Inactive [A] System Check virus. Unbootable system.

[Broni]

In reply #23 you posted my script instead of OTL.txt log.
Please redo.

 

[simewich]

otl.txt

OTL logfile created on: 2/23/2012 6:03:17 PM - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Simon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 48.81% Memory free
7.54 Gb Paging File | 5.52 Gb Available in Paging File | 73.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 134.12 Gb Total Space | 14.93 Gb Free Space | 11.13% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Simon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/23 17:51:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe
PRC - [2011/04/29 20:59:06 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/02/02 13:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2011/01/14 08:56:38 | 004,904,232 | ---- | M] (Synaptics Incorporated) -- C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe
PRC - [2011/01/14 08:56:36 | 001,294,848 | ---- | M] (Synaptics, Inc.) -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010/03/31 18:30:46 | 000,338,168 | ---- | M] (DeviceVM, Inc.) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010/03/24 14:17:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/24 14:17:22 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/24 08:37:58 | 000,076,584 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe
PRC - [2010/03/01 11:07:18 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/01 11:06:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/02/18 10:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/12/29 14:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/11/11 15:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\AirPort\APAgent.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/14 00:10:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
MOD - [2011/10/13 14:05:11 | 000,452,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\69953b83cb17ea4e0efae9a62ce0e31d\IAStorUtil.ni.dll
MOD - [2011/10/12 17:45:39 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/12 17:45:33 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/12 17:45:14 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/12 17:45:07 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/12 17:45:01 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/12 17:45:00 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/12 17:44:53 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/14 08:56:22 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\Synaptics\Scrybe\MouseHelper.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/14 18:43:40 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/05/13 17:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/01/12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/03/09 23:54:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/01/27 13:01:04 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/01/18 14:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV:64bit: - [2010/01/13 23:38:52 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/12/29 14:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe -- (AESTFilters)
SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/04/29 20:59:06 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/02 13:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2011/01/14 08:56:36 | 001,294,848 | ---- | M] (Synaptics, Inc.) [Auto | Running] -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe -- (ScrybeUpdater)
SRV - [2010/03/31 18:30:46 | 000,338,168 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010/03/24 14:17:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/24 08:33:18 | 000,083,240 | ---- | M] (Hewlett-Packard Developement Company, L.P.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\doccardsvc.exe -- (hpdoccardsvc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/01 11:07:18 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/03/01 11:06:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/13 17:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 17:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/24 10:18:35 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 17:45:09 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/12/21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/12/21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/12/21 13:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 01:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/13 16:00:08 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/24 13:55:56 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/10 00:04:06 | 006,405,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/03/09 22:44:58 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/03/09 22:44:58 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/09 22:38:22 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/03/04 21:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/01 11:06:18 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2010/02/01 11:12:00 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2010/01/28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/01/13 23:38:52 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/01/07 10:22:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/01/07 10:22:40 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/01/07 10:22:36 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/01/07 10:22:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/11/11 13:09:32 | 000,020,056 | ---- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009/08/17 13:58:58 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 13:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 13:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 12:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 12:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/01/20 00:06:35 | 000,057,776 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4141884796-420960255-207443729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4141884796-420960255-207443729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-4141884796-420960255-207443729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4141884796-420960255-207443729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Simon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Simon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Simon\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Simon\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2011/02/13 03:19:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\components [2012/01/12 17:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/02/13 03:19:17 | 000,000,000 | ---D | M]

[2011/02/06 17:56:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\Mozilla\Extensions
[2012/01/22 11:46:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\3oyjiie7.default\extensions
[2012/01/22 11:46:02 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\3oyjiie7.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
() (No name found) -- C:\USERS\SIMON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3OYJIIE7.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Simon\AppData\Local\Google\Chrome\Application\17.0.963.38\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Simon\AppData\Local\Google\Chrome\Application\17.0.963.38\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Simon\AppData\Local\Google\Chrome\Application\17.0.963.38\pdf.dll
CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U18 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Simon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Simon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Simon\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: YouTube = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/02/23 16:17:16 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL File not found
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-4141884796-420960255-207443729-1000\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPToneControl] C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HP Envy Guides AutoPlay] C:\Program Files (x86)\Hewlett-Packard\HP ENVY Document Card Utilities\hpdocstart.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-4141884796-420960255-207443729-1000..\Run: [envyTouchPad] C:\Users\Simon\Downloads\envyTouchPad.exe ()
O4 - HKU\S-1-5-21-4141884796-420960255-207443729-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Simon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4141884796-420960255-207443729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4141884796-420960255-207443729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4141884796-420960255-207443729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01AE4762-1DD6-4974-94A5-DF3E686AE436}: DhcpNameServer = 192.168.1.254 75.153.176.9
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\WB: DllName - (C:\Program Files (x86)\Stardock\MyColors\fast64.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/09/14 15:51:21 | 000,000,000 | ---D | M] - C:\autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.IV41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)

 

[simewich]

