Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

votre ordinateur a été bloqué pour violation de la loi française


  • This topic is locked This topic is locked
40 replies to this topic

#1 w i l l

w i l l

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 06 March 2012 - 07:23 AM

Hi,

I would like to do a removal log but I have this note (which is a virus) displayed on my screen even in Safe Mode.

Please could someone make a suggestion?

Thanks

BC AdBot (Login to Remove)

 


#2 w i l l

w i l l
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 06 March 2012 - 08:14 AM

'Safe mode with command prompt' works though. It was suggested that I do this but it doesn't work;

My link

#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:01 AM

Posted 06 March 2012 - 09:12 AM

Hi will,

could you tell me which OS you're running? Do you have your Windows CDs? Do you have an alternate OS on a CD/flash drive we could use?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#4 w i l l

w i l l
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 06 March 2012 - 11:21 AM

I'm running Windows 7 and have the CD's. I haven't got another OS.

I can get to explorer by starting in safe mode with command prompt but Windows wont let me run hyjackthis in safe mode.

I can run other antivirus though that unlocks the lock that the virus puts on the PC such as this;

http://supprimerlevirus.blogspot.com/2011/12/votre-ordinateur-ete-bloque-pour.html

At present when starting in safe mode I get a screen that says that the computer is locked and when starting normally I just get a black screen.

#5 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:01 AM

Posted 06 March 2012 - 12:17 PM

Hi,

ok, let's avoid booting your PC then:

You need to download and run the FRST64 version:

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.
(Do you know which of the two you have to pick? If not let me know)

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]
regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#6 w i l l

w i l l
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 06 March 2012 - 01:56 PM

OK thanks, here it is....

Scan result of Farbar Recovery Scan Tool Version: 06-03-2012
Ran by SYSTEM at 06-03-2012 18:46:03
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2370856 2010-09-23] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6611048 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [312936 2011-04-21] (NVIDIA Corporation)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [167960 2011-03-11] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [391704 2011-03-11] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [418840 2011-03-11] (Intel Corporation)
HKLM\...\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-07-27] (Intel® Corporation)
HKLM\...\Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-25] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup [30192 2011-11-10] (Google)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" [x]
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1259376 2011-07-28] ()
HKU\laptop\...\Run: [Akamai NetSession Interface] "C:\Users\laptop\AppData\Local\Akamai\netsession_win.exe" [3329824 2012-02-01] (Akamai Technologies, Inc)
HKU\laptop\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [17351304 2011-10-13] (Skype Technologies S.A.)
HKU\laptop\...\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [1508408 2011-12-16] (Nokia)
HKLM\...\Runonce: [GrpConv] grpconv -o [x]
HKLM\...\Winlogon: [Shell] expl?rer.exe [208896 2012-03-06] (mVox Electronics)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 8.8.8.8
AppInit_DLLs: C:\Windows\system32\nvinitx.dll

==================== Services (Whitelisted) ======

2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [1166848 2011-08-08] (Intel Corporation)
2 BTHSSecurityMgr; "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [134928 2011-06-03] (Intel® Corporation)
3 CoordinatorServiceHost; "C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe" [87336 2010-10-05] (Dassault Systèmes SolidWorks Corp.)
2 ExpatShieldService; C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [331608 2012-01-06] ()
2 ExpatSrv; C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [363336 2012-01-04] (AnchorFree Inc.)
3 ExpatTrayService; C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE [77520 2012-01-06] ()
2 ExpatWd; C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [329544 2012-01-04] ()
3 GoogleDesktopManager-051210-111108; "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [30192 2011-11-10] (Google)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
3 ServiceLayer; "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" [718888 2011-11-30] (Nokia)
3 SolidWorks Licensing Service; "C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe" [79360 2011-12-22] (SolidWorks)
2 TabletServiceWacom; C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [6438264 2011-06-06] (Wacom Technology, Corp.)
2 UNS; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" [2656280 2010-12-20] (Intel Corporation)
2 KMService; C:\Windows\system32\srvany.exe [x]

