Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Defender Won't Load in Vista: Possible Infection?


  • This topic is locked This topic is locked
10 replies to this topic

#1 Kevin in Chicago

Kevin in Chicago

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 02 July 2009 - 02:16 PM

Hi everyone,

Thanks in advance for any help you can offer. Briefly, I just bought a new Dell Studio 435T on Monday (Core i7 920 2.66Mhz, Vista Home Premium 64-bit, 6GB Ram, 640GB HDD) and installed all of my software from my old computer. My Micrografx Picture Publisher 7 (best photo editor ever!) wouldn't install being a 16-bit program. :thumbup2: So, I looked for the last version made. It was version 10 released in 2000. I couldn't find it for sale but I did find a full copy on Pirate Bay. I downloaded it and installed it on my computer. That's when the problems started. The program would start up and instantly shut down. When I re-booted, my Windows Defender wouldn't start. I got the following message:

"Application failed to initialize: 0x800106ba. A problem caused this program's service to stop. To start the service, restart your computer or search Help and Support for how to start a service manually."

I found this post (http://www.bleepingcomputer.com/forums/topic223339.html) from a couple months ago which seems to be the same problem, but I'm only having the Defender problem right now. Also, my new computer suddenly couldn't see my old computer on my network, but I've fixed that, and I couldn't access Add/Remove Programs from the security center...

I'm pretty sure it is some type of malware from the PP10 download. I did a system restore from earlier in the day and everything was fine and back to normal. Windows Defender was working and I could access everything in my security center. Then I re-booted and the problem returned. So, that's what tells me it's a program or file which re-installs or comes back when you try to remove it. It should be a pretty straight-forward fix since I've only had the computer for 3 days now and there's not that much garbage on it yet.

Here is my HJT Logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:00:55 PM, on 7/2/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
c:\PROGRA~2\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Safari\Safari.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.infowars.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~2\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [DellComms] "C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe" /P DellComms
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files (x86)\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: GearSecurity - GEAR Software - C:\Windows\system32\gearsec.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files (x86)\Common Files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\PROGRA~2\COMMON~1\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - Unknown owner - C:\Windows\sminst\sftservice.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellComms) (sprtsvc_DellComms) - SupportSoft, Inc. - C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 11930 bytes

BC AdBot (Login to Remove)

 


#2 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:10:00 AM

Posted 07 July 2009 - 02:02 PM

Hello Kevin in Chicago and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#3 Kevin in Chicago

Kevin in Chicago
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 07 July 2009 - 04:01 PM

Hi Schrauber,

Thanks for getting back. I downloaded the DDS program, disabled my A/V and disconnected. I ran the program and got the following message in the Pop-up window titled "Administrator: D.D.S." :

"This tool does not support your Operating System
Press any key to continue . . ."

I am running a brand new Dell Core i7 computer with Windows Vista Home Premium 64-bit edition. So I'm assuming that's the problem with DDS. Are there any other programs we can use like Malwarebytes?

Let me know.

Thanks!!

Kevin

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,808 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:00 AM

Posted 10 July 2009 - 02:38 PM

Sorry for the delay. An HJT Team member should be with you soon.

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#5 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 10 July 2009 - 02:55 PM

Hello.

Instead of DDS, please use OTL.

Download and Run OTListIt
Please download OTListIt by OldTimer to your desktop.
Open OTListIt by double clicking its icon. If you are using Windows Vista, right click OTL.exe and select Run As Administrator.
Click Run Scan without changing any settings. When the scan is complete, a logfile will open.
Copy the contents of the log into your next reply. It will be saved as OTL.txt where OTL.exe is located.

With Regards,
The Panda

#6 Kevin in Chicago

Kevin in Chicago
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 11 July 2009 - 02:04 PM

Hi Panda,

Here are the OTL logfile and Exras which popped up when the scan was complete. If I don't respond in the next 4 days, it's because I have to go to Houston from Sunday until Wednesday night. I'll respond to any further instructions on Thursday.

Thanks for your help!!!

Kevin


OTL logfile created on: 7/11/2009 1:55:17 PM - Run 1
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\Kevin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.10 Gb Total Space | 379.93 Gb Free Space | 65.38% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 8.05 Gb Free Space | 53.67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 931.51 Gb Total Space | 301.08 Gb Free Space | 32.32% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KEVINS-CORE-I7
Current User Name: Kevin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2008/12/18 12:05:28 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2009/01/09 08:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/03/19 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
PRC - [2009/01/09 09:22:10 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
PRC - [2007/07/24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/01/12 22:30:14 | 00,272,024 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
PRC - [2008/12/04 15:03:00 | 00,226,640 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/03/25 09:44:02 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/07/20 16:45:06 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/03/25 17:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe
PRC - [2009/03/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/01/09 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Common Files\mcafee\mna\mcnasvc.exe
PRC - [2009/03/25 17:25:20 | 00,645,328 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2008/07/20 16:45:06 | 00,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/30 00:54:30 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/04/23 06:29:14 | 07,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009/02/04 20:26:38 | 00,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/03/25 09:44:02 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
PRC - [2009/05/21 11:34:07 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/06/05 13:39:22 | 00,292,136 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/04/23 06:29:18 | 07,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009/06/30 02:52:45 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/05/08 05:53:34 | 00,174,424 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
PRC - [2009/01/21 17:34:16 | 00,532,808 | R--- | M] (Corel, Inc.) -- C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
PRC - [2009/01/21 17:34:22 | 00,016,712 | R--- | M] () -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
PRC - [2007/08/02 21:08:00 | 00,095,504 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
PRC - [2009/06/05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe
PRC - [2009/06/08 15:11:50 | 05,110,568 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe
PRC - [2009/07/11 13:54:41 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/02/24 04:12:04 | 00,088,576 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters [Auto | Running])
SRV:64bit: - [2008/10/17 05:24:26 | 00,905,216 | ---- | M] () -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])
SRV:64bit: - [2008/12/18 12:05:28 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService [Auto | Running])
SRV:64bit: - [2009/04/01 14:21:30 | 00,696,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
SRV:64bit: - [2009/03/25 10:59:30 | 00,153,920 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
SRV:64bit: - [2008/01/20 21:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [On_Demand | Stopped])
SRV:64bit: - [2008/01/20 21:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/27 13:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/27 13:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2008/01/20 21:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2008/01/20 21:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 10:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/06/19 20:17:12 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2003/09/24 10:00:00 | 00,049,152 | ---- | M] (GEAR Software) -- C:\Windows\SysWow64\gearsec.exe -- (GearSecurity [Auto | Stopped])
SRV - [2009/06/30 00:54:29 | 00,182,768 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/07/20 16:45:06 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2008/06/19 20:16:53 | 00,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/06/05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/11/02 04:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Stopped])
SRV - [2009/03/25 17:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
SRV - [2009/01/09 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Common Files\mcafee\mna\mcnasvc.exe -- (McNASvc [Auto | Running])
SRV - [2009/01/09 08:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
SRV - [2009/03/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
SRV - [2009/03/19 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService [Auto | Running])
SRV - [2006/11/02 08:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2009/01/09 09:22:10 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe -- (MSK80Service [Auto | Running])
SRV - [2008/01/20 21:48:28 | 00,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2007/07/24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2 [Auto | Running])
SRV - [2007/01/12 22:30:14 | 00,272,024 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2008/12/04 15:03:00 | 00,226,640 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2009/03/25 09:44:02 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe -- (sprtsvc_DellComms [Auto | Running])
SRV - [2008/03/24 06:35:22 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])
SRV - [2006/11/02 01:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006/11/02 01:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Auto | Running])

========== Driver Services (SafeList) ==========

DRV:64bit: - [2008/10/17 05:24:30 | 04,709,888 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])
DRV:64bit: - [2008/01/20 21:46:55 | 00,317,952 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express [On_Demand | Stopped])
DRV:64bit: - [2009/03/19 16:34:18 | 00,029,544 | ---- | M] () -- C:\Windows\SysNative\drivers\gearaspiwdm.sys -- (GEARAspiWDM [On_Demand | Running])
DRV:64bit: - [2006/11/02 00:28:10 | 00,273,920 | ---- | M] () -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running])
DRV:64bit: - [2008/12/11 03:58:54 | 00,402,456 | ---- | M] () -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor [Boot | Running])
DRV:64bit: - [2008/12/15 03:37:38 | 00,098,144 | ---- | M] () -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID [Boot | Running])
DRV:64bit: - [2009/03/25 11:06:22 | 00,102,600 | ---- | M] () -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
DRV:64bit: - [2008/12/19 21:24:48 | 00,041,032 | ---- | M] () -- C:\Windows\SysNative\drivers\mfebopk.sys -- (mfebopk [On_Demand | Stopped])
DRV:64bit: - [2009/03/25 11:06:22 | 00,307,400 | ---- | M] () -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk [System | Running])
DRV:64bit: - [2009/03/25 10:59:38 | 00,040,904 | ---- | M] () -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk [On_Demand | Stopped])
DRV:64bit: - [2009/03/25 11:06:22 | 00,049,480 | ---- | M] () -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
DRV:64bit: - [2008/10/23 13:08:54 | 00,176,144 | ---- | M] () -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP [System | Running])
DRV:64bit: - [2007/11/14 02:00:00 | 00,053,488 | ---- | M] () -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64 [Boot | Running])
DRV:64bit: - [2008/10/17 05:24:30 | 04,709,888 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300 [On_Demand | Stopped])
DRV:64bit: - [2008/12/15 00:09:30 | 00,174,592 | ---- | M] () -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169 [On_Demand | Running])
DRV:64bit: - [2008/12/18 00:43:24 | 00,062,464 | ---- | M] () -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR [On_Demand | Stopped])
DRV:64bit: - [2009/06/05 11:42:38 | 00,048,640 | ---- | M] () -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64 [On_Demand | Stopped])
DRV - [2003/09/24 10:00:00 | 00,009,728 | ---- | M] (GEAR Software) -- C:\Windows\SysWow64\drivers\gearaspiwdm.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/09/18 16:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2006/09/18 16:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [System | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.infowars.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..extensions.enabledItems: djziggy@gmail.com:1.0.7
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.0.4
FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:2.95


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/02 04:24:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/06/30 02:52:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/06/30 02:52:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/07/10 04:29:21 | 00,000,000 | ---D | M]