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/02/23 17:51:16 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe
[2012/02/23 16:44:58 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/02/23 15:19:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/23 15:19:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/23 15:19:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/23 15:19:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/23 15:19:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/23 15:14:27 | 004,418,150 | R--- | C] (Swearware) -- C:\Users\Simon\Desktop\ComboFix.exe
[2012/02/23 04:09:40 | 000,083,968 | -H-- | C] (eSage Lab) -- C:\Users\Simon\Desktop\remover.exe
[2012/02/22 15:22:53 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2012/02/22 14:29:48 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Malwarebytes
[2012/02/22 14:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/22 14:29:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/22 14:29:38 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/02/22 14:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/02/21 22:39:09 | 000,000,000 | ---D | C] -- C:\Windows\winsxs
[2012/02/21 22:39:07 | 000,000,000 | ---D | C] -- C:\Windows\Web
[2012/02/21 22:39:07 | 000,000,000 | ---D | C] -- C:\Windows\Vss
[2012/02/21 22:39:07 | 000,000,000 | ---D | C] -- C:\Windows\twain_32
[2012/02/21 22:39:06 | 000,000,000 | ---D | C] -- C:\Windows\tracing
[2012/02/21 22:30:15 | 000,000,000 | ---D | C] -- C:\Windows\Tasks
[2012/02/21 22:30:15 | 000,000,000 | ---D | C] -- C:\Windows\TAPI
[2012/02/21 22:30:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lt-LT
[2012/02/21 22:30:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\LogFiles
[2012/02/21 22:30:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\migwiz
[2012/02/21 22:30:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\migration
[2012/02/21 22:30:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\da-DK
[2012/02/21 22:30:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-TW
[2012/02/21 22:30:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-HK
[2012/02/21 22:30:02 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2012/02/21 22:30:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-CN
[2012/02/21 22:29:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winrm
[2012/02/21 22:29:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\slmgr
[2012/02/21 22:29:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2012/02/21 22:29:53 | 000,042,288 | ---- | C] (Stardock.Net, Inc) -- C:\Windows\SysWow64\wbsys.dll
[2012/02/21 22:29:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\wdi
[2012/02/21 22:29:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCN
[2012/02/21 22:29:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\wbem
[2012/02/21 22:29:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/02/21 22:29:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\uk-UA
[2012/02/21 22:29:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tr-TR
[2012/02/21 22:29:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\th-TH
[2012/02/21 22:29:46 | 000,214,312 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll
[2012/02/21 22:29:46 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll
[2012/02/21 22:29:46 | 000,107,816 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll
[2012/02/21 22:29:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Tasks
[2012/02/21 22:29:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep
[2012/02/21 22:29:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sv-SE
[2012/02/21 22:29:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sppui
[2012/02/21 22:29:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spp
[2012/02/21 22:29:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Speech
[2012/02/21 22:29:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sl-SI
[2012/02/21 22:29:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sk-SK
[2012/02/21 22:29:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sr-Latn-CS
[2012/02/21 22:29:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Setup
[2012/02/21 22:29:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\he-IL
[2012/02/21 22:29:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ru-RU
[2012/02/21 22:29:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ro-RO
[2012/02/21 22:29:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\restore
[2012/02/21 22:29:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Recovery
[2012/02/21 22:29:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ras
[2012/02/21 22:29:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt-PT
[2012/02/21 22:29:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pt-BR
[2012/02/21 22:29:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Printing_Admin_Scripts
[2012/02/21 22:29:37 | 002,632,704 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\PEGRPCS.DLL
[2012/02/21 22:29:37 | 000,532,480 | ---- | C] (Gigasoft, Inc.) -- C:\Windows\SysWow64\Pesgocs.ocx
[2012/02/21 22:29:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pl-PL
[2012/02/21 22:29:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\oobe
[2012/02/21 22:29:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nl-NL
[2012/02/21 22:29:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NetworkList
[2012/02/21 22:29:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NDF
[2012/02/21 22:29:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nb-NO
[2012/02/21 22:29:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MUI
[2012/02/21 22:29:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Msdtc
[2012/02/21 22:29:11 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\SysWow64\lameACM.acm
[2012/02/21 22:29:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ko-KR
[2012/02/21 22:29:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ja-JP
[2012/02/21 22:29:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it-IT
[2012/02/21 22:29:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\InstallShield
[2012/02/21 22:29:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\inetsrv
[2012/02/21 22:29:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\IME
[2012/02/21 22:29:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\icsxml
[2012/02/21 22:29:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hu-HU
[2012/02/21 22:29:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hr-HR
[2012/02/21 22:29:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GroupPolicyUsers
[2012/02/21 22:29:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\GroupPolicy
[2012/02/21 22:29:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\FxsTmp
[2012/02/21 22:28:59 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012/02/21 22:28:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr-FR
[2012/02/21 22:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fi-FI
[2012/02/21 22:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es-ES
[2012/02/21 22:28:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en-US
[2012/02/21 22:28:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en
[2012/02/21 22:28:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\el-GR
[2012/02/21 22:28:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF
[2012/02/21 22:28:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\en-US
[2012/02/21 22:28:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US
[2012/02/21 22:28:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\DriverStore
[2012/02/21 22:28:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers
[2012/02/21 22:28:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Dism
[2012/02/21 22:28:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de-DE
[2012/02/21 22:28:38 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/02/21 22:28:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cs-CZ
[2012/02/21 22:28:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\config
[2012/02/21 22:28:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\com
[2012/02/21 22:28:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\catroot2
[2012/02/21 22:28:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\catroot
[2012/02/21 22:28:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bg-BG
[2012/02/21 22:28:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ar-SA
[2012/02/21 22:28:32 | 000,560,128 | ---- | C] (DeviceVM, Inc.) -- C:\Windows\SysWow64\QuickWebConfTool.cpl
[2012/02/21 22:28:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AdvancedInstallers
[2012/02/21 22:28:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\manifeststore
[2012/02/21 22:28:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/02/21 22:28:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\lv-LV
[2012/02/21 22:28:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\et-EE
[2012/02/21 22:28:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012/02/21 22:28:22 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2012/02/21 22:28:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWOW64
[2012/02/21 22:28:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MUI
[2012/02/21 22:28:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409
[2012/02/21 22:28:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es-ES
[2012/02/21 22:28:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en-US
[2012/02/21 22:28:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en
[2012/02/21 22:28:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\el-GR
[2012/02/21 22:28:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\da-DK
[2012/02/21 22:28:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nl-NL
[2012/02/21 22:27:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NetworkList
[2012/02/21 22:27:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\he-IL
[2012/02/21 22:27:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\GroupPolicyUsers
[2012/02/21 22:27:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\GroupPolicy
[2012/02/21 22:27:53 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2012/02/21 22:27:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-TW
[2012/02/21 22:27:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-HK
[2012/02/21 22:27:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-CN
[2012/02/21 22:27:50 | 012,547,584 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2012/02/21 22:27:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\icsxml
[2012/02/21 22:27:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\bg-BG
[2012/02/21 22:27:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winrm
[2012/02/21 22:27:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winevt
[2012/02/21 22:27:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2012/02/21 22:27:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinBioPlugIns
[2012/02/21 22:27:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WinBioDatabase
[2012/02/21 22:27:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wfp
[2012/02/21 22:27:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wdi
[2012/02/21 22:27:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WCN
[2012/02/21 22:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wbem
[2012/02/21 22:27:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/02/21 22:27:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\uk-UA
[2012/02/21 22:27:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\tr-TR
[2012/02/21 22:27:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\th-TH
[2012/02/21 22:27:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Tasks
[2012/02/21 22:27:11 | 003,309,568 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2012/02/21 22:27:11 | 000,354,528 | ---- | C] (Autodesk, Inc.) -- C:\Windows\SysNative\styleman.cpl
[2012/02/21 22:27:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sv-SE
[2012/02/21 22:27:10 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2012/02/21 22:27:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sysprep
[2012/02/21 22:27:09 | 001,472,000 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2012/02/21 22:27:09 | 000,644,608 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2012/02/21 22:27:09 | 000,209,920 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
[2012/02/21 22:27:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2012/02/21 22:27:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sr-Latn-CS
[2012/02/21 22:27:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/02/21 22:27:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sppui
[2012/02/21 22:27:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\spp
[2012/02/21 22:26:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\spool
[2012/02/21 22:26:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Speech
[2012/02/21 22:26:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SMI
[2012/02/21 22:26:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\slmgr
[2012/02/21 22:26:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sl-SI
[2012/02/21 22:26:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sk-SK
[2012/02/21 22:26:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Setup
[2012/02/21 22:26:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ru-RU
[2012/02/21 22:26:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ras
[2012/02/21 22:26:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ro-RO
[2012/02/21 22:26:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\restore
[2012/02/21 22:26:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Recovery
[2012/02/21 22:26:36 | 000,400,168 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll
[2012/02/21 22:26:36 | 000,271,144 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll
[2012/02/21 22:26:36 | 000,215,336 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll
[2012/02/21 22:26:36 | 000,148,776 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo5.dll
[2012/02/21 22:26:36 | 000,147,752 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo4.dll
[2012/02/21 22:26:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Printing_Admin_Scripts
[2012/02/21 22:26:35 | 000,354,528 | ---- | C] (Autodesk, Inc.) -- C:\Windows\SysNative\plotman.cpl
[2012/02/21 22:26:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pl-PL
[2012/02/21 22:26:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oobe
[2012/02/21 22:26:30 | 000,026,824 | ---- | C] (Softland) -- C:\Windows\SysNative\novamnk6.dll
[2012/02/21 22:26:30 | 000,019,656 | ---- | C] (Softland) -- C:\Windows\SysNative\novamik6.dll
[2012/02/21 22:26:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NDF
[2012/02/21 22:26:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\lt-LT
[2012/02/21 22:26:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\LogFiles
[2012/02/21 22:26:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nb-NO
[2012/02/21 22:25:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\migwiz
[2012/02/21 22:25:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\migration
[2012/02/21 22:25:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Microsoft
[2012/02/21 22:25:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Msdtc
[2012/02/21 22:25:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ko-KR
[2012/02/21 22:25:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ja-JP
[2012/02/21 22:25:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\it-IT
[2012/02/21 22:25:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\inetsrv
[2012/02/21 22:25:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IME
[2012/02/21 22:25:47 | 000,220,672 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\HPToneCtrls64.dll
[2012/02/21 22:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\hu-HU
[2012/02/21 22:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\hr-HR
[2012/02/21 22:25:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\FxsTmp
[2012/02/21 22:25:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr-FR
[2012/02/21 22:25:41 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012/02/21 22:25:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fi-FI
[2012/02/21 22:25:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\et-EE
[2012/02/21 22:23:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DriverStore
[2012/02/21 22:23:32 | 000,389,120 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys
[2012/02/21 22:23:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/02/21 22:23:31 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys
[2012/02/21 22:23:30 | 001,390,640 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys
[2012/02/21 22:23:30 | 000,505,856 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2012/02/21 22:23:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF
[2012/02/21 22:23:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\UMDF\en-US
[2012/02/21 22:23:28 | 000,346,144 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012/02/21 22:23:28 | 000,057,776 | ---- | C] (PowerISO Computing, Inc.) -- C:\Windows\SysNative\drivers\scdemu.sys
[2012/02/21 22:23:27 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys
[2012/02/21 22:23:26 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys
[2012/02/21 22:23:26 | 000,170,640 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys
[2012/02/21 22:23:23 | 000,141,264 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys
[2012/02/21 22:23:23 | 000,125,296 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\epfwwfpr.sys
[2012/02/21 22:23:23 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\en-US\BrSerId.sys.mui
[2012/02/21 22:23:23 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\en-US\BrSerIb.sys.mui
[2012/02/21 22:23:23 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\en-US\pscr.sys.mui
[2012/02/21 22:23:23 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\en-US\BrParwdm.sys.mui
[2012/02/21 22:23:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\etc
[2012/02/21 22:23:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
[2012/02/21 22:23:22 | 000,020,056 | ---- | C] (DeviceVM, Inc.) -- C:\Windows\SysNative\drivers\dvmio.sys
[2012/02/21 22:23:21 | 000,040,448 | ---- | C] (Alcor Micro, Corp.) -- C:\Windows\SysNative\drivers\AmUStor.sys