========================== Drivers (Whitelisted) =============

3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [299008 2011-08-08] (Windows ® Win 7 DDK provider)
3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [299008 2011-08-08] (Windows ® Win 7 DDK provider)
3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [56832 2012-01-04] (AnchorFree Inc.)
3 intaud_WaveExtensible; C:\Windows\System32\drivers\intelaud.sys [34200 2011-05-17] (Intel Corporation)
3 iwdbus; C:\Windows\System32\DRIVERS\iwdbus.sys [25496 2011-05-17] (Intel Corporation)
3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [255552 2009-02-24] (MagicISO, Inc.)
3 NETwNs64; C:\Windows\System32\DRIVERS\NETwNs64.sys [8604672 2011-08-03] (Intel Corporation)
3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2011-11-01] (Nokia)
3 nmwcdc; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2011-11-01] (Nokia)
3 NvStUSB; C:\Windows\System32\drivers\nvstusb.sys [121960 2011-01-31] ()
3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [25600 2008-08-28] (Nokia)
3 qicflt; C:\Windows\System32\DRIVERS\qicflt.sys [29288 2010-07-12] (Quanta Computer)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2011-11-08] (Duplex Secure Ltd.)
3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [30720 2010-11-23] (The OpenVPN Project)
3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [37888 2012-01-04] (AnchorFree Inc)
3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2012-01-04] (Windows ® Win 7 DDK provider)
3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [31232 2010-11-20] (Microsoft Corporation)
2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [16120 2010-11-29] (Intel® Corporation)
3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2011-11-01] (Nokia)
3 usbser; C:\Windows\System32\drivers\usbser.sys [32768 2010-11-20] (Microsoft Corporation)
3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-11-01] (Nokia)
3 wacmoumonitor; C:\Windows\System32\DRIVERS\wacmoumonitor.sys [13312 2011-03-17] (Wacom Technology)
3 wacommousefilter; C:\Windows\System32\DRIVERS\wacommousefilter.sys [12848 2007-02-16] (Wacom Technology)
3 wacomvhid; C:\Windows\System32\DRIVERS\wacomvhid.sys [16168 2009-09-21] (Wacom Technology)
3 wdkmd; C:\Windows\System32\DRIVERS\WDKMD.sys [42392 2011-05-17] (Intel Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-03-06 10:11 - 2012-03-06 10:06 - 1402880 ____A C:\Users\laptop\Desktop\HijackThis.msi
2012-03-06 07:03 - 2012-03-06 07:29 - 0000000 ____D C:\Program Files (x86)\GridinSoft Trojan Killer
2012-03-06 07:03 - 2012-03-06 07:17 - 0001145 ____A C:\Users\Public\Desktop\Trojan Killer.lnk
2012-03-06 07:03 - 2012-03-06 07:17 - 0001145 ____A C:\Users\All Users\Desktop\Trojan Killer.lnk
2012-03-06 05:44 - 2012-03-06 05:44 - 0208896 ____A (mVox Electronics) C:\Windows\expl?rer.exe
2012-03-05 11:27 - 2012-03-05 11:27 - 1556443 ____A C:\Users\laptop\Desktop\IMG_5686.JPG
2012-03-05 10:17 - 2012-03-05 10:17 - 0000000 ____D C:\Users\laptop\Desktop\Honey I Shrunk The Kids
2012-03-05 07:21 - 2012-03-05 07:57 - 0000000 ____D C:\Users\laptop\Desktop\Locked.Up.Abroad
2012-03-05 06:15 - 2012-03-05 07:15 - 0000000 ____D C:\Users\laptop\Desktop\Sherlock Holmes[2009]DvDrip[Eng]-FXG
2012-03-05 05:37 - 2012-03-05 06:18 - 0000000 ____D C:\Users\laptop\Desktop\Films etc
2012-03-04 08:34 - 2012-03-04 08:34 - 1543475 ____A C:\Users\laptop\Desktop\IMG_5678.JPG
2012-03-04 02:34 - 2012-03-02 09:53 - 0167163 ____A C:\Users\laptop\Desktop\Image004.jpg
2012-03-04 02:05 - 2012-03-04 02:05 - 0000000 ____D C:\Users\laptop\Desktop\Extras
2012-03-04 02:02 - 2012-03-04 02:03 - 0000000 ____D C:\Users\laptop\Desktop\Catch.Me.If.You.Can[ENG][DVDRip]
2012-03-04 02:01 - 2012-03-05 07:32 - 0000000 ____D C:\Users\laptop\Desktop\Shrek 1 and 2 dvd rip's[eng]XviD.Rets
2012-03-03 13:21 - 2012-03-03 11:51 - 70430454 ____A C:\Users\laptop\Desktop\MVI_5643.AVI
2012-02-27 17:49 - 2012-02-27 17:50 - 0000000 ____D C:\Users\laptop\Desktop\Escape.From.Alcatraz.1979.544.25fps.818Kbps.V5.WunSeeDee
2012-02-26 07:47 - 2012-02-27 18:01 - 0000000 ____D C:\Users\laptop\Desktop\Desperate Housewives Season 6 720p
2012-02-26 07:43 - 2012-03-02 04:46 - 0000000 ____D C:\Users\laptop\Desktop\Desperate Housewives Season 7 Complete 720p
2012-02-21 15:43 - 2012-02-21 11:01 - 0284703 ____N C:\Users\laptop\Desktop\Image000.jpg
2012-02-21 15:42 - 2012-02-21 11:02 - 0272134 ____N C:\Users\laptop\Desktop\Image001.jpg
2012-02-21 15:40 - 2012-02-21 15:40 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2012-02-21 15:39 - 2012-03-04 02:33 - 0000000 ____D C:\Users\laptop\Application Data\Nokia
2012-02-21 15:39 - 2012-03-04 02:33 - 0000000 ____D C:\Users\laptop\AppData\Roaming\Nokia
2012-02-21 15:39 - 2012-02-21 15:40 - 0000000 ____D C:\Users\laptop\Application Data\PC Suite
2012-02-21 15:39 - 2012-02-21 15:40 - 0000000 ____D C:\Users\laptop\AppData\Roaming\PC Suite
2012-02-21 15:39 - 2012-02-21 15:40 - 0000000 ____D C:\Users\All Users\PC Suite
2012-02-21 15:39 - 2012-02-21 15:40 - 0000000 ____D C:\Users\All Users\Application Data\PC Suite
2012-02-21 15:39 - 2012-02-21 15:40 - 0000000 ____D C:\ProgramData\PC Suite
2012-02-21 15:36 - 2012-02-21 15:37 - 0000000 ____D C:\Program Files\DIFX
2012-02-21 15:36 - 2012-02-21 15:36 - 0002040 ____A C:\Users\Public\Desktop\Nokia PC Suite.lnk
2012-02-21 15:36 - 2012-02-21 15:36 - 0002040 ____A C:\Users\All Users\Desktop\Nokia PC Suite.lnk
2012-02-21 15:36 - 2012-02-21 15:36 - 0000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2012-02-21 15:36 - 2012-02-21 15:36 - 0000000 ____D C:\Program Files (x86)\Nokia
2012-02-21 15:36 - 2008-08-28 04:44 - 0025600 ____A (Nokia) C:\Windows\System32\Drivers\pccsmcfdx64.sys
2012-02-21 15:35 - 2012-02-21 15:35 - 0000000 ____D C:\Users\All Users\Installations
2012-02-21 15:35 - 2012-02-21 15:35 - 0000000 ____D C:\Users\All Users\Application Data\Installations
2012-02-21 15:35 - 2012-02-21 15:35 - 0000000 ____D C:\ProgramData\Installations
2012-02-21 15:34 - 2012-02-21 15:34 - 40264096 ____A () C:\Users\laptop\Downloads\Nokia_PC_Suite_eng_us_web.exe
2012-02-21 15:24 - 2012-02-21 15:24 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2012-02-20 12:40 - 2012-02-20 12:40 - 2911554 ____A C:\SDAS.bmp
2012-02-20 07:19 - 2012-02-20 07:31 - 154792496 ____A C:\Users\laptop\Desktop\Soul ution Night 2 Marcus Intalex Sun And Bass 2011.mp3
2012-02-20 07:15 - 2012-02-20 07:20 - 57602297 ____A C:\Users\laptop\Desktop\marcuspodi.mp3
2012-02-20 07:14 - 2012-02-20 07:23 - 115202088 ____A C:\Users\laptop\Desktop\6416-Marcus Intalex - Soulution Radio - Volume 16 - 2010.04.30.mp3
2012-02-19 13:19 - 2012-02-19 15:06 - 38137617 ____A C:\Users\laptop\Desktop\Track01.mp3.part
2012-02-19 02:59 - 2012-02-19 02:59 - 0146942 ____A C:\Users\laptop\Desktop\IG_9668203.pdf
2012-02-19 02:55 - 2012-02-19 02:55 - 0981827 ____A C:\Users\laptop\Desktop\IAG_MF_PW_RCSTD_0911.pdf
2012-02-19 02:54 - 2012-02-19 02:54 - 0305256 ____A C:\Users\laptop\Desktop\IAG_MF_KF_RCSTD_0911.pdf
2012-02-17 16:56 - 2011-12-14 01:43 - 17790464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-17 16:56 - 2011-12-14 01:11 - 2308096 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-02-17 16:56 - 2011-12-14 01:04 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-17 16:56 - 2011-12-14 01:04 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-17 16:56 - 2011-12-14 01:03 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-02-17 16:56 - 2011-12-14 01:03 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-17 16:56 - 2011-12-14 01:01 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-17 16:56 - 2011-12-14 01:00 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-02-17 16:56 - 2011-12-14 00:59 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-17 16:56 - 2011-12-14 00:57 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-17 16:56 - 2011-12-14 00:57 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-17 16:56 - 2011-12-14 00:53 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-17 16:56 - 2011-12-13 21:30 - 12282368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-02-17 16:56 - 2011-12-13 21:04 - 1798656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-02-17 16:56 - 2011-12-13 20:57 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-02-17 16:56 - 2011-12-13 20:57 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-02-17 16:56 - 2011-12-13 20:56 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-02-17 16:56 - 2011-12-13 20:55 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-02-17 16:56 - 2011-12-13 20:54 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-02-17 16:56 - 2011-12-13 20:53 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-02-17 16:56 - 2011-12-13 20:52 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-02-17 16:56 - 2011-12-13 20:50 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-02-17 16:56 - 2011-12-13 20:50 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-02-17 16:56 - 2011-12-13 20:47 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-02-17 16:55 - 2011-12-14 01:16 - 10887168 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-17 16:55 - 2011-12-13 21:10 - 9705472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-02-16 13:33 - 2012-01-13 22:06 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-16 13:33 - 2012-01-04 04:44 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-02-16 13:33 - 2012-01-04 04:44 - 0509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-02-16 13:33 - 2012-01-04 02:59 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-02-16 13:33 - 2012-01-04 02:58 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2012-02-16 13:33 - 2011-12-30 00:26 - 0515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-02-16 13:33 - 2011-12-29 23:27 - 0478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2012-02-16 13:33 - 2011-12-27 21:59 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-02-16 13:33 - 2011-12-16 02:46 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-02-16 13:33 - 2011-12-16 01:52 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-02-12 10:19 - 2012-02-12 10:19 - 0000000 ____D C:\Users\laptop\Desktop\New folder (3)
2012-02-12 10:00 - 2012-02-12 10:01 - 0000000 ____D C:\Users\laptop\Desktop\New folder (2)
2012-02-12 08:10 - 2012-02-12 08:10 - 0000000 ____D C:\Users\laptop\zygrib
2012-02-12 08:10 - 2012-02-12 08:10 - 0000000 ____D C:\Users\laptop\Desktop\New folder