[2009/06/30 01:10:47 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions
[2009/06/30 01:10:47 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/08 20:13:38 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions
[2009/06/30 18:21:45 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/30 01:29:12 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2009/06/30 12:52:40 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009/06/30 12:18:16 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com
[2009/06/30 01:25:24 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\personas@christopher.beard
[2009/07/08 17:33:08 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\piclens@cooliris.com
[2009/07/08 17:33:08 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\piclens@cooliris.com-trash
[2009/06/30 12:55:06 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\redshift_V2@shift-themes.com
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\chatzilla
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\Console2
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\downthemall
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\emusic
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\fullerscreen
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\sage
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\toolkit
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\webdeveloper
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\mozapps\extensions
[2009/06/30 21:59:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/06/30 01:10:31 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/06/30 21:59:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/02 22:00:58 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009/06/02 22:00:59 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 16:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll
[2009/05/21 11:33:58 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009/05/12 13:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll
[2009/05/18 17:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/06/02 22:01:00 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2009/06/30 02:52:50 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll
[2009/06/30 02:52:56 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll
[2009/06/30 02:52:48 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll
[2009/05/01 16:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll
[2009/06/02 18:18:22 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2009/06/02 18:18:22 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2009/06/02 18:18:22 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2009/06/02 18:18:22 | 00,002,343 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2009/06/02 18:18:22 | 00,001,706 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009/06/02 18:18:22 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2009/06/02 18:18:22 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [DellComms] C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickFinder Scheduler] C:\Program Files (x86)\WordPerfect Office 11\Programs\QFSCHD110.EXE (Novell, Inc., c/o Corel Corporation Limited)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [YMailAdvisor] C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - x-sdch - Reg Error: Key error. File not found
O18 - Protocol\Filter: - x-sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 15:01:00 | 00,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008/10/29 00:59:53 | 00,000,033 | -HS- | M] () - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/07/11 13:54:41 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2009/07/10 04:28:40 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2009/07/09 03:08:01 | 00,000,000 | ---D | C] -- C:\Users\Kevin\Documents\Corel User Files
[2009/07/09 03:07:59 | 00,061,678 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\PFP110JPR.{PB
[2009/07/09 03:07:59 | 00,012,358 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\PFP110JCM.{PB
[2009/07/09 01:50:00 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Ulead Systems
[2009/07/09 01:47:27 | 00,001,871 | ---- | C] () -- C:\Users\Public\Desktop\PhotoImpact X3.lnk
[2009/07/09 01:42:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ulead Systems
[2009/07/09 01:42:35 | 00,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems
[2009/07/09 01:41:02 | 00,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2009/07/08 20:56:12 | 00,000,000 | ---D | C] -- C:\Temp Video Editing Folder
[2009/07/07 15:50:27 | 00,359,929 | ---- | C] () -- C:\Users\Kevin\Desktop\dds.pif
[2009/07/06 15:56:54 | 00,000,000 | ---D | C] -- C:\Users\Kevin\Documents\My Corel Shows
[2009/07/06 15:56:54 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Corel
[2009/07/06 15:55:55 | 00,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009/07/06 15:55:55 | 00,000,088 | RHS- | C] () -- C:\ProgramData\608EEB57F7.sys
[2009/07/06 15:55:06 | 00,000,000 | ---D | C] -- C:\Users\Kevin\Documents\My PSP Files
[2009/07/06 15:55:06 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Corel
[2009/07/06 15:53:03 | 00,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Corel Paint Shop Pro Photo X2.lnk
[2009/07/06 15:52:31 | 00,000,000 | ---D | C] -- C:\ProgramData\Corel
[2009/07/06 15:52:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2009/07/06 15:49:52 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\InstallShield
[2009/07/06 14:36:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2009/07/02 13:00:33 | 00,001,930 | ---- | C] () -- C:\Users\Kevin\Desktop\HijackThis.lnk
[2009/07/02 13:00:33 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/07/02 02:45:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Micrografx
[2009/07/02 01:30:13 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Micrografx
[2009/07/01 17:37:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2009/07/01 17:37:42 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Roxio
[2009/07/01 03:09:07 | 00,001,072 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
[2009/07/01 03:07:45 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\OpenOffice.org
[2009/07/01 00:59:56 | 00,031,049 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\UserTile.png
[2009/06/30 22:01:17 | 00,001,047 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 3.1.lnk
[2009/06/30 22:00:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\JRE
[2009/06/30 22:00:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2009/06/30 21:59:36 | 00,148,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/06/30 21:59:36 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/06/30 21:59:36 | 00,144,792 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/06/30 21:51:41 | 00,001,059 | ---- | C] () -- C:\Users\Kevin\Desktop\WordPerfect 11.lnk
[2009/06/30 21:51:41 | 00,001,035 | ---- | C] () -- C:\Users\Kevin\Desktop\Quattro Pro 11.lnk
[2009/06/30 21:36:38 | 00,043,008 | ---- | C] () -- C:\Users\Kevin\Documents\Name phone list.doc
[2009/06/30 21:25:51 | 00,001,048 | ---- | C] () -- C:\Users\Kevin\Desktop\ImTOO iPod Movie Converter 3.lnk
[2009/06/30 21:25:51 | 00,001,017 | ---- | C] () -- C:\Users\Kevin\Desktop\ImTOO iPod Movie Converter Wizard 3.lnk
[2009/06/30 21:21:53 | 00,001,043 | ---- | C] () -- C:\Users\Kevin\Desktop\ImTOO DVD to iPod Converter 4.lnk
[2009/06/30 21:21:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ImTOO
[2009/06/30 21:14:07 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Converter
[2009/06/30 21:11:21 | 00,015,872 | ---- | C] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/30 21:08:23 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\DivX
[2009/06/30 21:08:22 | 00,000,000 | ---D | C] -- C:\Users\Kevin\Documents\CyberLink
[2009/06/30 21:07:25 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\CyberLink
[2009/06/30 21:02:31 | 00,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2009/06/30 21:02:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software
[2009/06/30 21:02:12 | 00,000,979 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009/06/30 21:02:10 | 01,628,920 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxsfs.dll
[2009/06/30 21:02:10 | 00,551,672 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\px.dll
[2009/06/30 21:02:10 | 00,518,904 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxdrv.dll
[2009/06/30 21:02:10 | 00,379,640 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxwave.dll
[2009/06/30 21:02:10 | 00,187,128 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxmas.dll
[2009/06/30 21:02:10 | 00,129,784 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxafs.dll
[2009/06/30 21:02:10 | 00,120,056 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxcpyi64.exe
[2009/06/30 21:02:10 | 00,118,520 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxinsi64.exe
[2009/06/30 21:02:10 | 00,088,824 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\vxblock.dll
[2009/06/30 21:02:10 | 00,072,440 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxhpinst.exe
[2009/06/30 21:02:10 | 00,066,296 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxcpya64.exe
[2009/06/30 21:02:10 | 00,064,760 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxinsa64.exe
[2009/06/30 21:02:08 | 00,001,420 | ---- | C] () -- C:\Users\Kevin\Desktop\DivX Movies.lnk
[2009/06/30 21:02:08 | 00,001,015 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2009/06/30 21:02:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2009/06/30 21:01:51 | 00,001,884 | ---- | C] () -- C:\Users\Kevin\Desktop\Cyberlink PowerDirector.lnk
[2009/06/30 20:57:21 | 00,000,000 | ---D | C] -- C:\MyWorks
[2009/06/30 20:43:37 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2009/06/30 20:43:18 | 55,006,1655 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009/06/30 20:41:26 | 00,000,000 | ---D | C] -- C:\temp_dvd
[2009/06/30 20:32:34 | 00,000,809 | ---- | C] () -- C:\Users\Kevin\Desktop\DVD-Cloner V.lnk
[2009/06/30 20:32:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Dvd-cloner
[2009/06/30 20:30:24 | 00,001,471 | ---- | C] () -- C:\Users\Kevin\Desktop\Launch Cooliris.lnk
[2009/06/30 20:30:24 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Cooliris
[2009/06/30 20:27:42 | 00,001,083 | ---- | C] () -- C:\Users\Public\Desktop\Cakewalk Pyro 2004.LNK
[2009/06/30 20:27:26 | 00,501,472 | ---- | C] (Infragistics Development Corporation) -- C:\Windows\SysWow64\pvxplore8.ocx
[2009/06/30 20:27:26 | 00,491,520 | ---- | C] (ComponentOne) -- C:\Windows\SysWow64\VSFLEX7.OCX
[2009/06/30 20:27:26 | 00,345,544 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\ssa3d30.ocx
[2009/06/30 20:27:26 | 00,177,608 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\sssplt30.ocx
[2009/06/30 20:27:25 | 00,118,784 | ---- | C] (Inabyte Inc.) -- C:\Windows\SysWow64\InaXploreTree.ocx
[2009/06/30 20:27:25 | 00,049,152 | ---- | C] (GEAR Software) -- C:\Windows\SysWow64\gearsec.exe
[2009/06/30 20:27:25 | 00,009,728 | ---- | C] (GEAR Software) -- C:\Windows\SysWow64\drivers\GEARAspiWDM.SYS
[2009/06/30 20:27:19 | 01,066,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2009/06/30 20:27:19 | 00,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2009/06/30 20:27:19 | 00,401,462 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.00C
[2009/06/30 20:27:19 | 00,266,293 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.00A
[2009/06/30 20:27:19 | 00,209,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TABCTL32.OCX
[2009/06/30 20:27:19 | 00,147,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.009
[2009/06/30 20:27:19 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2009/06/30 20:27:19 | 00,077,878 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.00B
[2009/06/30 20:27:18 | 01,388,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.008
[2009/06/30 20:27:18 | 00,995,383 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.003
[2009/06/30 20:27:18 | 00,614,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.004
[2009/06/30 20:27:18 | 00,295,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.002
[2009/06/30 20:27:18 | 00,164,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.005
[2009/06/30 20:27:18 | 00,147,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.006
[2009/06/30 20:27:18 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.007
[2009/06/30 20:27:17 | 00,401,462 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.001
[2009/06/30 20:27:17 | 00,077,878 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.000
[2009/06/30 20:27:07 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Cakewalk
[2009/06/30 20:12:50 | 00,000,894 | ---- | C] () -- C:\Users\Public\Desktop\Moyea FLV Player.lnk
[2009/06/30 20:09:22 | 00,000,969 | ---- | C] () -- C:\Users\Public\Desktop\Moyea YouTube FLV Downloader.lnk
[2009/06/30 19:54:59 | 00,438,272 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2009/06/30 19:54:59 | 00,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Moyea FLV to Video Converter Pro 2.lnk
[2009/06/30 19:33:36 | 00,000,000 | ---D | C] -- C:\Users\Kevin\Documents\Moyea
[2009/06/30 19:33:23 | 00,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Moyea Flash Video MX Pro.lnk
[2009/06/30 19:33:23 | 00,001,034 | ---- | C] () -- C:\Users\Public\Desktop\Moyea Flash Video MX Pro Batch Encoder.lnk
[2009/06/30 19:33:22 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Moyea
[2009/06/30 19:33:21 | 00,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\SysWow64\iconv.dll
[2009/06/30 19:33:21 | 00,577,536 | ---- | C] () -- C:\Windows\SysWow64\rtl4.dat
[2009/06/30 19:33:21 | 00,434,176 | ---- | C] (Gabest) -- C:\Windows\SysWow64\rtl2.dat
[2009/06/30 19:33:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Moyea
[2009/06/30 17:45:25 | 00,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2009/06/30 17:45:13 | 00,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2009/06/30 17:45:09 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Yahoo!
[2009/06/30 17:41:03 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2009/06/30 15:23:55 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\NetMedia Providers
[2009/06/30 15:23:50 | 00,000,000 | ---D | C] -- C:\Users\Kevin\Documents\Sony ACID Music Studio 7.0 Projects
[2009/06/30 12:11:10 | 00,254,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmclien.dll
[2009/06/30 12:10:22 | 00,000,562 | ---- | C] () -- C:\Windows\SysWow64\mapisvc.inf
[2009/06/30 12:10:22 | 00,000,264 | ---- | C] () -- C:\Windows\SysWow64\BDEMERGE.INI
[2009/06/30 12:09:39 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2009/06/30 12:08:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\WordPerfect Office 11
[2009/06/30 12:08:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2009/06/30 03:05:55 | 03,899,366 | -H-- | C] () -- C:\Users\Kevin\AppData\Local\IconCache.db
[2009/06/30 02:58:42 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Publish Providers
[2009/06/30 02:58:35 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Sony
[2009/06/30 02:58:35 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Sony
[2009/06/30 02:52:54 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2009/06/30 02:52:53 | 00,000,995 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2009/06/30 02:52:50 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2009/06/30 02:52:47 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2009/06/30 02:52:47 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2009/06/30 02:52:46 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2009/06/30 02:52:46 | 00,000,000 | ---D | C] -- C:\Program Files\Real
[2009/06/30 02:52:44 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Real
[2009/06/30 02:52:44 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Real
[2009/06/30 02:38:41 | 00,001,959 | ---- | C] () -- C:\Users\Public\Desktop\ACID Music Studio 7.0.lnk
[2009/06/30 02:33:45 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Stardock_Corporation
[2009/06/30 02:30:39 | 00,001,906 | ---- | C] () -- C:\Users\Public\Desktop\DVD Architect Studio 4.5.lnk
[2009/06/30 02:27:51 | 00,002,000 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Movie Studio Platinum 8.0.lnk
[2009/06/30 02:27:49 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Vstplugins
[2009/06/30 02:27:45 | 00,000,000 | ---D | C] -- C:\ProgramData\Sony