[2012/02/21 22:23:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers
[2012/02/21 22:23:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Dism
[2012/02/21 22:23:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de-DE
[2012/02/21 22:23:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\cs-CZ
[2012/02/21 22:22:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\config
[2012/02/21 22:22:58 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2012/02/21 22:22:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\com
[2012/02/21 22:22:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\CodeIntegrity
[2012/02/21 22:22:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2012/02/21 22:22:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot
[2012/02/21 22:22:35 | 000,019,456 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\brcoinst.dll
[2012/02/21 22:22:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Boot
[2012/02/21 22:22:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ar-SA
[2012/02/21 22:22:33 | 000,010,752 | ---- | C] (Alcor Micro, Corp.) -- C:\Windows\SysNative\AmUStor.dll
[2012/02/21 22:22:32 | 000,450,560 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2012/02/21 22:22:32 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2012/02/21 22:22:32 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2012/02/21 22:22:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pt-PT
[2012/02/21 22:22:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pt-BR
[2012/02/21 22:22:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\manifeststore
[2012/02/21 22:22:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/02/21 22:22:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\lv-LV
[2012/02/21 22:22:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/02/21 22:22:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\AdvancedInstallers
[2012/02/21 22:22:28 | 000,487,424 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2012/02/21 22:22:28 | 000,432,864 | ---- | C] (Autodesk, Inc.) -- C:\Windows\SysNative\AcSignOpt.exe
[2012/02/21 22:22:28 | 000,045,280 | ---- | C] (Autodesk, Inc.) -- C:\Windows\SysNative\AcSignIcon.dll
[2012/02/21 22:22:28 | 000,035,040 | ---- | C] (Autodesk, Inc.) -- C:\Windows\SysNative\AcSignExt.dll
[2012/02/21 22:22:28 | 000,014,560 | ---- | C] (Autodesk, Inc.) -- C:\Windows\SysNative\AcSignExtRes.dll
[2012/02/21 22:22:28 | 000,000,000 | ---D | C] -- C:\Windows\System32
[2012/02/21 22:22:28 | 000,000,000 | ---D | C] -- C:\Windows\system
[2012/02/21 22:22:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/02/21 22:22:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409
[2012/02/21 22:22:19 | 000,000,000 | ---D | C] -- C:\Windows\Speech
[2012/02/21 22:22:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/02/21 22:22:05 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2012/02/21 22:22:05 | 000,000,000 | ---D | C] -- C:\Windows\Setup
[2012/02/21 22:21:22 | 000,000,000 | ---D | C] -- C:\Windows\servicing
[2012/02/21 22:21:22 | 000,000,000 | ---D | C] -- C:\Windows\security
[2012/02/21 22:21:21 | 000,000,000 | ---D | C] -- C:\Windows\schemas
[2012/02/21 22:21:21 | 000,000,000 | ---D | C] -- C:\Windows\SchCache
[2012/02/21 22:21:21 | 000,000,000 | ---D | C] -- C:\Windows\Resources
[2012/02/21 22:21:21 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2012/02/21 22:21:21 | 000,000,000 | ---D | C] -- C:\Windows\Registration
[2012/02/21 22:21:21 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2012/02/21 22:21:17 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/02/21 22:21:17 | 000,000,000 | ---D | C] -- C:\Windows\PolicyDefinitions
[2012/02/21 22:21:17 | 000,000,000 | ---D | C] -- C:\Windows\PLA
[2012/02/21 22:21:14 | 000,000,000 | ---D | C] -- C:\Windows\Performance
[2012/02/21 22:21:14 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/02/21 22:21:14 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/02/21 22:21:14 | 000,000,000 | ---D | C] -- C:\Windows\Offline Web Pages
[2012/02/21 22:21:13 | 000,000,000 | ---D | C] -- C:\Windows\ModemLogs
[2012/02/21 22:20:05 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft.NET
[2012/02/21 22:19:38 | 000,000,000 | ---D | C] -- C:\Windows\Media
[2012/02/21 22:19:37 | 000,000,000 | ---D | C] -- C:\Windows\Logs
[2012/02/21 22:19:37 | 000,000,000 | ---D | C] -- C:\Windows\LiveKernelReports
[2012/02/21 22:19:37 | 000,000,000 | ---D | C] -- C:\Windows\L2Schemas
[2012/02/21 22:17:57 | 000,000,000 | ---D | C] -- C:\Windows\Installer
[2012/02/21 22:17:31 | 000,000,000 | ---D | C] -- C:\Windows\inf
[2012/02/21 22:17:24 | 000,000,000 | ---D | C] -- C:\Windows\IME
[2012/02/21 22:17:24 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2012/02/21 22:17:22 | 000,000,000 | ---D | C] -- C:\Windows\Globalization
[2012/02/21 22:17:22 | 000,000,000 | ---D | C] -- C:\Windows\ftpcache
[2012/02/21 22:16:44 | 000,000,000 | ---D | C] -- C:\Windows\Fonts
[2012/02/21 22:16:44 | 000,000,000 | ---D | C] -- C:\Windows\en-US
[2012/02/21 22:16:36 | 000,000,000 | ---D | C] -- C:\Windows\ehome
[2012/02/21 22:16:36 | 000,000,000 | ---D | C] -- C:\Windows\Driver Cache
[2012/02/21 22:16:35 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Program Files
[2012/02/21 22:16:35 | 000,000,000 | ---D | C] -- C:\Windows\DigitalLocker
[2012/02/21 22:16:32 | 000,000,000 | ---D | C] -- C:\Windows\diagnostics
[2012/02/21 22:16:32 | 000,000,000 | ---D | C] -- C:\Windows\debug
[2012/02/21 22:16:30 | 000,000,000 | ---D | C] -- C:\Windows\Cursors
[2012/02/21 22:16:30 | 000,000,000 | ---D | C] -- C:\Windows\Branding
[2012/02/21 22:16:27 | 000,000,000 | ---D | C] -- C:\Windows\Boot
[2012/02/21 22:14:46 | 000,000,000 | R-SD | C] -- C:\Windows\assembly
[2012/02/21 22:14:45 | 000,000,000 | ---D | C] -- C:\Windows\AppPatch
[2012/02/21 22:14:45 | 000,000,000 | ---D | C] -- C:\Windows\AppCompat
[2012/02/21 22:14:45 | 000,000,000 | ---D | C] -- C:\Windows\addins
[2012/02/21 22:14:39 | 000,000,000 | ---D | C] -- C:\Windows\ServiceProfiles
[2012/02/21 22:14:30 | 000,000,000 | ---D | C] -- C:\Windows
[2012/02/21 22:14:30 | 000,000,000 | ---D | C] -- C:\Windows\Help
[2012/02/21 22:13:24 | 000,000,000 | ---D | C] -- C:\Users\Simon\Videos
[2012/02/21 22:13:24 | 000,000,000 | ---D | C] -- C:\Users\Simon\Searches
[2012/02/21 22:13:24 | 000,000,000 | ---D | C] -- C:\Users\Simon\Saved Games
[2012/02/21 22:13:24 | 000,000,000 | ---D | C] -- C:\Users\Simon\Pictures
[2012/02/21 22:12:58 | 000,000,000 | ---D | C] -- C:\Users\Simon\Music
[2012/02/21 22:12:58 | 000,000,000 | ---D | C] -- C:\Users\Simon\Links
[2012/02/21 22:12:58 | 000,000,000 | ---D | C] -- C:\Users\Simon\Favorites
[2012/02/21 22:11:20 | 000,000,000 | R--D | C] -- C:\Users\Simon\Dropbox
[2012/02/21 22:08:49 | 000,000,000 | ---D | C] -- C:\Users\Simon\Downloads
[2012/02/21 22:08:48 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Webcam
[2012/02/21 22:08:47 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\StarCraft II
[2012/02/21 22:08:47 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\SHIFT 2 UNLEASHED
[2012/02/21 22:08:47 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Remote Assistance Logs
[2012/02/21 22:08:47 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\My Meetings
[2012/02/21 22:08:47 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\My Audio Notes Recordings
[2012/02/21 22:08:47 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Microsoft Visual Basic 2005 Power Packs
[2012/02/21 22:08:47 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Command and Conquer Generals Data
[2012/02/21 22:08:46 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents
[2012/02/21 22:08:46 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\DEViANCE
[2012/02/21 22:08:46 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Cities In Motion
[2012/02/21 22:08:46 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Bluetooth Exchange Folder
[2012/02/21 22:08:46 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\BFBC2
[2012/02/21 22:08:46 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Autodesk
[2012/02/21 22:06:45 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\Counter Strike Source 2011
[2012/02/21 22:05:44 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\Command and Conquer - Generals
[2012/02/21 22:02:44 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\Call of Duty 2
[2012/02/21 22:02:06 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\aoe billie
[2012/02/21 22:01:29 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\Age of Empires 2
[2012/02/21 21:59:19 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\Adobe CS5
[2012/02/21 21:59:18 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\vlc
[2012/02/21 21:59:18 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\uTorrent
[2012/02/21 21:59:18 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Transcript
[2012/02/21 21:59:18 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Synaptics
[2012/02/21 21:59:18 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Stardock
[2012/02/21 21:59:18 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\skypePM
[2012/02/21 21:59:18 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop
[2012/02/21 21:59:18 | 000,000,000 | ---D | C] -- C:\Users\Simon\Contacts
[2012/02/21 21:59:16 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Skype
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Mozilla
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Basic 2005 Power Packs
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/02/21 21:59:10 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/02/21 21:59:09 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/02/21 21:59:06 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Microsoft
[2012/02/21 21:59:06 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Media Center Programs
[2012/02/21 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Macromedia
[2012/02/21 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Intel Corporation
[2012/02/21 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\InstallShield
[2012/02/21 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Identities
[2012/02/21 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\HpUpdate
[2012/02/21 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\hpqLog
[2012/02/21 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Hewlett-Packard
[2012/02/21 21:59:04 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\GameRanger
[2012/02/21 21:59:04 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Foxit Software
[2012/02/21 21:59:02 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Dropbox
[2012/02/21 21:59:02 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\CyberLink
[2012/02/21 21:58:45 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Autodesk
[2012/02/21 21:58:45 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\ATI
[2012/02/21 21:58:44 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Apple Computer
[2012/02/21 21:58:44 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Adobe
[2012/02/21 21:58:39 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\.minecraft
[2012/02/21 21:58:38 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\VirtualStore
[2012/02/21 21:55:27 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Temp
[2012/02/21 21:55:27 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Scansoft
[2012/02/21 21:55:27 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\PunkBuster
[2012/02/21 21:55:27 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\PowerCinema
[2012/02/21 21:55:27 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\PackageAware
[2012/02/21 21:55:22 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Mozilla
[2012/02/21 21:55:22 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Microsoft Help
[2012/02/21 21:54:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Microsoft
[2012/02/21 21:54:52 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\HuluDesktop
[2012/02/21 21:54:48 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Hewlett-Packard
[2012/02/21 21:54:19 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Google
[2012/02/21 21:54:19 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\ESET
[2012/02/21 21:54:19 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\ElevatedDiagnostics
[2012/02/21 21:54:19 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\CyberLink
[2012/02/21 21:54:19 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Broadcom
[2012/02/21 21:54:15 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Autodesk
[2012/02/21 21:54:15 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\ATI
[2012/02/21 21:54:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Apple Computer
[2012/02/21 21:54:13 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Apple
[2012/02/21 21:54:12 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData
[2012/02/21 21:54:12 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Adobe
[2012/02/21 21:54:10 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\TuneClone
[2012/02/21 21:54:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock
[2012/02/21 21:54:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/02/21 21:54:04 | 000,000,000 | ---D | C] -- C:\Users
[2012/02/21 21:54:01 | 000,000,000 | ---D | C] -- C:\SYSTEM.SAV
[2012/02/21 21:53:45 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/02/21 21:48:08 | 000,000,000 | ---D | C] -- C:\SwSetup
[2012/02/21 21:48:07 | 000,000,000 | ---D | C] -- C:\Recovery
[2012/02/21 21:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
[2012/02/21 21:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
[2012/02/21 21:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
[2012/02/21 21:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/02/21 21:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2012/02/21 21:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneClone
[2012/02/21 21:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
[2012/02/21 21:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/02/21 21:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2012/02/21 21:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/02/21 21:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2012/02/21 21:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2012/02/21 21:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/02/21 21:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/02/21 21:47:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2012/02/21 21:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/02/21 21:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/02/21 21:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scrybe
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP QuickWeb
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Netflix
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/02/21 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2012/02/21 21:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MFP-Printer Utility
[2012/02/21 21:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/02/21 21:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/02/21 21:47:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft
[2012/02/21 21:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2012/02/21 21:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2012/02/21 21:47:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2012/02/21 21:47:29 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012/02/21 21:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012/02/21 21:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/02/21 21:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonBJ
[2012/02/21 21:46:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012/02/21 21:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2012/02/21 21:45:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/02/21 21:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/02/21 21:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/02/21 21:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2012/02/21 21:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData
[2012/02/21 21:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/02/21 21:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XemiComputers
[2012/02/21 21:44:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Sidebar
[2012/02/21 21:44:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2012/02/21 21:44:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Photo Viewer
[2012/02/21 21:44:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows NT
[2012/02/21 21:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Player
[2012/02/21 21:44:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Components
[2012/02/21 21:44:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Mail
[2012/02/21 21:44:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2012/02/21 21:44:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/02/21 21:44:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Defender
[2012/02/21 21:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/02/21 21:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2012/02/21 21:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uninstall Information
[2012/02/21 21:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TNod User & Password Finder
[2012/02/21 21:43:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Synaptics
[2012/02/21 21:14:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/02/21 21:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock
[2012/02/21 21:06:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2012/02/21 21:06:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skype
[2012/02/21 21:06:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2012/02/21 21:06:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2012/02/21 21:06:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/02/21 21:06:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/02/21 21:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
[2012/02/21 21:06:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Online Services
[2012/02/21 21:06:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/02/21 21:06:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0