============ 3 Months Modified Files and Folders =============

2012-03-06 18:46 - 2012-03-06 18:45 - 0000000 ____D C:\FRST
2012-03-06 12:17 - 2011-12-22 02:36 - 2416960 ____A C:\Windows\ntbtlog.txt
2012-03-06 10:09 - 2009-07-13 23:13 - 0792510 ____A C:\Windows\System32\PerfStringBackup.INI
2012-03-06 10:06 - 2012-03-06 10:11 - 1402880 ____A C:\Users\laptop\Desktop\HijackThis.msi
2012-03-06 09:55 - 2011-09-29 16:58 - 2064252928 __ASH C:\hiberfil.sys
2012-03-06 09:54 - 2011-09-29 17:03 - 2023979 ____A C:\Windows\WindowsUpdate.log
2012-03-06 08:20 - 2009-07-13 22:45 - 0021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-03-06 08:20 - 2009-07-13 22:45 - 0021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-03-06 08:15 - 2011-09-29 15:08 - 0000000 ____D C:\users\UpdatusUser
2012-03-06 08:13 - 2011-09-29 17:01 - 0000000 ____D C:\Users\All Users\NVIDIA
2012-03-06 08:13 - 2011-09-29 17:01 - 0000000 ____D C:\Users\All Users\Application Data\NVIDIA
2012-03-06 08:13 - 2011-09-29 17:01 - 0000000 ____D C:\ProgramData\NVIDIA
2012-03-06 08:13 - 2011-09-29 15:35 - 0000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2012-03-06 08:13 - 2009-07-13 23:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-03-06 08:13 - 2009-07-13 22:51 - 0066273 ____A C:\Windows\setupact.log
2012-03-06 07:36 - 2011-11-11 03:49 - 0000000 ____D C:\Users\laptop\My Documents\Outlook Files
2012-03-06 07:36 - 2011-11-11 03:49 - 0000000 ____D C:\Users\laptop\Documents\Outlook Files
2012-03-06 07:33 - 2011-09-29 15:42 - 0000000 ____D C:\Users\Default\Local Settings\SoftThinks
2012-03-06 07:33 - 2011-09-29 15:42 - 0000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2012-03-06 07:33 - 2011-09-29 15:42 - 0000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2012-03-06 07:33 - 2011-09-29 15:42 - 0000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2012-03-06 07:33 - 2011-09-29 15:42 - 0000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2012-03-06 07:33 - 2011-09-29 15:42 - 0000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2012-03-06 07:29 - 2012-03-06 07:03 - 0000000 ____D C:\Program Files (x86)\GridinSoft Trojan Killer
2012-03-06 07:17 - 2012-03-06 07:03 - 0001145 ____A C:\Users\Public\Desktop\Trojan Killer.lnk
2012-03-06 07:17 - 2012-03-06 07:03 - 0001145 ____A C:\Users\All Users\Desktop\Trojan Killer.lnk
2012-03-06 05:46 - 2010-11-20 21:47 - 0038170 ____A C:\Windows\PFRO.log
2012-03-06 05:44 - 2012-03-06 05:44 - 0208896 ____A (mVox Electronics) C:\Windows\expl?rer.exe
2012-03-06 05:42 - 2011-11-09 18:14 - 0000000 ____D C:\Users\laptop\Application Data\Skype
2012-03-06 05:42 - 2011-11-09 18:14 - 0000000 ____D C:\Users\laptop\AppData\Roaming\Skype
2012-03-06 02:48 - 2011-11-08 14:48 - 0000000 ____D C:\Users\laptop\Application Data\BitTorrent
2012-03-06 02:48 - 2011-11-08 14:48 - 0000000 ____D C:\Users\laptop\AppData\Roaming\BitTorrent
2012-03-06 02:44 - 2011-11-11 14:38 - 0000000 ____D C:\Users\laptop\Desktop\Image Shuffle
2012-03-05 11:27 - 2012-03-05 11:27 - 1556443 ____A C:\Users\laptop\Desktop\IMG_5686.JPG
2012-03-05 10:17 - 2012-03-05 10:17 - 0000000 ____D C:\Users\laptop\Desktop\Honey I Shrunk The Kids
2012-03-05 07:57 - 2012-03-05 07:21 - 0000000 ____D C:\Users\laptop\Desktop\Locked.Up.Abroad
2012-03-05 07:32 - 2012-03-04 02:01 - 0000000 ____D C:\Users\laptop\Desktop\Shrek 1 and 2 dvd rip's[eng]XviD.Rets
2012-03-05 07:15 - 2012-03-05 06:15 - 0000000 ____D C:\Users\laptop\Desktop\Sherlock Holmes[2009]DvDrip[Eng]-FXG
2012-03-05 06:18 - 2012-03-05 05:37 - 0000000 ____D C:\Users\laptop\Desktop\Films etc
2012-03-05 06:16 - 2011-11-11 14:37 - 0000000 ____D C:\Users\laptop\Desktop\DA selected
2012-03-04 08:34 - 2012-03-04 08:34 - 1543475 ____A C:\Users\laptop\Desktop\IMG_5678.JPG
2012-03-04 03:06 - 2012-01-30 12:30 - 0000000 ____D C:\Users\laptop\Local Settings\ElevatedDiagnostics
2012-03-04 03:06 - 2012-01-30 12:30 - 0000000 ____D C:\Users\laptop\Local Settings\Application Data\ElevatedDiagnostics
2012-03-04 03:06 - 2012-01-30 12:30 - 0000000 ____D C:\Users\laptop\AppData\Local\ElevatedDiagnostics
2012-03-04 02:33 - 2012-02-21 15:39 - 0000000 ____D C:\Users\laptop\Application Data\Nokia
2012-03-04 02:33 - 2012-02-21 15:39 - 0000000 ____D C:\Users\laptop\AppData\Roaming\Nokia
2012-03-04 02:05 - 2012-03-04 02:05 - 0000000 ____D C:\Users\laptop\Desktop\Extras
2012-03-04 02:03 - 2012-03-04 02:02 - 0000000 ____D C:\Users\laptop\Desktop\Catch.Me.If.You.Can[ENG][DVDRip]
2012-03-03 11:51 - 2012-03-03 13:21 - 70430454 ____A C:\Users\laptop\Desktop\MVI_5643.AVI
2012-03-02 09:53 - 2012-03-04 02:34 - 0167163 ____A C:\Users\laptop\Desktop\Image004.jpg
2012-03-02 04:46 - 2012-02-26 07:43 - 0000000 ____D C:\Users\laptop\Desktop\Desperate Housewives Season 7 Complete 720p
2012-02-27 18:01 - 2012-02-26 07:47 - 0000000 ____D C:\Users\laptop\Desktop\Desperate Housewives Season 6 720p
2012-02-27 17:50 - 2012-02-27 17:49 - 0000000 ____D C:\Users\laptop\Desktop\Escape.From.Alcatraz.1979.544.25fps.818Kbps.V5.WunSeeDee
2012-02-27 12:18 - 2011-11-09 14:01 - 0000000 ____D C:\Users\laptop\Application Data\SolidWorks
2012-02-27 12:18 - 2011-11-09 14:01 - 0000000 ____D C:\Users\laptop\AppData\Roaming\SolidWorks
2012-02-26 08:13 - 2011-11-11 14:39 - 0000000 ____D C:\Users\laptop\Desktop\Imagebank
2012-02-23 02:18 - 2010-11-20 21:27 - 0279656 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2012-02-21 15:40 - 2012-02-21 15:40 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2012-02-21 15:40 - 2012-02-21 15:39 - 0000000 ____D C:\Users\laptop\Application Data\PC Suite
2012-02-21 15:40 - 2012-02-21 15:39 - 0000000 ____D C:\Users\laptop\AppData\Roaming\PC Suite
2012-02-21 15:40 - 2012-02-21 15:39 - 0000000 ____D C:\Users\All Users\PC Suite
2012-02-21 15:40 - 2012-02-21 15:39 - 0000000 ____D C:\Users\All Users\Application Data\PC Suite
2012-02-21 15:40 - 2012-02-21 15:39 - 0000000 ____D C:\ProgramData\PC Suite
2012-02-21 15:37 - 2012-02-21 15:36 - 0000000 ____D C:\Program Files\DIFX
2012-02-21 15:37 - 2011-09-29 15:23 - 0023434 ____A C:\Windows\DPINST.LOG
2012-02-21 15:36 - 2012-02-21 15:36 - 0002040 ____A C:\Users\Public\Desktop\Nokia PC Suite.lnk
2012-02-21 15:36 - 2012-02-21 15:36 - 0002040 ____A C:\Users\All Users\Desktop\Nokia PC Suite.lnk
2012-02-21 15:36 - 2012-02-21 15:36 - 0000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2012-02-21 15:36 - 2012-02-21 15:36 - 0000000 ____D C:\Program Files (x86)\Nokia
2012-02-21 15:35 - 2012-02-21 15:35 - 0000000 ____D C:\Users\All Users\Installations
2012-02-21 15:35 - 2012-02-21 15:35 - 0000000 ____D C:\Users\All Users\Application Data\Installations
2012-02-21 15:35 - 2012-02-21 15:35 - 0000000 ____D C:\ProgramData\Installations
2012-02-21 15:34 - 2012-02-21 15:34 - 40264096 ____A () C:\Users\laptop\Downloads\Nokia_PC_Suite_eng_us_web.exe
2012-02-21 15:24 - 2012-02-21 15:24 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2012-02-21 11:02 - 2012-02-21 15:42 - 0272134 ____N C:\Users\laptop\Desktop\Image001.jpg
2012-02-21 11:01 - 2012-02-21 15:43 - 0284703 ____N C:\Users\laptop\Desktop\Image000.jpg
2012-02-20 12:40 - 2012-02-20 12:40 - 2911554 ____A C:\SDAS.bmp
2012-02-20 07:31 - 2012-02-20 07:19 - 154792496 ____A C:\Users\laptop\Desktop\Soul ution Night 2 Marcus Intalex Sun And Bass 2011.mp3
2012-02-20 07:23 - 2012-02-20 07:14 - 115202088 ____A C:\Users\laptop\Desktop\6416-Marcus Intalex - Soulution Radio - Volume 16 - 2010.04.30.mp3
2012-02-20 07:20 - 2012-02-20 07:15 - 57602297 ____A C:\Users\laptop\Desktop\marcuspodi.mp3
2012-02-20 00:45 - 2011-11-08 14:43 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-02-19 15:06 - 2012-02-19 13:19 - 38137617 ____A C:\Users\laptop\Desktop\Track01.mp3.part
2012-02-19 02:59 - 2012-02-19 02:59 - 0146942 ____A C:\Users\laptop\Desktop\IG_9668203.pdf
