Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirect virus: 127.0.0.1:50370


  • This topic is locked This topic is locked
12 replies to this topic

#1 Timo_SD

Timo_SD

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 PM

Posted 09 November 2010 - 01:38 PM

Hi guys,

My laptop started to go to random web pages. I tried to get rid of that, but managed to mess up my whole computer. Went to buy new laptop and.... same redirect problem. I decided to try to do things little bit more smart this time and ask help from here.

I have another laptop connected to same wireless router, It has not shown any symptoms yet. Should I do anything for that?

Thanks for even trying to help. I really appreciate it.

/timo

Here's the HJT log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:12:04 AM, on 11/9/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:50370
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [svchost] C:\Users\Timo\AppData\Roaming\Microsoft\svchost.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: CinemaNow Service - CinemaNow, Inc. - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12065 bytes

Attached Files



BC AdBot (Login to Remove)

 


#2 Timo_SD

Timo_SD
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 PM

Posted 09 November 2010 - 02:09 PM

Since in a very similar thread also OTL log was requested, I ran OTL scan and the log is here. I did it according to following instructions:

[quote]
* Download OTL to your desktop.
* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* When the window appears, underneath Output at the top change it to Minimal Output.
* Under the Standard Registry box change it to All.
* Check the boxes beside LOP Check and Purity Check.
* Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
o When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
o Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
[end quote]

Thanks,
Timo

OTL logfile created on: 11/9/2010 10:55:38 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Timo\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 68.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.98 Gb Total Space | 395.03 Gb Free Space | 88.38% Space Free | Partition Type: NTFS
Drive D: | 18.48 Gb Total Space | 2.66 Gb Free Space | 14.38% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 92.69 Mb Free Space | 93.60% Space Free | Partition Type: FAT32
Drive F: | 4.14 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: TIMO-PC | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Timo\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
PRC - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
PRC - C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\Timo\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
SRV:64bit: - (HPWMISVC) -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard)
SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (DvmMDES) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) Intel® -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (CinemaNow Service) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (nmservice) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (DVMIO) -- C:\Windows\SysNative\drivers\dvmio.sys (DeviceVM, Inc.)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (HECIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard)
DRV:64bit: - (purendis) -- C:\Windows\SysNative\drivers\purendis.sys (Cisco Systems, Inc.)
DRV:64bit: - (pnarp) -- C:\Windows\SysNative\drivers\pnarp.sys (Cisco Systems, Inc.)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (a2acc) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys (Emsi Software GmbH)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 50370
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\Firefox [2010/08/30 04:59:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/30 04:59:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/30 14:38:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/29 22:39:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/09 08:46:34 | 000,000,000 | ---D | M]

[2010/10/26 21:45:22 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Mozilla\Extensions
[2010/10/26 21:45:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timo\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/11/09 08:44:42 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\em65xpwe.default\extensions
[2010/11/09 08:44:41 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\em65xpwe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/02 08:35:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/29 22:39:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/11/02 13:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/10/29 22:39:00 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2010/10/29 22:39:00 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2010/10/29 22:39:01 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2010/09/22 17:10:51 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
[2010/10/12 11:18:37 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/10/12 11:18:37 | 000,002,193 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\answers.xml
[2010/10/12 11:18:37 | 000,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/10/12 11:18:37 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay.xml
[2010/10/12 11:18:37 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2010/10/12 11:18:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/10/12 11:18:37 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [svchost] C:\Users\Timo\AppData\Roaming\Microsoft\svchost.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/09 09:03:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJackThis
[2010/11/09 00:39:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010/11/09 00:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pure Networks
[2010/11/08 23:57:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pure Networks Shared
[2010/11/08 23:45:57 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\Simply Super Software
[2010/11/08 23:45:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll
[2010/11/08 23:45:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2010/11/08 23:45:48 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Simply Super Software
[2010/11/08 23:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/11/08 17:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2010/11/08 17:48:57 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\Anti-Malware
[2010/11/08 06:35:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010/11/07 11:51:15 | 000,472,656 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2010/11/07 11:51:15 | 000,125,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2010/11/07 11:51:15 | 000,121,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010/11/07 11:51:15 | 000,020,048 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010/11/07 11:50:56 | 000,250,448 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2010/11/07 11:50:56 | 000,061,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010/11/07 11:50:56 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010/11/07 11:50:56 | 000,028,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010/11/07 11:50:46 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2010/11/07 11:50:45 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010/11/07 11:50:45 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/11/07 10:53:27 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Malwarebytes
[2010/11/07 10:53:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/07 10:53:14 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/07 10:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/07 10:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/01 08:26:05 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\vlc
[2010/11/01 08:25:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010/10/31 23:26:52 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\HP MediaSmart Video
[2010/10/31 18:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2010/10/31 18:55:57 | 000,515,584 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2010/10/31 18:55:56 | 000,645,632 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2010/10/31 18:55:56 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2010/10/31 18:55:01 | 000,508,952 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2010/10/31 18:55:01 | 000,414,744 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2010/10/31 18:55:01 | 000,223,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2010/10/31 18:55:01 | 000,161,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2010/10/31 18:55:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2010/10/31 18:55:00 | 000,386,584 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2010/10/31 18:54:57 | 003,155,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2010/10/31 18:54:10 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\hpqLog
[2010/10/31 18:52:47 | 015,025,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2010/10/31 18:52:47 | 011,038,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2010/10/31 18:52:47 | 010,342,240 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2010/10/31 18:52:47 | 004,352,512 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2010/10/31 18:52:47 | 000,380,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2010/10/31 18:52:47 | 000,271,360 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2010/10/31 18:52:47 | 000,228,864 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2010/10/31 18:52:47 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2010/10/31 18:52:47 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2010/10/31 18:52:47 | 000,092,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2141.dll
[2010/10/31 18:52:47 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2010/10/31 18:52:47 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2010/10/31 18:52:47 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2010/10/31 18:52:47 | 000,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2010/10/31 18:52:47 | 000,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2010/10/31 18:52:47 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2010/10/31 18:52:47 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2010/10/31 18:52:47 | 000,084,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2010/10/31 18:52:47 | 000,084,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2010/10/31 18:52:47 | 000,083,968 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2010/10/31 18:52:47 | 000,083,968 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2010/10/31 18:52:47 | 000,027,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2010/10/31 18:52:47 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2010/10/31 18:52:47 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2010/10/31 18:52:42 | 000,119,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2010/10/31 18:52:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2010/10/31 18:52:12 | 000,439,808 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2010/10/31 18:52:12 | 000,060,416 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2010/10/31 18:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2010/10/31 18:51:50 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\InstallShield
[2010/10/31 18:30:20 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\HP Support Assistant
[2010/10/31 08:41:18 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\skypePM
[2010/10/31 08:37:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/10/31 08:37:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/10/31 08:37:15 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Skype
[2010/10/31 08:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/10/30 14:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010/10/30 14:46:01 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\HP
[2010/10/30 14:46:00 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\HP
[2010/10/30 14:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010/10/30 14:36:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010/10/30 14:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010/10/30 14:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010/10/30 14:34:09 | 000,000,000 | ---D | C] -- C:\Windows\hpoj4500g510n-z
[2010/10/30 14:33:21 | 000,902,656 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwwiax9.dll
[2010/10/30 14:33:21 | 000,742,912 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwtscl5.dll
[2010/10/30 14:33:21 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll
[2010/10/30 14:33:21 | 000,503,296 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwvst01.dll
[2010/10/30 14:33:16 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2010/10/30 14:33:12 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l092.dll
[2010/10/30 14:32:55 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010/10/30 14:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/10/30 10:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2010/10/30 08:26:34 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\WildTangent
[2010/10/29 21:19:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010/10/28 09:27:37 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\CyberLink
[2010/10/28 09:02:27 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Adobe
[2010/10/28 08:25:59 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2010/10/28 08:25:57 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/10/28 08:25:57 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/10/28 08:25:57 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/10/28 08:25:57 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010/10/28 08:25:57 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010/10/28 08:25:56 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/10/28 08:25:56 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/10/28 08:25:53 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/10/28 08:25:41 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010/10/27 11:22:30 | 000,000,000 | ---D | C] -- C:\PROJECTS
[2010/10/27 09:40:45 | 004,514,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe
[2010/10/27 09:40:45 | 002,264,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe
[2010/10/27 09:40:45 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe
[2010/10/27 09:40:45 | 000,360,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys
[2010/10/27 09:28:18 | 000,000,000 | R--D | C] -- C:\Users\Timo\Virtual Machines
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2010/10/27 09:24:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui
[2010/10/27 09:24:05 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpchbus.sys.mui
[2010/10/27 09:24:05 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui
[2010/10/27 09:24:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui
[2010/10/27 09:24:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui
[2010/10/27 09:24:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui
[2010/10/27 09:24:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui
[2010/10/27 09:23:57 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
[2010/10/27 09:23:57 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
[2010/10/27 09:23:56 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe
[2010/10/27 09:23:56 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe
[2010/10/27 09:23:56 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll
[2010/10/27 09:23:56 | 000,066,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys
[2010/10/27 09:23:55 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe
[2010/10/27 09:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2010/10/27 08:02:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/10/27 08:02:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/10/27 08:02:51 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010/10/27 07:16:31 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010/10/27 07:16:31 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010/10/27 07:16:31 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010/10/27 07:16:31 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010/10/27 07:16:31 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010/10/27 07:16:31 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010/10/27 07:16:31 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010/10/27 07:16:31 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010/10/27 07:12:46 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/10/27 07:12:46 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/10/27 07:12:32 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/10/27 07:12:32 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010/10/27 07:12:26 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010/10/27 07:12:26 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010/10/27 07:12:16 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/10/27 07:12:15 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/10/27 07:12:14 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/10/27 07:12:14 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/10/27 07:11:50 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/10/27 07:11:50 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/10/27 07:11:49 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/10/27 07:11:49 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/10/27 07:11:49 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/10/27 07:11:49 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/10/27 07:11:49 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/10/27 07:11:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/10/27 07:11:49 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/10/27 07:11:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/10/27 07:11:49 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/10/27 07:11:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/10/27 07:11:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/10/27 07:11:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/10/27 07:11:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010/10/27 07:11:16 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010/10/27 07:11:07 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010/10/27 07:10:59 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/10/27 07:10:28 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/10/27 07:10:27 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/10/27 07:10:27 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/10/27 07:09:41 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/10/27 07:09:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/10/27 07:09:35 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/10/27 07:08:54 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010/10/27 07:08:34 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010/10/27 07:08:34 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010/10/27 07:08:34 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010/10/27 07:08:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010/10/27 07:08:17 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010/10/27 05:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\Linksys
[2010/10/27 05:15:53 | 000,033,328 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\pnarp.sys
[2010/10/27 05:15:49 | 000,035,376 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\purendis.sys
[2010/10/27 05:15:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010/10/27 05:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Pure Networks
[2010/10/27 05:03:13 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Diagnostics
[2010/10/27 05:02:42 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\HpUpdate
[2010/10/27 04:57:38 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Intel Corporation
[2010/10/27 04:57:21 | 000,000,000 | R--D | C] -- C:\Users\Timo\Searches
[2010/10/27 04:57:21 | 000,000,000 | -H-D | C] -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/10/27 04:57:14 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Identities
[2010/10/27 04:57:12 | 000,000,000 | R--D | C] -- C:\Users\Timo\Contacts
[2010/10/27 04:57:11 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\VirtualStore
[2010/10/27 04:56:55 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Hewlett-Packard
[2010/10/27 04:50:02 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Hewlett-Packard
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\AppData\Local\Temporary Internet Files
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Templates
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Start Menu
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\SendTo
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Recent
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\PrintHood
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\NetHood
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Documents\My Videos
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Documents\My Pictures
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Documents\My Music
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\My Documents
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Local Settings
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\AppData\Local\History
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Cookies
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Application Data
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\AppData\Local\Application Data
[2010/10/27 04:48:45 | 000,000,000 | --SD | C] -- C:\Users\Timo\AppData\Roaming\Microsoft
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Videos
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Saved Games
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Pictures
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Music
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Links
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Favorites
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Downloads
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\My Documents
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Desktop
[2010/10/27 04:48:45 | 000,000,000 | -H-D | C] -- C:\Users\Timo\AppData
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Temp
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Microsoft
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Media Center Programs
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\HuluDesktop
[2010/10/26 22:49:33 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Microsoft Games
[2010/10/26 21:45:15 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Mozilla
[2010/10/26 21:45:15 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Mozilla
[2010/10/26 21:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/10/26 21:42:31 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\ElevatedDiagnostics
[2010/10/26 21:39:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/10/26 21:39:34 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/10/26 21:32:41 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Macromedia
[2010/10/26 21:32:40 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Adobe