[2009/06/30 02:27:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2009/06/30 01:31:57 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/06/30 01:31:57 | 01,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2009/06/30 01:31:56 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009/06/30 01:31:56 | 01,484,288 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2009/06/30 01:31:56 | 01,207,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/06/30 01:31:56 | 00,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2009/06/30 01:31:56 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2009/06/30 01:31:56 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/06/30 01:31:56 | 00,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2009/06/30 01:31:56 | 00,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2009/06/30 01:31:56 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2009/06/30 01:31:56 | 00,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2009/06/30 01:31:55 | 02,332,672 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2009/06/30 01:31:55 | 01,146,368 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2009/06/30 01:31:55 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/06/30 01:31:55 | 00,457,728 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2009/06/30 01:31:55 | 00,385,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009/06/30 01:31:55 | 00,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2009/06/30 01:31:55 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2009/06/30 01:31:55 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009/06/30 01:31:54 | 11,064,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/06/30 01:31:54 | 01,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2009/06/30 01:31:54 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009/06/30 01:31:53 | 12,454,912 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2009/06/30 01:31:53 | 09,234,432 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2009/06/30 01:31:53 | 05,936,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/06/30 01:30:01 | 00,161,792 | ---- | C] () -- C:\Windows\SysNative\advpack.dll
[2009/06/30 01:30:01 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2009/06/30 01:30:01 | 00,088,064 | ---- | C] () -- C:\Windows\SysNative\admparse.dll
[2009/06/30 01:30:01 | 00,085,504 | ---- | C] () -- C:\Windows\SysNative\icardie.dll
[2009/06/30 01:30:01 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2009/06/30 01:30:01 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2009/06/30 01:30:01 | 00,022,528 | ---- | C] () -- C:\Windows\SysNative\corpol.dll
[2009/06/30 01:30:00 | 00,223,232 | ---- | C] () -- C:\Windows\SysNative\msls31.dll
[2009/06/30 01:30:00 | 00,157,696 | ---- | C] () -- C:\Windows\SysNative\ieakeng.dll
[2009/06/30 01:30:00 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2009/06/30 01:30:00 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2009/06/30 01:30:00 | 00,125,952 | ---- | C] () -- C:\Windows\SysNative\inseng.dll
[2009/06/30 01:30:00 | 00,077,824 | ---- | C] () -- C:\Windows\SysNative\tdc.ocx
[2009/06/30 01:30:00 | 00,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2009/06/30 01:30:00 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2009/06/30 01:30:00 | 00,055,808 | ---- | C] () -- C:\Windows\SysNative\licmgr10.dll
[2009/06/30 01:30:00 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009/06/30 01:30:00 | 00,052,736 | ---- | C] () -- C:\Windows\SysNative\imgutil.dll
[2009/06/30 01:30:00 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\corpol.dll
[2009/06/30 01:30:00 | 00,012,800 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2009/06/30 01:29:59 | 00,700,928 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2009/06/30 01:29:59 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009/06/30 01:29:59 | 00,508,416 | ---- | C] () -- C:\Windows\SysNative\dxtmsft.dll
[2009/06/30 01:29:59 | 00,481,280 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2009/06/30 01:29:59 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2009/06/30 01:29:59 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2009/06/30 01:29:59 | 00,076,288 | ---- | C] () -- C:\Windows\SysNative\wextract.exe
[2009/06/30 01:29:59 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2009/06/30 01:29:59 | 00,063,488 | ---- | C] () -- C:\Windows\SysNative\pngfilt.dll
[2009/06/30 01:29:59 | 00,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2009/06/30 01:29:59 | 00,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2009/06/30 01:29:59 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2009/06/30 01:29:59 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2009/06/30 01:29:59 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2009/06/30 01:29:58 | 01,062,912 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2009/06/30 01:29:58 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2009/06/30 01:29:58 | 00,318,464 | ---- | C] () -- C:\Windows\SysNative\dxtrans.dll
[2009/06/30 01:29:58 | 00,304,640 | ---- | C] () -- C:\Windows\SysNative\webcheck.dll
[2009/06/30 01:29:58 | 00,271,872 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2009/06/30 01:29:58 | 00,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2009/06/30 01:29:58 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webcheck.dll
[2009/06/30 01:29:58 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2009/06/30 01:29:58 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2009/06/30 01:29:58 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009/06/30 01:29:58 | 00,146,432 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2009/06/30 01:29:58 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009/06/30 01:29:58 | 00,096,768 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2009/06/30 01:29:58 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2009/06/30 01:29:58 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2009/06/30 01:29:58 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2009/06/30 01:29:57 | 00,817,664 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2009/06/30 01:29:57 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2009/06/30 01:29:57 | 00,612,864 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2009/06/30 01:29:57 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2009/06/30 01:29:57 | 00,278,528 | ---- | C] () -- C:\Windows\SysNative\WinFXDocObj.exe
[2009/06/30 01:29:57 | 00,241,664 | ---- | C] () -- C:\Windows\SysNative\msrating.dll
[2009/06/30 01:29:57 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinFXDocObj.exe
[2009/06/30 01:29:57 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2009/06/30 01:29:57 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2009/06/30 01:29:57 | 00,163,840 | ---- | C] () -- C:\Windows\SysNative\ieakui.dll
[2009/06/30 01:29:57 | 00,161,792 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2009/06/30 01:29:57 | 00,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2009/06/30 01:29:57 | 00,131,584 | ---- | C] () -- C:\Windows\SysNative\PDMSetup.exe
[2009/06/30 01:29:57 | 00,129,024 | ---- | C] () -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2009/06/30 01:29:57 | 00,128,512 | ---- | C] () -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2009/06/30 01:29:57 | 00,125,440 | ---- | C] () -- C:\Windows\SysNative\SetDepNx.exe
[2009/06/30 01:29:57 | 00,108,032 | ---- | C] () -- C:\Windows\SysNative\url.dll
[2009/06/30 01:29:57 | 00,041,984 | ---- | C] () -- C:\Windows\SysNative\mshta.exe
[2009/06/30 01:29:56 | 00,479,744 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2009/06/30 01:29:56 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2009/06/30 01:29:56 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2009/06/30 01:29:56 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2009/06/30 01:29:56 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2009/06/30 01:29:56 | 00,048,128 | ---- | C] () -- C:\Windows\SysNative\mshtmler.dll
[2009/06/30 01:29:56 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshta.exe
[2009/06/30 01:29:55 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2009/06/30 01:29:55 | 03,698,584 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dat
[2009/06/30 01:29:55 | 00,193,536 | ---- | C] () -- C:\Windows\SysNative\iexpress.exe
[2009/06/30 01:29:55 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009/06/30 01:29:55 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PDMSetup.exe
[2009/06/30 01:29:55 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2009/06/30 01:29:55 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2009/06/30 01:29:55 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2009/06/30 01:29:55 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetDepNx.exe
[2009/06/30 01:15:35 | 00,006,836 | ---- | C] () -- C:\Users\Kevin\AppData\Local\d3d9caps.dat
[2009/06/30 01:15:15 | 00,001,866 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2009/06/30 01:15:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2009/06/30 01:10:42 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Mozilla
[2009/06/30 01:10:42 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Mozilla
[2009/06/30 01:10:32 | 00,001,780 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/06/30 01:10:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2009/06/30 00:59:21 | 00,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009/06/30 00:55:30 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Google
[2009/06/30 00:55:30 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Google
[2009/06/30 00:55:15 | 00,000,418 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{7598FFEF-BE69-42AC-BAD7-B1A3A1D9AC3B}.job
[2009/06/30 00:54:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Google
[2009/06/30 00:54:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2009/06/30 00:54:13 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Apple Computer
[2009/06/30 00:54:13 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Apple Computer
[2009/06/30 00:54:10 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/06/30 00:53:56 | 00,126,312 | ---- | C] () -- C:\Windows\SysNative\GEARAspi64.dll
[2009/06/30 00:53:56 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2009/06/30 00:53:56 | 00,029,544 | ---- | C] () -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2009/06/30 00:53:55 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2009/06/30 00:53:54 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Adobe
[2009/06/30 00:53:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\iPod
[2009/06/30 00:53:45 | 00,000,000 | ---D | C] -- C:\ProgramData\{35733029-9859-49C7-8475-1E78E2AAE413}
[2009/06/30 00:53:45 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/06/30 00:53:45 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2009/06/30 00:53:24 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/06/30 00:53:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2009/06/30 00:53:12 | 00,001,758 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/06/30 00:53:11 | 00,000,000 | ---D | C] -- C:\ProgramData\NOS
[2009/06/30 00:53:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\NOS
[2009/06/30 00:53:00 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2009/06/30 00:53:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2009/06/30 00:52:52 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Apple
[2009/06/30 00:52:51 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2009/06/30 00:52:06 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2009/06/30 00:52:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple
[2009/06/30 00:52:02 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2009/06/30 00:40:26 | 00,049,160 | ---- | C] () -- C:\Windows\SysNative\infocardcpl.cpl
[2009/06/30 00:40:26 | 00,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2009/06/30 00:40:22 | 00,011,264 | ---- | C] () -- C:\Windows\SysNative\icardres.dll
[2009/06/30 00:40:21 | 00,052,760 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll
[2009/06/30 00:40:21 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2009/06/30 00:40:21 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2009/06/30 00:40:20 | 01,383,936 | ---- | C] () -- C:\Windows\SysNative\icardagt.exe
[2009/06/30 00:40:20 | 01,168,928 | ---- | C] () -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2009/06/30 00:40:20 | 00,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2009/06/30 00:40:20 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2009/06/30 00:40:20 | 00,167,432 | ---- | C] () -- C:\Windows\SysNative\infocardapi.dll
[2009/06/30 00:40:20 | 00,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2009/06/30 00:40:15 | 00,126,520 | ---- | C] () -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2009/06/30 00:40:15 | 00,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2009/06/30 00:40:13 | 00,357,904 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe
[2009/06/30 00:40:13 | 00,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2009/06/30 00:36:08 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2009/06/30 00:36:08 | 00,013,824 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll
[2009/06/30 00:36:00 | 00,112,120 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll
[2009/06/30 00:36:00 | 00,096,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2009/06/30 00:35:54 | 00,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscoree.dll
[2009/06/30 00:35:53 | 00,406,528 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll
[2009/06/30 00:35:47 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2009/06/30 00:35:47 | 00,158,208 | ---- | C] () -- C:\Windows\SysNative\mscorier.dll
[2009/06/30 00:35:44 | 00,076,288 | ---- | C] () -- C:\Windows\SysNative\mscories.dll
[2009/06/30 00:35:43 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2009/06/30 00:30:24 | 00,558,592 | ---- | C] () -- C:\Windows\SysNative\EncDec.dll
[2009/06/30 00:30:23 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2009/06/30 00:30:23 | 00,289,792 | ---- | C] () -- C:\Windows\SysNative\psisrndr.ax
[2009/06/30 00:30:22 | 00,375,808 | ---- | C] () -- C:\Windows\SysNative\psisdecd.dll
[2009/06/30 00:30:22 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2009/06/30 00:30:22 | 00,227,328 | ---- | C] () -- C:\Windows\SysNative\mpg2splt.ax
[2009/06/30 00:30:22 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2009/06/30 00:30:22 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2009/06/30 00:30:22 | 00,101,376 | ---- | C] () -- C:\Windows\SysNative\MSNP.ax
[2009/06/30 00:30:22 | 00,100,352 | ---- | C] () -- C:\Windows\SysNative\Mpeg2Data.ax
[2009/06/30 00:30:22 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2009/06/30 00:30:22 | 00,073,216 | ---- | C] () -- C:\Windows\SysNative\MSDvbNP.ax
[2009/06/30 00:30:22 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2009/06/30 00:30:22 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2009/06/30 00:29:33 | 00,439,808 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll
[2009/06/30 00:29:33 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winhttp.dll
[2009/06/30 00:29:31 | 01,691,648 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll
[2009/06/30 00:29:31 | 01,208,832 | ---- | C] () -- C:\Windows\SysNative\kernel32.dll
[2009/06/30 00:29:30 | 00,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kernel32.dll
[2009/06/30 00:29:30 | 00,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll
[2009/06/30 00:29:30 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Dell
[2009/06/30 00:29:29 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secur32.dll
[2009/06/30 00:29:29 | 00,025,600 | ---- | C] () -- C:\Windows\SysNative\amxread.dll
[2009/06/30 00:29:29 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amxread.dll
[2009/06/30 00:29:29 | 00,015,872 | ---- | C] () -- C:\Windows\SysNative\apilogen.dll
[2009/06/30 00:29:29 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apilogen.dll
[2009/06/30 00:29:25 | 02,742,272 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2009/06/30 00:29:23 | 00,001,815 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2009/06/30 00:29:22 | 00,791,552 | ---- | C] () -- C:\Windows\SysNative\localspl.dll
[2009/06/30 00:29:22 | 00,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
[2009/06/30 00:29:21 | 00,324,608 | ---- | C] () -- C:\Windows\SysNative\PortableDeviceApi.dll
[2009/06/30 00:29:21 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2009/06/30 00:29:19 | 01,320,448 | ---- | C] () -- C:\Windows\SysNative\rpcrt4.dll
[2009/06/30 00:29:19 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpcrt4.dll
[2009/06/30 00:29:18 | 00,176,640 | ---- | C] () -- C:\Windows\SysNative\Faultrep.dll
[2009/06/30 00:29:18 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2009/06/30 00:29:18 | 00,120,832 | ---- | C] () -- C:\Windows\SysNative\wersvc.dll
[2009/06/30 00:29:11 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Macromedia
[2009/06/30 00:28:59 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Adobe
[2009/06/30 00:28:28 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\ATI
[2009/06/30 00:28:28 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\PowerDVD DX
[2009/06/30 00:28:28 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\ATI