2012-02-19 02:55 - 2012-02-19 02:55 - 0981827 ____A C:\Users\laptop\Desktop\IAG_MF_PW_RCSTD_0911.pdf
2012-02-19 02:54 - 2012-02-19 02:54 - 0305256 ____A C:\Users\laptop\Desktop\IAG_MF_KF_RCSTD_0911.pdf
2012-02-19 00:51 - 2011-11-08 08:21 - 0000402 __ASH C:\Users\laptop\My Documents\desktop.ini
2012-02-19 00:51 - 2011-11-08 08:21 - 0000174 ___SH C:\Users\laptop\Start Menu\Programs\Startup\desktop.ini
2012-02-19 00:51 - 2011-11-08 08:21 - 0000174 ___SH C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-19 00:50 - 2009-07-13 22:45 - 7578488 ____A C:\Windows\System32\FNTCACHE.DAT
2012-02-18 12:23 - 2011-11-09 15:55 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-02-18 12:23 - 2011-11-09 15:55 - 0000000 ____D C:\Users\All Users\Application Data\Microsoft Help
2012-02-18 12:23 - 2011-11-09 15:55 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-02-12 10:19 - 2012-02-12 10:19 - 0000000 ____D C:\Users\laptop\Desktop\New folder (3)
2012-02-12 10:01 - 2012-02-12 10:00 - 0000000 ____D C:\Users\laptop\Desktop\New folder (2)
2012-02-12 08:10 - 2012-02-12 08:10 - 0000000 ____D C:\Users\laptop\zygrib
2012-02-12 08:10 - 2012-02-12 08:10 - 0000000 ____D C:\Users\laptop\Desktop\New folder
2012-02-12 08:10 - 2011-11-08 08:18 - 0000000 ____D C:\users\laptop
2012-02-07 15:13 - 2011-11-11 16:21 - 0000000 ____D C:\Users\laptop\Local Settings\Application Data\Akamai
2012-02-07 15:13 - 2011-11-11 16:21 - 0000000 ____D C:\Users\laptop\Local Settings\Akamai
2012-02-07 15:13 - 2011-11-11 16:21 - 0000000 ____D C:\Users\laptop\AppData\Local\Akamai
2012-02-04 17:11 - 2012-02-04 06:01 - 0000000 ____D C:\Users\laptop\Desktop\Tool Images Flickr
2012-02-04 09:11 - 2012-02-04 08:58 - 0008088 ____A C:\Users\laptop\Desktop\Design Table.xlsx
2012-02-04 08:52 - 2012-02-03 17:26 - 0000000 ____D C:\Users\laptop\Desktop\Solidworks 2011 Crack
2012-02-03 15:35 - 2011-03-17 15:25 - 0289636 ____A C:\Users\laptop\Desktop\Will_Usher_CV.pdf
2012-01-31 22:06 - 2012-01-30 02:05 - 0000000 ____D C:\Program Files (x86)\TunnelBear
2012-01-31 02:30 - 2012-01-17 06:00 - 0000000 ____D C:\Users\laptop\Desktop\Native Instruments
2012-01-30 16:32 - 2011-11-11 15:15 - 0000000 ____D C:\Users\laptop\Desktop\Exe Files
2012-01-30 08:31 - 2012-01-30 08:31 - 0598914 ____A C:\Users\laptop\Desktop\C__Users_laptop_AppData_Local_Mozilla_Firefox_Profiles_bvqvss52.pdf
2012-01-30 02:05 - 2012-01-30 02:05 - 0000792 ____A C:\Users\UpdatusUser\Desktop\TunnelBear.lnk
2012-01-30 02:05 - 2012-01-30 02:05 - 0000792 ____A C:\Users\laptop\Desktop\TunnelBear.lnk
2012-01-30 01:49 - 2012-01-30 01:49 - 0001136 ____A C:\Users\Public\Desktop\Expat Shield Launch.lnk
2012-01-30 01:49 - 2012-01-30 01:49 - 0001136 ____A C:\Users\All Users\Desktop\Expat Shield Launch.lnk
2012-01-30 01:48 - 2012-01-30 01:48 - 0000000 ____D C:\Expat Shield
2012-01-30 01:48 - 2012-01-30 01:47 - 0000000 ____D C:\Program Files (x86)\Expat Shield
2012-01-29 05:50 - 2012-01-29 05:50 - 0000000 ____D C:\Program Files (x86)\AC3Filter
2012-01-29 05:43 - 2012-01-29 05:43 - 0000000 ____D C:\Users\laptop\Local Settings\Application Data\Apple Computer
2012-01-29 05:43 - 2012-01-29 05:43 - 0000000 ____D C:\Users\laptop\Local Settings\Apple Computer
2012-01-29 05:43 - 2012-01-29 05:43 - 0000000 ____D C:\Users\laptop\AppData\Local\Apple Computer
2012-01-29 05:40 - 2011-11-16 05:13 - 0000000 ____D C:\Users\laptop\Desktop\Sketch Practice
2012-01-28 17:00 - 2011-11-11 14:38 - 0000000 ____D C:\Users\laptop\Desktop\Design
2012-01-26 05:06 - 2012-01-25 10:37 - 0000000 ____D C:\Users\laptop\Application Data\DivX
2012-01-26 05:06 - 2012-01-25 10:37 - 0000000 ____D C:\Users\laptop\AppData\Roaming\DivX
2012-01-25 10:54 - 2012-01-25 10:54 - 0000000 ____D C:\Users\laptop\Local Settings\DDMSettings
2012-01-25 10:54 - 2012-01-25 10:54 - 0000000 ____D C:\Users\laptop\Local Settings\Application Data\DDMSettings
2012-01-25 10:54 - 2012-01-25 10:54 - 0000000 ____D C:\Users\laptop\AppData\Local\DDMSettings
2012-01-25 10:54 - 2011-11-08 08:18 - 0000000 ____D C:\Users\laptop\AppData\LocalLow
2012-01-25 10:37 - 2012-01-25 10:37 - 0002122 ____A C:\Users\Public\Desktop\DivX Plus Converter.lnk
2012-01-25 10:37 - 2012-01-25 10:37 - 0002122 ____A C:\Users\All Users\Desktop\DivX Plus Converter.lnk
2012-01-25 10:37 - 2012-01-25 10:37 - 0001578 ____A C:\Users\laptop\Desktop\DivX Movies.lnk
2012-01-25 10:37 - 2012-01-25 10:37 - 0001118 ____A C:\Users\Public\Desktop\DivX Plus Player.lnk
2012-01-25 10:37 - 2012-01-25 10:37 - 0001118 ____A C:\Users\All Users\Desktop\DivX Plus Player.lnk
2012-01-25 10:37 - 2012-01-25 10:37 - 0000000 ____D C:\Program Files\DivX
2012-01-25 10:37 - 2012-01-25 10:34 - 0000000 ____D C:\Program Files (x86)\DivX
2012-01-25 10:37 - 2012-01-25 10:33 - 0000000 ____D C:\Users\All Users\DivX
2012-01-25 10:37 - 2012-01-25 10:33 - 0000000 ____D C:\Users\All Users\Application Data\DivX
2012-01-25 10:37 - 2012-01-25 10:33 - 0000000 ____D C:\ProgramData\DivX
2012-01-24 05:48 - 2011-11-08 08:19 - 0431952 ____A C:\Users\laptop\Local Settings\GDIPFONTCACHEV1.DAT
2012-01-24 05:48 - 2011-11-08 08:19 - 0431952 ____A C:\Users\laptop\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-01-24 05:48 - 2011-11-08 08:19 - 0431952 ____A C:\Users\laptop\AppData\Local\GDIPFONTCACHEV1.DAT
2012-01-21 08:43 - 2012-01-21 08:43 - 0096864 ____A C:\Users\laptop\Desktop\seren.png
2012-01-21 08:35 - 2012-01-21 08:35 - 0012675 ____A C:\Users\laptop\Desktop\Serendipity.png
2012-01-18 10:51 - 2011-11-27 10:17 - 0000000 ____D C:\Users\laptop\Application Data\FileZilla
2012-01-18 10:51 - 2011-11-27 10:17 - 0000000 ____D C:\Users\laptop\AppData\Roaming\FileZilla
2012-01-18 06:57 - 2011-11-09 16:19 - 0000000 ____D C:\Users\laptop\Application Data\Luxology
2012-01-18 06:57 - 2011-11-09 16:19 - 0000000 ____D C:\Users\laptop\AppData\Roaming\Luxology
2012-01-14 08:11 - 2009-07-13 23:08 - 0032548 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-01-13 22:06 - 2012-02-16 13:33 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-01-11 11:31 - 2012-01-11 10:40 - 0000000 ____D C:\Users\laptop\My Documents\Traktor3
2012-01-11 11:31 - 2012-01-11 10:40 - 0000000 ____D C:\Users\laptop\Documents\Traktor3
2012-01-11 10:41 - 2012-01-11 10:41 - 0001167 ____A C:\Users\UpdatusUser\Desktop\Service Center.lnk
2012-01-11 10:41 - 2012-01-11 10:40 - 0000000 ____D C:\Program Files (x86)\Native Instruments
2012-01-11 10:40 - 2012-01-11 10:40 - 0001207 ____A C:\Users\UpdatusUser\Desktop\Traktor DJ Studio 3.lnk
2012-01-11 10:40 - 2012-01-11 10:40 - 0001207 ____A C:\Users\laptop\Desktop\Traktor DJ Studio 3.lnk
2012-01-11 10:40 - 2012-01-11 10:40 - 0000000 ____D C:\Users\laptop\My Documents\Native Instruments
2012-01-11 10:40 - 2012-01-11 10:40 - 0000000 ____D C:\Users\laptop\Documents\Native Instruments
2012-01-10 20:03 - 2011-02-10 10:10 - 0769330 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-01-04 17:01 - 2012-01-04 17:01 - 0056832 ____A (AnchorFree Inc.) C:\Windows\System32\Drivers\HssDrv.sys
2012-01-04 17:01 - 2012-01-04 17:01 - 0037888 ____A (AnchorFree Inc) C:\Windows\System32\Drivers\taphss.sys
2012-01-04 08:28 - 2012-01-04 08:28 - 0016640 ____A (Windows ® Win 7 DDK provider) C:\Windows\System32\Drivers\gtkdrv.sys
2012-01-04 04:44 - 2012-02-16 13:33 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-01-04 04:44 - 2012-02-16 13:33 - 0509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-01-04 02:59 - 2012-02-16 13:33 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-01-04 02:58 - 2012-02-16 13:33 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2012-01-03 18:48 - 2012-01-03 18:48 - 0354176 ____A (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2012-01-03 11:48 - 2012-01-03 11:47 - 0000318 ____A C:\Windows\solvermfc.INI
2012-01-03 11:39 - 2011-11-10 11:08 - 0005432 ____A C:\rtpreview.log
