Cannot open some folders

ffrree · 27 Jul 2011

I am the only user for my workstation, and the login is an Admin type.

I was able to access the folder Users\{username}\Local Settings, however now, all of a sudden, I can't even open the folder, the message "access denied" pops up.

Any clue why?

Also some other folders are suffering the same fate like

\Document and Settings
\Users\{username}\Application Data

and also there seems to have a (short cut) named

Users\{username}\My Documents

next to the folder

Users\{username}\My Documents.

Same name, but one is a folder, which I can open, one has an icon like a short cut, but not quite a shortcut. which I can not open.

Any help would be most appreciated.

Maguscreed · 27 Jul 2011

What are you using as your security app?

It's possible an aggressive antivirus or firewall app has locked those locations down.

ffrree · 27 Jul 2011

I am using Trend Micro Titanium

tom982 · 27 Jul 2011

Hello ffrree and welcome to the forums

Can you do the following for me please?

OTL

Download OTL to your desktop.
Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Tom

ffrree · 27 Jul 2011

Thanks Tom982,

This is the OTL.txt output per your specification

==============

OTL logfile created on: 27/07/2011 7:14:41 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = E:\x64 downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

23.99 Gb Total Physical Memory | 21.52 Gb Available Physical Memory | 89.72% Memory free
47.98 Gb Paging File | 45.32 Gb Available in Paging File | 94.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.66 Gb Total Space | 29.47 Gb Free Space | 30.18% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 1277.15 Gb Free Space | 68.55% Space Free | Partition Type: NTFS

Computer Name: AAVIDEO | User Name: Me | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - E:\x64 downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Replay Telecorder for Skype\replay_telecorder_skype.exe (Applian Technologies Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)

========== Modules (SafeList) ==========

MOD - E:\x64 downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (ImDskSvc) -- C:\Windows\SysNative\imdsksvc.exe (Olof Lagerkvist)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Trend Micro Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)