========== Files - Modified Within 30 Days ==========

[2010/11/09 09:48:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/09 09:03:59 | 000,002,993 | ---- | M] () -- C:\Users\Timo\Desktop\HiJackThis.lnk
[2010/11/09 08:46:35 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/09 08:01:00 | 000,028,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/09 08:01:00 | 000,028,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/09 07:58:28 | 000,727,916 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/09 07:58:28 | 000,625,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/09 07:58:28 | 000,107,104 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/09 07:53:27 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/09 00:22:09 | 000,286,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/11/09 00:02:12 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Network Magic.lnk
[2010/11/08 06:37:30 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTimo.job
[2010/11/07 11:51:15 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2010/11/07 11:50:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/11/03 09:48:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/10/31 19:11:14 | 000,015,906 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2010/10/31 18:56:47 | 000,209,920 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
[2010/10/31 18:55:39 | 003,467,264 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2010/10/31 18:55:39 | 000,645,632 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2010/10/31 18:55:39 | 000,515,584 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2010/10/31 18:55:39 | 000,487,424 | ---- | M] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2010/10/31 18:55:39 | 000,431,616 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2010/10/31 18:55:39 | 000,017,454 | ---- | M] () -- C:\Windows\SysNative\nbspkrs.ico
[2010/10/31 18:55:38 | 012,800,512 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2010/10/31 18:55:38 | 000,564,224 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe
[2010/10/31 18:55:38 | 000,442,368 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTEC64.dll
[2010/10/31 18:55:38 | 000,220,672 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\HPToneCtrls64.dll
[2010/10/31 18:55:38 | 000,162,304 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAC64.dll
[2010/10/31 18:55:38 | 000,090,624 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTCo64.dll
[2010/10/31 18:55:38 | 000,068,608 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAR64.dll
[2010/10/31 18:55:38 | 000,003,774 | ---- | M] () -- C:\Windows\SysNative\bltinmic.ico
[2010/10/31 18:55:38 | 000,003,774 | ---- | M] () -- C:\Windows\SysNative\2hps.ico
[2010/10/31 18:54:55 | 000,508,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2010/10/31 18:54:55 | 000,414,744 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2010/10/31 18:54:55 | 000,223,768 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2010/10/31 18:54:55 | 000,161,304 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2010/10/31 18:54:55 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2010/10/31 18:54:54 | 000,386,584 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2010/10/31 18:54:51 | 003,155,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2010/10/31 18:54:51 | 000,152,600 | ---- | M] () -- C:\Windows\SysNative\difx64.exe
[2010/10/31 18:52:37 | 000,092,672 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2141.dll
[2010/10/31 18:52:37 | 000,005,348 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2010/10/31 18:52:36 | 015,025,664 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2010/10/31 18:52:36 | 011,038,208 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2010/10/31 18:52:36 | 010,342,240 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2010/10/31 18:52:36 | 006,537,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2010/10/31 18:52:36 | 004,962,816 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2010/10/31 18:52:36 | 004,658,688 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2010/10/31 18:52:36 | 004,352,512 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2010/10/31 18:52:36 | 000,830,464 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2010/10/31 18:52:36 | 000,571,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2010/10/31 18:52:36 | 000,380,416 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2010/10/31 18:52:36 | 000,271,360 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2010/10/31 18:52:36 | 000,243,200 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2010/10/31 18:52:36 | 000,228,864 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2010/10/31 18:52:36 | 000,142,336 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2010/10/31 18:52:36 | 000,127,868 | ---- | M] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/10/31 18:52:36 | 000,127,868 | ---- | M] () -- C:\Windows\SysNative\igcompkrng575.bin
[2010/10/31 18:52:36 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2010/10/31 18:52:36 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2010/10/31 18:52:36 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2010/10/31 18:52:36 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2010/10/31 18:52:36 | 000,087,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2010/10/31 18:52:36 | 000,087,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2010/10/31 18:52:36 | 000,086,528 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2010/10/31 18:52:36 | 000,086,528 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2010/10/31 18:52:36 | 000,084,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2010/10/31 18:52:36 | 000,084,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2010/10/31 18:52:36 | 000,083,968 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2010/10/31 18:52:36 | 000,083,968 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2010/10/31 18:52:36 | 000,061,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2010/10/31 18:52:36 | 000,027,648 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2010/10/31 18:52:36 | 000,023,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2010/10/31 18:52:36 | 000,004,096 | ---- | M] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2010/10/31 18:52:35 | 000,108,032 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2010/10/31 18:52:32 | 000,189,408 | ---- | M] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2010/10/31 18:52:32 | 000,178,288 | ---- | M] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2010/10/31 18:52:32 | 000,165,251 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2010/10/31 18:52:32 | 000,139,830 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2010/10/31 18:52:32 | 000,136,327 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2010/10/31 18:52:32 | 000,133,680 | ---- | M] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2010/10/31 18:52:32 | 000,125,477 | ---- | M] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2010/10/31 18:52:32 | 000,123,164 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2010/10/31 18:52:32 | 000,122,858 | ---- | M] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2010/10/31 18:52:32 | 000,122,638 | ---- | M] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2010/10/31 18:52:32 | 000,121,121 | ---- | M] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2010/10/31 18:52:32 | 000,120,695 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2010/10/31 18:52:32 | 000,120,287 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2010/10/31 18:52:32 | 000,119,808 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2010/10/31 18:52:32 | 000,119,533 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2010/10/31 18:52:32 | 000,119,513 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2010/10/31 18:52:32 | 000,119,286 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2010/10/31 18:52:32 | 000,118,997 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2010/10/31 18:52:32 | 000,118,684 | ---- | M] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2010/10/31 18:52:32 | 000,118,631 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2010/10/31 18:52:32 | 000,118,317 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2010/10/31 18:52:32 | 000,117,984 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2010/10/31 18:52:32 | 000,114,779 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2010/10/31 18:52:32 | 000,114,308 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2010/10/31 18:52:32 | 000,114,179 | ---- | M] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2010/10/31 18:52:32 | 000,110,156 | ---- | M] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2010/10/31 18:52:32 | 000,103,997 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2010/10/31 18:52:32 | 000,102,843 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2010/10/31 08:41:22 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/10/31 08:37:17 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/10/30 14:45:57 | 000,207,259 | ---- | M] () -- C:\Windows\hpwins28.dat
[2010/10/30 14:36:26 | 000,001,315 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/10/30 14:35:40 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/10/27 05:06:02 | 000,001,441 | ---- | M] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/27 04:47:33 | 000,039,219 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/10/27 04:47:33 | 000,039,219 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/10/26 21:45:01 | 000,001,967 | ---- | M] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/26 21:45:01 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2010/11/09 09:03:59 | 000,002,993 | ---- | C] () -- C:\Users\Timo\Desktop\HiJackThis.lnk
[2010/11/09 08:46:35 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/08 23:45:49 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2010/11/08 23:45:49 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2010/11/08 23:45:49 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2010/11/08 23:45:49 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2010/11/07 11:51:15 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2010/11/03 09:48:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/10/31 18:54:56 | 000,152,600 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2010/10/31 18:52:47 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/10/31 18:52:47 | 000,127,868 | ---- | C] () -- C:\Windows\SysNative\igcompkrng575.bin
[2010/10/31 18:52:47 | 000,005,348 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2010/10/31 18:52:42 | 000,189,408 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2010/10/31 18:52:42 | 000,178,288 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2010/10/31 18:52:42 | 000,165,251 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2010/10/31 18:52:42 | 000,136,327 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2010/10/31 18:52:42 | 000,133,680 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2010/10/31 18:52:42 | 000,125,477 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2010/10/31 18:52:42 | 000,123,164 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2010/10/31 18:52:42 | 000,122,858 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2010/10/31 18:52:42 | 000,122,638 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2010/10/31 18:52:42 | 000,121,121 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2010/10/31 18:52:42 | 000,120,695 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2010/10/31 18:52:42 | 000,120,287 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2010/10/31 18:52:42 | 000,119,533 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2010/10/31 18:52:42 | 000,119,513 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2010/10/31 18:52:42 | 000,119,286 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2010/10/31 18:52:42 | 000,118,997 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2010/10/31 18:52:42 | 000,118,631 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2010/10/31 18:52:42 | 000,118,317 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2010/10/31 18:52:42 | 000,117,984 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2010/10/31 18:52:42 | 000,114,779 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2010/10/31 18:52:42 | 000,114,308 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2010/10/31 18:52:42 | 000,114,179 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2010/10/31 18:52:42 | 000,110,156 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2010/10/31 18:52:42 | 000,103,997 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2010/10/31 18:52:42 | 000,102,843 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2010/10/31 18:52:41 | 000,139,830 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2010/10/31 18:52:41 | 000,118,684 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2010/10/31 18:32:36 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForTimo.job
[2010/10/31 08:41:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/31 08:37:17 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/10/30 14:36:26 | 000,001,315 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/10/30 14:35:40 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/10/30 14:29:41 | 000,000,777 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/10/30 14:29:40 | 000,207,259 | ---- | C] () -- C:\Windows\hpwins28.dat
[2010/10/27 07:04:41 | 000,053,551 | ---- | C] () -- C:\Windows\Professional.xml
[2010/10/27 05:17:37 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Network Magic.lnk
[2010/10/27 05:06:01 | 000,001,441 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/27 04:49:51 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2010/10/27 04:48:45 | 000,000,290 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/10/27 04:48:45 | 000,000,272 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/10/26 21:45:01 | 000,001,967 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/26 21:45:01 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/10/26 21:39:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010/08/30 05:01:20 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/08/30 05:01:16 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/08/30 05:01:06 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/08/30 05:00:51 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/08/30 05:00:38 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/08/30 04:42:59 | 000,000,312 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/08/30 04:42:59 | 000,000,253 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/05/17 08:31:14 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/05/17 07:20:38 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/05/17 07:17:27 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/05/17 07:16:38 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/05/17 07:16:13 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/03/31 14:47:06 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/03/31 14:47:06 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/02/09 17:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/09 20:03:56 | 000,370,312 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll

========== LOP Check ==========

[2010/11/08 23:45:48 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Simply Super Software
[2010/10/30 08:26:34 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\WildTangent
[2009/07/13 21:08:49 | 000,009,904 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:CB0AACC9

< End of report >

#3 Timo_SD

Timo_SD
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 PM

Posted 09 November 2010 - 02:11 PM

And the Extras.Txt:

OTL Extras logfile created on: 11/9/2010 10:55:38 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Timo\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 68.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.98 Gb Total Space | 395.03 Gb Free Space | 88.38% Space Free | Partition Type: NTFS
Drive D: | 18.48 Gb Total Space | 2.66 Gb Free Space | 14.38% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 92.69 Mb Free Space | 93.60% Space Free | Partition Type: FAT32
Drive F: | 4.14 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: TIMO-PC | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0279C882-B150-44B6-A769-A7C8A2F31CE3}" = HP Wireless Assistant
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{10F539B1-31AF-43BF-9F0C-0EB66E918922}" = HP Quick Launch
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{26A24AE4-039D-4CA4-87B4-2F86416018FF}" = Java™ 6 Update 18 (64-bit)
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}" = HP 3D DriveGuard
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{338DAD71-9CE7-4D63-B729-7E91C07A4D7D}" = Microsoft Search Enhancement Pack
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{394FA67A-FF0A-4356-BB77-D85E5A300BDE}" = HP QuickWeb Installer
"{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4123BE4D-C65C-467E-8071-232FB1FBF3B8}" = MSN Toolbar Platform
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{495A8A3C-8FD0-4C46-9979-95C26181A1AB}" = HP Support Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help
"{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}" = LightScribe System Software
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.0 MUI
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DA200FDD-DE3D-4958-8465-C4FBC869544B}" = HP Software Framework
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E2831862-F131-4327-B9CC-FA30F587EB6C}" = HP Setup
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F96E3A91-FFE9-4486-B3B0-E5B77E712286}" = Alcor Micro USB Card Reader
"{FA3F4EB7-C0B6-4037-AF1E-0EEC2932B331}" = HP User Guides 0164
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Internet Security
"Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.0
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"InstallShield_{F96E3A91-FFE9-4486-B3B0-E5B77E712286}" = Alcor Micro USB Card Reader
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"My HP Game Console" = HP Game Console
"Network MagicUninstall" = Network Magic
"Trojan Remover_is1" = Trojan Remover 6.8.2
"VLC media player" = VLC media player 1.1.4
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT082122" = Blackhawk Striker 2
"WT082124" = Blasterball 3
"WT082133" = Dora's Carnival Adventure
"WT082141" = FATE
"WT082168" = Penguins!
"WT082170" = Plants vs. Zombies
"WT082171" = Poker Superstars III
"WT082172" = Polar Bowler
"WT082173" = Polar Golfer
"WT082188" = Virtual Families
"WT082189" = Wheel of Fortune 2
"WT082192" = Bejeweled 2 Deluxe
"WT082200" = Chuzzle Deluxe
"WT082241" = Virtual Villagers - The Secret City
"WT082396" = Diner Dash 2 Restaurant Rescue
"WT082438" = Build-a-lot 2
"WT082442" = Faerie Solitaire
"WT082443" = Jewel Quest 3
"WT082456" = Mystery P.I. - The New York Fortune
"WT082463" = Zuma's Revenge
"WT082468" = Jewel Quest Solitaire 2
"WT083477" = Cake Mania
"WT083484" = Escape Rosecliff Island
"WT083491" = TextTwist 2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/27/2010 3:19:27 PM | Computer Name = Timo-PC | Source = Application Hang | ID = 1002
Description = The program VMWindow.exe version 6.1.7600.16495 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: dac Start
Time: 01cb75ff2b4dc725 Termination Time: 0 Application Path: C:\Windows\System32\VMWindow.exe

Report
Id:

Error - 10/27/2010 4:14:35 PM | Computer Name = Timo-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 10/27/2010 4:52:57 PM | Computer Name = Timo-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 10/28/2010 1:23:45 PM | Computer Name = Timo-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 10/30/2010 1:20:57 AM | Computer Name = Timo-PC | Source = Application Hang | ID = 1002
Description = The program SCServer.exe version 2.0.270.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: b2c Start
Time: 01cb77e8c15f77ad Termination Time: 15 Application Path: C:\Program Files (x86)\Microsoft\Search
Enhancement Pack\SCServer\SCServer.exe Report Id: 72e71fbc-e3e5-11df-b56d-806bf99ea75a


Error - 10/30/2010 4:52:11 AM | Computer Name = Timo-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 10/30/2010 4:55:44 AM | Computer Name = Timo-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll".Error in manifest or policy
file "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
on line 2. Invalid Xml syntax.

Error - 10/30/2010 11:54:21 AM | Computer Name = Timo-PC | Source = MsiInstaller | ID = 11704
Description =

Error - 10/30/2010 11:54:40 AM | Computer Name = Timo-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 10/30/2010 11:54:50 AM | Computer Name = Timo-PC | Source = MsiInstaller | ID = 11935
Description =

[ Hewlett-Packard Events ]
Error - 10/31/2010 11:15:18 PM | Computer Name = Timo-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 10/31/2010 11:15:19 PM | Computer Name = Timo-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 11/8/2010 1:00:43 AM | Computer Name = Timo-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

[ HP Wireless Assistant Events ]
Error - 10/27/2010 3:31:37 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:31:47 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:31:58 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:32:08 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:32:18 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:32:28 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:32:39 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:32:49 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:32:59 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:33:09 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

[ System Events ]
Error - 11/3/2010 12:23:28 AM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7034
Description = The Pure Networks Platform Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/3/2010 10:03:11 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HPWMISVC service.

Error - 11/3/2010 10:03:13 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the LanmanWorkstation service.

Error - 11/3/2010 10:03:43 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HP Wireless Assistant Service service.

Error - 11/3/2010 10:04:13 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HP Wireless Assistant Service service.

Error - 11/3/2010 10:04:43 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the LanmanWorkstation service.

Error - 11/3/2010 10:05:13 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the RasMan service.

Error - 11/3/2010 10:05:43 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the wuauserv service.

Error - 11/4/2010 10:17:23 PM | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:16:14 PM on ?11/?4/?2010 was unexpected.

Error - 11/4/2010 10:18:25 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7034
Description = The Pure Networks Platform Service service terminated unexpectedly.
It has done this 1 time(s).


< End of report >

#4 Timo_SD

Timo_SD
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 PM

Posted 14 November 2010 - 11:33 AM

It has been nearly one week. I'm awaiting for nothing?

Timo


+++++++++++++++++++++++++++
I know how frustrating it is when your computer isn't working properly. Let me assure you that your topic isn't lost, forgotten, or ignored. We work with hundreds of logs every day, so we have devised a means of seeing only those topics that don't have responses yet. At the moment, we have nearly 300 unanswered topics, the oldest dated Nov. 7, 2010 at 4:20 pm Eastern Standard Time in the U.S.A. Your log topic is dated Nov. 9, 2010 at 1:38 p.m. using the same time zone.

Our volunteer MRT team members have various levels of expertise and training, so while we try to take the oldest DDS/HJT logs, it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us would want someone to assist you who is not familiar with your issue and attempt to fix it.

Please be patient. It may take a few more days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

Orange Blossom ~ forum moderator

Edited by Orange Blossom, 14 November 2010 - 08:41 PM.


#5 pwgib

pwgib

  • Malware Response Team
  • 2,956 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:God's Country
  • Local time:04:29 PM

Posted 16 November 2010 - 09:49 AM

Hello Timo_SD

I will be handling your log to help you get cleaned up. I apologize for the delay but the forum is very busy.

As you can see the logs we ask for are very extensive and take a lot of time to investigate.If you haven't already, you can keep the link to this topic in your Favorites. Alternatively, you can click the Options button at the top bar of this topic and Track this Topic, where you can choose email notifications.

Please make sure Word Wrap in notepad is turned off. When copying and pasting logs paste them directly in the reply box only attach logs if asked to. Do not wrap logs in codebox or code tags. It makes it very difficult to read and analyze them. Please paste them directly into the reply box.
Please do not make any changes to your system until we are through. Fixes are based upon information that is current from your system so any changes can affect our strategy. Please refrain from running any tools we may use without specific instructions.

If your operating system is Windows Vista or Windows 7 it may be necessary to right click then choose Run as Administrator any programs we use.

Before we begin please check and follow the instructions on How to Show Hidden Files and Folders in Windows Vista and Windows XP and How to show hidden files in Windows 7

Because the e-mail notification system is not completely reliable, please check your topic once a day for responses.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thank you for your patience!!

---------------------------------------------------
I understand your frustration and see that you have previously posted OTL logs but I need an up to date scan of your system.

We need to create an OTL Report
  • Please download OTL from the following mirror:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please include the following in your next reply:

OTL.txt <-- Will be opened
Extra.txt <-- Will be minimized


Thanks!!
PW

#6 Timo_SD

Timo_SD
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 PM

Posted 16 November 2010 - 03:05 PM

Hi pwgib,

And thanks for helping. Since I described the problem in my first entry I reset my router and did not do any other cleaning. Since then I have not had any browser redirects, but I'm afraid the bug is still somewhere in my machine.

OTL doesn't create extra.txt. I tried couple of times and I searched whole computer - no extra.txt anywhere. OTL created extra.txt before as you can see I attached it to my first entry. Fresh OTL.txt is here:


OTL.txt:
------------------------------------------------------------------------
OTL logfile created on: 11/16/2010 11:46:41 AM - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Timo\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 37.00% Memory free
8.00 Gb Paging File | 4.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.98 Gb Total Space | 395.41 Gb Free Space | 88.46% Space Free | Partition Type: NTFS
Drive D: | 18.48 Gb Total Space | 2.66 Gb Free Space | 14.38% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 92.69 Mb Free Space | 93.60% Space Free | Partition Type: FAT32
Drive F: | 4.14 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: TIMO-PC | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Timo\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
PRC - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
PRC - C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\Timo\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
SRV:64bit: - (HPWMISVC) -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard)
SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (DvmMDES) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) Intel® -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (CinemaNow Service) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (nmservice) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (DVMIO) -- C:\Windows\SysNative\drivers\dvmio.sys (DeviceVM, Inc.)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (HECIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard)
DRV:64bit: - (purendis) -- C:\Windows\SysNative\drivers\purendis.sys (Cisco Systems, Inc.)
DRV:64bit: - (pnarp) -- C:\Windows\SysNative\drivers\pnarp.sys (Cisco Systems, Inc.)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (a2acc) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys (Emsi Software GmbH)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 50370
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\Firefox [2010/08/30 04:59:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/30 04:59:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/30 14:38:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/29 22:39:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/09 08:46:34 | 000,000,000 | ---D | M]