2011-12-30 00:26 - 2012-02-16 13:33 - 0515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2011-12-29 23:27 - 2012-02-16 13:33 - 0478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2011-12-27 21:59 - 2012-02-16 13:33 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-12-22 03:58 - 2011-12-22 03:58 - 0002995 ____A C:\Users\Public\Desktop\SolidWorks Explorer 2011.lnk
2011-12-22 03:58 - 2011-12-22 03:58 - 0002995 ____A C:\Users\All Users\Desktop\SolidWorks Explorer 2011.lnk
2011-12-22 03:58 - 2011-12-22 03:58 - 0002271 ____A C:\Users\Public\Desktop\SolidWorks eDrawings 2011.lnk
2011-12-22 03:58 - 2011-12-22 03:58 - 0002271 ____A C:\Users\All Users\Desktop\SolidWorks eDrawings 2011.lnk
2011-12-22 03:58 - 2011-12-22 03:58 - 0000000 ____D C:\Program Files (x86)\SolidWorks Corp
2011-12-22 03:58 - 2011-12-22 03:51 - 0000000 ____D C:\Program Files\Common Files\SolidWorks Shared
2011-12-22 03:58 - 2011-11-09 15:56 - 0000000 ____D C:\Program Files\SolidWorks Corp
2011-12-22 03:57 - 2011-12-22 03:57 - 0002939 ____A C:\Users\Public\Desktop\SolidWorks eDrawings 2011 x64 Edition.lnk
2011-12-22 03:57 - 2011-12-22 03:57 - 0002939 ____A C:\Users\All Users\Desktop\SolidWorks eDrawings 2011 x64 Edition.lnk
2011-12-22 03:57 - 2011-12-22 03:50 - 0000000 ____D C:\SolidWorks Data
2011-12-22 03:56 - 2011-11-09 15:59 - 0000000 ____D C:\Users\All Users\DassaultSystemes
2011-12-22 03:56 - 2011-11-09 15:59 - 0000000 ____D C:\Users\All Users\Application Data\DassaultSystemes
2011-12-22 03:56 - 2011-11-09 15:59 - 0000000 ____D C:\ProgramData\DassaultSystemes
2011-12-22 03:55 - 2011-12-22 03:55 - 0002735 ____A C:\Users\Public\Desktop\SolidWorks 2011 x64 Edition.lnk
2011-12-22 03:55 - 2011-12-22 03:55 - 0002735 ____A C:\Users\All Users\Desktop\SolidWorks 2011 x64 Edition.lnk
2011-12-22 03:53 - 2011-12-22 03:52 - 0000000 ____D C:\Program Files (x86)\SolidWorksx86
2011-12-22 03:51 - 2011-09-29 17:00 - 0000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2011-12-22 03:51 - 2011-09-29 15:39 - 0000000 ____D C:\Program Files (x86)\Microsoft Office
2011-12-22 03:50 - 2011-12-22 03:50 - 0000000 ____D C:\Program Files\Common Files\Macrovision Shared
2011-12-22 03:50 - 2011-11-09 14:01 - 0000000 ____D C:\Windows\SolidWorks
2011-12-22 03:49 - 2011-12-22 03:49 - 0001254 ____A C:\Users\All Users\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk
2011-12-22 03:49 - 2011-11-09 14:01 - 0000000 ____D C:\Users\laptop\My Documents\SolidWorks Downloads
2011-12-22 03:49 - 2011-11-09 14:01 - 0000000 ____D C:\Users\laptop\Documents\SolidWorks Downloads
2011-12-22 03:11 - 2011-12-22 03:11 - 0000000 ____D C:\Users\laptop\My Documents\SW Log Files
2011-12-22 03:11 - 2011-12-22 03:11 - 0000000 ____D C:\Users\laptop\Documents\SW Log Files
2011-12-22 02:38 - 2011-11-09 15:21 - 0000000 ____D C:\Users\laptop\Application Data\IM
2011-12-22 02:38 - 2011-11-09 15:21 - 0000000 ____D C:\Users\laptop\AppData\Roaming\IM
2011-12-22 02:37 - 2011-11-09 16:06 - 0000000 ____D C:\Users\All Users\FLEXnet
2011-12-22 02:37 - 2011-11-09 16:06 - 0000000 ____D C:\Users\All Users\Application Data\FLEXnet
2011-12-22 02:37 - 2011-11-09 16:06 - 0000000 ____D C:\ProgramData\FLEXnet
2011-12-22 01:34 - 2011-12-22 01:34 - 0000000 ____D C:\Users\CURRENT_USER\AppData\Roaming\SolidWorks
2011-12-22 01:34 - 2011-12-22 01:34 - 0000000 ____D C:\users\CURRENT_USER
2011-12-16 10:10 - 2011-11-27 11:41 - 0000000 ____D C:\Users\laptop\Desktop\willusher
2011-12-16 05:32 - 2009-07-13 21:20 - 0000000 ____D C:\Windows\rescache
2011-12-16 02:46 - 2012-02-16 13:33 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2011-12-16 01:52 - 2012-02-16 13:33 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2011-12-14 01:43 - 2012-02-17 16:56 - 17790464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-12-14 01:16 - 2012-02-17 16:55 - 10887168 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-12-14 01:11 - 2012-02-17 16:56 - 2308096 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-12-14 01:04 - 2012-02-17 16:56 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-12-14 01:04 - 2012-02-17 16:56 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-12-14 01:03 - 2012-02-17 16:56 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-12-14 01:03 - 2012-02-17 16:56 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-12-14 01:01 - 2012-02-17 16:56 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-12-14 01:00 - 2012-02-17 16:56 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-12-14 00:59 - 2012-02-17 16:56 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-12-14 00:57 - 2012-02-17 16:56 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-12-14 00:57 - 2012-02-17 16:56 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-12-14 00:53 - 2012-02-17 16:56 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-12-13 21:30 - 2012-02-17 16:56 - 12282368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-12-13 21:10 - 2012-02-17 16:55 - 9705472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-12-13 21:04 - 2012-02-17 16:56 - 1798656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2011-12-13 20:57 - 2012-02-17 16:56 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-12-13 20:57 - 2012-02-17 16:56 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-12-13 20:56 - 2012-02-17 16:56 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2011-12-13 20:55 - 2012-02-17 16:56 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-12-13 20:54 - 2012-02-17 16:56 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-12-13 20:53 - 2012-02-17 16:56 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-12-13 20:52 - 2012-02-17 16:56 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-12-13 20:50 - 2012-02-17 16:56 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-12-13 20:50 - 2012-02-17 16:56 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-12-13 20:47 - 2012-02-17 16:56 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-12-12 05:52 - 2011-12-12 05:52 - 0000000 ____D C:\Users\laptop\Application Data\Apple Computer
2011-12-12 05:52 - 2011-12-12 05:52 - 0000000 ____D C:\Users\laptop\AppData\Roaming\Apple Computer
2011-12-11 05:14 - 2011-12-11 05:14 - 0001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2011-12-11 05:14 - 2011-12-11 05:14 - 0001847 ____A C:\Users\All Users\Desktop\QuickTime Player.lnk
2011-12-11 05:14 - 2011-12-11 05:14 - 0000000 ____D C:\Users\All Users\Application Data\Apple Computer
2011-12-11 05:14 - 2011-12-11 05:14 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-12-11 05:14 - 2011-12-11 05:14 - 0000000 ____D C:\ProgramData\Apple Computer
2011-12-11 05:14 - 2011-12-11 05:14 - 0000000 ____D C:\Program Files (x86)\QuickTime
2011-12-11 05:13 - 2011-12-11 05:13 - 0000000 ____D C:\Users\laptop\Local Settings\Application Data\Apple
2011-12-11 05:13 - 2011-12-11 05:13 - 0000000 ____D C:\Users\laptop\Local Settings\Apple
2011-12-11 05:13 - 2011-12-11 05:13 - 0000000 ____D C:\Users\laptop\AppData\Local\Apple
2011-12-11 05:13 - 2011-12-11 05:13 - 0000000 ____D C:\Program Files (x86)\Apple Software Update
2011-12-09 05:31 - 2011-12-09 05:32 - 0151552 ____A C:\Windows\KMService.exe
2011-12-09 05:31 - 2011-12-09 05:32 - 0008192 ____A C:\Windows\SysWOW64\srvany.exe
2011-12-09 05:30 - 2011-12-09 05:30 - 0000000 ____D C:\Users\laptop\Desktop\Office Activation
2011-12-09 03:07 - 2011-09-29 15:37 - 0000000 ___RD C:\Program Files (x86)\Skype
2011-12-09 03:07 - 2011-09-29 15:36 - 0000000 ____D C:\Users\All Users\Skype
2011-12-09 03:07 - 2011-09-29 15:36 - 0000000 ____D C:\Users\All Users\Application Data\Skype
2011-12-09 03:07 - 2011-09-29 15:36 - 0000000 ____D C:\ProgramData\Skype
2011-12-09 01:02 - 2011-11-09 18:15 - 0000000 ____D C:\Users\laptop\Application Data\skypePM
2011-12-09 01:02 - 2011-11-09 18:15 - 0000000 ____D C:\Users\laptop\AppData\Roaming\skypePM

