2

[2010/02/24 21:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\R.G. UniGamers

[2010/02/24 21:55:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

[2010/02/24 21:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite

[2010/02/24 21:55:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Astroburn Lite

[2010/02/24 21:54:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Registry Mechanic

[2010/02/24 21:54:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

[2010/02/24 10:35:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome

[2010/02/24 10:34:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mass Effect 2

[2010/02/24 10:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent

========== Files - Modified Within 90 Days ==========

[2012/05/15 00:20:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS asks\bProtector.job

[2012/05/15 00:18:25 | 005,334,342 | -H-- | M] () -- C:\Documents and Settings\user1\Local Settings\Application Data\IconCache.db

[2012/05/14 23:23:00 | 000,000,984 | ---- | M] () -- C:\WINDOWS asks\GoogleUpdateTaskMachineUA.job

[2012/05/14 05:24:02 | 000,000,454 | ---- | M] () -- C:\WINDOWS asks\RMSmartUpdate.job

[2012/05/09 23:28:59 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2012/05/09 23:28:59 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2012/05/08 07:38:20 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk

[2012/05/08 07:38:20 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk

[2012/05/07 23:26:38 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini

[2012/05/07 23:26:38 | 000,000,246 | ---- | M] () -- C:\WINDOWS\system.ini

[2012/05/07 23:26:38 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[2012/05/07 23:22:10 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\All Users ic.lic

[2012/05/03 20:19:41 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk

[2012/05/03 20:19:41 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk

[2012/05/02 05:27:45 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2012/04/30 06:11:47 | 000,083,480 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\2656132648.jpg

[2012/04/25 03:36:35 | 000,570,892 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2012/04/25 03:36:35 | 000,496,094 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012/04/25 03:36:35 | 000,084,578 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012/04/25 03:12:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS asks\PC Performer_UPDATES.job

[2012/04/25 03:07:17 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Witcher 2 - Assassins of Kings. Enhanced Edition.lnk

[2012/04/23 00:50:23 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools Lite.lnk

[2012/04/22 19:05:28 | 000,000,254 | ---- | M] () -- C:\WINDOWS asks\RMSchedule.job

[2012/04/20 15:01:00 | 000,000,264 | ---- | M] () -- C:\WINDOWS asks\PC Performer_DEFAULT.job

[2012/04/20 03:53:01 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Astroburn Lite.lnk

[2012/04/19 05:23:44 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk

[2012/04/19 05:23:20 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys

[2012/04/18 22:17:10 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012/04/18 22:17:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012/04/18 22:13:47 | 000,013,068 | ---- | M] () -- C:\Program Files\AVG PC Tuneup 2011 v10.0.0.27 + Portable.torrent

[2012/04/17 23:40:38 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\ntuser.dat

[2012/04/15 05:51:04 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk

[2012/04/07 15:02:37 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012/04/06 21:52:19 | 000,000,501 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Настройки MF2.lnk

[2012/04/06 21:52:19 | 000,000,483 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Mass Effect 2.lnk

[2012/04/06 21:52:19 | 000,000,425 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Mass Effect 2 Launcher.lnk

[2012/03/29 04:14:13 | 000,173,740 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Maro00_57.MassEffectSave

[2012/03/24 07:06:19 | 000,128,683 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\желание.jpg

[2012/03/20 06:23:07 | 000,002,404 | ---- | M] () -- C:\WINDOWS\System32\ASOROSet.bin

[2012/03/20 00:33:07 | 009,175,040 | ---- | M] () -- C:\Documents and Settings\user1\ntuser.dat.bak

[2012/03/19 21:19:36 | 000,000,346 | ---- | M] () -- C:\END

[2012/03/19 21:19:33 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk

[2012/03/19 20:28:10 | 000,070,232 | ---- | M] () -- C:\Documents and Settings\user1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2012/03/19 09:30:18 | 000,209,408 | ---- | M] () -- C:\Documents and Settings\user1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/03/19 09:16:39 | 000,016,206 | ---- | M] () -- C:\Program Files\Adobe Photoshop CS5.1 v12.10 Extended.torrent

[2012/03/18 23:41:40 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\user1\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs

[2012/03/13 01:19:23 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\user1\.rnd

[2012/02/29 20:45:50 | 000,009,419 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\f_9_4.gif

[2012/02/28 09:17:45 | 000,022,073 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\sv01.jpg

[2012/02/25 06:59:27 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Shortcut to DSC_3109.lnk

[2012/02/10 03:12:34 | 000,001,581 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\repository.xml

[2012/02/10 03:12:04 | 000,790,520 | ---- | M] () -- C:\WINDOWS\System32\protector.dll

[2012/02/09 07:23:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Irremote.ini

[2012/02/09 07:21:27 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\default.pls

[2012/02/08 08:47:52 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2012/02/08 08:43:41 | 000,493,520 | ---- | M] (Facebook Inc.) -- C:\Program Files\FacebookVideoCallSetup_v1.2.203.0.exe

[2012/02/05 04:12:04 | 000,000,571 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Shortcut to Reckoning.lnk

[2012/02/03 23:03:01 | 000,000,384 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Shortcut to gabbafreakz.lnk

[2012/01/20 14:14:28 | 000,017,280 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe

[2012/01/09 05:28:48 | 011,790,996 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\estbern-fix-sound.zip

[2012/01/07 05:44:35 | 000,000,558 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\TES V - Skyrim.lnk

[2012/01/06 01:58:39 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Virtual Keyboard.lnk

[2011/12/30 04:33:51 | 000,000,505 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Shortcut to VirtualKeyboard3.lnk

[2011/12/03 00:33:22 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini

[2011/10/23 01:40:59 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\user1\Local Settings\Application Data\prvlcl.dat

[2011/09/04 12:07:50 | 000,271,360 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2011/09/04 12:07:49 | 000,018,048 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2011/08/27 02:51:30 | 000,042,392 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll

[2011/08/15 13:57:21 | 000,537,498 | ---- | M] () -- C:\AnalysisLog.sr0

[2011/07/29 02:50:10 | 007,084,544 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys

[2011/07/29 02:50:10 | 007,084,544 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys

[2011/07/29 02:47:42 | 000,311,296 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll

[2011/07/29 02:31:36 | 000,057,344 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalrt.dll

[2011/07/29 02:31:30 | 000,053,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalcl.dll

[2011/07/29 02:27:54 | 005,697,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticaldd.dll

[2011/07/29 02:10:22 | 018,440,192 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atioglxx.dll

[2011/07/29 02:04:58 | 003,973,696 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ati3duag.dll

[2011/07/29 02:02:10 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll

[2011/07/29 02:01:06 | 000,303,104 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll

[2011/07/29 01:57:30 | 000,956,160 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvamv.dll

[2011/07/29 01:45:32 | 003,166,208 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll

[2011/07/29 01:44:02 | 000,212,992 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll

[2011/07/29 01:43:50 | 000,155,648 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll

[2011/07/29 01:43:40 | 000,026,112 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe

[2011/07/29 01:43:34 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll

[2011/07/29 01:43:20 | 000,188,416 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll

[2011/07/29 01:40:58 | 000,815,136 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap

[2011/07/29 01:40:48 | 000,053,248 | ---- | M] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL

[2011/07/29 01:40:46 | 000,887,724 | ---- | M] () -- C:\WINDOWS\System32\ativva6x.dat

[2011/07/29 01:40:46 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\ativva5x.dat

[2011/07/29 01:39:58 | 000,185,088 | ---- | M] () -- C:\WINDOWS\System32\atiapfxx.blb

[2011/07/29 01:39:28 | 000,151,552 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe

[2011/07/29 01:35:36 | 000,704,512 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll

[2011/07/29 01:31:08 | 000,208,896 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll

[2011/07/29 01:30:46 | 000,017,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll

[2011/07/29 01:29:14 | 000,507,904 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiok3x2.dll

[2011/07/29 01:25:02 | 000,876,544 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll

[2011/07/29 01:23:52 | 000,064,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll

[2011/07/29 01:23:52 | 000,064,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll

[2011/07/29 01:23:18 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll

[2011/07/28 17:49:12 | 000,053,760 | ---- | M] () -- C:\WINDOWS\System32\OVDecode.dll

[2011/07/28 17:48:54 | 000,043,520 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll

[2011/07/28 17:48:36 | 013,555,712 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\amdocl.dll

[2011/07/26 07:11:10 | 000,034,823 | ---- | M] () -- C:\WINDOWS\atiogl.xml

[2011/06/27 23:23:02 | 000,234,855 | ---- | M] () -- C:\WINDOWS\System32\atiicdxx.dat

[2011/06/16 03:34:06 | 002,117,632 | ---- | M] (Multicore Ware) -- C:\WINDOWS\System32\SlotMaximizerBe.dll

[2011/06/16 03:34:06 | 000,079,872 | ---- | M] (Multicore Ware) -- C:\WINDOWS\System32\SlotMaximizerAg.dll

[2011/05/31 02:11:28 | 000,000,119 | ---- | M] () -- C:\WINDOWS\skypetrance.ini

[2011/05/23 11:39:12 | 000,502,330 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\AnalysisLog.sr0

[2011/05/03 04:36:00 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI

[2011/05/02 04:18:44 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2011/05/02 04:18:44 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2011/04/09 18:55:28 | 000,179,261 | ---- | M] () -- C:\WINDOWS\System32\xlive.dll.cat

[2011/03/29 22:26:45 | 000,000,648 | ---- | M] () -- C:\WINDOWS\win.016

[2011/03/29 22:26:45 | 000,000,645 | ---- | M] () -- C:\WINDOWS\win.015

[2011/03/29 22:26:45 | 000,000,642 | ---- | M] () -- C:\WINDOWS\win.014

[2011/03/29 22:26:45 | 000,000,639 | ---- | M] () -- C:\WINDOWS\win.013

[2011/03/29 22:26:45 | 000,000,636 | ---- | M] () -- C:\WINDOWS\win.012

[2011/03/29 22:26:45 | 000,000,633 | ---- | M] () -- C:\WINDOWS\win.011

[2011/03/29 22:26:45 | 000,000,630 | ---- | M] () -- C:\WINDOWS\win.010

[2011/03/29 22:26:00 | 000,000,627 | ---- | M] () -- C:\WINDOWS\win.009

[2011/03/29 22:26:00 | 000,000,624 | ---- | M] () -- C:\WINDOWS\win.008

[2011/03/29 22:26:00 | 000,000,621 | ---- | M] () -- C:\WINDOWS\win.007

[2011/03/29 22:26:00 | 000,000,618 | ---- | M] () -- C:\WINDOWS\win.006

[2011/03/29 22:26:00 | 000,000,615 | ---- | M] () -- C:\WINDOWS\win.005

[2011/03/29 22:26:00 | 000,000,612 | ---- | M] () -- C:\WINDOWS\win.004

[2011/03/29 22:26:00 | 000,000,609 | ---- | M] () -- C:\WINDOWS\win.003

[2011/03/29 22:26:00 | 000,000,606 | ---- | M] () -- C:\WINDOWS\win.002

[2011/02/26 00:13:07 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011/02/17 05:23:51 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Kantaris.lnk

[2011/02/07 21:42:34 | 000,445,363 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\VirtualKeyboard3.exe

[2011/01/05 06:41:59 | 000,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll

[2011/01/05 06:41:59 | 000,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll

[2011/01/05 06:41:59 | 000,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll

[2010/12/17 09:06:58 | 000,054,253 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\imptable.hit.bg.htm

[2010/12/15 00:58:00 | 013,945,838 | ---- | M] (Favorite-Games 2001-2010 © ) -- C:\Documents and Settings\user1\Desktop\favorite-games_bg.exe

[2010/12/14 22:22:31 | 000,013,870 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\defaults.cfg