[2010/10/26 21:45:22 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Mozilla\Extensions
[2010/11/14 08:53:53 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\em65xpwe.default\extensions
[2010/11/09 08:44:41 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\em65xpwe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/02 08:35:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/02 13:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000..\Run: [svchost] C:\Users\Timo\AppData\Roaming\Microsoft\svchost.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/11 14:38:17 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\ibf
[2010/11/11 14:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\c5iHwGMl0CASslpYx
[2010/11/11 14:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ELECTRA
[2010/11/11 14:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ibf
[2010/11/11 14:37:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ibf
[2010/11/11 14:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UEi
[2010/11/11 14:18:36 | 000,275,216 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDATGRD.OCX
[2010/11/11 14:18:36 | 000,232,640 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDATLST.OCX
[2010/11/11 14:18:36 | 000,200,496 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DBLIST32.OCX
[2010/11/11 14:18:36 | 000,119,808 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstdfmt.dll
[2010/11/11 14:18:36 | 000,067,376 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SYSINFO.OCX
[2010/11/11 14:18:35 | 000,260,880 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSFLXGRD.OCX
[2010/11/11 14:18:35 | 000,224,016 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Tabctl32.ocx
[2010/11/11 14:18:35 | 000,212,240 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX
[2010/11/11 14:18:35 | 000,198,848 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCI32.OCX
[2010/11/11 14:18:35 | 000,166,600 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMASK32.OCX
[2010/11/11 14:18:35 | 000,132,880 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.OCX
[2010/11/11 14:18:35 | 000,124,688 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSWINSCK.OCX
[2010/11/11 14:18:35 | 000,103,744 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMM32.OCX
[2010/11/11 14:18:35 | 000,083,144 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PICCLP32.OCX
[2010/11/11 14:18:35 | 000,004,608 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\W95INF32.DLL
[2010/11/11 14:18:35 | 000,002,272 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\W95INF16.DLL
[2010/11/09 09:03:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJackThis
[2010/11/09 00:39:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010/11/09 00:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pure Networks
[2010/11/08 23:57:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pure Networks Shared
[2010/11/08 23:45:57 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\Simply Super Software
[2010/11/08 23:45:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll
[2010/11/08 23:45:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2010/11/08 23:45:48 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Simply Super Software
[2010/11/08 23:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/11/08 17:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2010/11/08 17:48:57 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\Anti-Malware
[2010/11/08 06:35:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010/11/07 11:51:15 | 000,472,656 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2010/11/07 11:51:15 | 000,125,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2010/11/07 11:51:15 | 000,121,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010/11/07 11:51:15 | 000,020,048 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010/11/07 11:50:56 | 000,250,448 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2010/11/07 11:50:56 | 000,061,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010/11/07 11:50:56 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010/11/07 11:50:56 | 000,028,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010/11/07 11:50:46 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2010/11/07 11:50:45 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010/11/07 11:50:45 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/11/07 10:53:27 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Malwarebytes
[2010/11/07 10:53:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/07 10:53:14 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/07 10:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/07 10:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/01 08:26:05 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\vlc
[2010/11/01 08:25:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010/10/31 23:26:52 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\HP MediaSmart Video
[2010/10/31 18:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2010/10/31 18:55:57 | 000,515,584 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2010/10/31 18:55:56 | 000,645,632 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2010/10/31 18:55:56 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2010/10/31 18:55:01 | 000,508,952 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2010/10/31 18:55:01 | 000,414,744 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2010/10/31 18:55:01 | 000,223,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2010/10/31 18:55:01 | 000,161,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2010/10/31 18:55:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2010/10/31 18:55:00 | 000,386,584 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2010/10/31 18:54:57 | 003,155,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2010/10/31 18:54:10 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\hpqLog
[2010/10/31 18:52:47 | 015,025,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2010/10/31 18:52:47 | 011,038,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2010/10/31 18:52:47 | 010,342,240 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2010/10/31 18:52:47 | 004,352,512 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2010/10/31 18:52:47 | 000,380,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2010/10/31 18:52:47 | 000,271,360 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2010/10/31 18:52:47 | 000,228,864 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2010/10/31 18:52:47 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2010/10/31 18:52:47 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2010/10/31 18:52:47 | 000,092,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2141.dll
[2010/10/31 18:52:47 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2010/10/31 18:52:47 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2010/10/31 18:52:47 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2010/10/31 18:52:47 | 000,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2010/10/31 18:52:47 | 000,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2010/10/31 18:52:47 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2010/10/31 18:52:47 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2010/10/31 18:52:47 | 000,084,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2010/10/31 18:52:47 | 000,084,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2010/10/31 18:52:47 | 000,083,968 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2010/10/31 18:52:47 | 000,083,968 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2010/10/31 18:52:47 | 000,027,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2010/10/31 18:52:47 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2010/10/31 18:52:47 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2010/10/31 18:52:42 | 000,119,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2010/10/31 18:52:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2010/10/31 18:52:12 | 000,439,808 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2010/10/31 18:52:12 | 000,060,416 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2010/10/31 18:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2010/10/31 18:51:50 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\InstallShield
[2010/10/31 18:30:20 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\HP Support Assistant
[2010/10/31 08:41:18 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\skypePM
[2010/10/31 08:37:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/10/31 08:37:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/10/31 08:37:15 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Skype
[2010/10/31 08:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/10/30 14:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010/10/30 14:46:01 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\HP
[2010/10/30 14:46:00 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\HP
[2010/10/30 14:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010/10/30 14:36:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010/10/30 14:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010/10/30 14:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010/10/30 14:34:09 | 000,000,000 | ---D | C] -- C:\Windows\hpoj4500g510n-z
[2010/10/30 14:33:21 | 000,902,656 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwwiax9.dll
[2010/10/30 14:33:21 | 000,742,912 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwtscl5.dll
[2010/10/30 14:33:21 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll
[2010/10/30 14:33:21 | 000,503,296 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwvst01.dll
[2010/10/30 14:33:16 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2010/10/30 14:33:12 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l092.dll
[2010/10/30 14:32:55 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010/10/30 14:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/10/30 10:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2010/10/30 08:26:34 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\WildTangent
[2010/10/29 21:19:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010/10/28 09:27:37 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\CyberLink
[2010/10/28 09:02:27 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Adobe
[2010/10/28 08:25:59 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2010/10/28 08:25:57 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/10/28 08:25:57 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/10/28 08:25:57 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/10/28 08:25:57 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010/10/28 08:25:57 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010/10/28 08:25:56 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/10/28 08:25:56 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/10/28 08:25:53 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/10/28 08:25:41 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010/10/27 11:22:30 | 000,000,000 | ---D | C] -- C:\PROJECTS
[2010/10/27 09:40:45 | 004,514,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe
[2010/10/27 09:40:45 | 002,264,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe
[2010/10/27 09:40:45 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe
[2010/10/27 09:40:45 | 000,360,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys
[2010/10/27 09:28:18 | 000,000,000 | R--D | C] -- C:\Users\Timo\Virtual Machines
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2010/10/27 09:24:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui
[2010/10/27 09:24:05 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpchbus.sys.mui
[2010/10/27 09:24:05 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui
[2010/10/27 09:24:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui
[2010/10/27 09:24:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui
[2010/10/27 09:24:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui
[2010/10/27 09:24:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui
[2010/10/27 09:23:57 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
[2010/10/27 09:23:57 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
[2010/10/27 09:23:56 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe
[2010/10/27 09:23:56 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe
[2010/10/27 09:23:56 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll
[2010/10/27 09:23:56 | 000,066,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys
[2010/10/27 09:23:55 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe
[2010/10/27 09:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2010/10/27 08:02:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/10/27 08:02:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/10/27 08:02:51 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010/10/27 07:16:31 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010/10/27 07:16:31 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010/10/27 07:16:31 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010/10/27 07:16:31 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010/10/27 07:16:31 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010/10/27 07:16:31 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010/10/27 07:16:31 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010/10/27 07:16:31 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010/10/27 07:12:46 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/10/27 07:12:46 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/10/27 07:12:32 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/10/27 07:12:32 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010/10/27 07:12:26 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010/10/27 07:12:26 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010/10/27 07:12:16 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/10/27 07:12:15 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/10/27 07:12:14 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/10/27 07:12:14 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/10/27 07:11:50 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/10/27 07:11:50 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/10/27 07:11:49 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/10/27 07:11:49 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/10/27 07:11:49 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/10/27 07:11:49 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/10/27 07:11:49 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/10/27 07:11:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/10/27 07:11:49 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/10/27 07:11:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/10/27 07:11:49 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/10/27 07:11:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/10/27 07:11:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/10/27 07:11:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/10/27 07:11:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010/10/27 07:11:16 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010/10/27 07:11:07 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010/10/27 07:10:59 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/10/27 07:10:28 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/10/27 07:10:27 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/10/27 07:10:27 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/10/27 07:09:41 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/10/27 07:09:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/10/27 07:09:35 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/10/27 07:08:54 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010/10/27 07:08:34 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010/10/27 07:08:34 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010/10/27 07:08:34 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010/10/27 07:08:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010/10/27 07:08:17 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010/10/27 05:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\Linksys
[2010/10/27 05:15:53 | 000,033,328 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\pnarp.sys
[2010/10/27 05:15:49 | 000,035,376 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\purendis.sys
[2010/10/27 05:15:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010/10/27 05:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Pure Networks
[2010/10/27 05:03:13 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Diagnostics
[2010/10/27 05:02:42 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\HpUpdate
[2010/10/27 04:57:38 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Intel Corporation
[2010/10/27 04:57:21 | 000,000,000 | R--D | C] -- C:\Users\Timo\Searches
[2010/10/27 04:57:21 | 000,000,000 | -H-D | C] -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/10/27 04:57:14 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Identities
[2010/10/27 04:57:12 | 000,000,000 | R--D | C] -- C:\Users\Timo\Contacts
[2010/10/27 04:57:11 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\VirtualStore
[2010/10/27 04:56:55 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Hewlett-Packard
[2010/10/27 04:50:02 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Hewlett-Packard
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\AppData\Local\Temporary Internet Files
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Templates
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Start Menu
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\SendTo
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Recent
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\PrintHood
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\NetHood
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Documents\My Videos
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Documents\My Pictures
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Documents\My Music
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\My Documents
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Local Settings
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\AppData\Local\History
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Cookies
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Application Data
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\AppData\Local\Application Data
[2010/10/27 04:48:45 | 000,000,000 | --SD | C] -- C:\Users\Timo\AppData\Roaming\Microsoft
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Videos
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Saved Games
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Pictures
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Music
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Links
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Favorites
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Downloads
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\My Documents
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Desktop
[2010/10/27 04:48:45 | 000,000,000 | -H-D | C] -- C:\Users\Timo\AppData
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Temp
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Microsoft
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Media Center Programs
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\HuluDesktop
[2010/10/26 22:49:33 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Microsoft Games
[2010/10/26 21:45:15 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Mozilla
[2010/10/26 21:45:15 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Mozilla
[2010/10/26 21:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/10/26 21:42:31 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\ElevatedDiagnostics
[2010/10/26 21:39:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/10/26 21:39:34 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/10/26 21:32:41 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Macromedia
[2010/10/26 21:32:40 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Adobe
[1 C:\Users\Timo\*.tmp files -> C:\Users\Timo\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/16 10:48:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/15 22:02:40 | 000,028,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/15 22:02:40 | 000,028,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/14 20:40:57 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTimo.job
[2010/11/13 23:46:32 | 000,727,916 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/13 23:46:32 | 000,625,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/13 23:46:32 | 000,107,104 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/13 11:50:14 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/11 14:37:30 | 000,001,212 | ---- | M] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Target 3001! V14 discover.lnk
[2010/11/11 14:19:40 | 000,002,112 | ---- | M] () -- C:\Users\Public\Desktop\DT300 Logging Software.lnk
[2010/11/11 14:18:40 | 000,002,152 | ---- | M] () -- C:\Windows\SysWow64\unins000.dat
[2010/11/11 14:18:13 | 000,635,337 | ---- | M] () -- C:\Windows\SysWow64\unins000.exe
[2010/11/09 09:03:59 | 000,002,993 | ---- | M] () -- C:\Users\Timo\Desktop\HiJackThis.lnk
[2010/11/09 08:46:35 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/09 00:22:09 | 000,286,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/11/09 00:02:12 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Network Magic.lnk
[2010/11/07 11:51:15 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2010/11/07 11:50:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/11/03 09:48:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/10/31 19:11:14 | 000,015,906 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2010/10/31 18:56:47 | 000,209,920 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
[2010/10/31 18:55:39 | 003,467,264 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2010/10/31 18:55:39 | 000,645,632 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2010/10/31 18:55:39 | 000,515,584 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2010/10/31 18:55:39 | 000,487,424 | ---- | M] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2010/10/31 18:55:39 | 000,431,616 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2010/10/31 18:55:39 | 000,017,454 | ---- | M] () -- C:\Windows\SysNative\nbspkrs.ico
[2010/10/31 18:55:38 | 012,800,512 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2010/10/31 18:55:38 | 000,564,224 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe
[2010/10/31 18:55:38 | 000,442,368 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTEC64.dll
[2010/10/31 18:55:38 | 000,220,672 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\HPToneCtrls64.dll
[2010/10/31 18:55:38 | 000,162,304 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAC64.dll
[2010/10/31 18:55:38 | 000,090,624 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTCo64.dll
[2010/10/31 18:55:38 | 000,068,608 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAR64.dll
[2010/10/31 18:55:38 | 000,003,774 | ---- | M] () -- C:\Windows\SysNative\bltinmic.ico
[2010/10/31 18:55:38 | 000,003,774 | ---- | M] () -- C:\Windows\SysNative\2hps.ico
[2010/10/31 18:54:55 | 000,508,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2010/10/31 18:54:55 | 000,414,744 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2010/10/31 18:54:55 | 000,223,768 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2010/10/31 18:54:55 | 000,161,304 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2010/10/31 18:54:55 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2010/10/31 18:54:54 | 000,386,584 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2010/10/31 18:54:51 | 003,155,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2010/10/31 18:54:51 | 000,152,600 | ---- | M] () -- C:\Windows\SysNative\difx64.exe
[2010/10/31 18:52:37 | 000,092,672 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2141.dll
[2010/10/31 18:52:37 | 000,005,348 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2010/10/31 18:52:36 | 015,025,664 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2010/10/31 18:52:36 | 011,038,208 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2010/10/31 18:52:36 | 010,342,240 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2010/10/31 18:52:36 | 006,537,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2010/10/31 18:52:36 | 004,962,816 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2010/10/31 18:52:36 | 004,658,688 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2010/10/31 18:52:36 | 004,352,512 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2010/10/31 18:52:36 | 000,830,464 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2010/10/31 18:52:36 | 000,571,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2010/10/31 18:52:36 | 000,380,416 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2010/10/31 18:52:36 | 000,271,360 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2010/10/31 18:52:36 | 000,243,200 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2010/10/31 18:52:36 | 000,228,864 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2010/10/31 18:52:36 | 000,142,336 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2010/10/31 18:52:36 | 000,127,868 | ---- | M] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/10/31 18:52:36 | 000,127,868 | ---- | M] () -- C:\Windows\SysNative\igcompkrng575.bin
[2010/10/31 18:52:36 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2010/10/31 18:52:36 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2010/10/31 18:52:36 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2010/10/31 18:52:36 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2010/10/31 18:52:36 | 000,087,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2010/10/31 18:52:36 | 000,087,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2010/10/31 18:52:36 | 000,086,528 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2010/10/31 18:52:36 | 000,086,528 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2010/10/31 18:52:36 | 000,084,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2010/10/31 18:52:36 | 000,084,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2010/10/31 18:52:36 | 000,083,968 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2010/10/31 18:52:36 | 000,083,968 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2010/10/31 18:52:36 | 000,061,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2010/10/31 18:52:36 | 000,027,648 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2010/10/31 18:52:36 | 000,023,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2010/10/31 18:52:36 | 000,004,096 | ---- | M] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2010/10/31 18:52:35 | 000,108,032 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2010/10/31 18:52:32 | 000,189,408 | ---- | M] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2010/10/31 18:52:32 | 000,178,288 | ---- | M] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2010/10/31 18:52:32 | 000,165,251 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2010/10/31 18:52:32 | 000,139,830 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2010/10/31 18:52:32 | 000,136,327 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2010/10/31 18:52:32 | 000,133,680 | ---- | M] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2010/10/31 18:52:32 | 000,125,477 | ---- | M] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2010/10/31 18:52:32 | 000,123,164 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2010/10/31 18:52:32 | 000,122,858 | ---- | M] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2010/10/31 18:52:32 | 000,122,638 | ---- | M] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2010/10/31 18:52:32 | 000,121,121 | ---- | M] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2010/10/31 18:52:32 | 000,120,695 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2010/10/31 18:52:32 | 000,120,287 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2010/10/31 18:52:32 | 000,119,808 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2010/10/31 18:52:32 | 000,119,533 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2010/10/31 18:52:32 | 000,119,513 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2010/10/31 18:52:32 | 000,119,286 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2010/10/31 18:52:32 | 000,118,997 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2010/10/31 18:52:32 | 000,118,684 | ---- | M] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2010/10/31 18:52:32 | 000,118,631 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2010/10/31 18:52:32 | 000,118,317 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2010/10/31 18:52:32 | 000,117,984 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2010/10/31 18:52:32 | 000,114,779 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2010/10/31 18:52:32 | 000,114,308 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2010/10/31 18:52:32 | 000,114,179 | ---- | M] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2010/10/31 18:52:32 | 000,110,156 | ---- | M] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2010/10/31 18:52:32 | 000,103,997 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2010/10/31 18:52:32 | 000,102,843 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2010/10/31 08:41:22 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/10/31 08:37:17 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/10/30 14:45:57 | 000,207,259 | ---- | M] () -- C:\Windows\hpwins28.dat
[2010/10/30 14:36:26 | 000,001,315 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/10/30 14:35:40 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/10/27 05:06:02 | 000,001,441 | ---- | M] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/27 04:47:33 | 000,039,219 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/10/27 04:47:33 | 000,039,219 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/10/26 21:45:01 | 000,001,967 | ---- | M] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/26 21:45:01 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[1 C:\Users\Timo\*.tmp files -> C:\Users\Timo\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/11 14:37:30 | 000,001,212 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Target 3001! V14 discover.lnk
[2010/11/11 14:19:40 | 000,002,112 | ---- | C] () -- C:\Users\Public\Desktop\DT300 Logging Software.lnk
[2010/11/11 14:18:35 | 000,635,337 | ---- | C] () -- C:\Windows\SysWow64\unins000.exe
[2010/11/11 14:18:35 | 000,002,152 | ---- | C] () -- C:\Windows\SysWow64\unins000.dat
[2010/11/09 09:03:59 | 000,002,993 | ---- | C] () -- C:\Users\Timo\Desktop\HiJackThis.lnk
[2010/11/09 08:46:35 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/08 23:45:49 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2010/11/08 23:45:49 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2010/11/08 23:45:49 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2010/11/08 23:45:49 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2010/11/07 11:51:15 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2010/11/03 09:48:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/10/31 18:54:56 | 000,152,600 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2010/10/31 18:52:47 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/10/31 18:52:47 | 000,127,868 | ---- | C] () -- C:\Windows\SysNative\igcompkrng575.bin
[2010/10/31 18:52:47 | 000,005,348 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2010/10/31 18:52:42 | 000,189,408 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2010/10/31 18:52:42 | 000,178,288 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2010/10/31 18:52:42 | 000,165,251 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2010/10/31 18:52:42 | 000,136,327 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2010/10/31 18:52:42 | 000,133,680 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2010/10/31 18:52:42 | 000,125,477 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2010/10/31 18:52:42 | 000,123,164 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2010/10/31 18:52:42 | 000,122,858 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2010/10/31 18:52:42 | 000,122,638 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2010/10/31 18:52:42 | 000,121,121 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2010/10/31 18:52:42 | 000,120,695 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2010/10/31 18:52:42 | 000,120,287 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2010/10/31 18:52:42 | 000,119,533 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2010/10/31 18:52:42 | 000,119,513 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2010/10/31 18:52:42 | 000,119,286 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2010/10/31 18:52:42 | 000,118,997 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2010/10/31 18:52:42 | 000,118,631 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2010/10/31 18:52:42 | 000,118,317 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2010/10/31 18:52:42 | 000,117,984 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2010/10/31 18:52:42 | 000,114,779 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2010/10/31 18:52:42 | 000,114,308 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2010/10/31 18:52:42 | 000,114,179 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2010/10/31 18:52:42 | 000,110,156 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2010/10/31 18:52:42 | 000,103,997 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2010/10/31 18:52:42 | 000,102,843 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2010/10/31 18:52:41 | 000,139,830 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2010/10/31 18:52:41 | 000,118,684 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2010/10/31 18:32:36 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForTimo.job
[2010/10/31 08:41:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/31 08:37:17 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/10/30 14:36:26 | 000,001,315 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/10/30 14:35:40 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/10/30 14:29:41 | 000,000,777 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/10/30 14:29:40 | 000,207,259 | ---- | C] () -- C:\Windows\hpwins28.dat
[2010/10/27 07:04:41 | 000,053,551 | ---- | C] () -- C:\Windows\Professional.xml
[2010/10/27 05:17:37 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Network Magic.lnk
[2010/10/27 05:06:01 | 000,001,441 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/27 04:49:51 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2010/10/27 04:48:45 | 000,000,290 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/10/27 04:48:45 | 000,000,272 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/10/26 21:45:01 | 000,001,967 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/26 21:45:01 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/10/26 21:39:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010/08/30 05:01:20 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/08/30 05:01:16 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/08/30 05:01:06 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/08/30 05:00:51 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/08/30 05:00:38 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/08/30 04:42:59 | 000,000,312 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/08/30 04:42:59 | 000,000,253 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/05/17 08:31:14 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/05/17 07:20:38 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/05/17 07:17:27 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/05/17 07:16:38 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/05/17 07:16:13 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/03/31 14:47:06 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/03/31 14:47:06 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/02/09 17:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/09 20:03:56 | 000,370,312 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:CB0AACC9