[2009/06/30 00:28:28 | 00,000,000 | ---D | C] -- C:\ProgramData\ATI
[2009/06/30 00:28:26 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\SupportSoft
[2009/06/30 00:28:05 | 04,691,424 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2009/06/30 00:28:05 | 01,030,656 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2009/06/30 00:28:04 | 00,718,336 | ---- | C] () -- C:\Windows\SysNative\rpcss.dll
[2009/06/30 00:28:03 | 00,231,424 | ---- | C] () -- C:\Windows\SysNative\sdohlp.dll
[2009/06/30 00:28:03 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2009/06/30 00:28:03 | 00,163,840 | ---- | C] () -- C:\Windows\SysNative\iasrecst.dll
[2009/06/30 00:28:03 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasrecst.dll
[2009/06/30 00:28:03 | 00,075,776 | ---- | C] () -- C:\Windows\SysNative\iasads.dll
[2009/06/30 00:28:03 | 00,061,440 | ---- | C] () -- C:\Windows\SysNative\iasdatastore.dll
[2009/06/30 00:28:03 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasads.dll
[2009/06/30 00:28:03 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasdatastore.dll
[2009/06/30 00:28:03 | 00,036,352 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2009/06/30 00:28:03 | 00,024,576 | ---- | C] () -- C:\Windows\SysNative\iashost.exe
[2009/06/30 00:28:03 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iashost.exe
[2009/06/30 00:28:00 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Identities
[2009/06/30 00:27:46 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\VirtualStore
[2009/06/30 00:27:27 | 00,346,352 | ---- | C] () -- C:\Windows\SysNative\Shellvrtf64.dll
[2009/06/30 00:27:02 | 00,730,112 | ---- | C] () -- C:\Windows\SysNative\msdtcprx.dll
[2009/06/30 00:27:02 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2009/06/30 00:27:02 | 00,048,640 | ---- | C] () -- C:\Windows\SysNative\xolehlp.dll
[2009/06/30 00:27:02 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xolehlp.dll
[2009/06/30 00:25:18 | 00,016,099 | ---- | C] () -- C:\Windows\SysNative\Config.MPF
[2009/06/30 00:25:12 | 00,111,024 | ---- | C] () -- C:\Users\Kevin\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/06/30 00:25:11 | 21,380,34175 | -HS- | C] () -- C:\hiberfil.sys
[2009/06/30 00:23:56 | 00,000,000 | --SD | C] -- C:\Users\Kevin\AppData\Roaming\Microsoft
[2009/06/30 00:23:56 | 00,000,000 | -HSD | C] -- C:\Users\Kevin\Documents\My Videos
[2009/06/30 00:23:56 | 00,000,000 | -HSD | C] -- C:\Users\Kevin\Documents\My Pictures
[2009/06/30 00:23:56 | 00,000,000 | -HSD | C] -- C:\Users\Kevin\Documents\My Music
[2009/06/30 00:23:56 | 00,000,000 | -HSD | C] -- C:\Users\Kevin\AppData\Local\Temporary Internet Files
[2009/06/30 00:23:56 | 00,000,000 | -HSD | C] -- C:\Users\Kevin\AppData\Local\History
[2009/06/30 00:23:56 | 00,000,000 | -HSD | C] -- C:\Users\Kevin\AppData\Local\Application Data
[2009/06/30 00:23:56 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Media Center Programs
[2009/06/30 00:23:56 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Temp
[2009/06/30 00:23:56 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\SoftThinks
[2009/06/30 00:23:56 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Microsoft
[2009/06/30 00:21:27 | 01,717,248 | ---- | C] () -- C:\Windows\SysNative\wucltux.dll
[2009/06/30 00:21:27 | 00,054,296 | ---- | C] () -- C:\Windows\SysNative\wuauclt.exe
[2009/06/30 00:21:27 | 00,043,032 | ---- | C] () -- C:\Windows\SysNative\wups2.dll
[2009/06/30 00:21:26 | 02,289,688 | ---- | C] () -- C:\Windows\SysNative\wuaueng.dll
[2009/06/30 00:21:11 | 00,685,592 | ---- | C] () -- C:\Windows\SysNative\wuapi.dll
[2009/06/30 00:21:11 | 00,561,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2009/06/30 00:21:11 | 00,093,184 | ---- | C] () -- C:\Windows\SysNative\wudriver.dll
[2009/06/30 00:21:11 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2009/06/30 00:21:11 | 00,035,352 | ---- | C] () -- C:\Windows\SysNative\wups.dll
[2009/06/30 00:21:11 | 00,034,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2009/06/30 00:21:07 | 00,175,376 | ---- | C] () -- C:\Windows\SysNative\wuwebv.dll
[2009/06/30 00:21:07 | 00,162,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2009/06/30 00:21:07 | 00,033,792 | ---- | C] () -- C:\Windows\SysNative\wuapp.exe
[2009/06/30 00:21:07 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2009/06/30 00:20:23 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2009/06/30 00:20:23 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2009/06/30 00:20:23 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2009/06/30 00:20:23 | 00,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2009/06/30 00:20:23 | 00,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2009/06/30 00:20:23 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2009/06/30 00:20:23 | 00,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2009/06/30 00:20:23 | 00,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2009/06/30 00:20:23 | 00,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2009/06/30 00:20:23 | 00,000,000 | -HSD | C] -- C:\Documents and Settings
[2009/06/13 00:00:57 | 00,005,075 | RH-- | C] () -- C:\dell.sdr
[2009/06/13 00:00:48 | 00,098,144 | ---- | C] () -- C:\Windows\SysNative\drivers\jraid.sys
[2009/06/13 00:00:43 | 00,402,456 | ---- | C] () -- C:\Windows\SysNative\drivers\iaStor.sys
[2009/06/13 00:00:43 | 00,174,592 | ---- | C] () -- C:\Windows\SysNative\drivers\Rtlh64.sys
[2009/06/13 00:00:43 | 00,010,240 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2009/06/13 00:00:42 | 05,631,520 | ---- | C] () -- C:\Windows\System\DriveIcon.dll
[2009/06/13 00:00:42 | 00,062,464 | ---- | C] () -- C:\Windows\SysNative\drivers\RTSTOR64.sys
[2009/06/13 00:00:33 | 01,703,584 | ---- | C] () -- C:\Windows\SysNative\drivers\RTKVHD64.sys
[2009/06/13 00:00:33 | 01,537,056 | ---- | C] () -- C:\Windows\SysNative\RtkAPO64.dll
[2009/06/13 00:00:33 | 01,154,080 | ---- | C] () -- C:\Windows\SysNative\RTCOM64.dll
[2009/06/13 00:00:33 | 01,087,008 | ---- | C] () -- C:\Windows\SysNative\RtPgEx64.dll
[2009/06/13 00:00:33 | 00,611,360 | ---- | C] () -- C:\Windows\SysNative\RTSnMg64.cpl
[2009/06/13 00:00:33 | 00,567,808 | ---- | C] () -- C:\Windows\SysNative\MBAPO64.dll
[2009/06/13 00:00:33 | 00,513,536 | ---- | C] () -- C:\Windows\SysNative\SRSTSX64.dll
[2009/06/13 00:00:33 | 00,497,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2009/06/13 00:00:33 | 00,417,824 | ---- | C] () -- C:\Windows\SysNative\RtkApi64.dll
[2009/06/13 00:00:33 | 00,331,808 | ---- | C] () -- C:\Windows\SysNative\RtlCPAPI64.dll
[2009/06/13 00:00:33 | 00,296,448 | ---- | C] () -- C:\Windows\SysNative\RTPCEE64.dll
[2009/06/13 00:00:33 | 00,163,840 | ---- | C] () -- C:\Windows\SysNative\AERTAC64.dll
[2009/06/13 00:00:33 | 00,150,528 | ---- | C] () -- C:\Windows\SysNative\SRSWOW64.dll
[2009/06/13 00:00:33 | 00,149,536 | ---- | C] () -- C:\Windows\SysNative\RtkCfg64.dll
[2009/06/13 00:00:33 | 00,072,192 | ---- | C] () -- C:\Windows\SysNative\MBWrp64.dll
[2009/06/13 00:00:33 | 00,067,072 | ---- | C] () -- C:\Windows\SysNative\AERTAR64.dll
[2009/06/13 00:00:33 | 00,057,856 | ---- | C] () -- C:\Windows\SysNative\MBppld64.dll
[2009/06/13 00:00:33 | 00,054,304 | ---- | C] () -- C:\Windows\SysNative\RCoInst64.dll
[2009/06/13 00:00:33 | 00,053,760 | ---- | C] () -- C:\Windows\SysNative\MBPPCn64.dll
[2009/06/12 23:58:56 | 00,029,184 | ---- | C] () -- C:\Windows\SysNative\hid.dll
[2009/06/12 23:58:56 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hidserv.dll
[2009/06/12 23:58:56 | 00,024,064 | ---- | C] () -- C:\Windows\SysNative\hidserv.dll
[2009/06/12 23:58:56 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hid.dll
[2009/06/12 23:58:33 | 00,648,704 | ---- | C] () -- C:\Windows\SysNative\netapi32.dll
[2009/06/12 23:58:33 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netapi32.dll
[2009/06/12 23:58:07 | 01,809,408 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll
[2009/06/12 23:58:07 | 01,191,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3.dll
[2009/06/12 23:57:15 | 00,468,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2009/06/12 23:57:15 | 00,214,016 | ---- | C] () -- C:\Windows\SysNative\newdev.dll
[2009/06/12 23:57:15 | 00,075,264 | ---- | C] () -- C:\Windows\SysNative\newdev.exe
[2009/06/12 23:57:15 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
[2009/06/12 23:56:51 | 00,197,632 | ---- | C] () -- C:\Windows\SysNative\scrrun.dll
[2009/06/12 23:56:50 | 00,227,328 | ---- | C] () -- C:\Windows\SysNative\scrobj.dll
[2009/06/12 23:56:50 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2009/06/12 23:56:50 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2009/06/12 23:56:50 | 00,166,912 | ---- | C] () -- C:\Windows\SysNative\wscript.exe
[2009/06/12 23:56:50 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscript.exe
[2009/06/12 23:56:50 | 00,147,968 | ---- | C] () -- C:\Windows\SysNative\cscript.exe
[2009/06/12 23:56:50 | 00,144,384 | ---- | C] () -- C:\Windows\SysNative\wshom.ocx
[2009/06/12 23:56:50 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2009/06/12 23:56:50 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2009/06/12 23:56:49 | 00,101,888 | ---- | C] () -- C:\Windows\SysNative\wshext.dll
[2009/06/12 23:56:49 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
[2009/06/12 23:56:17 | 11,967,524 | ---- | C] () -- C:\Windows\SysWow64\korwbrkr.lex
[2009/06/12 23:56:17 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
[2009/06/12 23:56:17 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
[2009/06/12 23:56:17 | 01,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2009/06/12 23:56:17 | 00,439,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchIndexer.exe
[2009/06/12 23:56:17 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
[2009/06/12 23:56:17 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
[2009/06/12 23:56:17 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2009/06/12 23:56:17 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
[2009/06/12 23:56:17 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchFilterHost.exe
[2009/06/12 23:56:17 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2009/06/12 23:56:17 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
[2009/06/12 23:56:17 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
[2009/06/12 23:56:17 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2009/06/12 23:56:17 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
[2009/06/12 23:56:17 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
[2009/06/12 23:56:17 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssprxy.dll
[2009/06/12 23:56:16 | 01,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2009/06/12 23:56:16 | 00,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2009/06/12 23:56:16 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2009/06/12 23:56:16 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2009/06/12 23:56:16 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchProtocolHost.exe
[2009/06/12 23:56:16 | 00,087,552 | ---- | C] () -- C:\Windows\SysNative\mssitlb.dll
[2009/06/12 23:56:16 | 00,078,848 | ---- | C] () -- C:\Windows\SysNative\msstrc.dll
[2009/06/12 23:56:16 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
[2009/06/12 23:56:16 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2009/06/12 23:56:16 | 00,040,448 | ---- | C] () -- C:\Windows\SysNative\mssprxy.dll
[2009/06/12 23:56:16 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2009/06/12 23:56:15 | 02,209,792 | ---- | C] () -- C:\Windows\SysNative\tquery.dll
[2009/06/12 23:56:15 | 02,176,512 | ---- | C] () -- C:\Windows\SysNative\mssrch.dll
[2009/06/12 23:56:15 | 00,796,672 | ---- | C] () -- C:\Windows\SysNative\mssvp.dll
[2009/06/12 23:56:15 | 00,598,016 | ---- | C] () -- C:\Windows\SysNative\SearchIndexer.exe
[2009/06/12 23:56:15 | 00,498,176 | ---- | C] () -- C:\Windows\SysNative\mssph.dll
[2009/06/12 23:56:15 | 00,312,832 | ---- | C] () -- C:\Windows\SysNative\mssphtb.dll
[2009/06/12 23:56:15 | 00,258,560 | ---- | C] () -- C:\Windows\SysNative\SearchProtocolHost.exe
[2009/06/12 23:56:15 | 00,112,128 | ---- | C] () -- C:\Windows\SysNative\SearchFilterHost.exe
[2009/06/12 23:56:15 | 00,080,896 | ---- | C] () -- C:\Windows\SysNative\propdefs.dll
[2009/06/12 23:56:15 | 00,073,728 | ---- | C] () -- C:\Windows\SysNative\msscntrs.dll
[2009/06/12 23:56:15 | 00,044,544 | ---- | C] () -- C:\Windows\SysNative\msscb.dll
[2009/06/12 23:56:15 | 00,012,288 | ---- | C] () -- C:\Windows\SysNative\msshooks.dll
[2009/06/12 23:56:14 | 11,967,524 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.lex
[2009/06/12 23:56:14 | 06,100,480 | ---- | C] () -- C:\Windows\SysNative\chtbrkr.dll
[2009/06/12 23:56:14 | 01,676,800 | ---- | C] () -- C:\Windows\SysNative\chsbrkr.dll
[2009/06/12 23:56:14 | 00,921,088 | ---- | C] () -- C:\Windows\SysNative\propsys.dll
[2009/06/12 23:56:14 | 00,754,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propsys.dll
[2009/06/12 23:56:14 | 00,347,648 | ---- | C] () -- C:\Windows\SysNative\srchadmin.dll
[2009/06/12 23:56:14 | 00,317,440 | ---- | C] () -- C:\Windows\SysNative\thawbrkr.dll
[2009/06/12 23:56:14 | 00,316,928 | ---- | C] () -- C:\Windows\SysNative\msshsq.dll
[2009/06/12 23:56:14 | 00,280,064 | ---- | C] () -- C:\Windows\SysNative\offfilt.dll
[2009/06/12 23:56:14 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2009/06/12 23:56:14 | 00,181,248 | ---- | C] () -- C:\Windows\SysNative\nlhtml.dll
[2009/06/12 23:56:14 | 00,180,736 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.dll
[2009/06/12 23:56:14 | 00,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/06/12 23:56:14 | 00,106,605 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2009/06/12 23:56:14 | 00,067,072 | ---- | C] () -- C:\Windows\SysNative\xmlfilter.dll
[2009/06/12 23:56:14 | 00,043,008 | ---- | C] () -- C:\Windows\SysNative\rtffilt.dll
[2009/06/12 23:56:14 | 00,037,376 | ---- | C] () -- C:\Windows\SysNative\mimefilt.dll
[2009/06/12 23:56:14 | 00,024,064 | ---- | C] () -- C:\Windows\SysNative\wsepno.dll
[2009/06/12 23:56:14 | 00,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/06/12 23:56:14 | 00,018,904 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchemaTrivial.bin
[2009/06/12 23:55:43 | 00,883,200 | ---- | C] () -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2009/06/12 23:55:43 | 00,399,872 | ---- | C] () -- C:\Windows\SysNative\emdmgmt.dll
[2009/06/12 23:55:43 | 00,187,392 | ---- | C] () -- C:\Windows\SysNative\drivers\nwifi.sys
[2009/06/12 23:55:43 | 00,048,640 | ---- | C] () -- C:\Windows\SysNative\dataclen.dll
[2009/06/12 23:55:43 | 00,047,104 | ---- | C] () -- C:\Windows\SysNative\cdd.dll
[2009/06/12 23:55:43 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2009/06/12 23:54:59 | 01,691,648 | ---- | C] () -- C:\Windows\SysNative\connect.dll
[2009/06/12 23:54:59 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
[2009/06/12 23:54:35 | 00,388,608 | ---- | C] () -- C:\Windows\SysNative\gdi32.dll
[2009/06/12 23:54:35 | 00,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdi32.dll
[2009/06/12 23:54:13 | 03,080,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009/06/12 23:54:13 | 02,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2009/06/12 23:53:38 | 11,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shell32.dll
[2009/06/12 23:53:37 | 12,897,792 | ---- | C] () -- C:\Windows\SysNative\shell32.dll
[2009/06/12 23:52:59 | 00,974,848 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2009/06/12 23:52:59 | 00,738,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcomm.dll
[2009/06/12 23:52:38 | 00,361,984 | ---- | C] () -- C:\Windows\SysNative\es.dll
[2009/06/12 23:52:38 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\es.dll
[2009/06/12 23:51:40 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzres.dll
[2009/06/12 23:51:40 | 00,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2009/06/12 23:50:28 | 00,531,456 | ---- | C] () -- C:\Windows\SysNative\IPSECSVC.DLL
[2009/06/12 23:50:28 | 00,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\polstore.dll
[2009/06/12 23:50:28 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winipsec.dll
[2009/06/12 23:50:28 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2009/06/12 23:50:10 | 00,451,584 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2009/06/12 23:48:44 | 00,557,056 | ---- | C] () -- C:\Windows\SysNative\wmpeffects.dll
[2009/06/12 23:48:44 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2009/06/12 23:46:45 | 01,244,672 | ---- | C] () -- C:\Windows\SysNative\RacEngn.dll
[2009/06/12 23:46:45 | 00,885,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2009/06/12 23:46:45 | 00,009,127 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
[2009/06/12 23:46:45 | 00,009,127 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
[2009/06/12 23:46:45 | 00,000,153 | ---- | C] () -- C:\Windows\SysWow64\RacUREx.xml