[2010/10/18 04:28:51 | 130,338,376 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\wt30inst.exe

[2010/10/06 06:35:49 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.001

[2010/10/05 15:54:09 | 000,000,441 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics

[2010/10/02 00:20:58 | 000,000,018 | ---- | M] () -- C:\WINDOWS\usdthank.ini

[2010/10/02 00:20:57 | 000,000,031 | ---- | M] () -- C:\WINDOWS\idc.ini

[2010/10/01 14:23:05 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat

[2010/09/27 11:31:34 | 000,000,060 | ---- | M] () -- C:\WINDOWS\WININIT.INI

[2010/09/24 16:35:42 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll

[2010/09/23 18:19:18 | 000,004,096 | ---- | M] () -- C:\WINDOWS\d3dx.dat

[2010/09/19 15:54:44 | 000,000,000 | ---- | M] () -- C:\WINDOWS\PROTOCOL.INI

[2010/09/19 15:54:39 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SA Dictionary.lnk

[2010/09/19 15:25:25 | 000,000,032 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat

[2010/09/18 19:00:09 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk

[2010/09/18 05:18:09 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\KMPlayer.lnk

[2010/09/18 05:17:34 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat

[2010/09/18 05:16:07 | 000,001,482 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\WINAMP.LNK

[2010/09/18 04:47:38 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav

[2010/09/18 04:47:38 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav

[2010/09/18 04:44:36 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin

[2010/09/18 04:23:59 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

[2010/09/18 04:22:37 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD

[2010/09/18 04:21:37 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf

[2010/09/18 04:18:59 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010/09/18 04:18:59 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2010/09/18 04:18:59 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/09/18 04:18:59 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini

[2010/09/18 04:18:59 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2010/09/18 04:18:59 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2010/09/18 04:18:52 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2010/09/18 04:18:52 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2010/09/18 04:18:50 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2010/09/18 04:18:43 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI

[2010/09/18 04:17:54 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2010/09/18 04:17:54 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2010/09/18 04:16:00 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010/09/18 04:15:48 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini

[2010/09/18 04:15:48 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini

[2010/09/17 20:13:10 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF

[2010/09/17 17:57:23 | 000,001,789 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2010/09/17 16:56:07 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI

[2010/09/16 11:26:02 | 000,037,336 | ---- | M] () -- C:\WINDOWS\System32\CleanMFT32.exe

[2010/08/27 23:02:08 | 000,294,912 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIODE.exe

[2010/08/26 06:26:36 | 000,300,544 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll

[2010/08/26 06:22:24 | 003,927,936 | ---- | M] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll

[2010/08/26 06:07:20 | 002,603,520 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll

[2010/08/26 05:53:34 | 000,688,128 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll

[2010/07/21 16:00:32 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\drivers\AtihdXP3.sys

[2010/06/24 13:46:12 | 000,028,256 | ---- | M] (Applian Technologies Inc.) -- C:\WINDOWS\System32\drivers\appliand.sys

[2010/06/17 15:29:38 | 000,045,416 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys

[2010/06/17 15:29:38 | 000,022,360 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys

[2010/06/17 15:29:37 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2010/02/26 07:39:22 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Your Uninstaller!.lnk

[2010/02/26 07:21:30 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\AK083E209605E394C.lie

[2010/02/26 07:21:29 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Perfect Uninstaller.lnk

[2010/02/26 07:21:29 | 000,000,649 | ---- | M] () -- C:\Documents and Settings\user1\Desktop\Perfect Uninstaller.lnk

[2010/02/26 07:20:48 | 000,004,807 | ---- | M] () -- C:\Program Files\Perfect Uninstaller v6.3.3.9 Datecode 11.05.2012.torrent

[2010/02/26 07:12:13 | 009,699,328 | ---- | M] () -- C:\Documents and Settings\user1\ntuser.dat

[2010/02/26 07:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS asks\Scheduled Update for Ask Toolbar.job

[2010/02/26 06:59:31 | 000,000,980 | ---- | M] () -- C:\WINDOWS asks\GoogleUpdateTaskMachineCore.job

[2010/02/26 06:59:30 | 000,000,368 | ---- | M] () -- C:\WINDOWS asks\AVG PC Tuneup Integrator Start On user1 Logon.job

[2010/02/26 06:59:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS asks\SA.DAT

[2010/02/26 06:59:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/02/26 06:59:23 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/02/26 06:58:32 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\user1\ntuser.ini

[2010/02/26 06:57:49 | 000,000,095 | ---- | M] () -- C:\WINDOWS\winamp.ini

[2010/02/26 06:44:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS asks\Adobe Flash Player Updater.job

[2010/02/25 22:53:38 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\user1\My Documents\MBR.dat

[2010/02/25 21:00:51 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts

[2010/02/25 20:30:07 | 000,000,943 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk

[2010/02/25 07:10:27 | 000,000,487 | ---- | M] () -- C:\user.js

[2010/02/25 06:11:25 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2010/02/24 22:03:19 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/02/24 10:03:22 | 000,015,504 | ---- | M] () -- C:\Program Files\AVG All Products 2011 v10.0 Build 1392a3812.torrent

[2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys

========== Files Created - No Company Name ==========

[2012/05/12 01:40:02 | 009,699,328 | ---- | C] () -- C:\Documents and Settings\user1\ntuser.dat

[2012/05/08 07:38:20 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk

[2012/05/08 07:38:20 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk

[2012/04/30 06:11:46 | 000,083,480 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\2656132648.jpg

[2012/04/25 03:07:17 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Witcher 2 - Assassins of Kings. Enhanced Edition.lnk

[2012/04/23 00:50:23 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DAEMON Tools Lite.lnk

[2012/04/20 03:53:01 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Astroburn Lite.lnk

[2012/04/19 05:24:05 | 000,000,254 | ---- | C] () -- C:\WINDOWS asks\RMSchedule.job