 

[simewich]

[2012/02/21 21:06:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2012/02/21 21:06:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2012/02/21 21:06:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10
[2012/02/21 21:06:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012/02/21 21:06:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/02/21 21:06:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Basic 2005 Power Packs
[2012/02/21 21:06:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012/02/21 21:06:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/02/21 21:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/02/21 21:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2012/02/21 21:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/02/21 21:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2012/02/21 21:06:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/02/21 21:06:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/02/21 21:06:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012/02/21 21:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/02/21 21:05:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/02/21 21:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Explorer
[2012/02/21 21:05:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/02/21 21:04:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/02/21 20:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2012/02/21 20:58:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2012/02/21 20:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2012/02/21 20:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Downloaded Installations
[2012/02/21 20:56:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012/02/21 20:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/02/21 20:56:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/02/21 20:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\System
[2012/02/21 20:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/02/21 20:55:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeechEngines
[2012/02/21 20:55:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/02/21 20:55:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Services
[2012/02/21 20:55:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2012/02/21 20:55:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/02/21 20:55:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\microsoft shared
[2012/02/21 20:55:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/02/21 20:55:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012/02/21 20:55:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/02/21 20:55:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012/02/21 20:54:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2012/02/21 20:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/02/21 20:54:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/02/21 20:54:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files
[2012/02/21 20:54:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/02/21 20:54:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/02/21 20:52:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2012/02/21 20:52:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoCAD Civil 3D 2012
[2012/02/21 20:52:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/02/21 20:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012/02/21 20:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/02/21 20:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2012/02/21 20:52:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AirPort
[2012/02/21 20:51:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/02/21 20:49:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/02/21 20:49:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2012/02/21 20:49:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)
[2012/02/21 20:49:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hp
[2012/02/21 20:48:57 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012/02/21 20:48:57 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012/02/21 20:48:57 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Photo Viewer
[2012/02/21 20:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012/02/21 20:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012/02/21 20:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Mail
[2012/02/21 20:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2012/02/21 20:48:46 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2012/02/21 20:48:46 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstall Information
[2012/02/21 20:48:42 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012/02/21 20:48:42 | 000,000,000 | ---D | C] -- C:\Program Files\SSA 2012
[2012/02/21 20:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012/02/21 20:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2012/02/21 20:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012/02/21 20:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012/02/21 20:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/02/21 20:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2012/02/21 20:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012/02/21 20:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\MFP-Printer Utility
[2012/02/21 20:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/02/21 20:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/02/21 20:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/21 20:47:41 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012/02/21 20:47:38 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2012/02/21 20:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2012/02/21 20:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/02/21 20:47:21 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Maker
[2012/02/21 20:47:21 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/02/21 20:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012/02/21 20:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012/02/21 20:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012/02/21 20:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012/02/21 20:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012/02/21 20:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/02/21 20:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2012/02/21 20:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/02/21 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012/02/21 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/02/21 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/02/21 20:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2012/02/21 20:38:58 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/02/21 20:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/02/21 20:38:29 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/02/21 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files
[2012/02/21 20:38:28 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2012/02/21 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/02/21 20:37:41 | 000,000,000 | ---D | C] -- C:\MSOCache
[2012/02/21 20:37:41 | 000,000,000 | ---D | C] -- C:\Intel
[2012/02/21 20:37:35 | 000,000,000 | ---D | C] -- C:\HP
[2012/02/21 20:37:35 | 000,000,000 | ---D | C] -- C:\Civil 3D Projects
[2012/02/21 20:37:35 | 000,000,000 | ---D | C] -- C:\Civil 3D Project Templates
[2012/02/21 20:37:34 | 000,000,000 | ---D | C] -- C:\boot
[2012/02/21 20:21:27 | 000,000,000 | ---D | C] -- C:\autodesk
[2012/02/21 20:21:19 | 000,000,000 | ---D | C] -- C:\ATI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2030/08/29 05:22:31 | 000,056,832 | ---- | M] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2012/02/23 17:51:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe
[2012/02/23 17:51:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4141884796-420960255-207443729-1000UA.job
[2012/02/23 17:46:40 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2012/02/23 16:17:16 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/02/23 15:15:52 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/23 15:15:52 | 000,660,530 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/23 15:15:52 | 000,121,426 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/23 15:14:42 | 004,418,150 | R--- | M] (Swearware) -- C:\Users\Simon\Desktop\ComboFix.exe
[2012/02/23 04:09:57 | 000,401,408 | -H-- | M] () -- C:\Users\Simon\Desktop\wget.exe
[2012/02/23 04:09:57 | 000,004,096 | -H-- | M] () -- C:\Users\Simon\Desktop\paste.exe
[2012/02/23 04:09:57 | 000,000,840 | -H-- | M] () -- C:\Users\Simon\Desktop\dl.bat
[2012/02/23 04:09:23 | 000,000,512 | ---- | M] () -- C:\Users\Simon\Desktop\MBR.dat
[2012/02/23 03:51:37 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4141884796-420960255-207443729-1000Core.job
[2012/02/22 14:52:47 | 000,023,248 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/22 14:52:47 | 000,023,248 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/22 14:44:25 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSimon.job
[2012/02/22 14:43:44 | 3062,059,008 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/22 14:29:40 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/22 14:25:25 | 004,976,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/21 22:59:59 | 000,000,042 | --S- | M] () -- C:\Documents and Settings
[2012/02/21 22:13:24 | 000,000,158 | --S- | M] () -- C:\Users\Simon\PrintHood
[2012/02/21 22:13:24 | 000,000,144 | --S- | M] () -- C:\Users\Simon\Start Menu
[2012/02/21 22:13:24 | 000,000,142 | --S- | M] () -- C:\Users\Simon\Templates
[2012/02/21 22:13:24 | 000,000,136 | --S- | M] () -- C:\Users\Simon\SendTo
[2012/02/21 22:13:24 | 000,000,136 | --S- | M] () -- C:\Users\Simon\Recent
[2012/02/21 22:13:22 | 000,000,158 | --S- | M] () -- C:\Users\Simon\NetHood
[2012/02/21 22:13:22 | 000,000,074 | --S- | M] () -- C:\Users\Simon\My Documents
[2012/02/21 22:12:58 | 000,000,082 | --S- | M] () -- C:\Users\Simon\Local Settings
[2012/02/21 22:08:47 | 000,000,072 | --S- | M] () -- C:\Users\Simon\Documents\My Pictures
[2012/02/21 22:08:47 | 000,000,068 | --S- | M] () -- C:\Users\Simon\Documents\My Videos
[2012/02/21 22:08:47 | 000,000,066 | --S- | M] () -- C:\Users\Simon\Documents\My Music
[2012/02/21 21:59:18 | 000,000,138 | --S- | M] () -- C:\Users\Simon\Cookies
[2012/02/21 21:59:18 | 000,000,086 | --S- | M] () -- C:\Users\Simon\Application Data
[2012/02/21 21:58:38 | 000,000,168 | --S- | M] () -- C:\Users\Simon\AppData\Local\Temporary Internet Files
[2012/02/21 21:54:52 | 000,000,134 | --S- | M] () -- C:\Users\Simon\AppData\Local\History
[2012/02/21 21:54:15 | 000,000,082 | --S- | M] () -- C:\Users\Simon\AppData\Local\Application Data
[2012/02/21 21:54:05 | 000,000,074 | --S- | M] () -- C:\Users\Public\Documents\My Pictures