[2009/06/12 23:46:45 | 00,000,153 | ---- | C] () -- C:\Windows\SysNative\RacUREx.xml
[2009/06/12 23:46:37 | 01,571,328 | ---- | C] () -- C:\Windows\SysNative\quartz.dll
[2009/06/12 23:46:37 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2009/06/12 23:46:22 | 00,470,016 | ---- | C] () -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2009/06/12 23:46:22 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2009/06/12 23:46:21 | 00,841,216 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecs.dll
[2009/06/12 23:46:21 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecs.dll
[2009/06/12 23:46:21 | 00,387,584 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2009/06/12 23:46:21 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2009/06/12 23:45:40 | 12,240,896 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0007.dll
[2009/06/12 23:45:40 | 02,644,480 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0009.dll
[2009/06/12 23:45:39 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2009/06/12 23:45:39 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0009.dll
[2009/06/12 23:45:39 | 01,361,920 | ---- | C] () -- C:\Windows\SysNative\NaturalLanguage6.dll
[2009/06/12 23:45:39 | 00,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NaturalLanguage6.dll
[2009/06/12 23:44:31 | 00,660,480 | ---- | C] () -- C:\Windows\SysNative\win32spl.dll
[2009/06/12 23:44:31 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2009/06/12 23:44:26 | 01,421,368 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2009/06/12 23:44:25 | 00,094,208 | ---- | C] () -- C:\Windows\SysNative\drivers\pacer.sys
[2009/06/12 23:44:25 | 00,039,424 | ---- | C] () -- C:\Windows\SysNative\traffic.dll
[2009/06/12 23:44:25 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\traffic.dll
[2009/06/12 23:44:25 | 00,017,920 | ---- | C] () -- C:\Windows\SysNative\pacerprf.dll
[2009/06/12 23:44:25 | 00,016,896 | ---- | C] () -- C:\Windows\SysNative\wshqos.dll
[2009/06/12 23:44:25 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pacerprf.dll
[2009/06/12 23:44:25 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshqos.dll
[2009/06/12 23:44:13 | 01,078,840 | ---- | C] () -- C:\Windows\SysNative\winload.efi
[2009/06/12 23:44:13 | 01,066,040 | ---- | C] () -- C:\Windows\SysNative\winload.exe
[2009/06/12 23:44:13 | 00,993,336 | ---- | C] () -- C:\Windows\SysNative\winresume.efi
[2009/06/12 23:44:13 | 00,982,584 | ---- | C] () -- C:\Windows\SysNative\winresume.exe
[2009/06/12 23:44:13 | 00,474,624 | ---- | C] () -- C:\Windows\SysNative\srcore.dll
[2009/06/12 23:44:13 | 00,382,008 | ---- | C] () -- C:\Windows\SysNative\ci.dll
[2009/06/12 23:44:13 | 00,339,968 | ---- | C] () -- C:\Windows\SysNative\rstrui.exe
[2009/06/12 23:44:13 | 00,058,368 | ---- | C] () -- C:\Windows\SysNative\setbcdlocale.dll
[2009/06/12 23:44:13 | 00,046,592 | ---- | C] () -- C:\Windows\SysNative\srclient.dll
[2009/06/12 23:44:13 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srclient.dll
[2009/06/12 23:44:13 | 00,022,072 | ---- | C] () -- C:\Windows\SysNative\kd1394.dll
[2009/06/12 23:44:13 | 00,018,944 | ---- | C] () -- C:\Windows\SysNative\srdelayed.exe
[2009/06/12 23:44:13 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbd106n.dll
[2009/06/12 23:44:13 | 00,007,680 | ---- | C] () -- C:\Windows\SysNative\kbd106n.dll
[2009/06/12 23:43:45 | 00,272,896 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2009/06/12 23:43:41 | 01,729,024 | ---- | C] () -- C:\Windows\SysNative\msxml6.dll
[2009/06/12 23:43:41 | 01,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6.dll
[2009/06/12 23:43:33 | 03,547,648 | ---- | C] () -- C:\Windows\SysNative\mf.dll
[2009/06/12 23:43:33 | 02,868,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2009/06/12 23:43:32 | 02,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL
[2009/06/12 23:43:32 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2009/06/12 23:43:32 | 01,245,184 | ---- | C] () -- C:\Windows\SysNative\WMNetMgr.dll
[2009/06/12 23:43:32 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2009/06/12 23:43:32 | 00,112,640 | ---- | C] () -- C:\Windows\SysNative\logagent.exe
[2009/06/12 23:43:32 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2009/06/12 23:43:25 | 00,334,336 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2009/06/12 23:43:25 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schannel.dll
[2009/06/12 23:43:19 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2009/06/12 23:43:19 | 04,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2009/06/12 23:43:19 | 01,926,656 | ---- | C] () -- C:\Windows\SysNative\gameux.dll
[2009/06/12 23:43:19 | 01,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2009/06/12 23:43:19 | 00,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll
[2009/06/12 23:43:19 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2009/06/12 23:43:11 | 00,140,288 | ---- | C] () -- C:\Windows\SysNative\drivers\rmcast.sys
[2009/06/12 23:43:11 | 00,017,408 | ---- | C] () -- C:\Windows\SysNative\wshrm.dll
[2009/06/12 23:43:11 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2009/06/12 23:43:01 | 00,308,224 | ---- | C] () -- C:\Windows\SysNative\rasmans.dll
[2009/06/12 23:42:58 | 00,488,960 | ---- | C] () -- C:\Windows\SysNative\msinfo32.exe
[2009/06/12 23:42:58 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2009/06/12 23:42:56 | 00,274,432 | ---- | C] () -- C:\Windows\SysNative\drivers\usbhub.sys
[2009/06/12 23:42:56 | 00,259,072 | ---- | C] () -- C:\Windows\SysNative\drivers\usbport.sys
[2009/06/12 23:42:56 | 00,095,744 | ---- | C] () -- C:\Windows\SysNative\drivers\usbccgp.sys
[2009/06/12 23:42:56 | 00,049,664 | ---- | C] () -- C:\Windows\SysNative\drivers\usbehci.sys
[2009/06/12 23:42:56 | 00,029,184 | ---- | C] () -- C:\Windows\SysNative\drivers\usbuhci.sys
[2009/06/12 23:42:56 | 00,017,920 | ---- | C] () -- C:\Windows\SysNative\hcrstco.dll
[2009/06/12 23:42:56 | 00,010,752 | ---- | C] () -- C:\Windows\SysNative\hccoin.dll
[2009/06/12 23:42:56 | 00,007,680 | ---- | C] () -- C:\Windows\SysNative\drivers\usbd.sys
[2009/06/12 23:42:50 | 00,363,064 | ---- | C] () -- C:\Windows\SysNative\clfs.sys
[2009/06/12 23:42:41 | 00,347,192 | ---- | C] () -- C:\Windows\SysNative\drivers\netio.sys
[2009/06/12 23:42:35 | 00,405,504 | ---- | C] () -- C:\Windows\SysNative\imapi2.dll
[2009/06/12 23:42:34 | 00,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2009/06/12 23:42:32 | 01,391,104 | ---- | C] () -- C:\Windows\SysNative\WMALFXGFXDSP.dll
[2009/06/12 23:42:32 | 00,376,832 | ---- | C] () -- C:\Windows\SysNative\SysFxUI.dll
[2009/06/12 23:42:32 | 00,217,600 | ---- | C] () -- C:\Windows\SysNative\drivers\portcls.sys
[2009/06/12 23:42:32 | 00,122,368 | ---- | C] () -- C:\Windows\SysNative\drivers\drmk.sys
[2009/06/12 23:42:32 | 00,006,144 | ---- | C] () -- C:\Windows\SysNative\drivers\drmkaud.sys
[2009/06/12 23:42:19 | 00,000,000 | ---D | C] -- C:\Windows\Users
[2009/06/12 23:40:54 | 04,654,080 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2009/06/12 23:40:54 | 03,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2009/06/12 23:40:54 | 00,262,144 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2009/06/12 23:40:54 | 00,045,668 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2009/06/12 23:40:54 | 00,019,392 | ---- | C] () -- C:\Windows\SysNative\drivers\ativvpxx.vp
[2009/06/12 23:40:54 | 00,002,096 | ---- | C] () -- C:\Windows\SysNative\drivers\ativpkxx.vp
[2009/06/12 23:40:54 | 00,002,096 | ---- | C] () -- C:\Windows\SysNative\drivers\ativokxx.vp
[2009/06/12 23:40:54 | 00,002,096 | ---- | C] () -- C:\Windows\SysNative\drivers\ativdkxx.vp
[2009/06/12 23:40:53 | 14,078,464 | ---- | C] () -- C:\Windows\SysNative\atio6axx.dll
[2009/06/12 23:40:53 | 09,838,592 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2009/06/12 23:40:53 | 05,279,232 | ---- | C] () -- C:\Windows\SysNative\atiumd64.dll
[2009/06/12 23:40:53 | 04,709,888 | ---- | C] () -- C:\Windows\SysNative\drivers\atikmdag.sys
[2009/06/12 23:40:53 | 04,575,744 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.dll
[2009/06/12 23:40:53 | 03,841,024 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2009/06/12 23:40:53 | 03,107,788 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.dat
[2009/06/12 23:40:53 | 02,810,368 | ---- | C] () -- C:\Windows\SysNative\atidxx64.dll
[2009/06/12 23:40:53 | 02,143,744 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2009/06/12 23:40:53 | 00,905,216 | ---- | C] () -- C:\Windows\SysNative\Ati2evxx.exe
[2009/06/12 23:40:53 | 00,425,984 | ---- | C] () -- C:\Windows\SysNative\ATIDEMGX.dll
[2009/06/12 23:40:53 | 00,390,144 | ---- | C] () -- C:\Windows\SysNative\atipdl64.dll
[2009/06/12 23:40:53 | 00,327,680 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2009/06/12 23:40:53 | 00,296,960 | ---- | C] () -- C:\Windows\SysNative\Ati2evxx.dll
[2009/06/12 23:40:53 | 00,176,214 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2009/06/12 23:40:53 | 00,117,248 | ---- | C] () -- C:\Windows\SysNative\atitmm64.dll
[2009/06/12 23:40:53 | 00,110,080 | ---- | C] () -- C:\Windows\SysNative\ATIODE.exe
[2009/06/12 23:40:53 | 00,090,112 | ---- | C] () -- C:\Windows\SysNative\atibrtmon.exe
[2009/06/12 23:40:53 | 00,070,144 | ---- | C] () -- C:\Windows\SysNative\atiadlxx.dll
[2009/06/12 23:40:53 | 00,059,392 | ---- | C] () -- C:\Windows\SysNative\atiedu64.dll
[2009/06/12 23:40:53 | 00,053,248 | ---- | C] () -- C:\Windows\SysNative\drivers\ati2erec.dll
[2009/06/12 23:40:53 | 00,050,688 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2009/06/12 23:40:53 | 00,050,688 | ---- | C] () -- C:\Windows\SysNative\amdpcom64.dll
[2009/06/12 23:40:53 | 00,049,664 | ---- | C] () -- C:\Windows\SysNative\ATIODCLI.exe
[2009/06/12 23:40:53 | 00,048,640 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2009/06/12 23:40:53 | 00,045,668 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2009/06/12 23:40:53 | 00,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2009/06/12 23:40:53 | 00,014,144 | ---- | C] () -- C:\Windows\atiogl.xml
[2009/06/12 23:40:42 | 00,005,075 | ---- | C] () -- C:\Windows\SysWow64\drivers\1028_Dell_STU_435T.mrk
[2009/06/12 23:40:42 | 00,005,075 | ---- | C] () -- C:\Windows\SysNative\drivers\1028_Dell_STU_435T.mrk
[2009/06/12 23:39:20 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\oem
[2009/06/12 23:39:20 | 00,000,000 | ---D | C] -- C:\Drivers
[2009/06/12 23:39:20 | 00,000,000 | ---D | C] -- C:\DELL
[2009/06/12 20:48:56 | 00,176,144 | ---- | C] () -- C:\Windows\SysNative\drivers\Mpfp.sys
[2009/06/12 20:48:56 | 00,041,032 | ---- | C] () -- C:\Windows\SysNative\drivers\mfebopk.sys
[2009/06/12 20:48:56 | 00,040,904 | ---- | C] () -- C:\Windows\SysNative\drivers\mferkdk.sys
[2009/06/12 20:48:41 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2009/06/12 20:48:40 | 00,307,400 | ---- | C] () -- C:\Windows\SysNative\drivers\mfehidk.sys
[2009/06/12 20:48:40 | 00,102,600 | ---- | C] () -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2009/06/12 20:48:40 | 00,049,480 | ---- | C] () -- C:\Windows\SysNative\drivers\mfesmfk.sys
[2009/06/12 20:48:40 | 00,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2009/06/12 20:48:39 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2009/06/12 20:48:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2009/06/12 20:48:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2009/06/12 20:48:20 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2009/06/12 20:37:02 | 00,000,000 | ---D | C] -- C:\Program Files\Dell
[2009/06/12 20:36:08 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71.dll
[2009/06/12 20:36:08 | 01,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71u.dll
[2009/06/12 20:36:08 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2009/06/12 20:36:08 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2009/06/12 20:36:08 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl71.dll
[2009/06/12 20:36:08 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2009/06/12 20:36:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2009/06/12 20:35:40 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/06/12 20:35:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2009/06/12 20:34:42 | 04,398,360 | ---- | C] () -- C:\Windows\SysNative\d3dx9_32.dll
[2009/06/12 20:34:42 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2009/06/12 20:34:32 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2009/06/12 20:33:33 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2009/06/12 20:33:25 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2009/06/12 20:33:18 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2009/06/12 20:33:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2009/06/12 20:32:55 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2009/06/12 20:32:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2009/06/12 20:32:09 | 00,000,000 | ---D | C] -- C:\ProgramData\Dell
[2009/06/12 20:31:41 | 00,000,000 | ---D | C] -- C:\Windows\sminst
[2009/06/12 20:31:32 | 00,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
[2009/06/12 20:31:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Dell
[2009/06/12 20:31:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\supportsoft
[2009/06/12 20:30:25 | 00,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2009/06/12 20:30:22 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SureThing Shared
[2009/06/12 20:29:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2009/06/12 20:29:18 | 00,053,488 | ---- | C] () -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2009/06/12 20:29:18 | 00,010,224 | ---- | C] () -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2009/06/12 20:29:18 | 00,010,224 | ---- | C] () -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2009/06/12 20:29:17 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2009/06/12 20:29:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2009/06/12 20:28:41 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2009/06/12 20:28:27 | 00,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2009/06/12 20:28:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2009/06/12 20:28:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Video Chat
[2009/06/12 20:28:06 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2009/06/12 20:27:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2009/06/12 20:26:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2009/06/12 20:26:11 | 00,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2009/06/12 20:26:10 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2009/06/12 20:26:10 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2009/06/12 20:24:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2009/06/12 20:24:11 | 00,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\difxapi.dll
[2009/06/12 20:24:07 | 00,000,000 | ---D | C] -- C:\Intel
[2009/06/12 20:24:04 | 00,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2009/06/12 20:24:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2009/06/12 20:24:02 | 00,410,984 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2009/06/12 20:23:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2009/06/12 20:22:26 | 00,000,000 | -HSD | C] -- C:\Windows\Installer
[2009/06/12 20:21:59 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2009/06/12 20:18:51 | 58,392,576 | ---- | C] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2009/06/12 20:18:51 | 00,262,144 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf
[2009/06/12 20:18:51 | 00,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx
[2009/06/12 20:17:34 | 00,739,384 | ---- | C] () -- C:\Windows\SysNative\drivers\ndis.sys
[2009/06/12 20:16:47 | 00,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/06/12 16:08:14 | 00,188,416 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2009/06/12 16:08:14 | 00,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009/06/12 16:08:14 | 00,088,064 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2009/06/12 16:08:14 | 00,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/06/12 16:08:14 | 00,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2009/06/12 16:08:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2009/06/12 16:08:04 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2009/06/12 16:08:04 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/06/12 16:07:45 | 00,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2009/06/12 16:06:08 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/06/12 16:05:37 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2008/01/20 21:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 21:49:49 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006/11/02 07:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 07:34:27 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2002/03/16 19:00:00 | 00,007,420 | ---- | C] () -- C:\Windows\UA000091.DLL