[2012/04/19 05:24:00 | 000,000,454 | ---- | C] () -- C:\WINDOWS asks\RMSmartUpdate.job

[2012/04/19 05:23:44 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe

[2012/04/19 05:23:44 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Registry Mechanic.lnk

[2012/04/18 22:13:44 | 000,013,068 | ---- | C] () -- C:\Program Files\AVG PC Tuneup 2011 v10.0.0.27 + Portable.torrent

[2012/04/17 23:40:38 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat

[2012/04/17 23:40:12 | 000,000,830 | ---- | C] () -- C:\WINDOWS asks\Adobe Flash Player Updater.job

[2012/04/15 05:51:04 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk

[2012/04/15 05:51:03 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk

[2012/04/07 15:02:12 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2012/04/07 15:02:12 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2012/04/06 21:52:19 | 000,000,501 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Настройки MF2.lnk

[2012/04/06 21:52:19 | 000,000,483 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Mass Effect 2.lnk

[2012/04/06 21:52:19 | 000,000,425 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Mass Effect 2 Launcher.lnk

[2012/04/04 08:50:01 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk

[2012/04/04 08:50:01 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk

[2012/04/04 08:37:11 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\All Users ic.lic

[2012/03/29 04:15:15 | 001,947,945 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\WorldSavePackage.sav

[2012/03/29 04:15:15 | 000,115,180 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\player.sav

[2012/03/29 04:15:15 | 000,005,811 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\state.sav

[2012/03/29 04:14:13 | 000,173,740 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Maro00_57.MassEffectSave

[2012/03/25 21:32:41 | 000,128,683 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\желание.jpg

[2012/03/19 22:06:36 | 000,002,404 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin

[2012/03/19 21:19:33 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Paint.NET.lnk

[2012/03/19 21:19:33 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk

[2012/03/19 21:19:30 | 000,000,346 | ---- | C] () -- C:\END

[2012/03/19 09:16:37 | 000,016,206 | ---- | C] () -- C:\Program Files\Adobe Photoshop CS5.1 v12.10 Extended.torrent

[2012/03/10 02:20:49 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\user1\.rnd

[2012/03/01 23:13:27 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\user1\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs

[2012/02/29 20:45:50 | 000,009,419 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\f_9_4.gif

[2012/02/28 09:17:39 | 000,022,073 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\sv01.jpg

[2012/02/25 06:59:27 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Shortcut to DSC_3109.lnk

[2012/02/10 06:41:13 | 000,000,284 | ---- | C] () -- C:\WINDOWS asks\bProtector.job

[2012/02/10 03:12:44 | 000,000,264 | ---- | C] () -- C:\WINDOWS asks\PC Performer_DEFAULT.job

[2012/02/10 03:12:43 | 000,000,272 | ---- | C] () -- C:\WINDOWS asks\PC Performer_UPDATES.job

[2012/02/10 03:12:34 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\repository.xml

[2012/02/10 03:12:17 | 000,000,487 | ---- | C] () -- C:\user.js

[2012/02/10 03:12:04 | 000,790,520 | ---- | C] () -- C:\WINDOWS\System32\protector.dll

[2012/02/09 07:24:11 | 000,773,120 | ---- | C] () -- C:\WINDOWS\System32\NEROINSTAEC43759.DB

[2012/02/09 07:23:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini

[2012/02/09 07:23:09 | 009,175,040 | ---- | C] () -- C:\Documents and Settings\user1\ntuser.dat.bak

[2012/02/05 04:12:04 | 000,000,571 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Shortcut to Reckoning.lnk

[2012/02/05 02:45:20 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\default.pls

[2012/02/05 02:44:34 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2012/02/03 23:03:08 | 000,000,384 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Shortcut to gabbafreakz.lnk

[2012/01/09 05:27:29 | 011,790,996 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\estbern-fix-sound.zip

[2012/01/07 05:44:35 | 000,000,558 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\TES V - Skyrim.lnk

[2012/01/06 01:58:39 | 000,000,576 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Virtual Keyboard.lnk

[2011/12/23 04:31:00 | 000,000,505 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Shortcut to VirtualKeyboard3.lnk

[2011/11/24 04:20:22 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini

[2011/09/04 12:07:50 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2011/09/04 12:07:49 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2011/08/27 02:51:30 | 000,042,392 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll

[2011/07/28 17:49:12 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll

[2011/05/03 04:24:12 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2011/05/02 04:18:44 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

[2011/05/02 04:18:44 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2011/04/07 15:05:04 | 005,334,342 | -H-- | C] () -- C:\Documents and Settings\user1\Local Settings\Application Data\IconCache.db

[2011/03/08 07:13:32 | 000,035,840 | ---- | C] () -- C:\WINDOWS\System32\Comdlg32.oca

[2011/03/08 07:13:29 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\MSINET.oca

[2011/03/08 07:13:26 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\vp6install.exe

[2011/03/08 07:13:26 | 000,000,340 | ---- | C] () -- C:\WINDOWS\System32\vp6.reg

[2011/03/08 07:13:25 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll

[2011/03/08 07:13:25 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll

[2011/02/22 03:33:50 | 000,502,330 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\AnalysisLog.sr0

[2011/02/17 05:23:51 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Kantaris.lnk

[2011/02/07 21:42:34 | 000,445,363 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\VirtualKeyboard3.exe

[2010/12/17 09:06:56 | 000,054,253 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\imptable.hit.bg.htm

[2010/12/16 00:22:55 | 000,537,498 | ---- | C] () -- C:\AnalysisLog.sr0

[2010/12/14 22:22:31 | 000,013,870 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\defaults.cfg

[2010/11/23 20:11:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\user1\Local Settings\Application Data\prvlcl.dat

[2010/10/18 04:35:26 | 000,000,119 | ---- | C] () -- C:\WINDOWS\skypetrance.ini

[2010/10/18 04:28:39 | 130,338,376 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\wt30inst.exe

[2010/10/05 15:53:48 | 000,000,441 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics

[2010/10/02 00:20:58 | 000,000,018 | ---- | C] () -- C:\WINDOWS\usdthank.ini

[2010/10/02 00:20:57 | 000,000,031 | ---- | C] () -- C:\WINDOWS\idc.ini

[2010/10/01 14:32:24 | 000,000,855 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\HD ADeck.lnk

[2010/09/27 11:31:34 | 000,000,060 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2010/09/26 12:49:13 | 000,997,336 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2010/09/23 18:19:18 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat

[2010/09/19 16:40:19 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe

[2010/09/19 16:40:15 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

[2010/09/19 15:54:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI

[2010/09/19 15:54:42 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\SA Dictionary.lnk

[2010/09/19 15:54:39 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SA Dictionary.lnk

[2010/09/19 15:25:25 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat

[2010/09/19 13:25:54 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2010/09/19 13:25:10 | 000,000,984 | ---- | C] () -- C:\WINDOWS asks\GoogleUpdateTaskMachineUA.job

[2010/09/19 13:25:09 | 000,000,980 | ---- | C] () -- C:\WINDOWS asks\GoogleUpdateTaskMachineCore.job

[2010/09/18 19:34:20 | 000,209,408 | ---- | C] () -- C:\Documents and Settings\user1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/09/18 19:17:05 | 000,000,234 | ---- | C] () -- C:\WINDOWS asks\Scheduled Update for Ask Toolbar.job

[2010/09/18 19:00:09 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk

[2010/09/18 05:18:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\C_856.nls

[2010/09/18 05:18:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\newdll.dll

[2010/09/18 05:18:09 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\KMPlayer.lnk

[2010/09/18 05:17:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010/09/18 05:17:26 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/09/18 05:16:07 | 000,001,482 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\WINAMP.LNK

[2010/09/18 05:16:03 | 000,000,095 | ---- | C] () -- C:\WINDOWS\winamp.ini

[2010/09/18 05:14:38 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010/09/18 05:14:36 | 000,540,178 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll

[2010/09/18 05:14:35 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2010/09/18 05:14:35 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010/09/18 05:14:35 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010/09/18 05:14:33 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010/09/18 05:14:32 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

[2010/09/18 04:47:38 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav

[2010/09/18 04:47:38 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav

[2010/09/18 04:44:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin

[2010/09/18 04:44:29 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat

[2010/09/18 04:44:29 | 000,815,136 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap

[2010/09/18 04:44:29 | 000,234,855 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2010/09/18 04:44:29 | 000,185,088 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb

[2010/09/18 04:44:29 | 000,034,823 | ---- | C] () -- C:\WINDOWS\atiogl.xml

[2010/09/18 04:44:29 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat

[2010/09/18 04:30:31 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll

[2010/09/18 04:24:06 | 000,070,232 | ---- | C] () -- C:\Documents and Settings\user1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2010/09/18 04:23:59 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

[2010/09/18 04:23:53 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2010/09/18 04:23:53 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\user1\Start Menu\Programs\Internet Explorer.lnk

[2010/09/18 04:23:27 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\user1\ntuser.ini

[2010/09/18 04:23:26 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\user1\Start Menu\Programs\Remote Assistance.lnk

[2010/09/18 04:22:48 | 000,000,006 | -H-- | C] () -- C:\WINDOWS asks\SA.DAT

[2010/09/18 04:22:37 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD

[2010/09/18 04:21:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010/09/18 04:21:27 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls

[2010/09/18 04:21:03 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls

[2010/09/18 04:21:03 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls

[2010/09/18 04:21:02 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll

[2010/09/18 04:20:49 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex

[2010/09/18 04:20:49 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls

[2010/09/18 04:20:43 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe

[2010/09/18 04:20:42 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe

[2010/09/18 04:20:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex

[2010/09/18 04:20:33 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll

[2010/09/18 04:20:29 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex

[2010/09/18 04:20:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll

[2010/09/18 04:20:18 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll

[2010/09/18 04:20:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls

[2010/09/18 04:20:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls

[2010/09/18 04:20:16 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls

[2010/09/18 04:20:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls

[2010/09/18 04:20:15 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls

[2010/09/18 04:20:15 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls

[2010/09/18 04:20:15 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls

[2010/09/18 04:20:15 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls

[2010/09/18 04:20:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls

[2010/09/18 04:20:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls

[2010/09/18 04:20:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls

[2010/09/18 04:20:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls

[2010/09/18 04:20:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls

[2010/09/18 04:20:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls

[2010/09/18 04:20:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls

[2010/09/18 04:20:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls

[2010/09/18 04:20:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls

[2010/09/18 04:20:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls

[2010/09/18 04:20:14 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls

[2010/09/18 04:20:14 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls

[2010/09/18 04:20:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls

[2010/09/18 04:20:13 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls

[2010/09/18 04:20:13 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls

[2010/09/18 04:20:13 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls

[2010/09/18 04:20:13 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls

[2010/09/18 04:20:13 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls

[2010/09/18 04:20:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls

[2010/09/18 04:20:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls

[2010/09/18 04:20:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls

[2010/09/18 04:20:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls

[2010/09/18 04:20:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls

[2010/09/18 04:20:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls

[2010/09/18 04:20:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls

[2010/09/18 04:20:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls

[2010/09/18 04:20:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls

[2010/09/18 04:20:12 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls

[2010/09/18 04:20:12 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls

[2010/09/18 04:20:12 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls

[2010/09/18 04:20:12 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls

[2010/09/18 04:20:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls

[2010/09/18 04:20:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls

[2010/09/18 04:20:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls

[2010/09/18 04:20:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls

[2010/09/18 04:20:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls

[2010/09/18 04:20:11 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls

[2010/09/18 04:20:11 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls

[2010/09/18 04:18:59 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT

[2010/09/18 04:18:59 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2010/09/18 04:18:59 | 000,000,000 | RHS- | C] () -- C:\IO.SYS