< End of report >





Extra.txt:
------------------------------------------------------------------------

#7 pwgib

pwgib

  • Malware Response Team
  • 2,956 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:God's Country
  • Local time:04:29 PM

Posted 16 November 2010 - 08:41 PM

Hello Timo_SD,

OTL doesn't create extra.txt. I tried couple of times and I searched whole computer - no extra.txt anywhere

That was because it was a subsequent run. We will fix that. :)

I see you have AVAST and Emsisoft A-Squared installed.

A-Squared now comes with an on-demand anti-virus scanner. It is not advisable to have two antivirus programs running simultaneously. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Please be sure to disable one of your antivirus products when scanning with the other. :thumbup2:

Step 1.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :dir
    C:\Windows\hpoj4500g510n-z
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Step 2.

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    IE - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 50370
    FF - prefs.js..network.proxy.type: 4
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:CB0AACC9
    
    :commands
    [EmptyTemp]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click Posted Image.
  • A report will open. Copy and Paste that report in your next reply.



================================OTL Follow up scan=================================

Please read the directions carefully as they have changed from the last scan.

We need to create an OTL Report
  • Please download OTL from the following mirror:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • In the Extra Registry box make sure that Use Safelist is checked.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTList.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Any problems? Are you still getting redirected?

In your next reply please include the following:

SystemLook log
OTLFix report
OTL.txt <-- Will be opened
Extra.txt <-- Will be minimized



Thanks!!
PW

#8 Timo_SD

Timo_SD
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 PM

Posted 17 November 2010 - 12:34 AM

Hi pwgib,

Like I mentioned in my previous reply I have not got redirected since I reseted my router. That was right after I entered the inital information to this thread.

I'm curious what is the point for somebody to create a virus like this. What do they get? Is there a financial reward for them?

Cheers,
Timo



EMSI uninstalled now. Avast still running.



SystemLook.txt:
-----------------------
SystemLook 04.09.10 by jpshortstuff
Log created at 21:09 on 16/11/2010 by Timo
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== dir ==========

C:\Windows\hpoj4500g510n-z - Parameters: "(none)"

---Files---
scrub2k.exe -ra---- 65536 bytes [22:34 30/10/2010] [18:26 20/07/2009]
scrub2k.ini -ra---- 305 bytes [01:22 19/05/2009] [01:22 19/05/2009]

---Folders---
None found.

-= EOF =-





OTL ran with fix. Machine rebooted. Report is here:
--------------------------------------------------------------

All processes killed
========== OTL ==========
HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 50370 removed from network.proxy.http_port
Prefs.js: 4 removed from network.proxy.type
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
ADS C:\ProgramData\Temp:CB0AACC9 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Timo
->Temp folder emptied: 275056795 bytes
->Temporary Internet Files folder emptied: 67511345 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 100627447 bytes
->Flash cache emptied: 12350 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19308137 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50467 bytes
RecycleBin emptied: 24774893 bytes

Total Files Cleaned = 465.00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11162010_211315

Files\Folders moved on Reboot...
C:\Users\Timo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...