[2012/02/21 21:54:05 | 000,000,070 | --S- | M] () -- C:\Users\Public\Documents\My Videos
[2012/02/21 21:54:05 | 000,000,068 | --S- | M] () -- C:\Users\Public\Documents\My Music
[2012/02/21 21:47:59 | 000,000,112 | --S- | M] () -- C:\ProgramData\Start Menu
[2012/02/21 21:47:19 | 000,000,072 | --S- | M] () -- C:\ProgramData\Desktop
[2012/02/21 21:45:02 | 000,000,054 | --S- | M] () -- C:\ProgramData\Application Data
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/23 15:19:40 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/23 15:19:40 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/23 15:19:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/23 15:19:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/23 15:19:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/23 04:09:39 | 000,401,408 | -H-- | C] () -- C:\Users\Simon\Desktop\wget.exe
[2012/02/23 04:09:39 | 000,004,096 | -H-- | C] () -- C:\Users\Simon\Desktop\paste.exe
[2012/02/23 04:09:39 | 000,000,840 | -H-- | C] () -- C:\Users\Simon\Desktop\dl.bat
[2012/02/23 04:09:23 | 000,000,512 | ---- | C] () -- C:\Users\Simon\Desktop\MBR.dat
[2012/02/22 14:29:40 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/21 22:59:59 | 3062,059,008 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/21 22:59:59 | 000,383,562 | ---- | C] () -- C:\bootmgr
[2012/02/21 22:59:59 | 000,000,042 | --S- | C] () -- C:\Documents and Settings
[2012/02/21 22:59:58 | 000,316,640 | ---- | C] () -- C:\Windows\WMSysPr9.prx
[2012/02/21 22:30:15 | 000,211,938 | ---- | C] () -- C:\Windows\SysWow64\lcphrase.tbl
[2012/02/21 22:30:15 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\lpng.dll
[2012/02/21 22:30:15 | 000,039,219 | ---- | C] () -- C:\Windows\SysWow64\license.rtf
[2012/02/21 22:30:15 | 000,024,114 | ---- | C] () -- C:\Windows\SysWow64\lcptr.tbl
[2012/02/21 22:30:15 | 000,002,727 | ---- | C] () -- C:\Windows\SysWow64\locationnotificationsview.xml
[2012/02/21 22:30:15 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4141884796-420960255-207443729-1000UA.job
[2012/02/21 22:30:15 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4141884796-420960255-207443729-1000Core.job
[2012/02/21 22:30:15 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForSimon.job
[2012/02/21 22:30:14 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012/02/21 22:30:02 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/02/21 22:30:02 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/02/21 22:30:02 | 000,076,060 | ---- | C] () -- C:\Windows\SysWow64\xpsrchvw.xml
[2012/02/21 22:30:02 | 000,004,041 | ---- | C] () -- C:\Windows\SysWow64\xwizard.dtd
[2012/02/21 22:30:02 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2012/02/21 22:30:01 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2012/02/21 22:30:01 | 000,001,559 | ---- | C] () -- C:\Windows\SysWow64\WsmPty.xsl
[2012/02/21 22:29:56 | 000,201,034 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2012/02/21 22:29:56 | 000,000,035 | ---- | C] () -- C:\Windows\SysWow64\winrm.cmd
[2012/02/21 22:29:54 | 000,115,091 | ---- | C] () -- C:\Windows\SysWow64\WF.msc
[2012/02/21 22:29:53 | 000,057,904 | ---- | C] () -- C:\Windows\SysWow64\wbload.dll
[2012/02/21 22:29:50 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/02/21 22:29:49 | 000,144,862 | ---- | C] () -- C:\Windows\SysWow64\tpm.msc
[2012/02/21 22:29:49 | 000,001,988 | ---- | C] () -- C:\Windows\SysWow64\ticrf.rat
[2012/02/21 22:29:47 | 000,145,059 | ---- | C] () -- C:\Windows\SysWow64\taskschd.msc
[2012/02/21 22:29:47 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012/02/21 22:29:46 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012/02/21 22:29:46 | 000,003,577 | ---- | C] () -- C:\Windows\SysWow64\sysprtj.sep
[2012/02/21 22:29:46 | 000,003,214 | ---- | C] () -- C:\Windows\SysWow64\sysprint.sep
[2012/02/21 22:29:45 | 000,370,312 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2012/02/21 22:29:44 | 000,113,629 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2012/02/21 22:29:42 | 000,092,745 | ---- | C] () -- C:\Windows\SysWow64\services.msc
[2012/02/21 22:29:41 | 000,281,208 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/02/21 22:29:40 | 000,000,714 | ---- | C] () -- C:\Windows\SysWow64\RestartManager.mof
[2012/02/21 22:29:40 | 000,000,300 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2012/02/21 22:29:40 | 000,000,241 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2012/02/21 22:29:40 | 000,000,176 | ---- | C] () -- C:\Windows\SysWow64\RestartManagerUninstall.mof
[2012/02/21 22:29:39 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012/02/21 22:29:39 | 000,001,820 | ---- | C] () -- C:\Windows\SysWow64\rasctrnm.h
[2012/02/21 22:29:38 | 000,281,208 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/02/21 22:29:38 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/02/21 22:29:38 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\pscript.sep
[2012/02/21 22:29:37 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/02/21 22:29:37 | 000,773,482 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/21 22:29:37 | 000,145,519 | ---- | C] () -- C:\Windows\SysWow64\perfmon.msc
[2012/02/21 22:29:37 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\pcl.sep
[2012/02/21 22:29:35 | 000,004,453 | ---- | C] () -- C:\Windows\SysWow64\odbcconf.rsp
[2012/02/21 22:29:34 | 000,002,060 | ---- | C] () -- C:\Windows\SysWow64\noise.jpn
[2012/02/21 22:29:34 | 000,001,696 | ---- | C] () -- C:\Windows\SysWow64\NOISE.CHT
[2012/02/21 22:29:34 | 000,001,696 | ---- | C] () -- C:\Windows\SysWow64\NOISE.CHS
[2012/02/21 22:29:34 | 000,001,486 | ---- | C] () -- C:\Windows\SysWow64\noise.kor
[2012/02/21 22:29:34 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/02/21 22:29:34 | 000,000,697 | ---- | C] () -- C:\Windows\SysWow64\NOISE.THA
[2012/02/21 22:29:28 | 000,194,224 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/02/21 22:29:18 | 000,063,411 | ---- | C] () -- C:\Windows\SysWow64\NAPCLCFG.MSC
[2012/02/21 22:29:18 | 000,000,565 | ---- | C] () -- C:\Windows\SysWow64\NdfEventView.xml
[2012/02/21 22:29:15 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/02/21 22:29:11 | 011,967,524 | ---- | C] () -- C:\Windows\SysWow64\korwbrkr.lex
[2012/02/21 22:29:10 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2012/02/21 22:29:07 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2012/02/21 22:29:01 | 000,008,798 | ---- | C] () -- C:\Windows\SysWow64\icrav03.rat
[2012/02/21 22:29:00 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2012/02/21 22:28:59 | 000,144,909 | ---- | C] () -- C:\Windows\SysWow64\fsmgmt.msc
[2012/02/21 22:28:58 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/02/21 22:28:44 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/02/21 22:28:43 | 003,440,660 | ---- | C] () -- C:\Windows\SysWow64\drivers\gm.dls
[2012/02/21 22:28:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_cNB_ENVY 14 Notebook PC_Y5335KV_0U_QCNU03029QN_E596177-001_4A_I1437_SHP_V59.18_F.02_T100422_WU3-0_L409_M3958_J160_7Intel_8655_92.40_#101118_N10EC8168_(VX778AV)_XMOBILE_CN10_Z_20492100000241910000620000.MRK
[2012/02/21 22:28:41 | 000,145,640 | ---- | C] () -- C:\Windows\SysWow64\devmgmt.msc
[2012/02/21 22:28:41 | 000,047,679 | ---- | C] () -- C:\Windows\SysWow64\diskmgmt.msc
[2012/02/21 22:28:37 | 000,124,118 | ---- | C] () -- C:\Windows\SysWow64\comexp.msc
[2012/02/21 22:28:37 | 000,113,256 | ---- | C] () -- C:\Windows\SysWow64\compmgmt.msc
[2012/02/21 22:28:35 | 003,170,304 | ---- | C] () -- C:\Windows\SysWow64\boot.sdi
[2012/02/21 22:28:35 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/02/21 22:28:35 | 000,063,070 | ---- | C] () -- C:\Windows\SysWow64\certmgr.msc
[2012/02/21 22:28:34 | 000,511,072 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2012/02/21 22:28:34 | 000,041,587 | ---- | C] () -- C:\Windows\SysWow64\azman.msc
[2012/02/21 22:28:34 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012/02/21 22:28:34 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/02/21 22:28:30 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2012/02/21 22:28:30 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/02/21 22:28:30 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2012/02/21 22:28:30 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2012/02/21 22:28:30 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/02/21 22:28:30 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/02/21 22:28:30 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/02/21 22:28:27 | 000,000,535 | ---- | C] () -- C:\Windows\SysWow64\mapisvc.inf
[2012/02/21 22:28:25 | 000,144,998 | ---- | C] () -- C:\Windows\SysWow64\lusrmgr.msc
[2012/02/21 22:28:25 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2012/02/21 22:28:24 | 000,145,127 | ---- | C] () -- C:\Windows\SysWow64\eventvwr.msc
[2012/02/21 22:28:24 | 000,017,935 | ---- | C] () -- C:\Windows\SysWow64\EventViewer_EventDetails.xsl
[2012/02/21 22:28:22 | 000,063,411 | ---- | C] () -- C:\Windows\SysNative\NAPCLCFG.MSC
[2012/02/21 22:28:22 | 000,002,233 | ---- | C] () -- C:\Windows\SysWow64\12520850.cpx
[2012/02/21 22:28:22 | 000,002,151 | ---- | C] () -- C:\Windows\SysWow64\12520437.cpx
[2012/02/21 22:27:57 | 000,188,052 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012/02/21 22:27:57 | 000,176,762 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012/02/21 22:27:57 | 000,163,802 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012/02/21 22:27:57 | 000,138,293 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012/02/21 22:27:57 | 000,132,112 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012/02/21 22:27:57 | 000,123,921 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012/02/21 22:27:57 | 000,121,633 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012/02/21 22:27:57 | 000,121,312 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012/02/21 22:27:57 | 000,121,077 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012/02/21 22:27:57 | 000,119,498 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012/02/21 22:27:57 | 000,119,142 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012/02/21 22:27:57 | 000,118,737 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012/02/21 22:27:57 | 000,117,941 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012/02/21 22:27:57 | 000,117,919 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012/02/21 22:27:57 | 000,117,708 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012/02/21 22:27:57 | 000,117,404 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012/02/21 22:27:57 | 000,117,117 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012/02/21 22:27:57 | 000,117,032 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012/02/21 22:27:57 | 000,116,799 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012/02/21 22:27:57 | 000,116,410 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012/02/21 22:27:57 | 000,113,210 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012/02/21 22:27:57 | 000,112,701 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012/02/21 22:27:57 | 000,112,605 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012/02/21 22:27:57 | 000,108,574 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012/02/21 22:27:57 | 000,102,380 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012/02/21 22:27:57 | 000,101,267 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012/02/21 22:27:57 | 000,000,151 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012/02/21 22:27:56 | 000,060,254 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012/02/21 22:27:56 | 000,060,226 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012/02/21 22:27:56 | 000,060,015 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012/02/21 22:27:56 | 000,005,156 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012/02/21 22:27:56 | 000,001,090 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2012/02/21 22:27:55 | 001,991,936 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012/02/21 22:27:55 | 001,498,564 | ---- | C] () -- C:\Windows\SysNative\igkrng400.bin