========== Driver Services (SafeList) ==========

DRV:64bit: - (Pcouffin64) -- C:\Windows\SysNative\drivers\pcouffin64a.sys (VSO Software)
DRV:64bit: - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.)
DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.)
DRV:64bit: - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.)
DRV:64bit: - (appliandMP) -- C:\Windows\SysNative\drivers\appliand.sys (Applian Technologies Inc.)
DRV:64bit: - (appliand) -- C:\Windows\SysNative\drivers\appliand.sys (Applian Technologies Inc.)
DRV:64bit: - (AWEAlloc) -- C:\Windows\SysNative\drivers\awealloc.sys (Olof Lagerkvist)
DRV:64bit: - (ImDisk) -- C:\Windows\SysNative\drivers\imdisk.sys (Olof Lagerkvist)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (mv91xx) -- C:\Windows\SysNative\drivers\mv91xx.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Google Toolbar
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = ninemsn - Hotmail, Messenger, News, Sport, Celebrity, Finance, Travel, Cars, Movies, Shopping
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 0A 13 29 0C 37 CC 01 [binary data]
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2011/07/03 21:39:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1079\firefoxextension\ [2011/07/04 13:13:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/13 21:06:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/07/03 18:44:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Me\AppData\Roaming\Mozilla\Extensions
[2011/07/20 12:34:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/07/03 18:43:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/07/20 12:34:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/07/03 21:39:43 | 000,000,000 | ---D | M] (Trend Micro Toolbar) -- C:\PROGRAM FILES\TREND MICRO\TITANIUM\UIFRAMEWORK\TOOLBAR\FIREFOXEXTENSION
[2011/06/16 14:32:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 18:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 18:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 18:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 18:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 18:00:00 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2010/01/01 18:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2010/01/01 18:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001..\Run: [replay_telecorder_skype] C:\Program Files (x86)\Replay Telecorder for Skype\replay_telecorder_skype.exe (Applian Technologies Inc.)
O4 - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001..\Run: [RESTART_STICKY_NOTES] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn...Detection2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab...l_4.4.24.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 203.12.160.35 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1464\6.6.1079\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/27 18:33:31 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Ilivid Player
[2011/07/27 18:32:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\~0
[2011/07/27 18:29:41 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\PackageAware
[2011/07/27 08:42:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VPL
[2011/07/27 08:42:39 | 000,000,000 | ---D | C] -- C:\Windows\Video Padlock
[2011/07/27 08:42:16 | 000,000,000 | ---D | C] -- C:\Windows\Replay Media Splitter
[2011/07/27 08:42:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Media Splitter
[2011/07/27 08:41:42 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\YouSendIt
[2011/07/27 08:41:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouSendIt
[2011/07/27 08:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2011/07/27 08:40:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2011/07/27 08:40:04 | 000,000,000 | ---D | C] -- C:\Windows\Replay Converter 4
[2011/07/27 08:40:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Converter 4
[2011/07/27 08:39:52 | 000,000,000 | ---D | C] -- C:\Windows\Replay AV
[2011/07/27 08:39:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay AV 8
[2011/07/27 08:39:03 | 000,000,000 | ---D | C] -- C:\Users\Me\Documents\Replay Telecorder
[2011/07/27 08:39:02 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011/07/27 08:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Telecorder for Skype
[2011/07/27 08:38:37 | 000,000,000 | ---D | C] -- C:\Windows\Replay Music
[2011/07/27 08:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Music 4
[2011/07/27 06:37:55 | 000,000,000 | ---D | C] -- C:\Users\Me\Documents\My Streaming Media
[2011/07/27 06:37:53 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Jaksta_Technologies_Pty_L
[2011/07/27 06:36:07 | 000,033,888 | ---- | C] (Applian Technologies Inc.) -- C:\Windows\SysNative\drivers\appliand.sys
[2011/07/27 06:36:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Applian Technologies
[2011/07/27 06:35:57 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Replay Media Catcher 4
[2011/07/27 06:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Applian
[2011/07/27 06:18:04 | 000,000,000 | ---D | C] -- C:\Windows\Applian Director
[2011/07/27 06:18:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Applian Director
[2011/07/27 06:17:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
[2011/07/27 06:17:37 | 000,000,000 | ---D | C] -- C:\Windows\Replay Video Capture 5
[2011/07/27 06:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Replay Video Capture 5
[2011/07/23 09:15:56 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\{D9235422-FF16-48A0-82E9-FD0957DAC26B}
[2011/07/23 09:14:43 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/07/23 09:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/07/23 09:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/07/23 09:11:44 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011/07/23 09:11:44 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011/07/23 09:11:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011/07/23 09:11:44 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011/07/23 09:11:26 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011/07/23 09:11:26 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011/07/23 09:10:31 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Windows Live
[2011/07/23 09:10:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/07/22 20:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topviewsoft Video Software
[2011/07/22 20:32:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Screen Video Capture by Topviewsoft
[2011/07/21 10:11:25 | 000,099,328 | ---- | C] (Olof Lagerkvist) -- C:\Windows\SysNative\imdisk.cpl
[2011/07/21 10:11:25 | 000,086,016 | ---- | C] (Olof Lagerkvist) -- C:\Windows\SysWow64\imdisk.cpl
[2011/07/21 10:11:25 | 000,040,960 | ---- | C] (Olof Lagerkvist) -- C:\Windows\SysNative\imdisk.exe
[2011/07/21 10:11:25 | 000,036,864 | ---- | C] (Olof Lagerkvist) -- C:\Windows\SysWow64\imdisk.exe
[2011/07/21 10:11:25 | 000,034,776 | ---- | C] (Olof Lagerkvist) -- C:\Windows\SysNative\drivers\imdisk.sys
[2011/07/21 10:11:25 | 000,017,360 | ---- | C] (Olof Lagerkvist) -- C:\Windows\SysNative\drivers\awealloc.sys
[2011/07/21 10:11:25 | 000,011,264 | ---- | C] (Olof Lagerkvist) -- C:\Windows\SysNative\imdsksvc.exe
[2011/07/20 12:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/07/20 12:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/07/20 12:34:35 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/07/20 12:34:35 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/07/20 12:34:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/07/20 12:34:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/07/20 12:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/07/20 11:59:11 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Apple Computer
[2011/07/20 11:39:45 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011/07/20 11:39:45 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011/07/20 11:39:45 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011/07/20 11:39:45 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011/07/20 11:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/07/18 15:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2011/07/18 15:03:31 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011/07/18 14:45:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2011/07/17 16:55:14 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Diagnostics