OTL.exe executed. Reports below:

OTL.txt:
-------------------------------------------
OTL logfile created on: 11/16/2010 9:23:44 PM - Run 5
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Timo\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.98 Gb Total Space | 395.77 Gb Free Space | 88.54% Space Free | Partition Type: NTFS
Drive D: | 18.48 Gb Total Space | 2.66 Gb Free Space | 14.38% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 92.69 Mb Free Space | 93.60% Space Free | Partition Type: FAT32
Drive F: | 4.14 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: TIMO-PC | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Timo\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
PRC - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
PRC - C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\Timo\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
SRV:64bit: - (HPWMISVC) -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard)
SRV - (DvmMDES) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) Intel® -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (CinemaNow Service) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (nmservice) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel® -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (DVMIO) -- C:\Windows\SysNative\drivers\dvmio.sys (DeviceVM, Inc.)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (HECIx64) Intel® -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard)
DRV:64bit: - (purendis) -- C:\Windows\SysNative\drivers\purendis.sys (Cisco Systems, Inc.)
DRV:64bit: - (pnarp) -- C:\Windows\SysNative\drivers\pnarp.sys (Cisco Systems, Inc.)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: ""
FF - prefs.js..network.proxy.type: ""

FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\Firefox [2010/08/30 04:59:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/08/30 04:59:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/30 14:38:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/29 22:39:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/09 08:46:34 | 000,000,000 | ---D | M]

[2010/10/26 21:45:22 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Mozilla\Extensions
[2010/11/14 08:53:53 | 000,000,000 | ---D | M] -- C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\em65xpwe.default\extensions
[2010/11/09 08:44:41 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\em65xpwe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/02 08:35:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/02 13:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000..\Run: [svchost] C:\Users\Timo\AppData\Roaming\Microsoft\svchost.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3372307548-3704364435-1992927136-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/16 21:13:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/11 14:38:17 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\ibf
[2010/11/11 14:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\c5iHwGMl0CASslpYx
[2010/11/11 14:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ELECTRA
[2010/11/11 14:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ibf
[2010/11/11 14:37:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ibf
[2010/11/11 14:18:36 | 000,275,216 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDATGRD.OCX
[2010/11/11 14:18:36 | 000,232,640 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDATLST.OCX
[2010/11/11 14:18:36 | 000,200,496 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DBLIST32.OCX
[2010/11/11 14:18:36 | 000,119,808 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstdfmt.dll
[2010/11/11 14:18:36 | 000,067,376 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SYSINFO.OCX
[2010/11/11 14:18:35 | 000,260,880 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSFLXGRD.OCX
[2010/11/11 14:18:35 | 000,224,016 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Tabctl32.ocx
[2010/11/11 14:18:35 | 000,212,240 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX
[2010/11/11 14:18:35 | 000,198,848 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCI32.OCX
[2010/11/11 14:18:35 | 000,166,600 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMASK32.OCX
[2010/11/11 14:18:35 | 000,132,880 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.OCX
[2010/11/11 14:18:35 | 000,124,688 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSWINSCK.OCX
[2010/11/11 14:18:35 | 000,103,744 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMM32.OCX
[2010/11/11 14:18:35 | 000,083,144 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PICCLP32.OCX
[2010/11/11 14:18:35 | 000,004,608 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\W95INF32.DLL
[2010/11/11 14:18:35 | 000,002,272 | --S- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\W95INF16.DLL
[2010/11/09 09:03:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJackThis
[2010/11/09 00:39:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010/11/09 00:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pure Networks
[2010/11/08 23:57:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pure Networks Shared
[2010/11/08 23:45:57 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\Simply Super Software
[2010/11/08 23:45:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll
[2010/11/08 23:45:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2010/11/08 23:45:48 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Simply Super Software
[2010/11/08 23:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/11/08 17:48:57 | 000,000,000 | ---D | C] -- C:\Users\Timo\Documents\Anti-Malware
[2010/11/08 06:35:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010/11/07 11:51:15 | 000,472,656 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2010/11/07 11:51:15 | 000,125,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2010/11/07 11:51:15 | 000,121,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010/11/07 11:51:15 | 000,020,048 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010/11/07 11:50:56 | 000,250,448 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2010/11/07 11:50:56 | 000,061,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010/11/07 11:50:56 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010/11/07 11:50:56 | 000,028,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010/11/07 11:50:46 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2010/11/07 11:50:45 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010/11/07 11:50:45 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/11/07 10:53:27 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Malwarebytes
[2010/11/07 10:53:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/07 10:53:14 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/07 10:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/07 10:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/01 08:26:05 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\vlc
[2010/11/01 08:25:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010/10/31 23:26:52 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\HP MediaSmart Video
[2010/10/31 18:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2010/10/31 18:55:57 | 000,515,584 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2010/10/31 18:55:56 | 000,645,632 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2010/10/31 18:55:56 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2010/10/31 18:55:01 | 000,508,952 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2010/10/31 18:55:01 | 000,414,744 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2010/10/31 18:55:01 | 000,223,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2010/10/31 18:55:01 | 000,161,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2010/10/31 18:55:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2010/10/31 18:55:00 | 000,386,584 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2010/10/31 18:54:57 | 003,155,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2010/10/31 18:54:10 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\hpqLog
[2010/10/31 18:52:47 | 015,025,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2010/10/31 18:52:47 | 011,038,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2010/10/31 18:52:47 | 010,342,240 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2010/10/31 18:52:47 | 004,352,512 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2010/10/31 18:52:47 | 000,380,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2010/10/31 18:52:47 | 000,271,360 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2010/10/31 18:52:47 | 000,228,864 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2010/10/31 18:52:47 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2010/10/31 18:52:47 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2010/10/31 18:52:47 | 000,092,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2141.dll
[2010/10/31 18:52:47 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2010/10/31 18:52:47 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2010/10/31 18:52:47 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2010/10/31 18:52:47 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2010/10/31 18:52:47 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2010/10/31 18:52:47 | 000,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2010/10/31 18:52:47 | 000,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2010/10/31 18:52:47 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2010/10/31 18:52:47 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2010/10/31 18:52:47 | 000,084,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2010/10/31 18:52:47 | 000,084,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2010/10/31 18:52:47 | 000,083,968 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2010/10/31 18:52:47 | 000,083,968 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2010/10/31 18:52:47 | 000,027,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2010/10/31 18:52:47 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2010/10/31 18:52:47 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2010/10/31 18:52:42 | 000,119,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2010/10/31 18:52:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nn-NO
[2010/10/31 18:52:12 | 000,439,808 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvs.dll
[2010/10/31 18:52:12 | 000,060,416 | ---- | C] (Atheros) -- C:\Windows\SysNative\athihvui.dll
[2010/10/31 18:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2010/10/31 18:51:50 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\InstallShield
[2010/10/31 18:30:20 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\HP Support Assistant
[2010/10/31 08:41:18 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\skypePM
[2010/10/31 08:37:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/10/31 08:37:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/10/31 08:37:15 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Skype
[2010/10/31 08:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/10/30 14:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010/10/30 14:46:01 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\HP
[2010/10/30 14:46:00 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\HP
[2010/10/30 14:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010/10/30 14:36:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010/10/30 14:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010/10/30 14:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010/10/30 14:34:09 | 000,000,000 | ---D | C] -- C:\Windows\hpoj4500g510n-z
[2010/10/30 14:33:21 | 000,902,656 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpwwiax9.dll
[2010/10/30 14:33:21 | 000,742,912 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwtscl5.dll
[2010/10/30 14:33:21 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll
[2010/10/30 14:33:21 | 000,503,296 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpwvst01.dll
[2010/10/30 14:33:16 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2010/10/30 14:33:12 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l092.dll
[2010/10/30 14:32:55 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010/10/30 14:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/10/30 10:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2010/10/30 08:26:34 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\WildTangent
[2010/10/29 21:19:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010/10/28 09:27:37 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\CyberLink
[2010/10/28 09:02:27 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Adobe
[2010/10/28 08:25:59 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2010/10/28 08:25:57 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/10/28 08:25:57 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/10/28 08:25:57 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/10/28 08:25:57 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010/10/28 08:25:57 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010/10/28 08:25:56 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/10/28 08:25:56 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/10/28 08:25:53 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010/10/28 08:25:41 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010/10/27 11:22:30 | 000,000,000 | ---D | C] -- C:\PROJECTS
[2010/10/27 09:40:45 | 004,514,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe
[2010/10/27 09:40:45 | 002,264,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe
[2010/10/27 09:40:45 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe
[2010/10/27 09:40:45 | 000,360,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys
[2010/10/27 09:28:18 | 000,000,000 | R--D | C] -- C:\Users\Timo\Virtual Machines
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2010/10/27 09:25:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2010/10/27 09:24:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui
[2010/10/27 09:24:05 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpchbus.sys.mui
[2010/10/27 09:24:05 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui
[2010/10/27 09:24:04 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui
[2010/10/27 09:24:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui
[2010/10/27 09:24:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui
[2010/10/27 09:24:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui
[2010/10/27 09:24:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui
[2010/10/27 09:24:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui
[2010/10/27 09:24:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui
[2010/10/27 09:24:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui
[2010/10/27 09:23:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui
[2010/10/27 09:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui
[2010/10/27 09:23:57 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
[2010/10/27 09:23:57 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
[2010/10/27 09:23:56 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe
[2010/10/27 09:23:56 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe
[2010/10/27 09:23:56 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll
[2010/10/27 09:23:56 | 000,066,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys
[2010/10/27 09:23:55 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe
[2010/10/27 09:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2010/10/27 08:02:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2010/10/27 08:02:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2010/10/27 08:02:51 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010/10/27 07:16:31 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010/10/27 07:16:31 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010/10/27 07:16:31 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010/10/27 07:16:31 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010/10/27 07:16:31 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010/10/27 07:16:31 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010/10/27 07:16:31 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010/10/27 07:16:31 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010/10/27 07:12:46 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/10/27 07:12:46 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/10/27 07:12:32 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/10/27 07:12:32 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010/10/27 07:12:26 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010/10/27 07:12:26 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010/10/27 07:12:16 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/10/27 07:12:15 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/10/27 07:12:14 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/10/27 07:12:14 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/10/27 07:11:50 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/10/27 07:11:50 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/10/27 07:11:49 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/10/27 07:11:49 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/10/27 07:11:49 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/10/27 07:11:49 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/10/27 07:11:49 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/10/27 07:11:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/10/27 07:11:49 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/10/27 07:11:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/10/27 07:11:49 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/10/27 07:11:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/10/27 07:11:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/10/27 07:11:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/10/27 07:11:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010/10/27 07:11:16 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010/10/27 07:11:07 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010/10/27 07:10:59 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/10/27 07:10:28 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/10/27 07:10:27 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/10/27 07:10:27 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/10/27 07:09:41 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/10/27 07:09:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/10/27 07:09:35 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/10/27 07:08:54 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010/10/27 07:08:34 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010/10/27 07:08:34 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010/10/27 07:08:34 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010/10/27 07:08:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010/10/27 07:08:17 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010/10/27 05:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\Linksys
[2010/10/27 05:15:53 | 000,033,328 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\pnarp.sys
[2010/10/27 05:15:49 | 000,035,376 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\purendis.sys
[2010/10/27 05:15:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010/10/27 05:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Pure Networks
[2010/10/27 05:03:13 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Diagnostics
[2010/10/27 05:02:42 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\HpUpdate
[2010/10/27 04:57:38 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Intel Corporation
[2010/10/27 04:57:21 | 000,000,000 | R--D | C] -- C:\Users\Timo\Searches
[2010/10/27 04:57:21 | 000,000,000 | -H-D | C] -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/10/27 04:57:14 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Identities
[2010/10/27 04:57:12 | 000,000,000 | R--D | C] -- C:\Users\Timo\Contacts
[2010/10/27 04:57:11 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\VirtualStore
[2010/10/27 04:56:55 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Hewlett-Packard
[2010/10/27 04:50:02 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Hewlett-Packard
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\AppData\Local\Temporary Internet Files
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Templates
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Start Menu
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\SendTo
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Recent
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\PrintHood
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\NetHood
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Documents\My Videos
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Documents\My Pictures
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Documents\My Music
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\My Documents
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Local Settings
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\AppData\Local\History
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Cookies
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\Application Data
[2010/10/27 04:48:46 | 000,000,000 | -HSD | C] -- C:\Users\Timo\AppData\Local\Application Data
[2010/10/27 04:48:45 | 000,000,000 | --SD | C] -- C:\Users\Timo\AppData\Roaming\Microsoft
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Videos
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Saved Games
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Pictures
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Music
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Links
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Favorites
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Downloads
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\My Documents
[2010/10/27 04:48:45 | 000,000,000 | R--D | C] -- C:\Users\Timo\Desktop
[2010/10/27 04:48:45 | 000,000,000 | -H-D | C] -- C:\Users\Timo\AppData
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Temp
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Microsoft
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Media Center Programs
[2010/10/27 04:48:45 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\HuluDesktop
[2010/10/26 22:49:33 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Microsoft Games
[2010/10/26 21:45:15 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Mozilla
[2010/10/26 21:45:15 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\Mozilla
[2010/10/26 21:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/10/26 21:42:31 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Local\ElevatedDiagnostics
[2010/10/26 21:39:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/10/26 21:39:34 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/10/26 21:32:41 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Macromedia
[2010/10/26 21:32:40 | 000,000,000 | ---D | C] -- C:\Users\Timo\AppData\Roaming\Adobe