[2012/02/21 22:27:55 | 000,870,544 | ---- | C] () -- C:\Windows\SysNative\igkrng575.bin
[2012/02/21 22:27:55 | 000,205,824 | ---- | C] () -- C:\Windows\SysNative\iglhsip64.dll
[2012/02/21 22:27:55 | 000,187,392 | ---- | C] () -- C:\Windows\SysNative\iglhcp64.dll
[2012/02/21 22:27:53 | 000,511,072 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2012/02/21 22:27:53 | 000,004,041 | ---- | C] () -- C:\Windows\SysNative\xwizard.dtd
[2012/02/21 22:27:53 | 000,001,105 | ---- | C] () -- C:\Windows\SysNative\atipblup.dat
[2012/02/21 22:27:52 | 000,076,060 | ---- | C] () -- C:\Windows\SysNative\xpsrchvw.xml
[2012/02/21 22:27:49 | 000,041,587 | ---- | C] () -- C:\Windows\SysNative\azman.msc
[2012/02/21 22:27:49 | 000,008,798 | ---- | C] () -- C:\Windows\SysNative\icrav03.rat
[2012/02/21 22:27:45 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2012/02/21 22:27:45 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2012/02/21 22:27:45 | 000,001,559 | ---- | C] () -- C:\Windows\SysNative\WsmPty.xsl
[2012/02/21 22:27:42 | 000,144,673 | ---- | C] () -- C:\Windows\SysNative\WmiMgmt.msc
[2012/02/21 22:27:40 | 000,201,034 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2012/02/21 22:27:40 | 000,000,035 | ---- | C] () -- C:\Windows\SysNative\winrm.cmd
[2012/02/21 22:27:30 | 000,115,091 | ---- | C] () -- C:\Windows\SysNative\WF.msc
[2012/02/21 22:27:30 | 000,000,614 | ---- | C] () -- C:\Windows\SysNative\WdsUnattendTemplate.xml
[2012/02/21 22:27:26 | 000,053,904 | ---- | C] () -- C:\Windows\SysNative\wbload.dll
[2012/02/21 22:27:16 | 000,060,124 | ---- | C] () -- C:\Windows\SysNative\tcpmon.ini
[2012/02/21 22:27:16 | 000,021,504 | ---- | C] () -- C:\Windows\SysNative\umstartup.etl
[2012/02/21 22:27:16 | 000,009,216 | ---- | C] () -- C:\Windows\SysNative\umstartup000.etl
[2012/02/21 22:27:14 | 000,145,059 | ---- | C] () -- C:\Windows\SysNative\taskschd.msc
[2012/02/21 22:27:14 | 000,144,862 | ---- | C] () -- C:\Windows\SysNative\tpm.msc
[2012/02/21 22:27:14 | 000,001,988 | ---- | C] () -- C:\Windows\SysNative\ticrf.rat
[2012/02/21 22:27:14 | 000,001,041 | ---- | C] () -- C:\Windows\SysNative\tcpbidi.xml
[2012/02/21 22:27:10 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012/02/21 22:27:10 | 000,003,577 | ---- | C] () -- C:\Windows\SysNative\sysprtj.sep
[2012/02/21 22:27:10 | 000,003,214 | ---- | C] () -- C:\Windows\SysNative\sysprint.sep
[2012/02/21 22:26:52 | 000,008,280 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
[2012/02/21 22:26:50 | 000,113,629 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
[2012/02/21 22:26:48 | 000,092,745 | ---- | C] () -- C:\Windows\SysNative\services.msc
[2012/02/21 22:26:46 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012/02/21 22:26:45 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\rtvcvfw32.dll
[2012/02/21 22:26:45 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012/02/21 22:26:44 | 000,000,714 | ---- | C] () -- C:\Windows\SysNative\RestartManager.mof
[2012/02/21 22:26:44 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\RestartManagerUninstall.mof
[2012/02/21 22:26:37 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012/02/21 22:26:37 | 000,001,820 | ---- | C] () -- C:\Windows\SysNative\rasctrnm.h
[2012/02/21 22:26:34 | 000,779,266 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/21 22:26:34 | 000,660,530 | ---- | C] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/21 22:26:34 | 000,291,294 | ---- | C] () -- C:\Windows\SysNative\perfi009.dat
[2012/02/21 22:26:34 | 000,145,519 | ---- | C] () -- C:\Windows\SysNative\perfmon.msc
[2012/02/21 22:26:34 | 000,121,426 | ---- | C] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/21 22:26:34 | 000,031,548 | ---- | C] () -- C:\Windows\SysNative\perfd009.dat
[2012/02/21 22:26:34 | 000,000,114 | ---- | C] () -- C:\Windows\SysNative\pcl.sep
[2012/02/21 22:26:32 | 000,000,843 | ---- | C] () -- C:\Windows\SysNative\onlinesetup.cmd
[2012/02/21 22:26:31 | 000,000,263 | ---- | C] () -- C:\Windows\SysNative\odbcconf.rsp
[2012/02/21 22:26:30 | 000,007,537 | ---- | C] () -- C:\Windows\SysNative\novak6.ctm
[2012/02/21 22:26:30 | 000,002,060 | ---- | C] () -- C:\Windows\SysNative\noise.jpn
[2012/02/21 22:26:30 | 000,001,696 | ---- | C] () -- C:\Windows\SysNative\NOISE.CHT
[2012/02/21 22:26:30 | 000,001,696 | ---- | C] () -- C:\Windows\SysNative\NOISE.CHS
[2012/02/21 22:26:30 | 000,001,486 | ---- | C] () -- C:\Windows\SysNative\noise.kor
[2012/02/21 22:26:30 | 000,000,741 | ---- | C] () -- C:\Windows\SysNative\NOISE.DAT
[2012/02/21 22:26:30 | 000,000,697 | ---- | C] () -- C:\Windows\SysNative\NOISE.THA
[2012/02/21 22:26:21 | 000,021,812 | ---- | C] () -- C:\Windows\SysNative\NetTrace.PLA.Diagnostics.xml
[2012/02/21 22:26:13 | 000,002,727 | ---- | C] () -- C:\Windows\SysNative\locationnotificationsview.xml
[2012/02/21 22:26:13 | 000,000,565 | ---- | C] () -- C:\Windows\SysNative\NdfEventView.xml
[2012/02/21 22:26:04 | 000,673,088 | ---- | C] () -- C:\Windows\SysNative\mlang.dat
[2012/02/21 22:26:04 | 000,001,244 | ---- | C] () -- C:\Windows\SysNative\migwiz.lnk
[2012/02/21 22:25:55 | 000,211,938 | ---- | C] () -- C:\Windows\SysNative\lcphrase.tbl
[2012/02/21 22:25:55 | 000,039,219 | ---- | C] () -- C:\Windows\SysNative\license.rtf
[2012/02/21 22:25:55 | 000,024,114 | ---- | C] () -- C:\Windows\SysNative\lcptr.tbl
[2012/02/21 22:25:54 | 011,967,524 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.lex
[2012/02/21 22:25:54 | 000,014,848 | ---- | C] () -- C:\Windows\SysNative\KOAZXJAL.DLL
[2012/02/21 22:25:54 | 000,014,848 | ---- | C] () -- C:\Windows\SysNative\KOAZXAAL.DLL
[2012/02/21 22:25:53 | 000,134,790 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012/02/21 22:25:48 | 000,051,068 | ---- | C] () -- C:\Windows\SysNative\igfcg575m.bin
[2012/02/21 22:25:48 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012/02/21 22:25:47 | 000,127,896 | ---- | C] () -- C:\Windows\SysNative\igcompkrng575.bin
[2012/02/21 22:25:47 | 000,000,188 | ---- | C] () -- C:\Windows\SysNative\HPWA.ini
[2012/02/21 22:25:46 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/02/21 22:25:44 | 000,040,552 | ---- | C] () -- C:\Windows\SysNative\gatherNetworkInfo.vbs
[2012/02/21 22:25:42 | 004,976,728 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/21 22:25:42 | 000,144,909 | ---- | C] () -- C:\Windows\SysNative\fsmgmt.msc
[2012/02/21 22:23:32 | 000,215,943 | ---- | C] () -- C:\Windows\SysNative\dssec.dat
[2012/02/21 22:23:32 | 000,146,036 | ---- | C] () -- C:\Windows\SysNative\drivers\VSTProf.cty
[2012/02/21 22:23:31 | 003,440,660 | ---- | C] () -- C:\Windows\SysNative\drivers\gm.dls
[2012/02/21 22:23:27 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012/02/21 22:23:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/02/21 22:23:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/02/21 22:23:27 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012/02/21 22:23:23 | 000,017,463 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\services
[2012/02/21 22:23:23 | 000,003,683 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\lmhosts.sam
[2012/02/21 22:23:23 | 000,001,358 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\protocol
[2012/02/21 22:23:23 | 000,000,407 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\networks
[2012/02/21 22:23:23 | 000,000,027 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/02/21 22:23:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\103C_HP_cNB_ENVY 14 Notebook PC_Y5335KV_0U_QCNU03029QN_E596177-001_4A_I1437_SHP_V59.18_F.02_T100422_WU3-0_L409_M3958_J160_7Intel_8655_92.40_#101118_N10EC8168_(VX778AV)_XMOBILE_CN10_Z_20492100000241910000620000.MRK
[2012/02/21 22:23:19 | 000,152,600 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2012/02/21 22:23:19 | 000,145,640 | ---- | C] () -- C:\Windows\SysNative\devmgmt.msc
[2012/02/21 22:23:19 | 000,047,679 | ---- | C] () -- C:\Windows\SysNative\diskmgmt.msc
[2012/02/21 22:22:59 | 000,113,256 | ---- | C] () -- C:\Windows\SysNative\compmgmt.msc
[2012/02/21 22:22:36 | 000,069,120 | ---- | C] () -- C:\Windows\SysNative\BWContextHandler.dll
[2012/02/21 22:22:35 | 003,170,304 | ---- | C] () -- C:\Windows\SysNative\boot.sdi
[2012/02/21 22:22:35 | 000,093,696 | ---- | C] () -- C:\Windows\SysNative\BthpanContextHandler.dll
[2012/02/21 22:22:34 | 000,063,070 | ---- | C] () -- C:\Windows\SysNative\certmgr.msc
[2012/02/21 22:22:34 | 000,033,616 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2012/02/21 22:22:33 | 000,332,288 | ---- | C] () -- C:\Windows\SysNative\ATIODE.exe
[2012/02/21 22:22:33 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\ATIODCLI.exe
[2012/02/21 22:22:32 | 000,201,875 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2012/02/21 22:22:32 | 000,124,118 | ---- | C] () -- C:\Windows\SysNative\comexp.msc
[2012/02/21 22:22:32 | 000,001,105 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2012/02/21 22:22:31 | 000,000,874 | ---- | C] () -- C:\Windows\SysNative\manage-bde.wsf
[2012/02/21 22:22:31 | 000,000,051 | ---- | C] () -- C:\Windows\SysNative\pscript.sep
[2012/02/21 22:22:30 | 000,145,127 | ---- | C] () -- C:\Windows\SysNative\eventvwr.msc
[2012/02/21 22:22:30 | 000,144,998 | ---- | C] () -- C:\Windows\SysNative\lusrmgr.msc
[2012/02/21 22:22:29 | 000,017,935 | ---- | C] () -- C:\Windows\SysNative\EventViewer_EventDetails.xsl
[2012/02/21 22:22:28 | 000,048,201 | ---- | C] () -- C:\Windows\Starter.xml
[2012/02/21 22:22:28 | 000,023,248 | ---- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/21 22:22:28 | 000,023,248 | ---- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