[2011/07/15 17:40:08 | 000,000,000 | ---D | C] -- C:\Users\Me\.OziExplorer
[2011/07/15 17:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OziExplorer
[2011/07/15 17:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OziExplorer
[2011/07/15 08:43:05 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\ATI
[2011/07/15 08:43:05 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\ATI
[2011/07/15 08:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/07/15 08:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011/07/15 08:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/07/15 08:42:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/07/15 08:42:36 | 000,115,216 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2011/07/15 08:41:15 | 000,462,848 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2011/07/15 08:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/07/15 08:40:44 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/07/15 08:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/07/15 07:59:24 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/07/15 07:59:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011/07/15 07:59:13 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011/07/15 07:59:12 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011/07/15 07:59:12 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2011/07/15 07:59:12 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011/07/15 07:59:12 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011/07/15 07:59:12 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011/07/15 07:59:09 | 001,631,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2011/07/15 07:59:09 | 000,477,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2011/07/15 07:59:09 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2011/07/15 07:59:08 | 001,814,560 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2011/07/15 07:59:08 | 001,206,304 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2011/07/15 07:59:08 | 000,612,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2011/07/15 07:59:07 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011/07/15 07:59:07 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011/07/15 07:59:07 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011/07/15 07:59:07 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011/07/15 07:59:07 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011/07/15 07:59:07 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011/07/15 07:59:07 | 000,068,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2011/07/15 07:59:03 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011/07/15 07:59:03 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011/07/15 07:59:01 | 000,321,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011/07/15 07:59:00 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2011/07/15 07:59:00 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2011/07/15 07:59:00 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2011/07/15 07:59:00 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2011/07/15 07:59:00 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2011/07/15 07:59:00 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2011/07/15 07:59:00 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2011/07/15 07:59:00 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2011/07/15 07:58:59 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2011/07/15 07:58:59 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2011/07/15 07:58:59 | 000,168,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2011/07/15 07:58:59 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2011/07/15 07:58:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/07/15 07:58:54 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011/07/15 07:58:53 | 001,247,776 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2011/07/15 07:58:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011/07/14 21:48:36 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2011/07/14 21:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD-Cloner
[2011/07/14 21:19:46 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\ImgBurn
[2011/07/14 21:10:49 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2011/07/14 21:10:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2011/07/14 11:08:21 | 000,082,048 | ---- | C] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin64a.sys
[2011/07/14 11:08:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab Platinum
[2011/07/13 22:18:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/07/13 21:08:40 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\CyberLink
[2011/07/13 21:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2011/07/13 21:07:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software
[2011/07/13 21:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2011/07/13 21:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/07/13 21:06:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/07/13 21:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/07/13 21:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/07/13 21:06:27 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Apple
[2011/07/13 21:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/07/13 21:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/07/13 20:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2011/07/13 20:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\CLSK
[2011/07/13 20:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011/07/13 19:02:27 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\MAGIX_AG
[2011/07/13 08:48:05 | 000,000,000 | ---D | C] -- C:\Users\Me\Documents\AVS4YOU
[2011/07/13 08:26:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/07/13 04:15:14 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011/07/13 04:15:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/07/13 04:15:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011/07/13 04:15:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/07/13 04:15:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/07/13 04:15:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/07/13 04:15:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011/07/13 04:15:13 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011/07/13 04:15:13 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011/07/13 04:15:10 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/07/13 04:15:10 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011/07/13 04:15:10 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011/07/13 04:15:10 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011/07/13 04:15:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011/07/13 04:15:10 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/07/13 04:15:09 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/07/13 04:15:05 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011/07/13 04:15:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011/07/13 04:15:05 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011/07/13 04:15:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011/07/13 04:15:05 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/07/13 04:15:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011/07/13 04:15:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011/07/13 04:15:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011/07/13 04:15:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011/07/13 04:15:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011/07/13 04:15:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011/07/13 04:15:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011/07/12 09:24:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/07/11 08:04:12 | 010,915,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmfxhw32.dll
[2011/07/11 08:04:12 | 010,833,920 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmfxsw32.dll
[2011/07/10 21:46:43 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Xara
[2011/07/10 21:46:42 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\MAGIX