[2010/09/18 04:18:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini

[2010/09/18 04:18:59 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS

[2010/09/18 04:18:59 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT

[2010/09/18 04:18:52 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb

[2010/09/18 04:18:52 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb

[2010/09/18 04:18:50 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx

[2010/09/18 04:17:54 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2010/09/18 04:17:54 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2010/09/18 04:17:51 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2010/09/18 04:17:45 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk

[2010/09/18 04:17:34 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex

[2010/09/18 04:17:18 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp

[2010/09/18 04:17:18 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp

[2010/09/18 04:17:13 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf

[2010/09/18 04:16:40 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll

[2010/09/18 04:16:01 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk

[2010/09/18 04:16:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010/09/18 04:15:48 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini

[2010/09/18 04:15:48 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini

[2010/09/18 04:15:07 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp

[2010/09/18 04:15:07 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp

[2010/09/18 04:15:07 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp

[2010/09/18 04:15:07 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp

[2010/09/18 04:15:07 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp

[2010/09/18 04:15:06 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce

[2010/09/18 04:15:06 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp

[2010/09/18 04:15:06 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp

[2010/09/18 04:15:06 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp

[2010/09/18 04:15:06 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp

[2010/09/18 04:15:06 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce

[2010/09/18 04:15:06 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp

[2010/09/18 04:15:06 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce

[2010/09/18 04:15:06 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce

[2010/09/18 04:15:06 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce

[2010/09/18 04:15:06 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp

[2010/09/18 04:15:05 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce

[2010/09/18 04:15:05 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce

[2010/09/18 04:15:05 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce

[2010/09/18 04:15:04 | 000,013,223 | ---- | C] () -- C:\WINDOWS\System32 slabels.ini

[2010/09/18 04:15:04 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32 slabels.h

[2010/09/18 04:15:04 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd

[2010/09/18 04:15:03 | 000,001,931 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini

[2010/09/18 04:15:03 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h

[2010/09/18 04:14:59 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[2010/09/17 21:58:27 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll

[2010/09/17 21:58:27 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll

[2010/09/17 21:58:27 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll

[2010/09/17 20:13:10 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF

[2010/09/17 20:07:49 | 000,001,917 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2010/09/17 20:07:46 | 000,570,892 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/09/17 20:07:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010/09/17 20:07:43 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd

[2010/09/17 20:07:43 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa

[2010/09/17 20:07:43 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa

[2010/09/17 20:07:43 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf

[2010/09/17 20:07:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls

[2010/09/17 20:07:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls

[2010/09/17 20:07:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls

[2010/09/17 20:07:34 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls

[2010/09/17 20:07:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls

[2010/09/17 20:07:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls

[2010/09/17 20:07:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls

[2010/09/17 20:07:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls

[2010/09/17 20:07:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls

[2010/09/17 20:07:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS

[2010/09/17 20:07:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls

[2010/09/17 20:07:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls

[2010/09/17 20:07:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls

[2010/09/17 20:07:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls

[2010/09/17 20:07:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls

[2010/09/17 20:07:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls

[2010/09/17 20:07:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls

[2010/09/17 20:07:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls

[2010/09/17 20:07:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls

[2010/09/17 20:07:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls

[2010/09/17 20:07:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls

[2010/09/17 20:07:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS

[2010/09/17 20:07:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls

[2010/09/17 20:07:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls

[2010/09/17 20:07:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls

[2010/09/17 20:07:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls

[2010/09/17 20:07:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls

[2010/09/17 20:07:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls

[2010/09/17 20:07:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls

[2010/09/17 20:07:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS

[2010/09/17 20:07:29 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls

[2010/09/17 20:07:29 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls

[2010/09/17 20:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls

[2010/09/17 20:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls

[2010/09/17 20:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls

[2010/09/17 20:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls

[2010/09/17 20:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls

[2010/09/17 20:07:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls

[2010/09/17 20:07:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls

[2010/09/17 20:07:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls

[2010/09/17 20:07:23 | 000,001,789 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2010/09/17 20:05:34 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat

[2010/09/17 20:05:34 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache abletpc.cat

[2010/09/17 20:05:34 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat

[2010/09/17 20:05:34 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat

[2010/09/17 20:05:34 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat

[2010/09/17 20:05:34 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT

[2010/09/17 20:05:33 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT

[2010/09/17 20:05:33 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT

[2010/09/17 20:05:33 | 001,088,840 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NTPRINT.CAT

[2010/09/17 20:05:33 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT

[2010/09/17 20:05:33 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT

[2010/09/17 20:05:33 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT

[2010/09/17 20:05:33 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT

[2010/09/17 20:05:33 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT

[2010/09/17 20:05:33 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT

[2010/09/17 20:05:33 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT

[2010/09/17 20:05:33 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT

[2010/09/17 20:05:33 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT

[2010/09/17 20:05:33 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat

[2010/09/17 20:05:32 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT

[2010/09/17 20:04:59 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/09/17 20:04:00 | 000,000,223 | RHS- | C] () -- C:\boot.ini

[2010/09/17 20:03:56 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

[2010/09/17 16:56:07 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2010/02/26 07:21:30 | 000,000,042 | ---- | C] () -- C:\WINDOWS\System32\AK083E209605E394C.lie

[2010/02/26 07:21:29 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Perfect Uninstaller.lnk

[2010/02/26 07:21:29 | 000,000,649 | ---- | C] () -- C:\Documents and Settings\user1\Desktop\Perfect Uninstaller.lnk

[2010/02/26 07:19:29 | 000,004,807 | ---- | C] () -- C:\Program Files\Perfect Uninstaller v6.3.3.9 Datecode 11.05.2012.torrent

[2010/02/25 22:53:38 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\user1\My Documents\MBR.dat