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 10%
Total physical RAM: 8086.17 MB
Available physical RAM: 7253.37 MB
Total Pagefile: 8084.37 MB
Available Pagefile: 7242.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:446.13 GB) (Free:179.54 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:19.53 GB) (Free:10.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: (LISTO-750) (Fixed) (Total:698.47 GB) (Free:608.93 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 2048 KB
Disk 1 Online 698 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 101 MB 31 KB
Partition 2 Primary 19 GB 104 MB
Partition 3 Primary 446 GB 19 GB

======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 FAT Partition 101 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D RECOVERY NTFS Partition 19 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 446 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 698 GB 31 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F LISTO-750 FAT32 Partition 698 GB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-02-29 23:47

======================= End Of Log ==========================

#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:01 AM

Posted 06 March 2012 - 02:10 PM

Hi,


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

HKLM\...\Winlogon: [Shell] expl?rer.exe [208896 2012-03-06] (mVox Electronics)

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 w i l l

w i l l
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 06 March 2012 - 02:43 PM

Fix result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 06-03-2012
Ran by SYSTEM at 2012-03-06 18:39:04 R:1
Running from F:\

==============================================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell Value was restored.

==== End of Fixlog ====

#9 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:01 AM

Posted 06 March 2012 - 03:06 PM

Hi,

can you please reboot and check if you can boot normally now.
regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#10 w i l l

w i l l
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 06 March 2012 - 03:19 PM

Yes it does.... thanks very much!

#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:01 AM

Posted 06 March 2012 - 03:24 PM

Hi,

that's great :)

Please run OTL next to check if there's more:
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 w i l l

w i l l
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 06 March 2012 - 03:38 PM

OTL logfile created on: 06/03/2012 19:31:56 - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\laptop\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

7.90 Gb Total Physical Memory | 5.62 Gb Available Physical Memory | 71.11% Memory free
15.79 Gb Paging File | 13.45 Gb Available in Paging File | 85.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.13 Gb Total Space | 181.35 Gb Free Space | 40.65% Space Free | Partition Type: NTFS

Computer Name: LAPTOP-PC | User Name: laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/06 19:31:53 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
PRC - [2012/03/06 19:19:34 | 000,653,176 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\bittorrent.exe
PRC - [2012/02/20 07:40:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/02 02:44:30 | 003,329,824 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\laptop\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/01/07 02:45:30 | 000,653,640 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
PRC - [2012/01/06 19:32:46 | 000,331,608 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
PRC - [2012/01/05 00:02:02 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
PRC - [2012/01/05 00:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
PRC - [2011/12/16 11:04:38 | 001,508,408 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2011/12/09 12:31:02 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2011/12/09 12:31:02 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe
PRC - [2011/11/30 16:12:40 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011/11/30 16:12:14 | 000,126,504 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2011/09/06 19:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 19:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/04/22 17:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/22 03:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/04/13 16:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/12/21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/17 16:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2009/02/23 20:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
PRC - [2003/05/15 02:19:50 | 000,217,193 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/20 07:40:57 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/19 08:18:25 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
MOD - [2012/02/19 07:56:43 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012/02/19 07:56:20 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012/02/19 07:56:09 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012/02/19 07:56:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012/02/19 07:56:00 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/19 07:55:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/19 07:55:56 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012/02/19 07:55:47 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/02/19 07:55:45 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/01/07 02:45:30 | 000,653,640 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
MOD - [2012/01/06 19:38:32 | 000,009,544 | ---- | M] () -- C:\Program Files (x86)\Expat Shield\bin\lang\gui-eng.dll
MOD - [2011/12/16 11:05:12 | 000,345,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2011/12/16 11:05:10 | 000,282,168 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2011/12/16 11:05:06 | 008,197,176 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2011/12/16 11:05:04 | 002,302,008 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2011/12/16 11:05:02 | 000,027,704 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2011/12/16 11:05:00 | 000,202,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2011/11/13 18:38:12 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/12 11:08:30 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/11/10 14:32:05 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2011/08/18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/04/22 17:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011/04/22 03:32:12 | 000,235,112 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/17 16:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/12/22 10:50:27 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/08/08 13:39:18 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/07/28 03:04:48 | 001,517,328 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV:64bit: - [2011/07/28 02:48:34 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/07/28 02:44:18 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV:64bit: - [2011/06/06 15:23:18 | 006,438,264 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV:64bit: - [2011/06/03 18:51:38 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) Intel® Centrino® Wireless Bluetooth®
SRV:64bit: - [2010/11/29 21:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010/10/05 08:07:08 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV:64bit: - [2010/09/23 00:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/01/06 19:39:16 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Expat Shield\bin\EXPATTrayService.exe -- (ExpatTrayService)
SRV - [2012/01/06 19:32:46 | 000,331,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe -- (ExpatShieldService)
SRV - [2012/01/05 00:02:02 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -- (ExpatWd)
SRV - [2012/01/05 00:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe -- (ExpatSrv)
SRV - [2011/12/22 10:50:27 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2011/12/09 12:31:02 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011/11/30 16:12:40 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/11/09 23:01:06 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/04/22 17:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/22 03:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/12/21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/03/18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/01/05 00:01:56 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:64bit: - [2012/01/05 00:01:54 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012/01/04 15:28:36 | 000,016,640 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtkdrv.sys -- (TrojanKillerDriver)
DRV:64bit: - [2011/11/08 20:54:50 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/11/01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/11/01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/11/01 10:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/11/01 10:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/09/29 23:51:43 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/09/29 23:51:43 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/08/08 13:32:08 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/08/08 13:32:08 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/08/04 02:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel®
DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/05/17 15:27:54 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011/05/17 15:27:52 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/05/17 15:27:50 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/04/22 17:13:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/03/17 13:10:48 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2011/03/07 21:52:24 | 012,264,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/02/10 23:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 23:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/01/31 16:24:46 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2011/01/20 17:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/01/13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/13 18:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/11/30 23:02:54 | 000,412,264 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/29 21:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/23 08:34:00 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/11 02:32:20 | 000,172,632 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/10/16 01:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010/09/24 02:44:48 | 001,394,224 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/08/20 19:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/07/13 03:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010/07/01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010/03/19 09:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/27 16:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/22 00:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007/02/16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2006/11/01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 19:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {938B6A5F-1144-4267-BBDE-8918EFDD0597}
IE:64bit: - HKLM\..\SearchScopes\{938B6A5F-1144-4267-BBDE-8918EFDD0597}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {938B6A5F-1144-4267-BBDE-8918EFDD0597}
IE - HKLM\..\SearchScopes\{938B6A5F-1144-4267-BBDE-8918EFDD0597}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.ask.com/?l=dis&o=15438
IE - HKCU\..\SearchScopes,DefaultScope = {938B6A5F-1144-4267-BBDE-8918EFDD0597}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=BT5&o=&src=crm&q={searchTerms}&locale=
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=_fQz3HDu4rDdSeyteC_MKqQWbKI?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/25 17:37:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/20 07:40:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/25 17:37:54 | 000,000,000 | ---D | M]