[2011/07/10 21:46:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared
[2011/07/10 21:46:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2011/07/10 21:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011/07/10 21:06:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011/07/10 21:03:50 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Adobe
[2011/07/10 21:02:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/07/10 21:02:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/07/10 21:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/07/10 11:12:06 | 000,000,000 | ---D | C] -- C:\400G
[2011/07/10 09:53:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Pro Photo Tools
[2011/07/10 09:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2011/07/09 21:28:18 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/07/09 21:28:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/07/08 19:39:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2011/07/06 07:18:10 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Macromedia
[2011/07/06 07:18:10 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Adobe
[2011/07/06 07:18:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/07/06 07:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/07/04 13:09:20 | 000,000,000 | ---D | C] -- C:\ShareDocs
[2011/07/03 22:07:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/07/03 21:41:50 | 000,000,000 | ---D | C] -- C:\temp
[2011/07/03 21:40:19 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
[2011/07/03 21:39:53 | 000,105,552 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2011/07/03 21:39:52 | 000,144,464 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2011/07/03 21:39:52 | 000,090,704 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys
[2011/07/03 21:39:52 | 000,067,664 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys
[2011/07/03 21:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2011/07/03 21:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/07/03 21:10:21 | 074,706,296 | ---- | C] (Trend Micro Inc.) -- C:\Users\Public\Desktop\Trend_Micro.exe
[2011/07/03 18:43:57 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Mozilla
[2011/07/03 18:43:57 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Mozilla
[2011/07/03 18:43:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/07/03 18:21:52 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\AVS4YOU
[2011/07/03 18:21:25 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/07/03 18:21:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/07/03 18:21:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2011/07/03 18:21:05 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2011/07/03 18:21:05 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
[2011/07/03 18:21:05 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
[2011/07/03 18:21:05 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll
[2011/07/03 18:21:05 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2011/07/03 18:21:05 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011/07/03 18:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2011/07/03 18:14:07 | 000,000,000 | ---D | C] -- C:\Vbench
[2011/07/03 17:43:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/07/03 17:43:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/07/03 17:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEC Electronics
[2011/07/03 17:22:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NEC Electronics
[2011/07/03 17:22:11 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Downloaded Installations
[2011/07/03 17:20:38 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2011/07/03 17:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvell
[2011/07/03 17:20:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2011/07/03 17:15:16 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Intel Corporation
[2011/07/03 17:11:36 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2011/07/03 17:11:16 | 000,438,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/07/03 17:11:16 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/07/03 17:11:16 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\InstallShield
[2011/07/03 16:43:30 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/07/03 16:43:30 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/07/01 06:40:20 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/07/01 06:40:07 | 000,000,000 | -HSD | C] -- C:\Boot
[2011/06/30 20:17:43 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Google
[2011/06/30 20:17:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011/06/30 20:03:14 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011/06/30 20:03:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011/06/30 20:03:04 | 000,000,000 | ---D | C] -- C:\Intel
[2011/06/30 20:02:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/06/30 19:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse
[2011/06/30 19:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2011/06/30 19:54:42 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/06/30 19:54:40 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/06/30 19:29:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011/06/30 19:29:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/06/30 19:29:22 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/30 19:29:22 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/30 19:29:22 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/30 19:29:21 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011/06/30 19:29:21 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011/06/30 19:29:21 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011/06/30 19:29:21 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/06/30 19:29:21 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011/06/30 19:29:21 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/06/30 19:29:21 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011/06/30 19:29:21 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/06/30 19:29:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/30 19:29:20 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011/06/30 19:29:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011/06/30 19:29:11 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/06/30 19:29:11 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/06/30 19:29:11 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011/06/30 19:29:11 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011/06/30 19:29:11 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011/06/30 19:29:11 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011/06/30 19:29:11 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011/06/30 19:29:11 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011/06/30 19:29:11 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011/06/30 19:29:11 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011/06/30 19:29:11 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011/06/30 19:29:11 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011/06/30 19:29:11 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2011/06/30 19:29:11 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011/06/30 19:29:11 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011/06/30 19:29:11 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011/06/30 19:29:10 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/06/30 19:29:10 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/06/30 19:29:10 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/06/30 19:29:09 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/06/30 19:29:08 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/30 19:29:08 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/30 19:29:08 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/06/30 19:29:08 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/06/30 19:29:08 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011/06/30 19:29:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011/06/30 19:29:08 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/06/30 19:29:08 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/06/30 19:29:07 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/06/30 19:29:07 