========== Files - Modified Within 30 Days ==========

[2009/07/11 13:54:41 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2009/07/11 13:37:38 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/07/11 13:37:38 | 00,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/07/11 13:37:38 | 00,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/07/11 13:32:03 | 00,016,099 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2009/07/11 13:31:27 | 00,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/07/11 13:31:27 | 00,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/07/11 13:31:26 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/07/11 13:31:24 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/07/11 13:31:18 | 21,380,34175 | -HS- | M] () -- C:\hiberfil.sys
[2009/07/11 01:39:27 | 03,899,366 | -H-- | M] () -- C:\Users\Kevin\AppData\Local\IconCache.db
[2009/07/10 18:41:28 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7598FFEF-BE69-42AC-BAD7-B1A3A1D9AC3B}.job
[2009/07/10 05:13:05 | 00,015,872 | ---- | M] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/10 04:29:17 | 00,000,979 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009/07/10 04:28:57 | 00,001,015 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2009/07/10 04:28:40 | 00,001,420 | ---- | M] () -- C:\Users\Kevin\Desktop\DivX Movies.lnk
[2009/07/09 03:42:35 | 00,111,024 | ---- | M] () -- C:\Users\Kevin\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/07/09 03:41:45 | 00,386,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/07/09 03:07:59 | 00,061,678 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\PFP110JPR.{PB
[2009/07/09 03:07:59 | 00,012,358 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\PFP110JCM.{PB
[2009/07/09 01:47:27 | 00,001,871 | ---- | M] () -- C:\Users\Public\Desktop\PhotoImpact X3.lnk
[2009/07/08 20:44:39 | 00,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2009/07/08 20:14:56 | 00,000,088 | RHS- | M] () -- C:\ProgramData\608EEB57F7.sys
[2009/07/08 17:49:10 | 00,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009/07/07 23:04:33 | 00,006,836 | ---- | M] () -- C:\Users\Kevin\AppData\Local\d3d9caps.dat
[2009/07/07 15:50:27 | 00,359,929 | ---- | M] () -- C:\Users\Kevin\Desktop\dds.pif
[2009/07/06 15:53:03 | 00,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Corel Paint Shop Pro Photo X2.lnk
[2009/07/02 13:00:33 | 00,001,930 | ---- | M] () -- C:\Users\Kevin\Desktop\HijackThis.lnk
[2009/07/01 03:09:07 | 00,001,072 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
[2009/07/01 00:59:56 | 00,031,049 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\UserTile.png
[2009/06/30 22:01:17 | 00,001,047 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 3.1.lnk
[2009/06/30 21:55:51 | 00,001,035 | ---- | M] () -- C:\Users\Kevin\Desktop\Quattro Pro 11.lnk
[2009/06/30 21:52:47 | 00,001,059 | ---- | M] () -- C:\Users\Kevin\Desktop\WordPerfect 11.lnk
[2009/06/30 21:25:51 | 00,001,048 | ---- | M] () -- C:\Users\Kevin\Desktop\ImTOO iPod Movie Converter 3.lnk
[2009/06/30 21:25:51 | 00,001,017 | ---- | M] () -- C:\Users\Kevin\Desktop\ImTOO iPod Movie Converter Wizard 3.lnk
[2009/06/30 21:21:53 | 00,001,043 | ---- | M] () -- C:\Users\Kevin\Desktop\ImTOO DVD to iPod Converter 4.lnk
[2009/06/30 21:01:51 | 00,001,884 | ---- | M] () -- C:\Users\Kevin\Desktop\Cyberlink PowerDirector.lnk
[2009/06/30 20:43:37 | 55,006,1655 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/06/30 20:32:34 | 00,000,809 | ---- | M] () -- C:\Users\Kevin\Desktop\DVD-Cloner V.lnk
[2009/06/30 20:30:24 | 00,001,471 | ---- | M] () -- C:\Users\Kevin\Desktop\Launch Cooliris.lnk
[2009/06/30 20:27:42 | 00,001,083 | ---- | M] () -- C:\Users\Public\Desktop\Cakewalk Pyro 2004.LNK
[2009/06/30 20:12:50 | 00,000,894 | ---- | M] () -- C:\Users\Public\Desktop\Moyea FLV Player.lnk
[2009/06/30 20:09:22 | 00,000,969 | ---- | M] () -- C:\Users\Public\Desktop\Moyea YouTube FLV Downloader.lnk
[2009/06/30 19:54:59 | 00,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Moyea FLV to Video Converter Pro 2.lnk
[2009/06/30 19:33:23 | 00,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Moyea Flash Video MX Pro.lnk
[2009/06/30 19:33:23 | 00,001,034 | ---- | M] () -- C:\Users\Public\Desktop\Moyea Flash Video MX Pro Batch Encoder.lnk
[2009/06/30 12:10:22 | 00,000,562 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2009/06/30 12:10:22 | 00,000,264 | ---- | M] () -- C:\Windows\SysWow64\BDEMERGE.INI
[2009/06/30 02:52:53 | 00,000,995 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2009/06/30 02:52:50 | 00,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2009/06/30 02:52:47 | 00,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2009/06/30 02:52:47 | 00,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2009/06/30 02:52:46 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2009/06/30 02:38:41 | 00,001,959 | ---- | M] () -- C:\Users\Public\Desktop\ACID Music Studio 7.0.lnk
[2009/06/30 02:30:39 | 00,001,906 | ---- | M] () -- C:\Users\Public\Desktop\DVD Architect Studio 4.5.lnk
[2009/06/30 02:27:51 | 00,002,000 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Movie Studio Platinum 8.0.lnk
[2009/06/30 01:15:15 | 00,001,866 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2009/06/30 01:10:32 | 00,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/06/30 00:54:10 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/06/30 00:53:12 | 00,001,758 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/06/30 00:29:23 | 00,001,815 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2009/06/30 00:17:41 | 00,047,092 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2009/06/13 00:00:57 | 00,005,075 | RH-- | M] () -- C:\dell.sdr
[2009/06/12 23:58:56 | 00,029,184 | ---- | M] () -- C:\Windows\SysNative\hid.dll
[2009/06/12 23:58:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\hidserv.dll
[2009/06/12 23:58:56 | 00,024,064 | ---- | M] () -- C:\Windows\SysNative\hidserv.dll
[2009/06/12 23:58:56 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\hid.dll
[2009/06/12 23:58:33 | 00,648,704 | ---- | M] () -- C:\Windows\SysNative\netapi32.dll
[2009/06/12 23:58:33 | 00,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netapi32.dll
[2009/06/12 23:58:07 | 01,809,408 | ---- | M] () -- C:\Windows\SysNative\msxml3.dll
[2009/06/12 23:58:07 | 01,191,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3.dll
[2009/06/12 23:57:15 | 00,468,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2009/06/12 23:57:15 | 00,214,016 | ---- | M] () -- C:\Windows\SysNative\newdev.dll
[2009/06/12 23:57:15 | 00,075,264 | ---- | M] () -- C:\Windows\SysNative\newdev.exe
[2009/06/12 23:57:15 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
[2009/06/12 23:56:51 | 00,197,632 | ---- | M] () -- C:\Windows\SysNative\scrrun.dll
[2009/06/12 23:56:50 | 00,227,328 | ---- | M] () -- C:\Windows\SysNative\scrobj.dll
[2009/06/12 23:56:50 | 00,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2009/06/12 23:56:50 | 00,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2009/06/12 23:56:50 | 00,166,912 | ---- | M] () -- C:\Windows\SysNative\wscript.exe
[2009/06/12 23:56:50 | 00,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wscript.exe
[2009/06/12 23:56:50 | 00,147,968 | ---- | M] () -- C:\Windows\SysNative\cscript.exe
[2009/06/12 23:56:50 | 00,144,384 | ---- | M] () -- C:\Windows\SysNative\wshom.ocx
[2009/06/12 23:56:50 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2009/06/12 23:56:50 | 00,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2009/06/12 23:56:49 | 00,101,888 | ---- | M] () -- C:\Windows\SysNative\wshext.dll
[2009/06/12 23:56:49 | 00,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
[2009/06/12 23:56:17 | 11,967,524 | ---- | M] () -- C:\Windows\SysWow64\korwbrkr.lex
[2009/06/12 23:56:17 | 06,103,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
[2009/06/12 23:56:17 | 01,671,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
[2009/06/12 23:56:17 | 01,582,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2009/06/12 23:56:17 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchIndexer.exe
[2009/06/12 23:56:17 | 00,313,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
[2009/06/12 23:56:17 | 00,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
[2009/06/12 23:56:17 | 00,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2009/06/12 23:56:17 | 00,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
[2009/06/12 23:56:17 | 00,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchFilterHost.exe
[2009/06/12 23:56:17 | 00,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2009/06/12 23:56:17 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
[2009/06/12 23:56:17 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
[2009/06/12 23:56:17 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2009/06/12 23:56:17 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
[2009/06/12 23:56:17 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
[2009/06/12 23:56:17 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssprxy.dll
[2009/06/12 23:56:16 | 01,418,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2009/06/12 23:56:16 | 00,670,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2009/06/12 23:56:16 | 00,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2009/06/12 23:56:16 | 00,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2009/06/12 23:56:16 | 00,184,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchProtocolHost.exe
[2009/06/12 23:56:16 | 00,087,552 | ---- | M] () -- C:\Windows\SysNative\mssitlb.dll
[2009/06/12 23:56:16 | 00,078,848 | ---- | M] () -- C:\Windows\SysNative\msstrc.dll
[2009/06/12 23:56:16 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
[2009/06/12 23:56:16 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2009/06/12 23:56:16 | 00,040,448 | ---- | M] () -- C:\Windows\SysNative\mssprxy.dll
[2009/06/12 23:56:16 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2009/06/12 23:56:15 | 02,209,792 | ---- | M] () -- C:\Windows\SysNative\tquery.dll
[2009/06/12 23:56:15 | 02,176,512 | ---- | M] () -- C:\Windows\SysNative\mssrch.dll
[2009/06/12 23:56:15 | 00,796,672 | ---- | M] () -- C:\Windows\SysNative\mssvp.dll
[2009/06/12 23:56:15 | 00,598,016 | ---- | M] () -- C:\Windows\SysNative\SearchIndexer.exe
[2009/06/12 23:56:15 | 00,498,176 | ---- | M] () -- C:\Windows\SysNative\mssph.dll
[2009/06/12 23:56:15 | 00,312,832 | ---- | M] () -- C:\Windows\SysNative\mssphtb.dll
[2009/06/12 23:56:15 | 00,258,560 | ---- | M] () -- C:\Windows\SysNative\SearchProtocolHost.exe
[2009/06/12 23:56:15 | 00,112,128 | ---- | M] () -- C:\Windows\SysNative\SearchFilterHost.exe
[2009/06/12 23:56:15 | 00,080,896 | ---- | M] () -- C:\Windows\SysNative\propdefs.dll
[2009/06/12 23:56:15 | 00,073,728 | ---- | M] () -- C:\Windows\SysNative\msscntrs.dll
[2009/06/12 23:56:15 | 00,044,544 | ---- | M] () -- C:\Windows\SysNative\msscb.dll
[2009/06/12 23:56:15 | 00,012,288 | ---- | M] () -- C:\Windows\SysNative\msshooks.dll
[2009/06/12 23:56:14 | 11,967,524 | ---- | M] () -- C:\Windows\SysNative\korwbrkr.lex
[2009/06/12 23:56:14 | 06,100,480 | ---- | M] () -- C:\Windows\SysNative\chtbrkr.dll
[2009/06/12 23:56:14 | 01,676,800 | ---- | M] () -- C:\Windows\SysNative\chsbrkr.dll
[2009/06/12 23:56:14 | 00,921,088 | ---- | M] () -- C:\Windows\SysNative\propsys.dll
[2009/06/12 23:56:14 | 00,754,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\propsys.dll
[2009/06/12 23:56:14 | 00,347,648 | ---- | M] () -- C:\Windows\SysNative\srchadmin.dll
[2009/06/12 23:56:14 | 00,317,440 | ---- | M] () -- C:\Windows\SysNative\thawbrkr.dll
[2009/06/12 23:56:14 | 00,316,928 | ---- | M] () -- C:\Windows\SysNative\msshsq.dll
[2009/06/12 23:56:14 | 00,280,064 | ---- | M] () -- C:\Windows\SysNative\offfilt.dll
[2009/06/12 23:56:14 | 00,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2009/06/12 23:56:14 | 00,181,248 | ---- | M] () -- C:\Windows\SysNative\nlhtml.dll
[2009/06/12 23:56:14 | 00,180,736 | ---- | M] () -- C:\Windows\SysNative\korwbrkr.dll
[2009/06/12 23:56:14 | 00,106,605 | ---- | M] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/06/12 23:56:14 | 00,106,605 | ---- | M] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2009/06/12 23:56:14 | 00,067,072 | ---- | M] () -- C:\Windows\SysNative\xmlfilter.dll
[2009/06/12 23:56:14 | 00,043,008 | ---- | M] () -- C:\Windows\SysNative\rtffilt.dll
[2009/06/12 23:56:14 | 00,037,376 | ---- | M] () -- C:\Windows\SysNative\mimefilt.dll
[2009/06/12 23:56:14 | 00,024,064 | ---- | M] () -- C:\Windows\SysNative\wsepno.dll
[2009/06/12 23:56:14 | 00,018,904 | ---- | M] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/06/12 23:56:14 | 00,018,904 | ---- | M] () -- C:\Windows\SysNative\StructuredQuerySchemaTrivial.bin
[2009/06/12 23:55:43 | 00,883,200 | ---- | M] () -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2009/06/12 23:55:43 | 00,399,872 | ---- | M] () -- C:\Windows\SysNative\emdmgmt.dll
[2009/06/12 23:55:43 | 00,187,392 | ---- | M] () -- C:\Windows\SysNative\drivers\nwifi.sys
[2009/06/12 23:55:43 | 00,048,640 | ---- | M] () -- C:\Windows\SysNative\dataclen.dll
[2009/06/12 23:55:43 | 00,047,104 | ---- | M] () -- C:\Windows\SysNative\cdd.dll
[2009/06/12 23:55:43 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2009/06/12 23:54:59 | 01,691,648 | ---- | M] () -- C:\Windows\SysNative\connect.dll
[2009/06/12 23:54:59 | 01,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
[2009/06/12 23:54:35 | 00,388,608 | ---- | M] () -- C:\Windows\SysNative\gdi32.dll
[2009/06/12 23:54:35 | 00,303,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdi32.dll
[2009/06/12 23:54:13 | 03,080,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009/06/12 23:54:13 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2009/06/12 23:53:38 | 11,580,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\shell32.dll
[2009/06/12 23:53:37 | 12,897,792 | ---- | M] () -- C:\Windows\SysNative\shell32.dll
[2009/06/12 23:52:59 | 00,974,848 | ---- | M] () -- C:\Windows\SysNative\inetcomm.dll
[2009/06/12 23:52:59 | 00,738,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcomm.dll
[2009/06/12 23:52:38 | 00,361,984 | ---- | M] () -- C:\Windows\SysNative\es.dll
[2009/06/12 23:52:38 | 00,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\es.dll
[2009/06/12 23:51:40 | 00,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tzres.dll
[2009/06/12 23:51:40 | 00,002,048 | ---- | M] () -- C:\Windows\SysNative\tzres.dll
[2009/06/12 23:50:28 | 00,531,456 | ---- | M] () -- C:\Windows\SysNative\IPSECSVC.DLL
[2009/06/12 23:50:28 | 00,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\polstore.dll
[2009/06/12 23:50:28 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\winipsec.dll
[2009/06/12 23:50:28 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2009/06/12 23:50:10 | 00,451,584 | ---- | M] () -- C:\Windows\SysNative\drivers\srv.sys
[2009/06/12 23:48:44 | 00,557,056 | ---- | M] () -- C:\Windows\SysNative\wmpeffects.dll
[2009/06/12 23:48:44 | 00,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2009/06/12 23:46:45 | 01,244,672 | ---- | M] () -- C:\Windows\SysNative\RacEngn.dll
[2009/06/12 23:46:45 | 00,885,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2009/06/12 23:46:45 | 00,009,127 | ---- | M] () -- C:\Windows\SysWow64\RacUR.xml
[2009/06/12 23:46:45 | 00,009,127 | ---- | M] () -- C:\Windows\SysNative\RacUR.xml
[2009/06/12 23:46:45 | 00,000,153 | ---- | M] () -- C:\Windows\SysWow64\RacUREx.xml
[2009/06/12 23:46:45 | 00,000,153 | ---- | M] () -- C:\Windows\SysNative\RacUREx.xml
[2009/06/12 23:46:37 | 01,571,328 | ---- | M] () -- C:\Windows\SysNative\quartz.dll
[2009/06/12 23:46:37 | 01,314,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2009/06/12 23:46:22 | 00,470,016 | ---- | M] () -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2009/06/12 23:46:22 | 00,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2009/06/12 23:46:21 | 00,841,216 | ---- | M] () -- C:\Windows\SysNative\WindowsCodecs.dll
[2009/06/12 23:46:21 | 00,712,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecs.dll
[2009/06/12 23:46:21 | 00,387,584 | ---- | M] () -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2009/06/12 23:46:21 | 00,347,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2009/06/12 23:45:40 | 12,240,896 | ---- | M] () -- C:\Windows\SysNative\NlsLexicons0007.dll
[2009/06/12 23:45:40 | 02,644,480 | ---- | M] () -- C:\Windows\SysNative\NlsLexicons0009.dll
[2009/06/12 23:45:39 | 12,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2009/06/12 23:45:39 | 02,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0009.dll
[2009/06/12 23:45:39 | 01,361,920 | ---- | M] () -- C:\Windows\SysNative\NaturalLanguage6.dll
[2009/06/12 23:45:39 | 00,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\NaturalLanguage6.dll
[2009/06/12 23:44:31 | 00,660,480 | ---- | M] () -- C:\Windows\SysNative\win32spl.dll
[2009/06/12 23:44:31 | 00,443,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2009/06/12 23:44:26 | 01,421,368 | ---- | M] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2009/06/12 23:44:25 | 00,094,208 | ---- | M] () -- C:\Windows\SysNative\drivers\pacer.sys
[2009/06/12 23:44:25 | 00,039,424 | ---- | M] () -- C:\Windows\SysNative\traffic.dll
[2009/06/12 23:44:25 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\traffic.dll
[2009/06/12 23:44:25 | 00,017,920 | ---- | M] () -- C:\Windows\SysNative\pacerprf.dll
[2009/06/12 23:44:25 | 00,016,896 | ---- | M] () -- C:\Windows\SysNative\wshqos.dll
[2009/06/12 23:44:25 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pacerprf.dll
[2009/06/12 23:44:25 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wshqos.dll
[2009/06/12 23:44:13 | 01,078,840 | ---- | M] () -- C:\Windows\SysNative\winload.efi
[2009/06/12 23:44:13 | 01,066,040 | ---- | M] () -- C:\Windows\SysNative\winload.exe
[2009/06/12 23:44:13 | 00,993,336 | ---- | M] () -- C:\Windows\SysNative\winresume.efi
[2009/06/12 23:44:13 | 00,982,584 | ---- | M] () -- C:\Windows\SysNative\winresume.exe
[2009/06/12 23:44:13 | 00,474,624 | ---- | M] () -- C:\Windows\SysNative\srcore.dll
[2009/06/12 23:44:13 | 00,382,008 | ---- | M] () -- C:\Windows\SysNative\ci.dll
[2009/06/12 23:44:13 | 00,339,968 | ---- | M] () -- C:\Windows\SysNative\rstrui.exe
[2009/06/12 23:44:13 | 00,058,368 | ---- | M] () -- C:\Windows\SysNative\setbcdlocale.dll
[2009/06/12 23:44:13 | 00,046,592 | ---- | M] () -- C:\Windows\SysNative\srclient.dll
[2009/06/12 23:44:13 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\srclient.dll
[2009/06/12 23:44:13 | 00,022,072 | ---- | M] () -- C:\Windows\SysNative\kd1394.dll
[2009/06/12 23:44:13 | 00,018,944 | ---- | M] () -- C:\Windows\SysNative\srdelayed.exe
[2009/06/12 23:44:13 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\kbd106n.dll
[2009/06/12 23:44:13 | 00,007,680 | ---- | M] () -- C:\Windows\SysNative\kbd106n.dll
[2009/06/12 23:43:45 | 00,272,896 | ---- | M] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2009/06/12 23:43:41 | 01,729,024 | ---- | M] () -- C:\Windows\SysNative\msxml6.dll
[2009/06/12 23:43:41 | 01,334,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6.dll
[2009/06/12 23:43:33 | 03,547,648 | ---- | M] () -- C:\Windows\SysNative\mf.dll
[2009/06/12 23:43:33 | 02,868,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2009/06/12 23:43:32 | 02,900,480 | ---- | M] () -- C:\Windows\SysNative\WMVCORE.DLL
[2009/06/12 23:43:32 | 02,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2009/06/12 23:43:32 | 01,245,184 | ---- | M] () -- C:\Windows\SysNative\WMNetMgr.dll
[2009/06/12 23:43:32 | 00,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2009/06/12 23:43:32 | 00,112,640 | ---- | M] () -- C:\Windows\SysNative\logagent.exe
[2009/06/12 23:43:32 | 00,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2009/06/12 23:43:25 | 00,334,336 | ---- | M] () -- C:\Windows\SysNative\schannel.dll
[2009/06/12 23:43:25 | 00,268,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\schannel.dll
[2009/06/12 23:43:19 | 04,240,384 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2009/06/12 23:43:19 | 04,240,384 | ---- | M] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2009/06/12 23:43:19 | 01,926,656 | ---- | M] () -- C:\Windows\SysNative\gameux.dll
[2009/06/12 23:43:19 | 01,695,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2009/06/12 23:43:19 | 00,032,256 | ---- | M] () -- C:\Windows\SysNative\Apphlpdm.dll
[2009/06/12 23:43:19 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2009/06/12 23:43:11 | 00,140,288 | ---- | M] () -- C:\Windows\SysNative\drivers\rmcast.sys
[2009/06/12 23:43:11 | 00,017,408 | ---- | M] () -- C:\Windows\SysNative\wshrm.dll
[2009/06/12 23:43:11 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2009/06/12 23:43:08 | 00,325,384 | ---- | M] () -- C:\Windows\SysNative\drivers\acpi.sys
[2009/06/12 23:43:08 | 00,028,936 | ---- | M] () -- C:\Windows\SysNative\drivers\battc.sys
[2009/06/12 23:43:08 | 00,021,768 | ---- | M] () -- C:\Windows\SysNative\drivers\compbatt.sys
[2009/06/12 23:43:08 | 00,014,336 | ---- | M] () -- C:\Windows\SysNative\drivers\wmiacpi.sys
[2009/06/12 23:43:08 | 00,009,216 | ---- | M] () -- C:\Windows\SysNative\drivers\errdev.sys
[2009/06/12 23:43:01 | 00,308,224 | ---- | M] () -- C:\Windows\SysNative\rasmans.dll
[2009/06/12 23:42:58 | 00,488,960 | ---- | M] () -- C:\Windows\SysNative\msinfo32.exe
[2009/06/12 23:42:58 | 00,408,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2009/06/12 23:42:56 | 00,274,432 | ---- | M] () -- C:\Windows\SysNative\drivers\usbhub.sys
[2009/06/12 23:42:56 | 00,259,072 | ---- | M] () -- C:\Windows\SysNative\drivers\usbport.sys
[2009/06/12 23:42:56 | 00,095,744 | ---- | M] () -- C:\Windows\SysNative\drivers\usbccgp.sys
[2009/06/12 23:42:56 | 00,049,664 | ---- | M] () -- C:\Windows\SysNative\drivers\usbehci.sys
[2009/06/12 23:42:56 | 00,029,184 | ---- | M] () -- C:\Windows\SysNative\drivers\usbuhci.sys
[2009/06/12 23:42:56 | 00,017,920 | ---- | M] () -- C:\Windows\SysNative\hcrstco.dll
[2009/06/12 23:42:56 | 00,010,752 | ---- | M] () -- C:\Windows\SysNative\hccoin.dll
[2009/06/12 23:42:56 | 00,007,680 | ---- | M] () -- C:\Windows\SysNative\drivers\usbd.sys
[2009/06/12 23:42:50 | 00,363,064 | ---- | M] () -- C:\Windows\SysNative\clfs.sys
[2009/06/12 23:42:41 | 00,347,192 | ---- | M] () -- C:\Windows\SysNative\drivers\netio.sys
[2009/06/12 23:42:38 | 00,031,288 | ---- | M] () -- C:\Windows\SysNative\drivers\msahci.sys
[2009/06/12 23:42:38 | 00,022,584 | ---- | M] () -- C:\Windows\SysNative\drivers\atapi.sys
[2009/06/12 23:42:38 | 00,018,488 | ---- | M] () -- C:\Windows\SysNative\drivers\aliide.sys
[2009/06/12 23:42:35 | 00,405,504 | ---- | M] () -- C:\Windows\SysNative\imapi2.dll
[2009/06/12 23:42:34 | 00,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2009/06/12 23:42:32 | 01,391,104 | ---- | M] () -- C:\Windows\SysNative\WMALFXGFXDSP.dll
[2009/06/12 23:42:32 | 00,376,832 | ---- | M] () -- C:\Windows\SysNative\SysFxUI.dll
[2009/06/12 23:42:32 | 00,217,600 | ---- | M] () -- C:\Windows\SysNative\drivers\portcls.sys
[2009/06/12 23:42:32 | 00,122,368 | ---- | M] () -- C:\Windows\SysNative\drivers\drmk.sys
[2009/06/12 23:42:32 | 00,006,144 | ---- | M] () -- C:\Windows\SysNative\drivers\drmkaud.sys
[2009/06/12 23:42:18 | 00,233,528 | ---- | M] () -- C:\Windows\SysNative\hal.dll
[2009/06/12 23:40:42 | 00,005,075 | ---- | M] () -- C:\Windows\SysWow64\drivers\1028_Dell_STU_435T.mrk
[2009/06/12 23:40:42 | 00,005,075 | ---- | M] () -- C:\Windows\SysNative\drivers\1028_Dell_STU_435T.mrk
[2009/06/12 23:40:08 | 00,060,224 | ---- | M] () -- C:\Windows\SysNative\tcpmon.ini
[2009/06/12 20:21:58 | 58,392,576 | ---- | M] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2009/06/12 20:21:58 | 00,262,144 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf
[2009/06/12 20:21:58 | 00,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx
[2009/06/12 20:16:47 | 00,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2009/06/12 20:14:08 | 00,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2009/06/12 16:06:08 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
< End of report >