 

[simewich]

[2012/02/21 22:20:04 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/02/21 22:19:43 | 524,276,943 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/02/21 22:17:24 | 000,048,265 | ---- | C] () -- C:\Windows\HomePremium.xml
[2012/02/21 22:17:24 | 000,048,223 | ---- | C] () -- C:\Windows\HomeBasic.xml
[2012/02/21 22:17:22 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2012/02/21 22:16:44 | 000,000,614 | ---- | C] () -- C:\Windows\eReg.dat
[2012/02/21 22:16:30 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat
[2012/02/21 22:16:27 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012/02/21 22:16:27 | 000,020,692 | ---- | C] () -- C:\Windows\atiogl.xml
[2012/02/21 22:16:27 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012/02/21 22:16:27 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012/02/21 22:16:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/02/21 22:14:45 | 000,000,020 | ---- | C] () -- C:\Windows\0õ5
[2012/02/21 22:13:24 | 000,000,158 | --S- | C] () -- C:\Users\Simon\PrintHood
[2012/02/21 22:13:24 | 000,000,144 | --S- | C] () -- C:\Users\Simon\Start Menu
[2012/02/21 22:13:24 | 000,000,142 | --S- | C] () -- C:\Users\Simon\Templates
[2012/02/21 22:13:24 | 000,000,136 | --S- | C] () -- C:\Users\Simon\SendTo
[2012/02/21 22:13:24 | 000,000,136 | --S- | C] () -- C:\Users\Simon\Recent
[2012/02/21 22:13:22 | 000,000,158 | --S- | C] () -- C:\Users\Simon\NetHood
[2012/02/21 22:13:22 | 000,000,074 | --S- | C] () -- C:\Users\Simon\My Documents
[2012/02/21 22:12:58 | 000,000,082 | --S- | C] () -- C:\Users\Simon\Local Settings
[2012/02/21 22:08:47 | 000,000,072 | --S- | C] () -- C:\Users\Simon\Documents\My Pictures
[2012/02/21 22:08:47 | 000,000,068 | --S- | C] () -- C:\Users\Simon\Documents\My Videos
[2012/02/21 22:08:47 | 000,000,066 | --S- | C] () -- C:\Users\Simon\Documents\My Music
[2012/02/21 22:08:46 | 003,748,376 | ---- | C] () -- C:\Users\Simon\Desktop\Craig's Soil Mechanics .pdf
[2012/02/21 22:08:46 | 000,058,008 | ---- | C] () -- C:\Users\Simon\Desktop\envy14_1_large.jpg
[2012/02/21 22:08:46 | 000,008,016 | ---- | C] () -- C:\Users\Simon\Desktop\deviance.nfo
[2012/02/21 22:08:46 | 000,000,964 | ---- | C] () -- C:\Users\Simon\Desktop\envy14ad.rtf
[2012/02/21 22:08:46 | 000,000,777 | ---- | C] () -- C:\Users\Simon\Documents\acad.err
[2012/02/21 22:06:45 | 004,134,281 | ---- | C] () -- C:\Users\Simon\Desktop\controur test.dwg
[2012/02/21 22:06:45 | 004,115,613 | ---- | C] () -- C:\Users\Simon\Desktop\controur test.bak
[2012/02/21 22:05:44 | 000,109,990 | ---- | C] () -- C:\Users\Simon\Desktop\CAMOSUN Information_Booklet_2010.pdf
[2012/02/21 22:02:44 | 000,401,408 | ---- | C] () -- C:\Users\Simon\Desktop\AoE2WideSetup.msi
[2012/02/21 21:59:18 | 004,277,294 | ---- | C] () -- C:\Users\Simon\Desktop\300124994-CIEN249-111122-V0.bak
[2012/02/21 21:59:18 | 000,000,138 | --S- | C] () -- C:\Users\Simon\Cookies
[2012/02/21 21:59:18 | 000,000,086 | --S- | C] () -- C:\Users\Simon\Application Data
[2012/02/21 21:59:10 | 000,001,443 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/02/21 21:59:10 | 000,001,409 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/02/21 21:59:10 | 000,001,054 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
[2012/02/21 21:59:10 | 000,000,995 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/02/21 21:59:05 | 000,001,854 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\GhostObjGAFix.xml
[2012/02/21 21:58:38 | 000,000,168 | --S- | C] () -- C:\Users\Simon\AppData\Local\Temporary Internet Files
[2012/02/21 21:55:57 | 000,002,669 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scrybe.lnk
[2012/02/21 21:55:57 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/02/21 21:55:57 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012/02/21 21:55:57 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012/02/21 21:55:57 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/02/21 21:55:57 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012/02/21 21:55:57 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012/02/21 21:55:57 | 000,000,848 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2012/02/21 21:55:56 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012/02/21 21:55:56 | 000,002,258 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Barnes & Noble Desktop eReader.lnk
[2012/02/21 21:55:56 | 000,002,156 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 4.0 Beta 10.lnk
[2012/02/21 21:55:56 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/02/21 21:55:56 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012/02/21 21:55:54 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/02/21 21:55:54 | 000,002,421 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirPort Utility.lnk
[2012/02/21 21:55:54 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2012/02/21 21:55:54 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2012/02/21 21:55:54 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2012/02/21 21:55:54 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
[2012/02/21 21:55:54 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012/02/21 21:55:27 | 000,007,625 | ---- | C] () -- C:\Users\Simon\AppData\Local\resmon.resmoncfg
[2012/02/21 21:54:52 | 000,000,134 | --S- | C] () -- C:\Users\Simon\AppData\Local\History
[2012/02/21 21:54:15 | 000,000,082 | --S- | C] () -- C:\Users\Simon\AppData\Local\Application Data
[2012/02/21 21:54:05 | 000,000,074 | --S- | C] () -- C:\Users\Public\Documents\My Pictures
[2012/02/21 21:54:05 | 000,000,070 | --S- | C] () -- C:\Users\Public\Documents\My Videos
[2012/02/21 21:54:05 | 000,000,068 | --S- | C] () -- C:\Users\Public\Documents\My Music
[2012/02/21 21:47:59 | 000,000,112 | --S- | C] () -- C:\ProgramData\Start Menu
[2012/02/21 21:47:19 | 000,000,072 | --S- | C] () -- C:\ProgramData\Desktop
[2012/02/21 21:45:02 | 000,000,054 | --S- | C] () -- C:\ProgramData\Application Data