[2011/11/08 21:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laptop\AppData\Roaming\Mozilla\Extensions
[2012/02/19 07:52:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laptop\AppData\Roaming\Mozilla\Firefox\Profiles\bvqvss52.default\extensions
[2012/01/30 08:47:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/30 08:47:52 | 000,000,000 | ---D | M] (Expat Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
() (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BVQVSS52.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2012/02/20 07:40:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/05 04:44:20 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/11/05 04:32:18 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/05 04:44:20 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/11/05 04:44:20 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/11/05 04:44:20 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll (AnchorFree Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll (AnchorFree Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\laptop\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.4.4 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5417A58-F620-43C4-B9BC-1280493B59E9}: DhcpNameServer = 8.8.4.4 8.8.8.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/11/11 22:38:16 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{a18afb0d-0a43-11e1-85f6-848f69adef7f}\Shell - "" = AutoRun
O33 - MountPoints2\{a18afb0d-0a43-11e1-85f6-848f69adef7f}\Shell\AutoRun\command - "" = G:\.\swwi\data\swsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/07 01:45:57 | 000,000,000 | ---D | C] -- C:\FRST
[2012/03/06 19:31:45 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
[2012/03/06 14:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer
[2012/03/06 14:03:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridinSoft Trojan Killer
[2012/03/05 17:17:22 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Honey I Shrunk The Kids
[2012/03/05 14:21:59 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Locked.Up.Abroad
[2012/03/05 13:15:38 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Sherlock Holmes[2009]DvDrip[Eng]-FXG
[2012/03/05 12:37:24 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Films etc
[2012/03/04 09:05:01 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Extras
[2012/03/04 09:02:57 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Catch.Me.If.You.Can[ENG][DVDRip]
[2012/03/04 09:01:25 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Shrek 1 and 2 dvd rip's[eng]XviD.Rets
[2012/02/28 00:49:43 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Escape.From.Alcatraz.1979.544.25fps.818Kbps.V5.WunSeeDee
[2012/02/26 14:47:17 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Desperate Housewives Season 6 720p
[2012/02/26 14:43:17 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Desperate Housewives Season 7 Complete 720p
[2012/02/21 22:39:13 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\PC Suite
[2012/02/21 22:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012/02/21 22:39:12 | 000,000,000 | ---D | C] -- C:\Users\laptop\AppData\Roaming\Nokia
[2012/02/21 22:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
[2012/02/21 22:36:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PCSuite
[2012/02/21 22:36:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2012/02/21 22:36:47 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2012/02/21 22:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/02/21 22:36:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2012/02/21 22:36:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2012/02/21 22:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2012/02/17 23:56:07 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/17 23:56:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/17 23:56:05 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/17 23:56:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/17 23:56:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/17 23:56:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/17 23:56:04 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/17 23:56:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/17 23:56:04 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/17 23:56:03 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/17 23:56:03 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/16 20:33:21 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/16 20:33:19 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/16 20:33:19 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/16 20:33:13 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/12 17:19:30 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\New folder (3)
[2012/02/12 17:00:59 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\New folder (2)
[2012/02/12 15:10:41 | 000,000,000 | ---D | C] -- C:\Users\laptop\zygrib
[2012/02/12 15:10:15 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\New folder

========== Files - Modified Within 30 Days ==========

[2012/03/06 19:31:53 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\laptop\Desktop\OTL.exe
[2012/03/06 18:53:17 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/06 18:53:17 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/06 18:50:37 | 000,792,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/06 18:50:37 | 000,672,396 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/06 18:50:37 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/06 18:45:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/06 18:44:56 | 2064,252,927 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/06 17:06:35 | 001,402,880 | ---- | M] () -- C:\Users\laptop\Desktop\HijackThis.msi
[2012/03/06 14:17:22 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012/03/05 18:27:02 | 001,556,443 | ---- | M] () -- C:\Users\laptop\Desktop\IMG_5686.JPG
[2012/03/04 15:34:08 | 001,543,475 | ---- | M] () -- C:\Users\laptop\Desktop\IMG_5678.JPG
[2012/03/03 18:51:12 | 070,430,454 | ---- | M] () -- C:\Users\laptop\Desktop\MVI_5643.AVI
[2012/03/02 16:53:44 | 000,167,163 | ---- | M] () -- C:\Users\laptop\Desktop\Image004.jpg
[2012/02/21 22:40:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012/02/21 22:36:53 | 000,002,040 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2012/02/21 22:24:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012/02/21 18:02:56 | 000,272,134 | ---- | M] () -- C:\Users\laptop\Desktop\Image001.jpg
[2012/02/21 18:01:58 | 000,284,703 | ---- | M] () -- C:\Users\laptop\Desktop\Image000.jpg
[2012/02/20 19:40:50 | 002,911,554 | ---- | M] () -- C:\SDAS.bmp
[2012/02/20 14:31:39 | 154,792,496 | ---- | M] () -- C:\Users\laptop\Desktop\Soul ution Night 2 Marcus Intalex Sun And Bass 2011.mp3
[2012/02/20 14:23:12 | 115,202,088 | ---- | M] () -- C:\Users\laptop\Desktop\6416-Marcus Intalex - Soulution Radio - Volume 16 - 2010.04.30.mp3
[2012/02/20 14:20:28 | 057,602,297 | ---- | M] () -- C:\Users\laptop\Desktop\marcuspodi.mp3
[2012/02/19 22:06:20 | 038,137,617 | ---- | M] () -- C:\Users\laptop\Desktop\Track01.mp3.part
[2012/02/19 09:59:57 | 000,146,942 | ---- | M] () -- C:\Users\laptop\Desktop\IG_9668203.pdf
[2012/02/19 09:55:23 | 000,981,827 | ---- | M] () -- C:\Users\laptop\Desktop\IAG_MF_PW_RCSTD_0911.pdf
[2012/02/19 09:54:20 | 000,305,256 | ---- | M] () -- C:\Users\laptop\Desktop\IAG_MF_KF_RCSTD_0911.pdf
[2012/02/19 07:50:01 | 007,578,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2012/03/06 17:11:32 | 001,402,880 | ---- | C] () -- C:\Users\laptop\Desktop\HijackThis.msi
[2012/03/06 14:03:59 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012/03/05 18:27:23 | 001,556,443 | ---- | C] () -- C:\Users\laptop\Desktop\IMG_5686.JPG
[2012/03/04 15:34:57 | 001,543,475 | ---- | C] () -- C:\Users\laptop\Desktop\IMG_5678.JPG
[2012/03/04 09:34:27 | 000,167,163 | ---- | C] () -- C:\Users\laptop\Desktop\Image004.jpg
[2012/03/03 20:21:35 | 070,430,454 | ---- | C] () -- C:\Users\laptop\Desktop\MVI_5643.AVI
[2012/02/21 22:43:09 | 000,284,703 | ---- | C] () -- C:\Users\laptop\Desktop\Image000.jpg
[2012/02/21 22:42:26 | 000,272,134 | ---- | C] () -- C:\Users\laptop\Desktop\Image001.jpg
[2012/02/21 22:40:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012/02/21 22:36:53 | 000,002,040 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2012/02/21 22:24:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2012/02/20 19:40:50 | 002,911,554 | ---- | C] () -- C:\SDAS.bmp
[2012/02/20 14:19:03 | 154,792,496 | ---- | C] () -- C:\Users\laptop\Desktop\Soul ution Night 2 Marcus Intalex Sun And Bass 2011.mp3
[2012/02/20 14:15:32 | 057,602,297 | ---- | C] () -- C:\Users\laptop\Desktop\marcuspodi.mp3
[2012/02/20 14:14:40 | 115,202,088 | ---- | C] () -- C:\Users\laptop\Desktop\6416-Marcus Intalex - Soulution Radio - Volume 16 - 2010.04.30.mp3
[2012/02/19 20:19:21 | 038,137,617 | ---- | C] () -- C:\Users\laptop\Desktop\Track01.mp3.part
[2012/02/19 09:59:57 | 000,146,942 | ---- | C] () -- C:\Users\laptop\Desktop\IG_9668203.pdf
[2012/02/19 09:55:23 | 000,981,827 | ---- | C] () -- C:\Users\laptop\Desktop\IAG_MF_PW_RCSTD_0911.pdf
[2012/02/19 09:54:19 | 000,305,256 | ---- | C] () -- C:\Users\laptop\Desktop\IAG_MF_KF_RCSTD_0911.pdf
[2012/01/03 18:47:56 | 000,000,318 | ---- | C] () -- C:\Windows\solvermfc.INI
[2011/12/09 12:32:08 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe
[2011/12/09 12:32:08 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011/11/15 17:24:46 | 000,000,952 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2011/11/15 01:36:02 | 000,003,584 | ---- | C] () -- C:\Users\laptop\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/11 22:24:16 | 000,000,058 | ---- | C] () -- C:\Windows\SysWow64\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011/11/11 22:24:16 | 000,000,058 | ---- | C] () -- C:\Users\laptop\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011/11/11 10:56:17 | 000,009,171 | ---- | C] () -- C:\Users\laptop\AppData\Roaming\Microsoft Excel 97-2003.EML
[2011/11/11 10:56:13 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/11/10 15:46:54 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/11/09 23:00:37 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2011/09/29 23:31:42 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/09/29 23:31:38 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/09/29 23:31:37 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/02/10 17:10:51 | 000,769,330 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== Files - Unicode (All) ==========
[2012/03/06 12:44:39 | 000,208,896 | ---- | C] (mVox Electronics)(C:\Windows\expl?rer.exe) -- C:\Windows\explоrer.exe
[2012/03/06 12:44:09 | 000,208,896 | ---- | M] (mVox Electronics)(C:\Windows\expl?rer.exe) -- C:\Windows\explоrer.exe