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

OTL Extras logfile created on: 7/11/2009 1:55:17 PM - Run 1
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\Kevin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.10 Gb Total Space | 379.93 Gb Free Space | 65.38% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 8.05 Gb Free Space | 53.67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 931.51 Gb Total Space | 301.08 Gb Free Space | 32.32% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KEVINS-CORE-I7
Current User Name: Kevin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe ()
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe ()
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe ()
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe ()
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe ()
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe ()
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

{042b894d-b1a0-48c9-9f95-685effea42b1} = rport=10243 | protocol=6 | dir=out | app=system |
{0edc7787-8a56-44ed-8458-93986a0384f0} = lport=2869 | protocol=6 | dir=in | app=system |
{122ae422-d904-484f-84fe-efda1268db6a} = lport=139 | protocol=6 | dir=in | app=system |
{1e3b569f-e696-490a-a5d3-880e16e99217} = lport=138 | protocol=17 | dir=in | app=system |
{2041444b-43f0-4a5f-b6c0-8045ee5b634f} = lport=10243 | protocol=6 | dir=in | app=system |
{2ffff365-f9d5-44f3-b5e4-19302074f080} = lport=445 | protocol=6 | dir=in | app=system |
{47fc4dda-98d9-4306-a356-3826f835881a} = rport=137 | protocol=17 | dir=out | app=system |
{4ee2e755-8f82-423d-80c6-7966261db508} = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
{50418674-378a-414c-93c1-0aaa2014f992} = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
{574352fe-68d1-4802-bcc8-416a5fd23f5e} = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
{5ed1a4be-c299-4e94-aa8e-39c7eb20624c} = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
{6a596fc2-9e6a-494f-8bda-f9ff0393983d} = rport=138 | protocol=17 | dir=out | app=system |
{71a6c5ec-ffd7-4e52-aede-d65488a37b7c} = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
{776e4ca4-9ee3-49d0-80a3-4d1c5e6bd45e} = rport=139 | protocol=6 | dir=out | app=system |
{9c53db9c-a29b-4ae1-91fa-e0fdd0d0cc8d} = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
{a986d119-26aa-433b-97af-4e51b57979f7} = lport=2869 | protocol=6 | dir=in | app=system |
{ad5d9ba7-e44a-4371-945f-42a1b23c1c7f} = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
{e6cef83a-902f-4297-99cc-c2ccde714c3f} = lport=137 | protocol=17 | dir=in | app=system |
{e86b2d28-b19a-4f40-a03e-9de58286cc15} = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
{e9210428-d4d6-42a7-9eab-d28f197ee9fd} = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
{ee55c8c8-47f1-433c-9f30-1838f0252e45} = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

{0a9921be-966e-4ff8-8172-ad86738a20dd} = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
{0d20b7c4-5473-4f9d-b11b-aa513e9837ab} = protocol=6 | dir=out | app=system |
{10087073-8007-40d4-a130-09bb572dd6ef} = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
{20582dc8-0b70-4897-91aa-3b6598a4baf3} = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
{28aa88c4-614e-465f-9457-53e14974a8e6} = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{3e762d82-7357-4c89-ba3b-cbd8c10fe8f9} = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
{3f028673-1c78-44ce-a0fc-a34a0d3f784f} = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
{41ea720c-4dce-42a3-868f-75865d28b285} = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
{4e55ae76-fc88-44f5-a914-73010ce6ca97} = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
{4faa5890-6b04-417e-ae7b-692c21eeee71} = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
{52ca25e1-225d-414d-897d-3ae795c9d2ae} = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
{539dd122-d858-445d-8395-5e273a46d722} = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
{57112da7-86cd-4dbc-a2ae-98b726124ffd} = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
{58a64c99-1352-4fdf-96c5-50c0df700486} = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{5a475f72-8c2e-4d8e-aa99-0deabe4f6972} = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{64dfe7aa-c3ee-44ad-a2bf-e136d0983795} = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
{70226361-f8ba-493d-8d7a-d4d74424a6ed} = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
{781286e9-522f-4685-807a-2a0767cdba95} = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
{7b077d64-4a73-4c5b-b7be-daa29f3ddedb} = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
{815566a4-ac94-4297-aa8d-45984bfb5230} = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
{83c0f363-aa8f-456f-b495-f34252154777} = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
{89213c4f-5549-43fc-ad80-5e93f951ea7e} = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{8994d5ac-988a-47a9-96af-c86f05dc2624} = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
{8dee373b-c4d4-47ca-a45c-6ea1d223a3f7} = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{8e893d85-a86f-427e-9b18-caa48fa64418} = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
{9596f6be-fddf-475a-86ed-4893e21d2af6} = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
{a7f6f11a-99bf-45ff-ad39-5a3e71a5bd23} = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
{c20d820b-0501-49a3-8130-de590fb9bdca} = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
{c89bd4d0-4927-4f57-88cd-341c6064482f} = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
{c9161d57-32db-4f06-ae8f-964459ed8b3e} = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
{d5296cfc-4102-4f5e-a3aa-6bb36074ec26} = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
{d6634f2a-1d7a-49f7-9658-d5acf2635dd5} = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
{efce7c60-32ab-4715-accb-e769cb39457b} = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
{f3c55623-1ef7-4a64-9d12-aaa6c3d43f4e} = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
{f82ed8ed-1ff5-46e0-8b49-b837831e10a1} = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E6C415F-7708-4A8F-9509-11C98988BDCA}" = Apple Mobile Device Support
"{5AB0C6D3-E546-44C2-8B63-C9044FCC9AC0}" = iTunes
"{893D9341-6AEA-8463-83E1-70D004A56AD3}" = ccc-utility64
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0764694E-4C2E-1A05-B6A2-3C0B4F061AB5}" = CCC Help Hungarian
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0C2D2976-6F6B-EB9A-57CB-0F479510E29D}" = Catalyst Control Center Localization Portuguese
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15803703-25FA-4C01-A062-3F4A59937E87}" = PhotoImpact X3
"{1833C9AB-38B3-2B52-6A66-46B366327FE8}" = Catalyst Control Center Localization French
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83216013F0}" = Java™ 6 Update 13
"{292E1FC7-C42A-5ED5-0904-94C1A0A1538A}" = Catalyst Control Center InstallProxy
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2AF983E8-983E-AEAD-BB41-D7CAED800C03}" = CCC Help Chinese Traditional
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{319397B7-88C3-FF5E-788E-6EC3D9C7F10F}" = Catalyst Control Center Localization Chinese Standard
"{33303B83-3081-5C68-EBD9-9140DD374B5A}" = Catalyst Control Center Core Implementation
"{351DE0AB-7787-4497-9A7A-4AA9E3A4E290}" = Dell Communications (Support Software)
"{364F416C-CA2E-20FA-193C-267192F339A7}" = CCC Help Japanese
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4250568D-A456-7DF3-4832-21CC15E7D0B1}" = CCC Help Korean
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4F668F8E-56FC-6DFF-4F2F-603542D7413B}" = Catalyst Control Center Graphics Full Existing
"{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4}" = Windows Live Sign-in Assistant
"{5070E761-C5ED-A868-CE4E-B3C7B4674E06}" = Catalyst Control Center Localization Hungarian
"{54F90B55-BEB3-4F0D-8802-228822FA5921}" = WordPerfect Office 11
"{59B8EE7B-A449-A1F5-45A2-6F58C305925E}" = Catalyst Control Center Graphics Light
"{5AED8F22-D3F2-C924-4F2A-1D6C80162C78}" = CCC Help Italian
"{63A7AA0B-6EDC-40F0-B14E-5289599EE2A3}" = Catalyst Control Center - Branding
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6882B3A9-AB98-4ABA-A623-2979FBEA5F9F}_is1" = Moyea FLV Player version 1.6.2.2
"{68ED7C7F-6F0A-4467-81F3-FA5899A15D16}_is1" = Moyea Flash Video MX Pro Version: 5.0.14.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69A01F5F-EF07-C3C6-3B94-E895E931FCF1}" = Catalyst Control Center Graphics Full New
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CF115FC-BA7C-E81A-631A-B9545D446AF0}" = Catalyst Control Center Graphics Previews Common
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80250615-2FF1-0AAE-9C71-375BA6E5CF7E}" = ccc-core-static
"{80F0EB59-D25F-2A39-92E9-B1D593255E64}" = Skins
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B5A3788-7DE7-668B-437A-2EDF278F8324}" = CCC Help English
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9AE79FD8-90DD-AA27-06FA-0DF8A0FFCE88}" = CCC Help French
"{9B947CCE-D5B2-1AE4-D3EE-B073D5D5D4D7}" = Catalyst Control Center Graphics Previews Vista
"{A2233F8C-B7AC-0E77-0DF3-57678388A816}" = Catalyst Control Center Localization Japanese
"{A74C1699-4BCE-433F-82D6-F11207A0581B}" = Sony ACID Music Studio 7.0
"{A777CB31-A5EC-4E32-A462-2E24F45D4D4F}_is1" = Moyea FLV to Video Converter Pro 2 version: 2.0.18.194
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4E24CA6-5254-7E2D-F1FC-B01881AD4556}" = Catalyst Control Center Localization Italian
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8E8C8EC-5C22-4B02-9C02-D851262F574C}" = Sony Vegas Movie Studio Platinum 8.0
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4A40111-4DD6-C90E-27E7-CA8F3E647DF0}" = CCC Help Chinese Standard
"{C5C649A8-1D21-4C83-9B08-7B3752E580F4}" = Safari
"{C61798EC-C148-DCAF-0BBB-983E3F2A358A}" = CCC Help German
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C9525341-51CA-4e8d-A7A5-3B0A690DB64D}" = Corel Photobook
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D0B7DE9F-D63D-57DD-1872-3F0207A437AC}" = CCC Help Turkish
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DC1E0881-66E8-4884-9B5B-580F957F5B9A}" = Sony DVD Architect Studio 4.5
"{DDEE3690-E766-135E-39F9-1069E44364FF}" = Catalyst Control Center Localization Turkish
"{DE6D0FDB-3B65-48B9-6F71-A61D5A7B576F}" = CCC Help Portuguese
"{E14D7E83-C764-F6D9-FA7E-DA50596C8B02}" = Catalyst Control Center Localization Spanish
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{EA426461-31AA-4AB3-B15D-EDD748F08394}_is1" = Moyea YouTube FLV Downloader version: 2.0.8.524
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F39A1538-F97D-702B-AD48-F8FD2A01D0B2}" = Catalyst Control Center Localization Korean
"{F569D2CB-5BB9-B8A1-9B1D-AA813D974372}" = CCC Help Spanish
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FB997B37-623B-E151-6AC5-5EEA34FE4178}" = Catalyst Control Center Localization Chinese Traditional
"{FCDDA9CC-10DC-F720-53DE-D23A96EA8792}" = Catalyst Control Center Localization German
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Cakewalk Pyro 2004" = Cakewalk Pyro 2004
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Video Chat" = Dell Video Chat
"DivX Content Uploader" = DivX Content Uploader
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD to iPod Converter 4" = DVD to iPod Converter 4
"DVD-CLONER V_is1" = DVD-CLONER V5.10 Build 967
"HijackThis" = HijackThis 2.0.2
"InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}" = PhotoImpact X3
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"iPod movie Converter 3" = iPod movie Converter 3
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSC" = McAfee SecurityCenter
"RealPlayer 6.0" = RealPlayer
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Mail Advisor" = Yahoo! Mail Advisor
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/2/2009 4:18:22 AM | Computer Name = Kevins-Core-i7 | Source = Application Error | ID = 1000
Description = Faulting application Pp10.exe, version 10.1.0.0, time stamp 0x3b9e6221,
faulting module IGXFRM40.dll, version 4.0.4.0, time stamp 0x3b9e5f77, exception
code 0xc0000005, fault offset 0x00004d09, process id 0x1238, application start time
0x01c9faeda95cac66.