========== LOP Check ==========

[2011/12/06 18:18:41 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\.minecraft
[2011/09/14 18:31:33 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Autodesk
[2012/02/22 15:28:39 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Dropbox
[2011/02/07 09:00:47 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Foxit Software
[2011/12/27 00:37:50 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\GameRanger
[2011/02/06 17:44:25 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Stardock
[2011/02/08 23:14:32 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Synaptics
[2011/02/18 12:53:54 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Transcript
[2011/11/22 19:53:36 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\uTorrent
[2009/07/13 21:08:49 | 000,027,662 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/07/13 17:38:58 | 000,383,562 | ---- | M] () -- C:\bootmgr
[2012/02/23 16:44:37 | 000,019,379 | ---- | M] () -- C:\ComboFix.txt
[2012/02/21 22:59:59 | 000,000,042 | --S- | M] () -- C:\Documents and Settings
[2012/02/22 14:43:44 | 3062,059,008 | -HS- | M] () -- C:\hiberfil.sys
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2012/02/22 14:43:51 | 4017,913,856 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 12:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2009/07/10 11:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/13 20:54:24 | 000,000,174 | ---- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/04/02 17:14:27 | 000,000,221 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2012/02/23 04:09:57 | 000,026,624 | -H-- | M] (Microsoft Corporation) -- C:\Users\Simon\Desktop\clip.exe
[2012/02/23 15:14:42 | 004,418,150 | R--- | M] (Swearware) -- C:\Users\Simon\Desktop\ComboFix.exe
[2012/02/23 17:51:26 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Desktop\OTL.exe
[2012/02/23 04:09:57 | 000,004,096 | -H-- | M] () -- C:\Users\Simon\Desktop\paste.exe
[2010/09/21 11:40:19 | 000,083,968 | -H-- | M] (eSage Lab) -- C:\Users\Simon\Desktop\remover.exe
[2012/02/23 04:09:57 | 000,401,408 | -H-- | M] () -- C:\Users\Simon\Desktop\wget.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/10 13:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/06/23 23:19:34 | 000,000,402 | ---- | M] () -- C:\Users\Simon\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2012/02/21 21:45:02 | 000,000,054 | --S- | M] () -- C:\ProgramData\Application Data
[2012/02/21 21:47:19 | 000,000,072 | --S- | M] () -- C:\ProgramData\Desktop
[2012/02/21 21:47:59 | 000,000,112 | --S- | M] () -- C:\ProgramData\Start Menu
[2010/11/18 23:39:03 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/05/03 12:15:53 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/11/18 23:38:56 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/05/03 12:15:35 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >
[2011/09/14 18:28:30 | 000,038,912 | ---- | M] (Autodesk, Inc.) -- C:\Windows\Installer\Luc.exe

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< >

< End of report >

 

[Broni]

I still need Extras.txt.

-start menu recent programs are gone (but I fixed that)

Are you 100% sure you have them all back? I need to know before we proceed with OTL fix.

-quick launch icons are missing

Those are very easy to recreate. Drag any program you want to that area next to "Start" button.

-notification icons in the corner aren't hidden

Right click on any taskbar empty space, click "Properties" then "Notification Area" tab and checkmark "Hide inactive icons".

-itunes reopens every time I close it

Reinstall?

 

[simewich]

extras.txt is reply 24

 

[Broni]

Oooops...sorry about it.
I still need you to comment on my previous reply.

 

[simewich]

Are you 100% sure you have them all back? I need to know before we proceed with OTL fix.

Start menu appears fine.

Those are very easy to recreate. Drag any program you want to that area next to "Start" button.

Done

Right click on any taskbar empty space, click "Properties" then "Notification Area" tab and checkmark "Hide inactive icons".

Done

Reinstall?

Updating to the new version fixed it.

 

[Broni]

Good

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL File not found
  O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
  O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
  O3 - HKU\S-1-5-21-4141884796-420960255-207443729-1000\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
  O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 File not found
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 File not found
  
  :Files
  C:\Program Files (x86)\Ask.com
  
  :Commands
  [purity]
  [emptytemp]
  [emptyjava]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

====================================================================

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.

• Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.
• Do NOT post JavaRa log.

================================================================

Last scans...

 

[simewich]

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-4141884796-420960255-207443729-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
========== FILES ==========
C:\Program Files (x86)\Ask.com folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Simon
->Temp folder emptied: 14541276 bytes
->Temporary Internet Files folder emptied: 139401249 bytes
->Java cache emptied: 845734 bytes
->FireFox cache emptied: 129528756 bytes
->Google Chrome cache emptied: 20930478 bytes
->Apple Safari cache emptied: 1187840 bytes
->Flash cache emptied: 52060 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1824 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 75977 bytes
RecycleBin emptied: 522 bytes

Total Files Cleaned = 292.00 mb


[EMPTYJAVA]

User: Default

User: Public

User: Simon
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: Default
->Flash cache emptied: 0 bytes

User: Public

User: Simon
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.33.2 log created on 02262012_025838

Files\Folders moved on Reboot...
C:\Users\Simon\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...



====================================================================

Why did you want me to update java?

 

[simewich]

Also, I've noticed that there is a bunch of hidden .exe files on my desktop.

clip.exe
paste.exe
remover.exe
wget.exe

Should I be concerned?

 

[Broni]

How do you know they're hidden?

 

[simewich]

The icons are faded

 

[Broni]

Open Windows Explorer, got Tools>Folder options>View tab and checkmark "Hide protected operating system files".

Are the files gone?

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  
  NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

3. Download Temp File Cleaner (TFC)

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

4. Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click on List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

[simewich]

The "hide protected system files" checkbox was already checked. The files disappeared after I rebooted my computer following the temp file cleaner.

 

[simewich]

checkup.txt

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is disabled!)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 31
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````

 

[simewich]

FSS.txt

Farbar Service Scanner Version: 22-02-2012
Ran by Simon (administrator) on 28-02-2012 at 02:51:46
Running from "C:\Users\Simon\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

[Broni]

What happened to ESET NOD32?

Your Windows firewall is turned off. Make sure it's ON.

 

[simewich]

All the threats nod32 detected are false positives. Regardless, here is the log file:

C:\Qoobox\Quarantine\C\Program Files (x86)\TNod User & Password Finder\TNODUP.exe.vir Win32/RiskWare.HackAV.DM application cleaned by deleting - quarantined
C:\Users\Simon\Downloads\ESET (2-6-2011)\TNOD\TNod-1.4.0.15-setup.exe Win32/RiskWare.HackAV.DM application deleted - quarantined
C:\Users\Simon\Downloads\ESET (2-6-2011)\TNOD\TNODUP.exe a variant of Win32/RiskWare.HackAV.DM application cleaned by deleting - quarantined
C:\Windows\AutoKMS.exe Win32/HackKMS.A application cleaned by deleting - quarantined

 

[Broni]

You didn't comment on my previous reply?

 

[simewich]

Firewall is back on. What else do you want to know?

 

[Broni]

What happened to ESET NOD32?

Did you uninstall it?
I don't see it running.

 

[simewich]

Did you uninstall it?
I don't see it running.

It is on. But not up to date.

 

[Broni]

Why?...........