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/06/30 19:29:07 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/06/30 19:29:07 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/06/30 19:29:07 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/06/30 19:29:07 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/06/30 19:29:07 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/06/30 19:29:06 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/06/30 19:29:06 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/06/30 19:29:06 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/06/30 19:29:06 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/06/30 19:29:05 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/06/30 19:29:05 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/06/30 19:29:05 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/06/30 19:29:05 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/06/30 19:29:05 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/06/30 19:29:05 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/06/30 19:29:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/06/30 19:29:02 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/30 19:29:01 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/06/30 19:29:01 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/06/30 19:29:01 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/06/30 19:29:00 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011/06/30 12:47:36 | 000,000,000 | R--D | C] -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/06/30 12:47:36 | 000,000,000 | R--D | C] -- C:\Users\Me\Searches
[2011/06/30 12:47:36 | 000,000,000 | R--D | C] -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/06/30 12:47:36 | 000,000,000 | -H-D | C] -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/06/30 12:47:28 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Identities
[2011/06/30 12:47:26 | 000,000,000 | R--D | C] -- C:\Users\Me\Contacts
[2011/06/30 12:47:25 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\VirtualStore
[2011/06/30 12:47:18 | 000,000,000 | --SD | C] -- C:\Users\Me\AppData\Roaming\Microsoft
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\Videos
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\Saved Games
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\Pictures
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\Music
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\Links
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\Favorites
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\Downloads
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\Documents
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\Desktop
[2011/06/30 12:47:18 | 000,000,000 | R--D | C] -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\AppData\Local\Temporary Internet Files
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\Templates
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\Start Menu
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\SendTo
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\Recent
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\PrintHood
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\NetHood
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\Documents\My Videos
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\Documents\My Pictures
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\Documents\My Music
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\My Documents
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\Local Settings
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\AppData\Local\History
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\Cookies
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\Application Data
[2011/06/30 12:47:18 | 000,000,000 | -HSD | C] -- C:\Users\Me\AppData\Local\Application Data
[2011/06/30 12:47:18 | 000,000,000 | -H-D | C] -- C:\Users\Me\AppData
[2011/06/30 12:47:18 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Temp
[2011/06/30 12:47:18 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Local\Microsoft
[2011/06/30 12:47:18 | 000,000,000 | ---D | C] -- C:\Users\Me\AppData\Roaming\Media Center Programs
[2011/06/30 12:47:07 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/06/30 12:46:59 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/06/30 12:41:38 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/06/30 12:41:04 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2011/07/27 18:22:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/27 17:25:08 | 000,001,332 | ---- | M] () -- C:\Users\Me\Desktop\Replay Media Catcher 4.lnk
[2011/07/27 16:08:20 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/27 16:08:20 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/27 16:01:28 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/27 16:01:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/27 16:01:04 | 2140,491,772 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/27 10:45:16 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/07/27 08:43:47 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\Replay Converter.lnk
[2011/07/27 08:41:40 | 000,000,996 | ---- | M] () -- C:\Users\Public\Desktop\YouSendIt.lnk
[2011/07/27 08:39:02 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Replay Telecorder for Skype.lnk
[2011/07/27 08:38:40 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Replay Music 4.lnk
[2011/07/27 08:38:11 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\Replay Video Capture 5.lnk
[2011/07/27 08:36:37 | 000,002,066 | ---- | M] () -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Applian Director.lnk
[2011/07/27 08:36:37 | 000,002,042 | ---- | M] () -- C:\Users\Public\Desktop\Applian Director.lnk
[2011/07/27 07:56:54 | 000,001,306 | ---- | M] () -- C:\Users\Me\Desktop\AVS4YOU Software Navigator.lnk
[2011/07/27 07:56:48 | 000,001,214 | ---- | M] () -- C:\Users\Me\Desktop\AVS Media Player.lnk
[2011/07/26 20:37:41 | 000,007,610 | ---- | M] () -- C:\Users\Me\AppData\Local\Resmon.ResmonCfg
[2011/07/25 18:20:23 | 000,741,900 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/25 18:20:23 | 000,639,436 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/25 18:20:23 | 000,113,960 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/22 20:32:31 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Free Screen Video Capture by Topviewsoft.lnk
[2011/07/21 23:03:32 | 000,006,656 | ---- | M] () -- C:\Users\Me\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/20 12:34:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/07/20 12:34:30 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/07/20 12:34:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/07/20 12:34:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/07/20 11:39:39 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011/07/20 11:39:39 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011/07/20 11:39:39 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011/07/20 11:39:39 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011/07/15 17:39:45 | 000,001,909 | ---- | M] () -- C:\Users\Me\Desktop\OziExplorer.lnk
[2011/07/15 16:23:02 | 000,002,353 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/07/15 07:58:21 | 000,032,049 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2011/07/15 07:58:05 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2011/07/14 21:48:42 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\AVS DVD Copy.lnk
[2011/07/14 21:37:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\dvdtest10024.dat
[2011/07/14 21:10:49 | 000,001,878 | ---- | M] () -- C:\Users\Me\Desktop\ImgBurn.lnk
[2011/07/14 11:17:31 | 000,000,067 | ---- | M] () -- C:\Windows\DVDIdlePro.INI
[2011/07/14 11:08:21 | 000,082,048 | ---- | M] (VSO Software) -- C:\Windows\SysNative\drivers\pcouffin64a.sys
[2011/07/13 21:54:26 | 000,359,504 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/07/13 21:06:43 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/07/11 20:55:51 | 000,001,250 | ---- | M] () -- C:\Users\Me\Desktop\AVS Video Converter.lnk
[2011/07/11 08:04:32 | 000,001,214 | ---- | M] () -- C:\Users\Me\Desktop\AVS Video Editor.lnk