[2010/02/25 20:30:07 | 000,000,943 | ---- | C] () -- C:\Documents and Settings\user1\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk

[2010/02/24 10:49:25 | 000,000,368 | ---- | C] () -- C:\WINDOWS asks\AVG PC Tuneup Integrator Start On user1 Logon.job

[2010/02/24 10:03:20 | 000,015,504 | ---- | C] () -- C:\Program Files\AVG All Products 2011 v10.0 Build 1392a3812.torrent

[2008/07/12 23:39:40 | 001,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz.dll

[2008/04/14 12:30:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2008/04/14 12:30:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini

[2008/04/14 12:30:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll

[2008/04/14 12:30:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2008/04/14 12:30:00 | 000,562,176 | ---- | C] () -- C:\WINDOWS\System32\qedit.dll

[2008/04/14 12:30:00 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dxmasf.dll

[2008/04/14 12:30:00 | 000,496,094 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2008/04/14 12:30:00 | 000,386,048 | ---- | C] () -- C:\WINDOWS\System32\qdvd.dll

[2008/04/14 12:30:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll

[2008/04/14 12:30:00 | 000,279,040 | ---- | C] () -- C:\WINDOWS\System32\qdv.dll

[2008/04/14 12:30:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2008/04/14 12:30:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll

[2008/04/14 12:30:00 | 000,252,928 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll

[2008/04/14 12:30:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2008/04/14 12:30:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll

[2008/04/14 12:30:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\qcap.dll

[2008/04/14 12:30:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll

[2008/04/14 12:30:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll

[2008/04/14 12:30:00 | 000,084,578 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2008/04/14 12:30:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll

[2008/04/14 12:30:00 | 000,069,886 | ---- | C] () -- C:\WINDOWS\System32\edit.com

[2008/04/14 12:30:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\devenum.dll

[2008/04/14 12:30:00 | 000,053,840 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe

[2008/04/14 12:30:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32 cpmon.ini

[2008/04/14 12:30:00 | 000,050,620 | ---- | C] () -- C:\WINDOWS\System32\command.com

[2008/04/14 12:30:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2008/04/14 12:30:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys

[2008/04/14 12:30:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys

[2008/04/14 12:30:00 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\mem.exe

[2008/04/14 12:30:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys

[2008/04/14 12:30:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys

[2008/04/14 12:30:00 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\mciqtz32.dll

[2008/04/14 12:30:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys

[2008/04/14 12:30:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys

[2008/04/14 12:30:00 | 000,033,840 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys

[2008/04/14 12:30:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys

[2008/04/14 12:30:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys

[2008/04/14 12:30:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys

[2008/04/14 12:30:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys

[2008/04/14 12:30:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2008/04/14 12:30:00 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys

[2008/04/14 12:30:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys

[2008/04/14 12:30:00 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\debug.exe

[2008/04/14 12:30:00 | 000,019,694 | ---- | C] () -- C:\WINDOWS\System32\graphics.com

[2008/04/14 12:30:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32 sd32.dll

[2008/04/14 12:30:00 | 000,014,710 | ---- | C] () -- C:\WINDOWS\System32\kb16.com

[2008/04/14 12:30:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll

[2008/04/14 12:30:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll

[2008/04/14 12:30:00 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe

[2008/04/14 12:30:00 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\append.exe

[2008/04/14 12:30:00 | 000,012,082 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini

[2008/04/14 12:30:00 | 000,011,753 | ---- | C] () -- C:\WINDOWS\System32\setver.exe

[2008/04/14 12:30:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll

[2008/04/14 12:30:00 | 000,010,110 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini

[2008/04/14 12:30:00 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys

[2008/04/14 12:30:00 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe

[2008/04/14 12:30:00 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe

[2008/04/14 12:30:00 | 000,006,877 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini

[2008/04/14 12:30:00 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\himem.sys

[2008/04/14 12:30:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2008/04/14 12:30:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2008/04/14 12:30:00 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\msdxmlc.dll

[2008/04/14 12:30:00 | 000,003,458 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini

[2008/04/14 12:30:00 | 000,003,338 | ---- | C] () -- C:\WINDOWS\System32\redir.exe

[2008/04/14 12:30:00 | 000,003,252 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe

[2008/04/14 12:30:00 | 000,002,891 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini

[2008/04/14 12:30:00 | 000,002,732 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini

[2008/04/14 12:30:00 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv

[2008/04/14 12:30:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2008/04/14 12:30:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini

[2008/04/14 12:30:00 | 000,001,152 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini

[2008/04/14 12:30:00 | 000,001,131 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com

[2008/04/14 12:30:00 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe

[2008/04/14 12:30:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe

[2008/04/14 12:30:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe

[2008/04/14 12:30:00 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe

[2008/04/14 12:30:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2008/04/14 12:30:00 | 000,000,603 | ---- | C] () -- C:\WINDOWS\win.ini

[2008/04/14 12:30:00 | 000,000,343 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini

[2008/04/14 12:30:00 | 000,000,246 | ---- | C] () -- C:\WINDOWS\system.ini

========== LOP Check ==========

[2012/04/20 03:52:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Astroburn Lite

[2010/02/26 07:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search

[2011/11/10 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012

[2010/11/25 10:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9

[2012/02/10 03:12:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon

[2011/09/20 23:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Battle.net

[2011/10/29 21:25:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess

[2012/02/10 03:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\bProtector

[2010/11/25 11:01:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2010/02/24 21:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2012/04/19 01:43:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

[2010/09/27 14:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Divinity 2

[2010/10/25 03:56:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\DSS

[2011/02/02 01:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iMesh

[2010/02/24 00:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2012/03/19 05:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe

[2011/12/01 02:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RELOADED

[2010/02/26 07:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2012/05/07 23:22:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ticno

[2011/02/26 00:26:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software

[2011/03/17 05:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft

[2011/02/07 21:32:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

[2010/10/18 19:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2012/03/19 21:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