========== Files - Modified Within 30 Days ==========

[2010/11/16 21:23:39 | 000,028,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/16 21:23:39 | 000,028,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/16 21:21:04 | 000,727,916 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/16 21:21:04 | 000,625,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/16 21:21:04 | 000,107,104 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/16 21:18:48 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTimo.job
[2010/11/16 21:16:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/16 21:16:01 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/11 14:37:30 | 000,001,212 | ---- | M] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Target 3001! V14 discover.lnk
[2010/11/11 14:18:40 | 000,002,152 | ---- | M] () -- C:\Windows\SysWow64\unins000.dat
[2010/11/11 14:18:13 | 000,635,337 | ---- | M] () -- C:\Windows\SysWow64\unins000.exe
[2010/11/09 09:03:59 | 000,002,993 | ---- | M] () -- C:\Users\Timo\Desktop\HiJackThis.lnk
[2010/11/09 08:46:35 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/09 00:22:09 | 000,286,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/11/09 00:02:12 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Network Magic.lnk
[2010/11/07 11:51:15 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2010/11/07 11:50:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/11/03 09:48:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/10/31 19:11:14 | 000,015,906 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2010/10/31 18:56:47 | 000,209,920 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
[2010/10/31 18:55:39 | 003,467,264 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2010/10/31 18:55:39 | 000,645,632 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2010/10/31 18:55:39 | 000,515,584 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2010/10/31 18:55:39 | 000,487,424 | ---- | M] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2010/10/31 18:55:39 | 000,431,616 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2010/10/31 18:55:39 | 000,017,454 | ---- | M] () -- C:\Windows\SysNative\nbspkrs.ico
[2010/10/31 18:55:38 | 012,800,512 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2010/10/31 18:55:38 | 000,564,224 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe
[2010/10/31 18:55:38 | 000,442,368 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTEC64.dll
[2010/10/31 18:55:38 | 000,220,672 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\HPToneCtrls64.dll
[2010/10/31 18:55:38 | 000,162,304 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAC64.dll
[2010/10/31 18:55:38 | 000,090,624 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTCo64.dll
[2010/10/31 18:55:38 | 000,068,608 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAR64.dll
[2010/10/31 18:55:38 | 000,003,774 | ---- | M] () -- C:\Windows\SysNative\bltinmic.ico
[2010/10/31 18:55:38 | 000,003,774 | ---- | M] () -- C:\Windows\SysNative\2hps.ico
[2010/10/31 18:54:55 | 000,508,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2010/10/31 18:54:55 | 000,414,744 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2010/10/31 18:54:55 | 000,223,768 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2010/10/31 18:54:55 | 000,161,304 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2010/10/31 18:54:55 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2010/10/31 18:54:54 | 000,386,584 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2010/10/31 18:54:51 | 003,155,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2010/10/31 18:54:51 | 000,152,600 | ---- | M] () -- C:\Windows\SysNative\difx64.exe
[2010/10/31 18:52:37 | 000,092,672 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2141.dll
[2010/10/31 18:52:37 | 000,005,348 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2010/10/31 18:52:36 | 015,025,664 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2010/10/31 18:52:36 | 011,038,208 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2010/10/31 18:52:36 | 010,342,240 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2010/10/31 18:52:36 | 006,537,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2010/10/31 18:52:36 | 004,962,816 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2010/10/31 18:52:36 | 004,658,688 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2010/10/31 18:52:36 | 004,352,512 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2010/10/31 18:52:36 | 000,830,464 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2010/10/31 18:52:36 | 000,571,904 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2010/10/31 18:52:36 | 000,380,416 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2010/10/31 18:52:36 | 000,271,360 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2010/10/31 18:52:36 | 000,243,200 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2010/10/31 18:52:36 | 000,228,864 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2010/10/31 18:52:36 | 000,142,336 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2010/10/31 18:52:36 | 000,127,868 | ---- | M] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/10/31 18:52:36 | 000,127,868 | ---- | M] () -- C:\Windows\SysNative\igcompkrng575.bin
[2010/10/31 18:52:36 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2010/10/31 18:52:36 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2010/10/31 18:52:36 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2010/10/31 18:52:36 | 000,088,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2010/10/31 18:52:36 | 000,088,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2010/10/31 18:52:36 | 000,087,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2010/10/31 18:52:36 | 000,087,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2010/10/31 18:52:36 | 000,087,040 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2010/10/31 18:52:36 | 000,086,528 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2010/10/31 18:52:36 | 000,086,528 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2010/10/31 18:52:36 | 000,084,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2010/10/31 18:52:36 | 000,084,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2010/10/31 18:52:36 | 000,083,968 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2010/10/31 18:52:36 | 000,083,968 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2010/10/31 18:52:36 | 000,061,952 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2010/10/31 18:52:36 | 000,027,648 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2010/10/31 18:52:36 | 000,023,552 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2010/10/31 18:52:36 | 000,004,096 | ---- | M] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2010/10/31 18:52:35 | 000,108,032 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2010/10/31 18:52:32 | 000,189,408 | ---- | M] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2010/10/31 18:52:32 | 000,178,288 | ---- | M] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2010/10/31 18:52:32 | 000,165,251 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2010/10/31 18:52:32 | 000,139,830 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2010/10/31 18:52:32 | 000,136,327 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2010/10/31 18:52:32 | 000,133,680 | ---- | M] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2010/10/31 18:52:32 | 000,125,477 | ---- | M] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2010/10/31 18:52:32 | 000,123,164 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2010/10/31 18:52:32 | 000,122,858 | ---- | M] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2010/10/31 18:52:32 | 000,122,638 | ---- | M] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2010/10/31 18:52:32 | 000,121,121 | ---- | M] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2010/10/31 18:52:32 | 000,120,695 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2010/10/31 18:52:32 | 000,120,287 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2010/10/31 18:52:32 | 000,119,808 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2010/10/31 18:52:32 | 000,119,533 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2010/10/31 18:52:32 | 000,119,513 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2010/10/31 18:52:32 | 000,119,286 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2010/10/31 18:52:32 | 000,118,997 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2010/10/31 18:52:32 | 000,118,684 | ---- | M] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2010/10/31 18:52:32 | 000,118,631 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2010/10/31 18:52:32 | 000,118,317 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2010/10/31 18:52:32 | 000,117,984 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2010/10/31 18:52:32 | 000,114,779 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2010/10/31 18:52:32 | 000,114,308 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2010/10/31 18:52:32 | 000,114,179 | ---- | M] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2010/10/31 18:52:32 | 000,110,156 | ---- | M] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2010/10/31 18:52:32 | 000,103,997 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2010/10/31 18:52:32 | 000,102,843 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2010/10/31 08:41:22 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/10/31 08:37:17 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/10/30 14:45:57 | 000,207,259 | ---- | M] () -- C:\Windows\hpwins28.dat
[2010/10/30 14:36:26 | 000,001,315 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/10/30 14:35:40 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/10/27 05:06:02 | 000,001,441 | ---- | M] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/27 04:47:33 | 000,039,219 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/10/27 04:47:33 | 000,039,219 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/10/26 21:45:01 | 000,001,967 | ---- | M] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/26 21:45:01 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2010/11/11 14:37:30 | 000,001,212 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Target 3001! V14 discover.lnk
[2010/11/11 14:18:35 | 000,635,337 | ---- | C] () -- C:\Windows\SysWow64\unins000.exe
[2010/11/11 14:18:35 | 000,002,152 | ---- | C] () -- C:\Windows\SysWow64\unins000.dat
[2010/11/09 09:03:59 | 000,002,993 | ---- | C] () -- C:\Users\Timo\Desktop\HiJackThis.lnk
[2010/11/09 08:46:35 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/11/08 23:45:49 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2010/11/08 23:45:49 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2010/11/08 23:45:49 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2010/11/08 23:45:49 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2010/11/07 11:51:15 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2010/11/03 09:48:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/10/31 18:54:56 | 000,152,600 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2010/10/31 18:52:47 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/10/31 18:52:47 | 000,127,868 | ---- | C] () -- C:\Windows\SysNative\igcompkrng575.bin
[2010/10/31 18:52:47 | 000,005,348 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2010/10/31 18:52:42 | 000,189,408 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2010/10/31 18:52:42 | 000,178,288 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2010/10/31 18:52:42 | 000,165,251 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2010/10/31 18:52:42 | 000,136,327 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2010/10/31 18:52:42 | 000,133,680 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2010/10/31 18:52:42 | 000,125,477 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2010/10/31 18:52:42 | 000,123,164 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2010/10/31 18:52:42 | 000,122,858 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2010/10/31 18:52:42 | 000,122,638 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2010/10/31 18:52:42 | 000,121,121 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2010/10/31 18:52:42 | 000,120,695 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2010/10/31 18:52:42 | 000,120,287 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2010/10/31 18:52:42 | 000,119,533 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2010/10/31 18:52:42 | 000,119,513 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2010/10/31 18:52:42 | 000,119,286 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2010/10/31 18:52:42 | 000,118,997 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2010/10/31 18:52:42 | 000,118,631 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2010/10/31 18:52:42 | 000,118,317 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2010/10/31 18:52:42 | 000,117,984 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2010/10/31 18:52:42 | 000,114,779 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2010/10/31 18:52:42 | 000,114,308 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2010/10/31 18:52:42 | 000,114,179 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2010/10/31 18:52:42 | 000,110,156 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2010/10/31 18:52:42 | 000,103,997 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2010/10/31 18:52:42 | 000,102,843 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2010/10/31 18:52:41 | 000,139,830 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2010/10/31 18:52:41 | 000,118,684 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2010/10/31 18:32:36 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForTimo.job
[2010/10/31 08:41:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/31 08:37:17 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/10/30 14:36:26 | 000,001,315 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/10/30 14:35:40 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/10/30 14:29:41 | 000,000,777 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/10/30 14:29:40 | 000,207,259 | ---- | C] () -- C:\Windows\hpwins28.dat
[2010/10/27 07:04:41 | 000,053,551 | ---- | C] () -- C:\Windows\Professional.xml
[2010/10/27 05:17:37 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Network Magic.lnk
[2010/10/27 05:06:01 | 000,001,441 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/27 04:49:51 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2010/10/27 04:48:45 | 000,000,290 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/10/27 04:48:45 | 000,000,272 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/10/26 21:45:01 | 000,001,967 | ---- | C] () -- C:\Users\Timo\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/26 21:45:01 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/10/26 21:39:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010/08/30 05:01:20 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/08/30 05:01:16 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/08/30 05:01:06 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/08/30 05:00:51 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/08/30 05:00:38 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/08/30 04:42:59 | 000,000,312 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/08/30 04:42:59 | 000,000,253 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/05/17 08:31:14 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/05/17 07:20:38 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2010/05/17 07:17:27 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2010/05/17 07:16:38 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2010/05/17 07:16:13 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2010/03/31 14:47:06 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/03/31 14:47:06 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/02/09 17:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/09 20:03:56 | 000,370,312 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll

< End of report >





Extras.Txt:
--------------------------------------------------------------
OTL Extras logfile created on: 11/16/2010 9:23:44 PM - Run 5
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Timo\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.98 Gb Total Space | 395.77 Gb Free Space | 88.54% Space Free | Partition Type: NTFS
Drive D: | 18.48 Gb Total Space | 2.66 Gb Free Space | 14.38% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 92.69 Mb Free Space | 93.60% Space Free | Partition Type: FAT32
Drive F: | 4.14 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: TIMO-PC | User Name: Timo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3372307548-3704364435-1992927136-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0279C882-B150-44B6-A769-A7C8A2F31CE3}" = HP Wireless Assistant
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{10F539B1-31AF-43BF-9F0C-0EB66E918922}" = HP Quick Launch
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{26A24AE4-039D-4CA4-87B4-2F86416018FF}" = Java™ 6 Update 18 (64-bit)
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}" = HP 3D DriveGuard
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{338DAD71-9CE7-4D63-B729-7E91C07A4D7D}" = Microsoft Search Enhancement Pack
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{394FA67A-FF0A-4356-BB77-D85E5A300BDE}" = HP QuickWeb Installer
"{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4123BE4D-C65C-467E-8071-232FB1FBF3B8}" = MSN Toolbar Platform
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{495A8A3C-8FD0-4C46-9979-95C26181A1AB}" = HP Support Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help
"{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}" = LightScribe System Software
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.0 MUI
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DA200FDD-DE3D-4958-8465-C4FBC869544B}" = HP Software Framework
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E2831862-F131-4327-B9CC-FA30F587EB6C}" = HP Setup
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F96E3A91-FFE9-4486-B3B0-E5B77E712286}" = Alcor Micro USB Card Reader
"{FA3F4EB7-C0B6-4037-AF1E-0EEC2932B331}" = HP User Guides 0164
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Internet Security
"ELECTRA_is1" = ELECTRA 2.4
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"InstallShield_{F96E3A91-FFE9-4486-B3B0-E5B77E712286}" = Alcor Micro USB Card Reader
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"My HP Game Console" = HP Game Console
"Network MagicUninstall" = Network Magic
"Target 3001! V14 discover" = Target 3001! V14 discover
"Trojan Remover_is1" = Trojan Remover 6.8.2
"VB Runtimes Pack, release 7_is1" = VB Runtimes Pack, release 7
"VLC media player" = VLC media player 1.1.4
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT082122" = Blackhawk Striker 2
"WT082124" = Blasterball 3
"WT082133" = Dora's Carnival Adventure
"WT082141" = FATE
"WT082168" = Penguins!
"WT082170" = Plants vs. Zombies
"WT082171" = Poker Superstars III
"WT082172" = Polar Bowler
"WT082173" = Polar Golfer
"WT082188" = Virtual Families
"WT082189" = Wheel of Fortune 2
"WT082192" = Bejeweled 2 Deluxe
"WT082200" = Chuzzle Deluxe
"WT082241" = Virtual Villagers - The Secret City
"WT082396" = Diner Dash 2 Restaurant Rescue
"WT082438" = Build-a-lot 2
"WT082442" = Faerie Solitaire
"WT082443" = Jewel Quest 3
"WT082456" = Mystery P.I. - The New York Fortune
"WT082463" = Zuma's Revenge
"WT082468" = Jewel Quest Solitaire 2
"WT083477" = Cake Mania
"WT083484" = Escape Rosecliff Island
"WT083491" = TextTwist 2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3372307548-3704364435-1992927136-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/28/2010 1:23:45 PM | Computer Name = Timo-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 10/30/2010 1:20:57 AM | Computer Name = Timo-PC | Source = Application Hang | ID = 1002
Description = The program SCServer.exe version 2.0.270.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: b2c Start
Time: 01cb77e8c15f77ad Termination Time: 15 Application Path: C:\Program Files (x86)\Microsoft\Search
Enhancement Pack\SCServer\SCServer.exe Report Id: 72e71fbc-e3e5-11df-b56d-806bf99ea75a


Error - 10/30/2010 4:52:11 AM | Computer Name = Timo-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 10/30/2010 4:55:44 AM | Computer Name = Timo-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll".Error in manifest or policy
file "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
on line 2. Invalid Xml syntax.

Error - 10/30/2010 11:54:21 AM | Computer Name = Timo-PC | Source = MsiInstaller | ID = 11704
Description =

Error - 10/30/2010 11:54:40 AM | Computer Name = Timo-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 10/30/2010 11:54:50 AM | Computer Name = Timo-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 10/31/2010 4:05:57 AM | Computer Name = Timo-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 10/31/2010 4:08:18 AM | Computer Name = Timo-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll".Error in manifest or policy
file "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
on line 2. Invalid Xml syntax.

Error - 10/31/2010 10:54:42 PM | Computer Name = Timo-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'hpCaslNotification' could not be shut down.

[ Hewlett-Packard Events ]
Error - 10/31/2010 11:15:18 PM | Computer Name = Timo-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 10/31/2010 11:15:19 PM | Computer Name = Timo-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 11/8/2010 1:00:43 AM | Computer Name = Timo-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

[ HP Wireless Assistant Events ]
Error - 10/27/2010 3:32:49 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:32:59 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:33:09 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:33:20 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:33:30 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:33:40 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:33:50 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:34:01 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:34:11 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 10/27/2010 3:34:21 AM | Computer Name = Timo-PC | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

[ System Events ]
Error - 11/3/2010 10:03:11 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HPWMISVC service.

Error - 11/3/2010 10:03:13 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the LanmanWorkstation service.

Error - 11/3/2010 10:03:43 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HP Wireless Assistant Service service.

Error - 11/3/2010 10:04:13 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HP Wireless Assistant Service service.

Error - 11/3/2010 10:04:43 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the LanmanWorkstation service.

Error - 11/3/2010 10:05:13 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the RasMan service.

Error - 11/3/2010 10:05:43 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the wuauserv service.

Error - 11/4/2010 10:17:23 PM | Computer Name = Timo-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:16:14 PM on ?11/?4/?2010 was unexpected.

Error - 11/4/2010 10:18:25 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7034
Description = The Pure Networks Platform Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/8/2010 1:53:06 PM | Computer Name = Timo-PC | Source = Service Control Manager | ID = 7034
Description = The Pure Networks Platform Service service terminated unexpectedly.
It has done this 1 time(s).


< End of report >

#9 pwgib

pwgib

  • Malware Response Team
  • 2,956 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:God's Country
  • Local time:04:29 PM

Posted 17 November 2010 - 03:54 AM

Hello Timo_SD,

I'm curious what is the point for somebody to create a virus like this. What do they get? Is there a financial reward for them?

The short answer is yes.

A big trend during the Internet boom was to provide free software to downloaders. Why would they offer it for free? It is because these programs would gather statistics about the users activities on the Internet or on their computer, what hardware they have, what software they use, etc. Then they would sell this information to third-party organizations without your knowledge. This type of information gathering via a piece of software without knowledge is called Spyware.

Hijackers are another newer breed of software that literally takes over control of certain operations of your web browser. By doing this they can redirect browsers to sites of their choice where they may gain a commission for the user going there or to increase traffic to their site generating higher ad revenue. Even worse, these Hijackers can redirect search results from their own search engines to you, when you do a search on a popular search engine like Google.

Dialers make their money by having your computer connect to numbers where you get charged exorbitant fees while you are connected.

http://www.bleepingcomputer.com/tutorials/understanding-spyware-browser-hijackers-and-dialers/
http://en.wikipedia.org/wiki/Malware
http://www.cisco.com/web/about/security/intelligence/virus-worm-diffs.html

Step 1.

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Drive-by Trojan preying on out-of-date Java installations
Ghosts of Java Haunt UsersPlease follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 22 (JDK or JRE)".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "I agree to the Java SE...License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u22-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

Step 2.

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image
<<Note: If ESET finds nothing there will be no log produced

In your next reply please include the following:

ESET report



Thanks!!
PW

#10 Timo_SD

Timo_SD
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 PM

Posted 17 November 2010 - 03:16 PM

Old Java uninstalled and new (jre-6u22-windows-i586.exe) installed.

ESET Report:
-------------------

C:\Users\Timo\AppData\Roaming\Microsoft\Windows\shell.exe.vir a variant of Win32/Kryptik.IAV trojan cleaned by deleting - quarantined

#11 pwgib

pwgib

  • Malware Response Team
  • 2,956 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:God's Country
  • Local time:04:29 PM

Posted 18 November 2010 - 08:28 AM

Hello Timo_SD,


You now appear to be all clean. :thumbsup:


Step 1.

You can rehide files and folders.

Instructions are here.

Step 2.

Please open OTL
  • Double click on the Posted Image icon on your desktop.
  • Click the "Cleanup" checkbox.
  • You will be asked, "Begin Cleanup Process"
  • Select Yes
  • You will be prompted to restart your computer.
You can now uninstall any other programs we may have used and delete any logs that may have been generated.

Step 3.

Here are some steps to follow in order to dramatically lower the chances of reinfection. You may have already implemented some of them, however, by following the rest of them you will reduce the risk of becoming re-infected.

It is critical to stay up to date with the latest upgrades to your Operating System, as this can help prevent future problems. You can find microsoft updates here

I recommend that you visit the link above and either enable 'Automatic Updates' under Start | Control Panel | Automatic Updates, or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

New viruses come out every minute, so it is essential that you keep your antivirus program updated and have the latest signatures to provide you with the best possible protection from malicious software.
Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

Make sure you use a firewall. A tutorial on understanding and using firewalls may be found here. For most users the built in Windows Firewall is sufficient. Only use one firewall at a time though.

Install Spyware Blaster and update it regularly
If you wish, the commercial version provides automatic updating.

Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
SuperAntiSpyware is another good scanner with high detection and removal rates. Both programs are free for non commercial home use but provide
a resident and do not nag if you purchase the paid versions. I personally prefer and highly recommend the licensed version of MBAM.

Please read and follow How did I get infected?, With steps so it does not happen again! as well as How to prevent Malware by Miekiemoes

If you have any questions please do not hesitate to ask.

Safe surfing and have a great day!!! :)
PW

#12 Timo_SD

Timo_SD
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 PM

Posted 18 November 2010 - 10:51 AM

Thanks again pwgib!

Great service and especially thanks for clear instructions and good follow through.

Cheers,
Timo

#13 pwgib

pwgib

  • Malware Response Team
  • 2,956 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:God's Country
  • Local time:04:29 PM

Posted 18 November 2010 - 06:54 PM

It has been a pleasure working with you. :thumbup2:

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
PW




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users