[2011/07/10 21:02:26 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/07/10 09:53:46 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Pro Photo Tools.lnk
[2011/07/09 18:48:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/07/09 18:44:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/07/08 19:40:01 | 000,001,143 | ---- | M] () -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2011/07/08 19:40:01 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/07/06 07:18:03 | 000,002,297 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/07/06 07:17:43 | 000,002,252 | ---- | M] () -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/03 21:40:32 | 000,001,454 | ---- | M] () -- C:\Users\Me\Desktop\Trend Micro Titanium Maximum Security.lnk
[2011/07/03 21:12:37 | 000,144,464 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2011/07/03 21:12:37 | 000,105,552 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2011/07/03 21:12:37 | 000,090,704 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys
[2011/07/03 21:12:37 | 000,067,664 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys
[2011/07/03 21:12:32 | 074,706,296 | ---- | M] (Trend Micro Inc.) -- C:\Users\Public\Desktop\Trend_Micro.exe
[2011/07/03 18:43:51 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/07/03 18:21:19 | 000,001,257 | ---- | M] () -- C:\Users\Me\Desktop\AVS Video Converter 6.lnk
[2011/07/03 16:39:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2011/07/03 16:39:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2011/07/01 08:51:19 | 000,000,000 | -H-- | M] () -- C:\Users\Me\Documents\Default.rdp
[2011/07/01 06:40:08 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011/06/30 19:54:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011/06/30 17:21:37 | 000,001,450 | ---- | M] () -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/30 12:49:49 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011/06/30 12:44:03 | 000,116,385 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/06/30 12:44:03 | 000,116,385 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2011/07/27 17:25:08 | 000,001,332 | ---- | C] () -- C:\Users\Me\Desktop\Replay Media Catcher 4.lnk
[2011/07/27 08:43:47 | 000,002,037 | ---- | C] () -- C:\Users\Public\Desktop\Replay Converter.lnk
[2011/07/27 08:41:40 | 000,001,008 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouSendIt.lnk
[2011/07/27 08:41:40 | 000,000,996 | ---- | C] () -- C:\Users\Public\Desktop\YouSendIt.lnk
[2011/07/27 08:39:02 | 000,352,256 | ---- | C] () -- C:\Windows\SysWow64\lame.ax
[2011/07/27 08:39:02 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Replay Telecorder for Skype.lnk
[2011/07/27 08:38:40 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\Replay Music 4.lnk
[2011/07/27 07:56:48 | 000,001,214 | ---- | C] () -- C:\Users\Me\Desktop\AVS Media Player.lnk
[2011/07/27 06:18:05 | 000,002,066 | ---- | C] () -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Applian Director.lnk
[2011/07/27 06:18:05 | 000,002,042 | ---- | C] () -- C:\Users\Public\Desktop\Applian Director.lnk
[2011/07/27 06:17:41 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\Replay Video Capture 5.lnk
[2011/07/23 09:13:52 | 000,001,314 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/07/23 09:13:32 | 000,001,383 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/07/22 20:32:31 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Free Screen Video Capture by Topviewsoft.lnk
[2011/07/15 17:39:45 | 000,001,909 | ---- | C] () -- C:\Users\Me\Desktop\OziExplorer.lnk
[2011/07/15 08:41:15 | 000,150,464 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2011/07/15 08:41:15 | 000,003,949 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/07/15 08:41:15 | 000,003,949 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2011/07/15 08:40:50 | 000,030,831 | ---- | C] () -- C:\Windows\atiogl.xml
[2011/07/15 07:58:05 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/07/15 07:58:02 | 000,032,049 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011/07/14 21:48:42 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\AVS DVD Copy.lnk
[2011/07/14 21:37:31 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dvdtest10024.dat
[2011/07/14 21:10:49 | 000,001,908 | ---- | C] () -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2011/07/14 21:10:49 | 000,001,878 | ---- | C] () -- C:\Users\Me\Desktop\ImgBurn.lnk
[2011/07/14 11:17:28 | 000,000,067 | ---- | C] () -- C:\Windows\DVDIdlePro.INI
[2011/07/13 21:06:43 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/07/13 21:06:26 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/07/11 20:55:51 | 000,001,250 | ---- | C] () -- C:\Users\Me\Desktop\AVS Video Converter.lnk
[2011/07/11 08:04:32 | 000,001,214 | ---- | C] () -- C:\Users\Me\Desktop\AVS Video Editor.lnk
[2011/07/10 21:02:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/07/10 21:02:26 | 000,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/07/10 09:53:46 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Pro Photo Tools.lnk
[2011/07/10 09:53:46 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Pro Photo Tools.lnk
[2011/07/09 18:48:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/07/09 18:44:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/07/08 21:06:25 | 000,006,656 | ---- | C] () -- C:\Users\Me\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/08 19:40:01 | 000,001,143 | ---- | C] () -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2011/07/08 19:40:01 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2011/07/06 07:18:03 | 000,002,297 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/07/06 07:17:43 | 000,002,353 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/07/06 07:17:43 | 000,002,252 | ---- | C] () -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/06 07:17:19 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/06 07:17:18 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/03 21:40:19 | 000,001,454 | ---- | C] () -- C:\Users\Me\Desktop\Trend Micro Titanium Maximum Security.lnk
[2011/07/03 18:43:51 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/07/03 18:43:51 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/07/03 18:21:26 | 000,001,306 | ---- | C] () -- C:\Users\Me\Desktop\AVS4YOU Software Navigator.lnk
[2011/07/03 18:21:19 | 000,001,257 | ---- | C] () -- C:\Users\Me\Desktop\AVS Video Converter 6.lnk
[2011/07/03 16:39:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2011/07/03 16:39:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2011/07/01 08:51:19 | 000,000,000 | -H-- | C] () -- C:\Users\Me\Documents\Default.rdp
[2011/07/01 06:40:08 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2011/07/01 06:40:07 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2011/06/30 20:28:16 | 000,007,610 | ---- | C] () -- C:\Users\Me\AppData\Local\Resmon.ResmonCfg
[2011/06/30 19:54:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011/06/30 17:21:37 | 000,001,450 | ---- | C] () -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/30 12:49:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/06/30 12:47:40 | 000,001,422 | ---- | C] () -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/06/30 12:47:38 | 000,001,456 | ---- | C] () -- C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/06/30 12:47:18 | 000,000,290 | ---- | C] () -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/06/30 12:47:18 | 000,000,272 | ---- | C] () -- C:\Users\Me\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/06/30 12:43:56 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/06/30 12:43:48 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/06/30 12:41:04 | 2140,491,772 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/10 12:54:58 | 003,973,120 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg2.exe
[2009/07/14 15:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 12:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 12:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 10:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 09:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 07:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 07:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 22:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007/11/07 06:19:28 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll

========== LOP Check ==========

[2011/07/14 21:21:58 | 000,000,000 | ---D | M] -- C:\Users\Me\AppData\Roaming\ImgBurn
[2011/07/13 18:43:07 | 000,000,000 | ---D | M] -- C:\Users\Me\AppData\Roaming\MAGIX
[2011/07/27 06:37:55 | 000,000,000 | ---D | M] -- C:\Users\Me\AppData\Roaming\Replay Media Catcher 4
[2011/07/27 08:41:42 | 000,000,000 | ---D | M] -- C:\Users\Me\AppData\Roaming\YouSendIt
[2009/07/14 15:08:49 | 000,026,328 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

ffrree · 27 Jul 2011

Thanks Tom982. Here is the Extra.txt output as specified.

=================

OTL Extras logfile created on: 27/07/2011 7:14:41 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = E:\x64 downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

23.99 Gb Total Physical Memory | 21.52 Gb Available Physical Memory | 89.72% Memory free
47.98 Gb Paging File | 45.32 Gb Available in Paging File | 94.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.66 Gb Total Space | 29.47 Gb Free Space | 30.18% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 1277.15 Gb Free Space | 68.55% Space Free | Partition Type: NTFS

Computer Name: AAVIDEO | User Name: Me | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3942693561-4119914579-2964141980-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{114369C9-32BD-3D16-6B34-CBED46D680D2}" = WMV9/VC-1 Video Playback
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{3ED4AD02-F631-4A4C-AAC8-2325996E5A56}" = Microsoft IntelliPoint 8.1
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26 (64-bit)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8AFEC9DF-D867-75FC-4EB7-B14C91DB49D6}" = ATI AVIVO64 Codecs
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9910B0C5-C18B-622F-FF5C-E2FF86BE0816}" = ATI Catalyst Install Manager
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Maximum Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™ Maximum Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8D12845-F69E-27A7-211B-ECD865396A6E}" = AMD Drag and Drop Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6E85EC0-4225-8806-D776-B4845AE4CD84}" = ccc-utility64
"ImDisk" = ImDisk Virtual Disk Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CB45421-4537-BABF-E6F7-CB5837D9C2A2}" = CCC Help Chinese Standard
"{1193600A-134F-40F9-9F71-FEF54C93C629}" = YouSendIt Express
"{151C1337-E3BE-2E4E-326A-19644EC5DDB0}" = CCC Help Thai
"{180CAD6C-B0ED-42A9-8C4A-CF49C6682A06}_is1" = Free Screen Video Capture by Topviewsoft 4.1.7
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22806084-B039-02E7-D0B3-ECD7CECC6FB9}" = CCC Help Norwegian
"{2669379E-B40B-6818-712C-59361BF2F32D}" = Catalyst Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EB07064-D2B1-03EF-DF22-44ADCD701D3E}" = CCC Help Turkish
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B06CB7A-CC36-7394-7582-F503DC6B8A50}" = CCC Help Swedish
"{51145EEE-EA44-DE0F-97E2-1F81183EA896}" = CCC Help French
"{5261CD22-95D5-C21A-07D4-208C12749ECE}" = CCC Help Spanish
"{52E5CCFB-6185-F47D-2249-12CE8849F96B}" = CCC Help German
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{60879769-4206-281E-CE78-46971D852ED3}" = CCC Help Danish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{708DB7A8-BD14-3B2D-344B-C9B763F154E2}" = CCC Help Dutch
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75C2EC55-9FC3-71BF-7110-BD2D48799502}" = CCC Help Japanese
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{840CEA51-2EF8-F38B-86EE-59ADC651CBF5}" = CCC Help Greek
"{86D0FECE-31C5-48D4-C48A-9E9775A2E5BE}" = CCC Help Chinese Traditional
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B710D5A-475D-2C1A-134D-55D124423448}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9086A519-047E-E22E-E880-B4F628079FB6}" = CCC Help Korean
"{90B93BB0-BCC0-37B9-E194-2BA548862041}" = HydraVision
"{926E5D62-1F02-E1B8-1FCF-828780F04C5C}" = CCC Help Czech
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A05CF147-BEED-4880-BF9B-4EAF22C77FFD}" = Microsoft Pro Photo Tools
"{A13214F1-B520-1445-BC4D-07C4E4C1401E}" = CCC Help Italian
"{A40CBD4F-C028-89D6-A81F-42A64AC2AC56}" = CCC Help Russian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{ACC3CBE8-A8A8-51F9-65EC-DA65F3AD46ED}" = CCC Help Finnish
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B9AEBFF0-47C9-065F-8A47-F3C23C315911}" = CCC Help English
"{BB07FAA7-4D6C-9664-33B8-4BA8DC0ACAE2}" = Catalyst Control Center InstallProxy
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CCA58B01-7A27-FAF0-BED3-D29D73BBB3AE}" = CCC Help Hungarian
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D4C04-5138-7ED8-28F9-ECBF95EB0036}" = Catalyst Control Center Localization All
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DAAC9CD2-35C1-1B57-98EF-20289B5855C2}" = Catalyst Control Center Graphics Previews Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EF39BD92-2647-EDBB-084A-6375BBDD4513}" = CCC Help Polish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Applian Director2.1" = Applian Director
"Applian Director2.11" = Applian Director
"AVS DVD Copy_is1" = AVS DVD Copy version 4.1.2
"AVS Media Player_is1" = AVS Media Player 4.1.6.80
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Google Chrome" = Google Chrome
"ImgBurn" = ImgBurn
"InstallShield_{1193600A-134F-40F9-9F71-FEF54C93C629}" = YouSendIt Express
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"MagniDriver" = marvell 91xx driver
"Mozilla Firefox 5.0 (x86 en-GB)" = Mozilla Firefox 5.0 (x86 en-GB)
"OziExplorer 3.95_is1" = OziExplorer 3.95
"OziMrSid Dll_is1" = OziMrSid Dll Version 3.00
"Picasa 3" = Picasa 3
"Replay Converter 4" = Replay Converter 4
"Replay Media Catcher 4" = Replay Media Catcher 4 (4.2.9)
"Replay Music4.02" = Replay Music
"Replay Telecorder for Skype_is1" = Replay Telecorder for Skype 1.2.0.4
"Replay Video Capture5.2.1" = Replay Video Capture 5
"Replay_AV_807" = Replay AV 8
"Replay_Media_Splitter_1.2" = Replay Media Splitter 1.10.1103.31
"Video Padlock1.14" = Video Padlock
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.0.2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24/07/2011 6:10:59 PM | Computer Name = AAVideo | Source = WinMgmt | ID = 10
Description =