[2011/02/04 11:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{DE0AF019-D61B-423F-9C3B-D49ECD51D8A1}

[2012/03/19 21:15:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0

[2011/02/14 21:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software

[2010/09/18 20:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\AskToolbar

[2010/02/24 21:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\AVG

[2010/02/26 07:39:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\AVG Secure Search

[2011/11/10 08:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\AVG2012

[2012/02/10 03:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Babylon

[2012/03/06 04:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\BitComet

[2011/08/28 06:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Breakpad

[2011/08/06 23:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\bsbandmltbpi

[2010/12/17 19:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\BSplayer PRO

[2010/09/18 20:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\DAEMON Tools

[2012/04/21 00:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\DAEMON Tools Lite

[2010/02/24 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\DAEMON Tools Pro

[2011/03/29 06:27:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Ectaco

[2011/12/17 23:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\EurekaLog

[2011/02/14 09:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\gepixApp

[2012/03/19 08:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\GetRightToGo

[2011/02/04 11:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\mediabarim

[2011/10/19 11:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Might & Magic Heroes VI

[2010/09/24 10:27:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Mount&Blade Warband

[2010/02/24 10:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\OpenCandy

[2010/09/18 05:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Opera

[2012/02/10 03:12:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\PerformerSoft

[2010/12/11 10:49:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\PriceGong

[2012/04/19 05:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Registry Mechanic

[2010/10/13 03:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Replay Media Catcher 4

[2011/10/28 22:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\searchquband

[2012/03/19 22:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\systweak

[2011/05/20 05:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\The First Templar

[2011/12/05 23:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Thinstall

[2011/08/28 06:34:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Ticno

[2011/08/28 06:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\TicnoTemp

[2011/02/07 21:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\TuneUp Software

[2011/03/17 05:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Ubisoft

[2011/08/15 13:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Unity

[2011/11/26 06:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\URSoft

[2010/02/26 07:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\uTorrent

[2011/01/21 01:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\XRay Engine

[2011/11/18 07:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user1\Application Data\Yandex

[2010/02/26 06:59:30 | 000,000,368 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup Integrator Start On user1 Logon.job

[2012/05/15 00:20:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\bProtector.job

[2012/04/20 15:01:00 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\PC Performer_DEFAULT.job

[2012/04/25 03:12:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS\Tasks\PC Performer_UPDATES.job

[2012/04/22 19:05:28 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job

[2012/05/14 05:24:02 | 000,000,454 | ---- | M] () -- C:\WINDOWS\Tasks\RMSmartUpdate.job

[2010/02/26 07:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2011/08/15 13:57:21 | 000,537,498 | ---- | M] () -- C:\AnalysisLog.sr0

[2010/09/18 04:18:59 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2012/05/07 23:26:38 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[2010/09/18 04:18:59 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2012/03/19 21:19:36 | 000,000,346 | ---- | M] () -- C:\END

[2010/09/18 04:18:59 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/09/18 04:18:59 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2008/04/14 12:30:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008/04/14 12:30:00 | 000,250,048 | RHS- | M] () -- C:\ntldr

[2010/02/26 06:59:23 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys

[2010/02/25 07:10:27 | 000,000,487 | ---- | M] () -- C:\user.js

< %USERPROFILE%\*.* >

[2012/03/13 01:19:23 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\user1\.rnd

[2010/02/26 07:12:13 | 009,699,328 | ---- | M] () -- C:\Documents and Settings\user1\ntuser.dat

[2012/03/20 00:33:07 | 009,175,040 | ---- | M] () -- C:\Documents and Settings\user1\ntuser.dat.bak

[2010/02/26 07:40:48 | 000,001,024 | -H-- | M] () -- C:\Documents and Settings\user1\ntuser.dat.LOG

[2012/03/20 06:23:00 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\user1\ntuser.dat.sav.LOG

[2010/02/26 06:58:32 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\user1\ntuser.ini

< %USERPROFILE%\AppData\Local\*.* >

< %USERPROFILE%\AppData\Roaming\*.* >

Invalid Environment Variable: ProgramData

< %CommonProgramFiles%\*.* >

< %PROGRAMFILES%\*.* >

[2012/03/19 09:16:39 | 000,016,206 | ---- | M] () -- C:\Program Files\Adobe Photoshop CS5.1 v12.10 Extended.torrent

[2010/02/24 10:03:22 | 000,015,504 | ---- | M] () -- C:\Program Files\AVG All Products 2011 v10.0 Build 1392a3812.torrent

[2012/04/18 22:13:47 | 000,013,068 | ---- | M] () -- C:\Program Files\AVG PC Tuneup 2011 v10.0.0.27 + Portable.torrent

[2012/02/08 08:43:41 | 000,493,520 | ---- | M] (Facebook Inc.) -- C:\Program Files\FacebookVideoCallSetup_v1.2.203.0.exe

[2010/02/26 07:20:48 | 000,004,807 | ---- | M] () -- C:\Program Files\Perfect Uninstaller v6.3.3.9 Datecode 11.05.2012.torrent

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >

[2010/06/24 13:46:12 | 000,028,256 | ---- | M] (Applian Technologies Inc.) -- C:\WINDOWS\system32\drivers\appliand.sys

[2011/07/29 02:50:10 | 007,084,544 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys

[2010/07/21 16:00:32 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\drivers\AtihdXP3.sys

[2011/09/04 12:07:50 | 000,271,360 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys

[2010/06/17 15:29:38 | 000,045,416 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntdd.sys

[2012/05/09 23:28:59 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntflt.sys

[2010/06/17 15:29:38 | 000,022,360 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avgntmgr.sys

[2012/05/09 23:28:59 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys

[2011/09/04 12:07:49 | 000,018,048 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys

[2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) -- C:\WINDOWS\system32\drivers\revoflt.sys

[2012/04/19 05:23:20 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\system32\drivers\sptd.sys

[2010/06/17 15:29:37 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\ssmdrv.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles%PROGRAMFILES%\*.* >