< End of report >










OTL Extras logfile created on: 06/03/2012 19:31:56 - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Users\laptop\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

7.90 Gb Total Physical Memory | 5.62 Gb Available Physical Memory | 71.11% Memory free
15.79 Gb Paging File | 13.45 Gb Available in Paging File | 85.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.13 Gb Total Space | 181.35 Gb Free Space | 40.65% Space Free | Partition Type: NTFS

Computer Name: LAPTOP-PC | User Name: laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel® PROSet/Wireless WiFi Software
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java™ 6 Update 27 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F113377-0BA1-4552-9ABB-9BF220FAF132}" = SolidWorks 2011 x64 Edition SP0
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{5ECFC170-8934-4D31-8374-0837288D6AE3}" = SolidWorks eDrawings 2011 x64 Edition SP0
"{5F590D74-AA75-410F-A778-3CDFCE12DCD4}" = SolidWorks Explorer 2011 SP0 x64 Edition
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A7D9775A-2F07-413A-B312-3464B3CB79CD}" = Maxwell Shell Extension (x64)
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AF713CBA-16E2-49AB-95D2-26CC7A21F6FB}" = Maxwell For SolidWorks x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.30
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D76539F0-8CF5-4378-994E-D8050CEAEF8B}" = modo 401 sp4 x64 34686
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows Driver Package - Nokia Modem (02/25/2011 4.7)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Unlocker" = Unlocker 1.9.1-x64
"Wacom Tablet Driver" = Wacom Tablet

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DD706AF-B542-438C-999E-B30C7F625C8D}" = Intel® WiDi
"{0DFB21D8-56F1-4484-8398-A85EBEEFC728}" = TeboScreen
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java™ 6 Update 29
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{41313863-5170-4D7E-AD60-3CDF4DEBA81F}" = Nokia PC Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}" = Adobe Setup
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF95F1EE-9ECA-45C1-B02B-F56DDB8A3E83}" = PC Connectivity Solution
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED6C5903-331C-4356-A0B2-22EFB7C9458D}" = Extensis Suitcase Fusion 2
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"AC3Filter_is1" = AC3Filter 1.62b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Adobe_a04a925a57548091300ada368235fc6" = Adobe Illustrator CS3
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"BitTorrent" = BitTorrent
"Blow Up" = Alien Skin Blow Up
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup" = DivX Setup
"ESET Online Scanner" = ESET Online Scanner v3
"ExpatShield" = Expat Shield 2.24
"FileZilla Client" = FileZilla Client 3.5.2
"Google Desktop" = Google Desktop
"GridinSoft Trojan Killer" = Trojan Killer
"InstallShield_{D76539F0-8CF5-4378-994E-D8050CEAEF8B}" = modo 401 sp4 x64 34686
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Maxwell 2" = Maxwell 2
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox 10.0.2 (x86 en-GB)" = Mozilla Firefox 10.0.2 (x86 en-GB)
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3
"Nokia PC Suite" = Nokia PC Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"ProInst" = Intel PROSet Wireless
"ScreenshotCaptor_is1" = Screenshot Captor 2.102.01
"SolidWorks Installation Manager 20110-40000-1100-100" = SolidWorks 2011 x64 Edition SP0
"TunnelBear" = TunnelBear 1.0.28
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14/01/2012 15:33:13 | Computer Name = laptop-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/01/2012 15:42:15 | Computer Name = laptop-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/01/2012 07:02:38 | Computer Name = laptop-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/01/2012 07:03:36 | Computer Name = laptop-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Skype.exe, version: 5.5.0.124, time stamp:
0x4e96a02b Faulting module name: Skype.exe, version: 5.5.0.124, time stamp: 0x4e96a02b
Exception
code: 0xc0000005 Fault offset: 0x0021be0a Faulting process id: 0x1080 Faulting application
start time: 0x01ccd3753e2ea653 Faulting application path: C:\Program Files (x86)\Skype\Phone\Skype.exe
Faulting
module path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: 9211eab5-3f68-11e1-bf8d-848f69adef7f

Error - 15/01/2012 13:14:38 | Computer Name = laptop-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/01/2012 13:54:09 | Computer Name = laptop-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 15/01/2012 17:09:59 | Computer Name = laptop-PC | Source = WinMgmt | ID = 10
Description =

Error - 18/01/2012 06:18:37 | Computer Name = laptop-PC | Source = WinMgmt | ID = 10
Description =

Error - 18/01/2012 10:27:31 | Computer Name = laptop-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Illustrator.exe, version: 13.0.128.0, time
stamp: 0x45fa64db Faulting module name: Illustrator.exe, version: 13.0.128.0, time
stamp: 0x45fa64db Exception code: 0xc0000005 Fault offset: 0x004b2850 Faulting process
id: 0xc0c Faulting application start time: 0x01ccd5cba0aeb77b Faulting application
path: C:\Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\Illustrator.exe
Faulting
module path: C:\Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\Illustrator.exe
Report
Id: 8d9f16f9-41e0-11e1-add6-848f69adef7f

Error - 18/01/2012 12:47:07 | Computer Name = laptop-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Illustrator.exe, version: 13.0.128.0, time
stamp: 0x45fa64db Faulting module name: Illustrator.exe, version: 13.0.128.0, time
stamp: 0x45fa64db Exception code: 0xc0000005 Fault offset: 0x004b2850 Faulting process
id: 0x1e80 Faulting application start time: 0x01ccd5ed57f9f668 Faulting application
path: C:\Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\Illustrator.exe
Faulting
module path: C:\Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\Illustrator.exe
Report
Id: 0e0c2aae-41f4-11e1-add6-848f69adef7f

[ System Events ]
Error - 20/02/2012 02:40:45 | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 20/02/2012 02:41:15 | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 20/02/2012 02:52:29 | Computer Name = laptop-PC | Source = bowser | ID = 8003
Description =

Error - 20/02/2012 06:28:13 | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 20/02/2012 06:28:43 | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 20/02/2012 08:12:49 | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 20/02/2012 08:13:19 | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 20/02/2012 12:18:33 | Computer Name = laptop-PC | Source = bowser | ID = 8003
Description =

Error - 20/02/2012 15:11:20 | Computer Name = laptop-PC | Source = BROWSER | ID = 8032
Description =

Error - 21/02/2012 17:36:45 | Computer Name = laptop-PC | Source = Service Control Manager | ID = 7030
Description = The ServiceLayer service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.


< End of report >

#13 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:01 AM

Posted 06 March 2012 - 03:44 PM

Your log(s) show that you are sharing entertainment files and proprietary software. This infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organisations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."

Please remove these before continuing:

[2012/03/05 14:21:59 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Locked.Up.Abroad
[2012/03/05 13:15:38 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Sherlock Holmes[2009]DvDrip[Eng]-FXG
[2012/03/05 12:37:24 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Films etc
[2012/03/04 09:05:01 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Extras
[2012/03/04 09:02:57 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Catch.Me.If.You.Can[ENG][DVDRip]
[2012/03/04 09:01:25 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Shrek 1 and 2 dvd rip's[eng]XviD.Rets
[2012/02/28 00:49:43 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Escape.From.Alcatraz.1979.544.25fps.818Kbps.V5.WunSeeDee
[2012/02/26 14:47:17 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Desperate Housewives Season 6 720p
[2012/02/26 14:43:17 | 000,000,000 | ---D | C] -- C:\Users\laptop\Desktop\Desperate Housewives Season 7 Complete 720p


regards myrti

Edited by myrti, 06 March 2012 - 03:45 PM.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#14 w i l l

w i l l
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 06 March 2012 - 03:49 PM

Ooooo Linux.

OK I understand that, I'll need to buy a hard drive to remove first.

Thanks

#15 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,774 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:05:01 AM

Posted 06 March 2012 - 03:53 PM

Or you could go out and buy the originals of those movies and simply delete the files..

myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users