Error - 7/2/2009 5:28:17 AM | Computer Name = Kevins-Core-i7 | Source = ESENT | ID = 455
Description = Catalog Database (1164) Catalog Database: Error -1811 occurred while
opening logfile C:\Windows\system32\CatRoot2\edb0012A.log.

Error - 7/2/2009 5:28:17 AM | Computer Name = Kevins-Core-i7 | Source = Microsoft-Windows-CAPI2 | ID = 131329
Description =

Error - 7/2/2009 5:28:59 AM | Computer Name = Kevins-Core-i7 | Source = WinMgmt | ID = 10
Description =

Error - 7/2/2009 5:47:25 AM | Computer Name = Kevins-Core-i7 | Source = EventSystem | ID = 4621
Description =

Error - 7/2/2009 5:52:31 AM | Computer Name = Kevins-Core-i7 | Source = WinMgmt | ID = 10
Description =

Error - 7/2/2009 5:56:43 AM | Computer Name = Kevins-Core-i7 | Source = EventSystem | ID = 4621
Description =

Error - 7/2/2009 6:00:02 AM | Computer Name = Kevins-Core-i7 | Source = WinMgmt | ID = 10
Description =

Error - 7/2/2009 1:41:08 PM | Computer Name = Kevins-Core-i7 | Source = WinMgmt | ID = 10
Description =

Error - 7/2/2009 6:06:54 PM | Computer Name = Kevins-Core-i7 | Source = EventSystem | ID = 4621
Description =


< End of report >

#7 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 11 July 2009 - 08:14 PM

Hello.

I don't think that is caused by an infection. Let's try installing Service Pack 2. That should replace and repair the system files.

Install From Windows Updates
  • Click the Start Menu (or Windows Orb), then All Programs, then Windows Update.
  • On the left, choose Change Settings
  • Ensure that the checkbox Use Microsoft Update at the bottom of the window is checked.
  • Press OK and accept the UAC prompt. You shouldn't need to check this checkbox every single time you update, only the first time.
  • Click Check for Updates in the upper left corner.
  • Follow the instructions to install the latest updates.
  • Reboot and repeat the "Check for Updates" until there are no more critical updates to install.
Run Quick Scan with OTListIt
Open OTL.exe again. Click on the Quick Scan. Post back with the log produced in your next reply.

With Regards,
The Panda

#8 Kevin in Chicago

Kevin in Chicago
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 12 July 2009 - 04:50 AM

Installed SP 2. I had actually done that before I restored to an earlier point. Defender was working fine after the restore until I re-booted. Still having the same problem with the SP2 installed.
I think there has to be something else to this as I came across another thread on here with a similar problem. It all started after I tried to install Picture Publisher 10 I downloaded off of Pirate Bay.

Thanks, Kevin


Here's the Log:


OTL logfile created on: 7/12/2009 4:39:09 AM - Run 2
OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\Kevin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.10 Gb Total Space | 372.04 Gb Free Space | 64.02% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 8.05 Gb Free Space | 53.67% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 931.51 Gb Total Space | 300.99 Gb Free Space | 32.31% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KEVINS-CORE-I7
Current User Name: Kevin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2008/12/18 12:05:28 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2009/01/09 08:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/03/19 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
PRC - [2009/01/09 09:22:10 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
PRC - [2007/07/24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/01/12 22:30:14 | 00,272,024 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
PRC - [2008/12/04 15:03:00 | 00,226,640 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/03/25 09:44:02 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/07/20 16:45:06 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/03/25 17:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe
PRC - [2009/03/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/01/09 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Common Files\mcafee\mna\mcnasvc.exe
PRC - [2009/03/25 17:25:20 | 00,645,328 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2008/07/20 16:45:06 | 00,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/30 00:54:30 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/02/04 20:26:38 | 00,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/04/23 06:29:14 | 07,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009/03/25 09:44:02 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
PRC - [2009/05/21 11:34:07 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/06/05 13:39:22 | 00,292,136 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/06/30 02:52:45 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/05/08 05:53:34 | 00,174,424 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe
PRC - [2009/01/21 17:34:16 | 00,532,808 | R--- | M] (Corel, Inc.) -- C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
PRC - [2009/01/21 17:34:22 | 00,016,712 | R--- | M] () -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
PRC - [2007/08/02 21:08:00 | 00,095,504 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
PRC - [2009/04/23 06:29:18 | 07,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009/06/05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe
PRC - [2009/06/08 15:11:50 | 05,110,568 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe
PRC - [2009/06/08 15:11:50 | 05,110,568 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe
PRC - [2009/07/11 13:54:41 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/02/24 04:12:04 | 00,088,576 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters [Auto | Running])
SRV:64bit: - [2008/10/17 05:24:26 | 00,905,216 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])
SRV:64bit: - [2008/12/18 12:05:28 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService [Auto | Running])
SRV:64bit: - [2009/04/01 14:21:30 | 00,696,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS [On_Demand | Stopped])
SRV:64bit: - [2009/03/25 10:59:30 | 00,153,920 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield [Unknown | Running])
SRV:64bit: - [2008/01/20 21:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [On_Demand | Stopped])
SRV:64bit: - [2008/01/20 21:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2009/03/29 23:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/03/29 23:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Running])
SRV - [2008/01/20 21:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2008/01/20 21:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 10:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/02/18 13:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2003/09/24 10:00:00 | 00,049,152 | ---- | M] (GEAR Software) -- C:\Windows\SysWow64\gearsec.exe -- (GearSecurity [Auto | Stopped])
SRV - [2009/06/30 00:54:29 | 00,182,768 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/07/20 16:45:06 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2009/02/18 13:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/06/05 13:39:14 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/11/02 04:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\keyiso.dll -- (KeyIso [On_Demand | Stopped])
SRV - [2009/03/25 17:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc [Auto | Running])
SRV - [2009/01/09 11:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Common Files\mcafee\mna\mcnasvc.exe -- (McNASvc [Auto | Running])
SRV - [2009/01/09 08:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy [Auto | Running])
SRV - [2009/03/24 00:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon [On_Demand | Running])
SRV - [2009/03/19 11:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService [Auto | Running])
SRV - [2006/11/02 08:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2009/01/09 09:22:10 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe -- (MSK80Service [Auto | Running])
SRV - [2009/04/11 01:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netlogon.dll -- (Netlogon [On_Demand | Stopped])
SRV - [2007/07/24 11:15:14 | 00,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2 [Auto | Running])
SRV - [2007/01/12 22:30:14 | 00,272,024 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2008/12/04 15:03:00 | 00,226,640 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2009/03/25 09:44:02 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe -- (sprtsvc_DellComms [Auto | Running])
SRV - [2008/03/24 06:35:22 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])
SRV - [2006/11/02 01:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2006/11/02 01:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vss.mof -- (VSS [On_Demand | Stopped])
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Auto | Running])

========== Driver Services (SafeList) ==========

DRV:64bit: - [2008/10/17 05:24:30 | 04,709,888 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])
DRV:64bit: - [2008/01/20 21:46:55 | 00,317,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express [On_Demand | Stopped])
DRV:64bit: - [2009/03/19 16:34:18 | 00,029,544 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\gearaspiwdm.sys -- (GEARAspiWDM [On_Demand | Running])
DRV:64bit: - [2009/04/11 00:39:51 | 00,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running])
DRV:64bit: - [2008/12/11 03:58:54 | 00,402,456 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor [Boot | Running])
DRV:64bit: - [2008/12/15 03:37:38 | 00,098,144 | ---- | M] (JMicron Technology Corp.) -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID [Boot | Running])
DRV:64bit: - [2009/03/25 11:06:22 | 00,102,600 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk [On_Demand | Running])
DRV:64bit: - [2008/12/19 21:24:48 | 00,041,032 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfebopk.sys -- (mfebopk [On_Demand | Stopped])
DRV:64bit: - [2009/03/25 11:06:22 | 00,307,400 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk [System | Running])
DRV:64bit: - [2009/03/25 10:59:38 | 00,040,904 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk [On_Demand | Stopped])
DRV:64bit: - [2009/03/25 11:06:22 | 00,049,480 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk [On_Demand | Running])
DRV:64bit: - [2008/10/23 13:08:54 | 00,176,144 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP [System | Running])
DRV:64bit: - [2007/11/14 02:00:00 | 00,053,488 | ---- | M] (Sonic Solutions) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64 [Boot | Running])
DRV:64bit: - [2008/10/17 05:24:30 | 04,709,888 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300 [On_Demand | Stopped])
DRV:64bit: - [2008/12/15 00:09:30 | 00,174,592 | ---- | M] (Realtek Corporation ) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169 [On_Demand | Running])
DRV:64bit: - [2008/12/18 00:43:24 | 00,062,464 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR [On_Demand | Stopped])
DRV:64bit: - [2009/06/05 11:42:38 | 00,048,640 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64 [On_Demand | Stopped])
DRV - [2003/09/24 10:00:00 | 00,009,728 | ---- | M] (GEAR Software) -- C:\Windows\SysWow64\drivers\gearaspiwdm.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/09/18 16:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2006/09/18 16:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.infowars.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..extensions.enabledItems: djziggy@gmail.com:1.0.7
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.0.4
FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:2.95


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/12 03:32:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/06/30 02:52:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/06/30 02:52:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/07/10 04:29:21 | 00,000,000 | ---D | M]

[2009/06/30 01:10:47 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions
[2009/06/30 01:10:47 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/08 20:13:38 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions
[2009/06/30 18:21:45 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/30 01:29:12 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2009/06/30 12:52:40 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2009/06/30 12:18:16 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com
[2009/06/30 01:25:24 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\personas@christopher.beard
[2009/07/08 17:33:08 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\piclens@cooliris.com
[2009/07/08 17:33:08 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\piclens@cooliris.com-trash
[2009/06/30 12:55:06 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\redshift_V2@shift-themes.com
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\chatzilla
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\Console2
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\downthemall
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\emusic
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\fullerscreen
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\sage
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\toolkit
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\global\extensions\webdeveloper
[2009/06/30 12:18:17 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\ju9f1r2z.default\extensions\djziggy@gmail.com\chrome\mozapps\extensions
[2009/06/30 21:59:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/06/30 01:10:31 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/06/30 21:59:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/06/02 22:00:58 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009/06/02 22:00:59 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 16:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll
[2009/05/21 11:33:58 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2009/05/12 13:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll
[2009/05/18 17:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/06/02 22:01:00 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2009/06/30 02:52:50 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll
[2009/06/30 02:52:56 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll
[2009/06/30 02:52:48 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll
[2009/05/01 16:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll
[2009/06/02 18:18:22 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2009/06/02 18:18:22 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2009/06/02 18:18:22 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2009/06/02 18:18:22 | 00,002,343 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2009/06/02 18:18:22 | 00,001,706 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2009/06/02 18:18:22 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2009/06/02 18:18:22 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [DellComms] C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickFinder Scheduler] C:\Program Files (x86)\WordPerfect Office 11\Programs\QFSCHD110.EXE (Novell, Inc., c/o Corel Corporation Limited)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [YMailAdvisor] C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - x-sdch - Reg Error: Key error. File not found
O18 - Protocol\Filter: - x-sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 15:01:00 | 00,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008/10/29 00:59:53 | 00,000,033 | -HS- | M] () - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found


Other Half to Follow.... Post was too long


Part 2 of Log:

========== Files/Folders - Created Within 30 Days ==========

[2009/07/12 04:28:13 | 00,000,000 | ---D | C] -- C:\Windows\LastGood
[2009/07/12 04:21:50 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2009/07/12 04:21:50 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2009/07/12 04:21:50 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2009/07/12 04:21:50 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2009/07/12 04:21:50 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2009/07/12 04:21:49 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2009/07/12 04:01:15 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2009/07/12 03:59:53 | 00,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
[2009/07/12 03:59:53 | 00,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
[2009/07/12 03:59:51 | 00,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/07/12 03:59:51 | 00,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2009/07/12 03:59:35 | 00,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2009/07/12 03:59:33 | 00,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2009/07/12 03:59:33 | 00,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
[2009/07/12 03:59:20 | 00,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
[2009/07/12 03:59:20 | 00,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
[2009/07/12 03:59:19 | 00,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2009/07/12 03:59:09 | 00,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
[2009/07/12 03:59:09 | 00,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
[2009/07/12 03:59:08 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2009/07/11 13:54:41 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2009/07/10 04:28:40 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2009/07/09 03:08:01 | 00,000,000 | ---D | C] -- C:\Users\Kevin\Documents\Corel User Files
[2009/07/09 03:07:59 | 00,061,678 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\PFP110JPR.{PB
[2009/07/09 03:07:59 | 00,012,358 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\PFP110JCM.{PB
[2009/07/09 01:50:00 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Ulead Systems
[2009/07/09 01:47:27 | 00,001,871 | ---- | C] () -- C:\Users\Public\Desktop\PhotoImpact X3.lnk
[2009/07/09 01:42:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ulead Systems
[2009/07/09 01:42:35 | 00,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems
[2009/07/09 01:41:02 | 00,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2009/07/08 20:56:12 | 00,000,000 | ---D | C] -- C:\Temp Video Editing Folder
[2009/07/07 15:50:27 | 00,359,929 | ---- | C] () -- C:\Users\Kevin\Desktop\dds.pif
[2009/07/06 15:56:54 | 00,000,000 | ---D | C] -- C:\Users\Kevin\Documents\My Corel Shows
[2009/07/06 15:56:54 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\Corel
[2009/07/06 15:55:55 | 00,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009/07/06 15:55:55 | 00,000,088 | RHS- | C] () -- C:\ProgramData\608EEB57F7.sys
[2009/07/06 15:55:06 | 00,000,000 | ---D | C] -- C:\Users\Kevin\Documents\My PSP Files
[2009/07/06 15:55:06 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Corel
[2009/07/06 15:53:03 | 00,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Corel Paint Shop Pro Photo X2.lnk
[2009/07/06 15:52:31 | 00,000,000 | ---D | C] -- C:\ProgramData\Corel
[2009/07/06 15:52:31 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2009/07/06 15:49:52 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\InstallShield
[2009/07/06 14:36:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2009/07/02 13:00:33 | 00,001,930 | ---- | C] () -- C:\Users\Kevin\Desktop\HijackThis.lnk
[2009/07/02 13:00:33 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/07/02 02:45:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Micrografx
[2009/07/02 01:30:13 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Micrografx
[2009/07/01 17:37:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2009/07/01 17:37:42 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Roxio
[2009/07/01 03:09:07 | 00,001,072 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
[2009/07/01 03:07:45 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\OpenOffice.org
[2009/07/01 00:59:56 | 00,031,049 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\UserTile.png
< End of report >

Edited by PropagandaPanda, 12 July 2009 - 08:42 AM.


#9 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 12 July 2009 - 08:47 AM

Hello.

Are you still getting the same error message?

Click on the Windows Orb -> Run -> Type: services.msc
In the service control manager, right click Windows Defender and select Properties.
Set the Startup type to Automatic and press apply.
Start the service.

Does that help?

With Regards,
The Panda

#10 Kevin in Chicago

Kevin in Chicago
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:00 AM

Posted 17 July 2009 - 12:32 PM

Hi Panda,

Just got back from my trip. I went into the SCM and changed Defender from manual to automatic. Rebooted and the problem seems to be solved!! :thumbup2: This thread can now be closed.

Thanks for all your help!!

Take Care, Kevin

#11 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 17 July 2009 - 01:08 PM

No problem.

Since this issue appears to be resolved, this topic is now closed.
If you are the topic starter and need this topic reopened, send me a message.

Everyone else, please begin a new topic.

With Regards,
The Panda




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users