Error - 25/07/2011 3:39:26 AM | Computer Name = AAVideo | Source = WinMgmt | ID = 10
Description =

Error - 25/07/2011 6:12:12 PM | Computer Name = AAVideo | Source = WinMgmt | ID = 10
Description =

Error - 26/07/2011 12:15:53 AM | Computer Name = AAVideo | Source = WinMgmt | ID = 10
Description =

Error - 26/07/2011 3:40:16 PM | Computer Name = AAVideo | Source = WinMgmt | ID = 10
Description =

Error - 26/07/2011 7:24:13 PM | Computer Name = AAVideo | Source = WinMgmt | ID = 10
Description =

Error - 26/07/2011 8:21:56 PM | Computer Name = AAVideo | Source = WinMgmt | ID = 10
Description =

Error - 26/07/2011 9:01:51 PM | Computer Name = AAVideo | Source = WinMgmt | ID = 10
Description =

Error - 27/07/2011 2:02:35 AM | Computer Name = AAVideo | Source = WinMgmt | ID = 10
Description =

Error - 27/07/2011 4:44:18 AM | Computer Name = AAVideo | Source = Application Error | ID = 1000
Description = Faulting application name: ilivid.exe, version: 0.0.0.0, time stamp:
0x4e11c4fe Faulting module name: QtWebKit4.dll, version: 4.7.3.0, time stamp: 0x4d92ff06
Exception
code: 0xc0000005 Fault offset: 0x008dd99c Faulting process id: 0xc3c Faulting application
start time: 0x01cc4c37dd79f2ca Faulting application path: C:\Program Files (x86)\iLivid\ilivid.exe
Faulting
module path: C:\Program Files (x86)\iLivid\QtWebKit4.dll Report Id: 9ce7c24e-b82c-11e0-8326-bcaec54278cf

< End of report >

tom982 · 27 Jul 2011

Okay, I'm not seeing any signs of an infection, there's just a bit of housekeeping we can do:

Copy and paste this into the custom scans/fixes box in OTL then click Run Fix. A log will open upon completion, please copy and paste the contents with your next post:

Code:

:OTL
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKU\S-1-5-21-3942693561-4119914579-2964141980-1001..\Run: [RESTART_STICKY_NOTES] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn...Detection2.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O34 - HKLM BootExecute: (autocheck autochk *) - File not found

Also, pleas run this tool: http://screen317.spywareinfoforum.org/

Copy and paste the log into your next post please :)

Tom

Delliks · 27 Jul 2011

Hey Tom I have similar problem to this, see my post here with OTL report
https://www.sevenforums.com/general-d...ml#post1508812

logicearth · 27 Jul 2011

See the links in my signature. Those folders that give Access Denied are done so on purpose.
They are for OLD BROKEN APPLICATIONS ONLY.

Those folder that give Access Denied you should leave them alone. They have nothing within them.

ffrree · 28 Jul 2011

Hi Tom

Here is the output of the Log per your request after running Fix.

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3942693561-4119914579-2964141980-1001\Software\Microsoft\Windows\CurrentVersion\Run\\RESTART_STICKY_NOTES deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {73ECB3AA-4717-450C-A2AB-D00DAD9EE203}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tmtb\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42}\ not found.
File {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tmtbim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B37915C-8B98-4B9E-80D4-464D2C830D10}\ not found.
File {0B37915C-8B98-4B9E-80D4-464D2C830D10} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ not found.
File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.

OTL by OldTimer - Version 3.2.26.1 log created on 07282011_211819

================

I'll post the result for Security Check next.

thanks.